Skip to content

Latest commit

 

History

History
271 lines (270 loc) · 37.5 KB

TOPDOS.md

File metadata and controls

271 lines (270 loc) · 37.5 KB
Raw

Top DoS reports from HackerOne:

  1. DoS on PayPal via web cache poisoning to PayPal - 818 upvotes, $9700
  2. profile-picture name parameter with large value lead to DoS for other users and programs on the platform to HackerOne - 464 upvotes, $0
  3. Denial of service to WP-JSON API by cache poisoning the CORS allow origin header to Automattic - 389 upvotes, $0
  4. Denial of service via cache poisoning to HackerOne - 233 upvotes, $2500
  5. Ability to DOS any organization's SSO and open up the door to account takeovers to Grammarly - 225 upvotes, $10500
  6. Uploading large payload on domain instructions causes server-side DoS to HackerOne - 196 upvotes, $2500
  7. Node disk DOS by writing to container /etc/hosts to Kubernetes - 159 upvotes, $0
  8. xmlrpc.php FILE IS enable it will used for Bruteforce attack and Denial of Service(DoS) to Nord Security - 153 upvotes, $0
  9. DoS on the Issue page by exploiting Mermaid. to GitLab - 138 upvotes, $3000
  10. character limitation bypass can lead to DoS on Twitter App and 500 Internal Server Error to X (Formerly Twitter) - 138 upvotes, $0
  11. Permanent DoS with one click. to Automattic - 126 upvotes, $0
  12. a very long name in hey.com can prevent anyone from accessing their contacts and probably can cause denial of service to Basecamp - 121 upvotes, $1000
  13. HTML Injection in Swing can disclose netNTLM hash or cause DoS to PortSwigger Web Security - 113 upvotes, $1000
  14. ActiveStorage throws exception when using whitespace as filename, may lead to denial of service of multiple pages to HackerOne - 110 upvotes, $0
  15. Denial of Service via Hyperlinks in Posts to Slack - 103 upvotes, $1500
  16. Cache Poisoning DoS on downloads.exodus.com to Exodus - 96 upvotes, $2500
  17. Attacker with an Old account might still be able to DoS ctf.hacker101.com by sending a Crafted request to HackerOne - 93 upvotes, $0
  18. Denial of Service | twitter.com & mobile.twitter.com to X (Formerly Twitter) - 86 upvotes, $1120
  19. Denial Of Service (Out Of Memory) on Updating Bounty Table [Urgent] to HackerOne - 83 upvotes, $0
  20. DoS attack via comment on Issue to GitLab - 79 upvotes, $1000
  21. [mijn.werkenbijdefensie.nl] Denial of service occurs due to lack of email length confirmation to Radancy - 79 upvotes, $0
  22. https://themes.shopify.com::: Host header web cache poisoning lead to DoS to Shopify - 73 upvotes, $2900
  23. Cache Poisoning DoS on updates.rockstargames.com to Rockstar Games - 73 upvotes, $500
  24. Cache poisoning Denial of Service affecting assets.gitlab-static.net to GitLab - 72 upvotes, $4850
  25. DoS of https://nordvpn.com/ via CVE-2018-6389 exploitation to Nord Security - 71 upvotes, $0
  26. [www.werkenbijbakertilly.nl] Denial of service due to incorrect server return can result in total denial of service. to Radancy - 67 upvotes, $0
  27. Denial of Service [Chrome] to X (Formerly Twitter) - 66 upvotes, $560
  28. Authenticated path traversal to Stored XSS and Denial-of-Service to phpBB - 66 upvotes, $0
  29. Authorization issue in Google G Suite allows DoS through HTTP redirect to Uber - 61 upvotes, $0
  30. DoS: type confusion in mrb_no_method_error to shopify-scripts - 60 upvotes, $0
  31. Web Cache Poisoning leads to XSS and DoS to Glassdoor - 59 upvotes, $0
  32. [api.tumblr.com] Denial of Service by cookies manipulation to Automattic - 51 upvotes, $0
  33. DoS via markdown API from unauthenticated user to GitHub - 50 upvotes, $4000
  34. DoS through PeerExplorer to Rootstock Labs - 49 upvotes, $4000
  35. Potential DoS vulnerability in Django in multipart parser to Internet Bug Bounty - 47 upvotes, $2400
  36. DOS in stream filters to Internet Bug Bounty - 44 upvotes, $0
  37. Google Maps API key stored as plain text leading to DOS and financial damage to Zenly - 42 upvotes, $750
  38. Arbitrary file creation with semi-controlled content (leads to DoS, EoP and others) at Steam Windows Client to Valve - 41 upvotes, $1250
  39. DOS via cache poisoning on [developer.mozilla.org] to Mozilla - 41 upvotes, $0
  40. http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks to Internet Bug Bounty - 40 upvotes, $3495
  41. DoS attacks utilizing camo.stream.highwebmedia.com to Chaturbate - 40 upvotes, $400
  42. Memory Leak in OCUtil.dll library in Desktop client can lead to DoS to Nextcloud - 40 upvotes, $100
  43. Hash-Collision Denial-of-Service Vulnerability in Markdown Parser to Reddit - 40 upvotes, $0
  44. iOS group chat denial of service to LY Corporation - 38 upvotes, $300
  45. Application DOS via specially crafted payload on 3d.cs.money to CS Money - 35 upvotes, $0
  46. %0A (New line) and limitness URL leads to DoS at all system [Main adress (https://www.acronis.com/)] to Acronis - 35 upvotes, $0
  47. Regular expression denial of service in ActiveRecord's PostgreSQL Money type to Ruby on Rails - 33 upvotes, $0
  48. Remote denial of service in HyperLedger Fabric to Hyperledger - 32 upvotes, $0
  49. Chrome Extension is vulnerable to the self-DOS issues in case it process the security.txt with a big size to Ed - 31 upvotes, $0
  50. Cookie poisoning leads to DOS and Privacy Violation to CS Money - 30 upvotes, $700
  51. CryptoNote: remote node DoS to Monero - 30 upvotes, $0
  52. Use after free vulnerability in mruby Array#to_h causing DOS possible RCE to shopify-scripts - 29 upvotes, $0
  53. DoS on the Direct Messages to Slack - 28 upvotes, $500
  54. JSON RPC methods for debugging enabled by default allow DoS to Rootstock Labs - 26 upvotes, $0
  55. Denial of Service by resource exhaustion in fetch() brotli decoding to Node.js - 26 upvotes, $0
  56. No redirect_uri in the db for web-internal clientKey leads to one-click DoS on gitter.im to GitLab - 25 upvotes, $1000
  57. Remote Server Restart Lead to Denial of Service by only one Request. to Keybase - 25 upvotes, $250
  58. Fastify denial-of-service vulnerability with large JSON payloads to Node.js third-party modules - 25 upvotes, $0
  59. DOS via issue preview to GitLab - 24 upvotes, $7640
  60. CVE-2023-46695: Potential denial of service vulnerability in UsernameField on Windows to Internet Bug Bounty - 24 upvotes, $2540
  61. cookie injection allow dos attack to periscope.tv to X (Formerly Twitter) - 24 upvotes, $560
  62. Cache poisoning DoS to various TTS assets to GSA Bounty - 24 upvotes, $0
  63. DOS attack by consuming all CPU and using all available memory to Tron Foundation - 23 upvotes, $1500
  64. ICQ Android APP remote DoS to Mail.ru - 23 upvotes, $1000
  65. xmlrpc.php FILE IS enable it will used for bruteforce attack and denial of service to LocalTapiola - 23 upvotes, $315
  66. DoS through cache poisoning using invalid HTTP parameters to Greenhouse.io - 23 upvotes, $0
  67. Cookie injection leads to complete DoS over whole domain *.mackeeper.com. Injection point accountstage.mackeeper.com/ to Clario - 22 upvotes, $50
  68. Bypass of request line length limit to DoS via cache poisoning to Greenhouse.io - 22 upvotes, $0
  69. Single User DOS by Poisoning Cookie via Get Parameter to Pornhub - 22 upvotes, $0
  70. XMLRPC, Enabling XPSA and Bruteforce and DOS + A file disclosing installer-logs. to MTN Group - 22 upvotes, $0
  71. DoS of LINE client for Android via message containing multiple unicode characters (0x0e & 0x0f) to LY Corporation - 22 upvotes, $0
  72. Insecure Processing of XML leads to Denial of Service through Billion Laughs Attack to Razer - 21 upvotes, $375
  73. Pixel Flood Attack leads to Application level DoS to CS Money - 21 upvotes, $200
  74. DOS validator nodes of blockchain to block external connections to Hyperledger - 20 upvotes, $1500
  75. scripts loader (denial of service) vulnerability to MariaDB - 20 upvotes, $0
  76. xmlrpc.php And /wp-json/wp/v2/users FILE IS enable it will used for bruteforce attack and denial of service to Sifchain - 19 upvotes, $50
  77. Comments Denial of Service in socialclub.rockstargames.com to Rockstar Games - 19 upvotes, $0
  78. Denial of Service by requesting to reset a password to Nextcloud - 19 upvotes, $0
  79. HTTP/2 PUSH_PROMISE DoS to curl - 19 upvotes, $0
  80. DOS via move_issue to GitLab - 18 upvotes, $2300
  81. lack of input validation that can lead Denial of Service (DOS) to X (Formerly Twitter) - 18 upvotes, $560
  82. Variant of CVE-2013-0269 (Denial of Service and Unsafe Object Creation Vulnerability in JSON) to Ruby - 18 upvotes, $500
  83. Permanent Denial of Service to MS-DOS - 18 upvotes, $0
  84. Specially constructed multi-part requests cause multi-second response times; vulnerable to DoS to Ruby on Rails - 17 upvotes, $0
  85. Race condition on the Federalist API endpoints can lead to the Denial of Service attack to GSA Bounty - 16 upvotes, $0
  86. WEBrick::HTTPAuth::DigestAuth authentication is vulnerable to regular expression denial of service (ReDoS) to Ruby - 16 upvotes, $0
  87. Possible denial of service when entering a loooong password to Nextcloud - 16 upvotes, $0
  88. Server-side denial of service via large payload sent to wiki.cs.money/graphql to CS Money - 16 upvotes, $0
  89. CVE-2023-23916: HTTP multi-header compression denial of service to curl - 16 upvotes, $0
  90. [Java] CWE-755: Query to detect Local Android DoS caused by NFE to GitHub Security Lab - 15 upvotes, $1800
  91. Single user DOS on selectedLanguage -cookie (yrityspalvelu.lahitapiola.fi) to LocalTapiola - 15 upvotes, $400
  92. Cookie-based client-side denial-of-service to all of the Lähitapiola domains to LocalTapiola - 15 upvotes, $0
  93. DoS for HTTP/2 connections by crafted requests (CVE-2018-1333) to Internet Bug Bounty - 15 upvotes, $0
  94. DoS of https://blog.yelp.com/ and other WP instances via CVE-2018-6389 to Yelp - 15 upvotes, $0
  95. xmlrpc.php file is enable it will used for (Denial of Service) and bruteforce attack to BlockDev Sp. Z o.o - 15 upvotes, $0
  96. Attacker may be able to bounce enough emails which suspend HackerOne's SES service and cause a DoS of HackerOne's email service to HackerOne - 15 upvotes, $0
  97. Web Cache Poisoning leading to DoS to U.S. General Services Administration - 15 upvotes, $0
  98. DoS via Playbook to Mattermost - 15 upvotes, $0
  99. PNG compression DoS to HackerOne - 14 upvotes, $500
  100. xmlrpc.php FILE IS enabled it will used for Bruteforce attack and Denial of Service(DoS) to BlockDev Sp. Z o.o - 14 upvotes, $500
  101. Application-level DoS on image's "size" parameter. to Gratipay - 14 upvotes, $0
  102. Resource Consumption DOS on Edgemax v1.10.6 to Ubiquiti Inc. - 14 upvotes, $0
  103. xmlrpc.php FILE IS enable it will used for Bruteforce attack and Denial of Service(DoS) to Top Echelon Software - 14 upvotes, $0
  104. Null target_class DoS to shopify-scripts - 13 upvotes, $8000
  105. Chained vulnerabilities create DOS attack against users on desafio5estrelas.com to Uber - 13 upvotes, $1000
  106. DoS via large console messages to Mattermost - 13 upvotes, $150
  107. Denial of Service with Cookie Bomb to Nord Security - 13 upvotes, $0
  108. CVE-2022-35252: control code in cookie denial of service to curl - 13 upvotes, $0
  109. DoS in bigdecimal's sqrt function due to miscalculation of loop iterations to Ruby - 13 upvotes, $0
  110. Possible denial of service when entering a loooong password to Nextcloud - 12 upvotes, $100
  111. No Rate Limiting on https://██████/██████████/accounts/password/reset/ endpoint leads to Denial of Service to U.S. Dept Of Defense - 12 upvotes, $0
  112. Cookie Bombing cause DOS - businesses.uber.com to Uber - 12 upvotes, $0
  113. [mtn.com.af] Multiple vulnerabilities allow to Application level DoS to MTN Group - 12 upvotes, $0
  114. Remote denial of service in HyperLedger Fabric to Hyperledger - 12 upvotes, $0
  115. WordPress application vulnerable to DoS attack via wp-cron.php to U.S. Dept Of Defense - 12 upvotes, $0
  116. http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks to Node.js - 12 upvotes, $0
  117. User input validation can lead to DOS to X (Formerly Twitter) - 11 upvotes, $560
  118. Pre-auth Denial-of-Service in Dovecot RPA implementation to Open-Xchange - 11 upvotes, $550
  119. DOS: out of memory from gif through upload api to Mattermost - 11 upvotes, $150
  120. Content length restriction bypass can lead to DOS by reading large files on gip.rocks to Gratipay - 11 upvotes, $0
  121. memjs allocates and stores buffers on typed input, resulting in DoS and uninitialized memory usage to Node.js third-party modules - 11 upvotes, $0
  122. Application level denial of service due to shutting down the server to Node.js third-party modules - 11 upvotes, $0
  123. Denial Of Service in Strapi Framework using argument injection to Node.js third-party modules - 11 upvotes, $0
  124. Insufficient limitation of web page title leads to DoS against ICQ for Android to Mail.ru - 11 upvotes, $0
  125. Permanent DOS for new users! to Stripo Inc - 11 upvotes, $0
  126. Permanent DoS at https://happy.tools/ when inviting a user to Automattic - 11 upvotes, $0
  127. Denial of service via cache poisoning on https://www.data.gov/ to GSA Bounty - 11 upvotes, $0
  128. The parameter in the POST query allows to control size of returned page which in turn can lead to the potential DOS attack to LocalTapiola - 10 upvotes, $315
  129. xmlrpc.php FILE IS enable which enables attacker to XSPA Brute-force and even Denial of Service(DOS), in https://████/xmlrpc.php to U.S. Dept Of Defense - 10 upvotes, $0
  130. Denial of service due to invalid memory access in mrb_ary_concat to shopify-scripts - 9 upvotes, $8000
  131. Rack CVE-2022-30122: Denial of Service Vulnerability in Rack Multipart Parsing to Internet Bug Bounty - 9 upvotes, $2400
  132. Single User DOS on SelectedLocale -cookie (verkkopalvelu.tapiola.fi) to LocalTapiola - 9 upvotes, $400
  133. Single user DOS on selectedLanuage -cookie at (verkkopalvelu.tapiola.fi) to LocalTapiola - 9 upvotes, $100
  134. Proxy service crash DoS to Factlink - 9 upvotes, $0
  135. Denial of Service through set_preference.json to Keybase - 9 upvotes, $0
  136. Fix for self-DoS in Security-txt Chrome Extension. to Ed - 9 upvotes, $0
  137. XML hash collision DoS vulnerability in Python's xml.etree module to Internet Bug Bounty - 9 upvotes, $0
  138. DoS for remote nodes using Slow Loris attack to Monero - 9 upvotes, $0
  139. Cisco ASA Denial of Service & Path Traversal (CVE-2018-0296) to ok.ru - 9 upvotes, $0
  140. Multiple HTTP/2 DOS Issues to Node.js - 9 upvotes, $0
  141. load scripts DOS vulnerability to OLX - 9 upvotes, $0
  142. Cache Posioning leading to denial of service at █████████ - Bypass fix from report #1198434 to U.S. Dept Of Defense - 9 upvotes, $0
  143. Denial of Service in mruby due to null pointer dereference to shopify-scripts - 8 upvotes, $8000
  144. CVE-2022-32206: HTTP compression denial of service to Internet Bug Bounty - 8 upvotes, $2400
  145. potential denial of service attack via the locale parameter to Internet Bug Bounty - 8 upvotes, $2400
  146. CVE-2023-25692: Apache Airflow Google Provider: Google Cloud Sql Provider Denial Of Service and Remote Command Execution to Internet Bug Bounty - 8 upvotes, $480
  147. Denial of Service by resource exhaustion CWE-400 due to unfinished HTTP/1.1 requests to Node.js - 8 upvotes, $250
  148. DoS in Brave browser for iOS to Brave Software - 8 upvotes, $80
  149. Возможность провести DoS атаку от имени vk.com сервера to VK.com - 8 upvotes, $0
  150. Denial of Service in Action Pack Exception Handling to Ruby on Rails - 8 upvotes, $0
  151. DoS of www.lahitapiolarahoitus.fi via CVE-2018-6389 exploitation to LocalTapiola - 8 upvotes, $0
  152. CVE-2017-8779 exploit on open rpcbind port could lead to remote DoS to Endless Group - 8 upvotes, $0
  153. scripts loader DOS vulnerability to FormAssembly - 8 upvotes, $0
  154. CVE-2022-35252: control code in cookie denial of service to Internet Bug Bounty - 8 upvotes, $0
  155. Lack of Packet Sanitation in Goflow Results in Multiple DoS Attack Vectors and Bugs to Cloudflare Public Bug Bounty - 7 upvotes, $500
  156. WordPress Authentication Denial of Service to Instacart - 7 upvotes, $100
  157. SSRF / Local file enumeration / DoS due to improper handling of certain file formats by ffmpeg to Imgur - 7 upvotes, $0
  158. Malformed SHA512 ticket DoS (CVE-2016-6302) to Internet Bug Bounty - 7 upvotes, $0
  159. http-proxy-agent passes unsanitized options to Buffer(arg), resulting in DoS and uninitialized memory leak to Node.js third-party modules - 7 upvotes, $0
  160. Client DoS due to large DH parameter (CVE-2018-0732) to Internet Bug Bounty - 7 upvotes, $0
  161. Algorithmic complexity vulnerability in ZXCVBN leads to remote denial of service attack to Dropbox - 7 upvotes, $0
  162. SQL Injection or Denial of Service due to a Prototype Pollution to Node.js third-party modules - 7 upvotes, $0
  163. [cloudron-surfer] Denial of Service via LDAP Injection to Node.js third-party modules - 7 upvotes, $0
  164. Denial of Service in anti_ransomware_service.exe via logs files to Acronis - 7 upvotes, $0
  165. Application level DOS at Login Page ( Accepts Long Password ) to Reddit - 7 upvotes, $0
  166. DoS at ████████ (CVE-2018-6389) to U.S. Dept Of Defense - 7 upvotes, $0
  167. DoS at █████(CVE-2018-6389) to U.S. Dept Of Defense - 7 upvotes, $0
  168. Range constructor type confusion DoS to shopify-scripts - 6 upvotes, $10000
  169. CVE-2022-32205: Set-Cookie denial of service to Internet Bug Bounty - 6 upvotes, $480
  170. [DOS] denial of service using code snippet on brave browser to Brave Software - 6 upvotes, $25
  171. Denial of Service any Report to HackerOne - 6 upvotes, $0
  172. DOS Report FILE html inside <code> in markdown to HackerOne - 6 upvotes, $0
  173. DoS vulnerability in mod_auth_digest CVE-2016-2161 to Internet Bug Bounty - 6 upvotes, $0
  174. WordPress core - Denial of Service via Cross Site Request Forgery to WordPress - 6 upvotes, $0
  175. https-proxy-agent passes unsanitized options to Buffer(arg), resulting in DoS and uninitialized memory leak to Node.js third-party modules - 6 upvotes, $0
  176. Remote P2P DoS to Monero - 6 upvotes, $0
  177. Lodash "difference" (possibly others) Function Denial of Service Through Unvalidated Input to Node.js third-party modules - 6 upvotes, $0
  178. HTTP/2 Denial of Service Vulnerability to Node.js - 6 upvotes, $0
  179. DoS for client-go jsonpath func to Kubernetes - 6 upvotes, $0
  180. Camera adoption DoS - UniFi Protect to Ubiquiti Inc. - 6 upvotes, $0
  181. Ruby - Regular Expression Denial of Service Vulnerability of Date Parsing Methods to Internet Bug Bounty - 6 upvotes, $0
  182. Regular Expression Denial of Service vulnerability to Reddit - 6 upvotes, $0
  183. ruby DoS https://www.mruby.science to shopify-scripts - 5 upvotes, $8000
  184. Potential denial of service in hackerone.com/<program>/reward_settings to HackerOne - 5 upvotes, $0
  185. Denial of service attack on Brave Browser. to Brave Software - 5 upvotes, $0
  186. [tor] control connection pre-auth DoS (infinite loop) with --enable-bufferevents to Tor - 5 upvotes, $0
  187. Missing back-end user input validation can lead to DOS flaw to Liberapay - 5 upvotes, $0
  188. monerod JSON RPC server remote DoS to Monero - 5 upvotes, $0
  189. DoS of https://research.adobe.com/ via CVE-2018-6389 exploitation to Adobe - 5 upvotes, $0
  190. DoS via Automatic Response Message to Mattermost - 5 upvotes, $0
  191. Thumbor misconfiguration at blogapi.uber.com can lead to DoS to Uber - 4 upvotes, $500
  192. [CVE-2023-22799] Possible ReDoS based DoS vulnerability in GlobalID to Internet Bug Bounty - 4 upvotes, $480
  193. Fastify uses allErrors: true ajv configuration by default which is susceptible to DoS to Node.js third-party modules - 4 upvotes, $250
  194. Denial of Service to HackerOne - 4 upvotes, $100
  195. Arbitrary command execution in MS-DOS to MS-DOS - 4 upvotes, $0
  196. help.nextcloud.com: Known DoS condition (null pointer deref) in Nginx running to Nextcloud - 4 upvotes, $0
  197. Filename enumeration && DoS to Nextcloud - 4 upvotes, $0
  198. No Password Length Restriction leads to Denial of Service to Weblate - 4 upvotes, $0
  199. Abuse of Api that causes spamming users and possible DOS due to missing rate limit on contact form to Weblate - 4 upvotes, $0
  200. pngcrush double-free/segfault could result in DoS (CVE-2015-7700) to Internet Bug Bounty - 4 upvotes, $0
  201. Denial of service in libxml2, using malicious lzma file to consume available system memory to Internet Bug Bounty - 4 upvotes, $0
  202. Denial of Service: nghttp2 use of uninitialized pointer to Node.js - 4 upvotes, $0
  203. Application level DoS via xmlrpc.php to U.S. Dept Of Defense - 4 upvotes, $0
  204. DoS for GCSArtifact.RealAll to Kubernetes - 4 upvotes, $0
  205. DoS due to improper input validation can break the admin access into the user data will disallow him from editing that user's data. to Nextcloud - 4 upvotes, $0
  206. Cache Posioning leading do Denial of Service on www.█████████ to U.S. Dept Of Defense - 4 upvotes, $0
  207. Slowvote and Countdown can cause Denial of Service due to recursive inclusion to Phabricator - 4 upvotes, $0
  208. CVE-2022-32206: HTTP compression denial of service to curl - 4 upvotes, $0
  209. CVE-2022-32205: Set-Cookie denial of service to curl - 4 upvotes, $0
  210. DoS via lua_read_body() [zhbug_httpd_94] to Internet Bug Bounty - 4 upvotes, $0
  211. HTTP multi-header compression denial of service to Internet Bug Bounty - 4 upvotes, $0
  212. Potential denial of service in hackerone.com/teams/new to HackerOne - 3 upvotes, $0
  213. History Disclosure of MS-Dos to MS-DOS - 3 upvotes, $0
  214. Apache Range Header Denial of Service Attack (Confirmed PoC) to ownCloud - 3 upvotes, $0
  215. DoS Attack in Controller Lookup Code to Ruby on Rails - 3 upvotes, $0
  216. Denial of service (segfault) due to null pointer dereference in mrb_obj_instance_eval to shopify-scripts - 3 upvotes, $0
  217. doc.owncloud.com: CVE-2015-5477 BIND9 TKEY Vulnerability + Exploit (Denial of Service) to ownCloud - 3 upvotes, $0
  218. ci.nextcloud.com: CVE-2015-5477 BIND9 TKEY Vulnerability + Exploit (Denial of Service) to Nextcloud - 3 upvotes, $0
  219. Ruby 2.3.x and 2.2.x still bundle DoS vulnerable verision of libYAML to Ruby - 3 upvotes, $0
  220. CVE-2017-5969: libxml2 when used in recover mode, allows remote attackers to cause a denial of service (NULL pointer dereference) to Internet Bug Bounty - 3 upvotes, $0
  221. Dos https://iandunn.name/ via CVE-2018-6389 exploitation to Ian Dunn - 3 upvotes, $0
  222. load scripts DOS vulnerability to BlockDev Sp. Z o.o - 3 upvotes, $0
  223. HTTP2 'unknownProtocol' cause Denial of Service by resource exhaustion to Node.js - 3 upvotes, $0
  224. Instance Page DOS within Organization on TikTok Ads to TikTok - 3 upvotes, $0
  225. Denial of Service vulnerability in curl when parsing MQTT server response to curl - 3 upvotes, $0
  226. Self-DoS due to template injection via email field in password reset form on access.acronis.com to Acronis - 3 upvotes, $0
  227. Regular Expression Denial of Service in Headers to Node.js - 3 upvotes, $0
  228. Possible DOS in app with crashing exceptions_app to Ruby on Rails - 3 upvotes, $0
  229. moderate: mod_deflate denial of service to Internet Bug Bounty - 2 upvotes, $500
  230. Possible DoS Vulnerability in Multipart MIME parsing in rack to Internet Bug Bounty - 2 upvotes, $480
  231. [CVE-2022-44570] Possible Denial of Service Vulnerability in Rack’s Range header parsing to Internet Bug Bounty - 2 upvotes, $480
  232. [CVE-2023-22796] Possible ReDoS based DoS vulnerability in Active Support’s underscore to Internet Bug Bounty - 2 upvotes, $480
  233. [CVE-2022-44572] Possible Denial of Service Vulnerability in Rack’s RFC2183 boundary parsing to Internet Bug Bounty - 2 upvotes, $480
  234. [CVE-2022-44571] Possible Denial of Service Vulnerability in Rack Content-Disposition parsing to Internet Bug Bounty - 2 upvotes, $480
  235. DNS Max Responses for DOS to Node.js - 2 upvotes, $250
  236. Possible SQL injection can cause denial of service attack to Dropbox - 2 upvotes, $0
  237. Denial of service in report view. to HackerOne - 2 upvotes, $0
  238. Denial of service in account statistics endpoint to Mapbox - 2 upvotes, $0
  239. Denial of service attack(window object) on brave browser to Brave Software - 2 upvotes, $0
  240. Denial of service (segfault) due to null pointer dereference in mrb_vm_exec to shopify-scripts - 2 upvotes, $0
  241. Abuse of Api that causes spamming users and possible DOS due to missing rate limit to Weblate - 2 upvotes, $0
  242. Regular Expression Denial of Service (ReDoS) to Node.js third-party modules - 2 upvotes, $0
  243. Server side includes in https://lgtm-com.pentesting.semmle.net/internal_api/v0.2/savePublicInformation leads to 500 server error and D-DOS to Semmle - 2 upvotes, $0
  244. Node.js HTTP/2 Large Settings Frame DoS to Node.js - 2 upvotes, $0
  245. Improper Input Validation allows an attacker to "double spend" or "respend", violating the integrity of the message command history or causing DoS to Agoric - 2 upvotes, $0
  246. DoS attack against the client when entering a long password to Nextcloud - 2 upvotes, $0
  247. API Server DoS (crash?) if many large resources (~1MB each) are concurrently/repeatedly sent to an external Validating WebHook endpoint to Kubernetes - 2 upvotes, $0
  248. [play.mtn.co.za] Application level DoS via xmlrpc.php to MTN Group - 2 upvotes, $0
  249. 1-click DOS in fastify-static via directly passing user's input to new URL() of NodeJS without try/catch to Fastify - 2 upvotes, $0
  250. Inadequate input validation on API endpoint leading to self denial of service and increased system load. to IRCCloud - 1 upvotes, $500
  251. Dashboard panel embedded onto itself causes a denial of service to Phabricator - 1 upvotes, $0
  252. owncloud.com: CVE-2015-5477 BIND9 TKEY Vulnerability + Exploit (Denial of Service) to ownCloud - 1 upvotes, $0
  253. CrashPlan Backup is Vulnerable Allowing to a DoS Attack Against Uber's Backups to backup.uber.com to Uber - 1 upvotes, $0
  254. Denial of service(POP UP Recursion) on Brave browser to Brave Software - 1 upvotes, $0
  255. xmlrpc.php FILE IS enable it can be used for conducting a Bruteforce attack and Denial of Service(DoS) to Ian Dunn - 1 upvotes, $0
  256. "Self" DOS with large deployment and scaling to Kubernetes - 1 upvotes, $0
  257. Denial of Service when entring an Array in email at seetings to Nextcloud - 1 upvotes, $0
  258. [meemo-app] Denial of Service via LDAP Injection to Node.js third-party modules - 1 upvotes, $0
  259. [json-bigint] DoS via __proto__ assignment to Node.js third-party modules - 1 upvotes, $0
  260. [http-live-simulator] Application-level DoS to Node.js third-party modules - 1 upvotes, $0
  261. DRb denial of service vulnerability to Ruby - 1 upvotes, $0
  262. Possibility of DoS attack at https://sifchain.finance// via CVE-2018-6389 exploitation to Sifchain - 1 upvotes, $0
  263. No Password Length Restriction leads to Denial of Service to Reddit - 1 upvotes, $0
  264. curl "globbing" can lead to denial of service attacks to curl - 1 upvotes, $0
  265. DOS in browser using window.print() function to Brave Software - 0 upvotes, $0
  266. Possibility of DOS Through logging System to Quora - 0 upvotes, $0
  267. Media parsing in canvas is at least vulnerable to Denial of Service through multiple vulnerabilities to Node.js third-party modules - 0 upvotes, $0
  268. DoS of https://blog.makerdao.com/ via CVE-2018-6389 to BlockDev Sp. Z o.o - 0 upvotes, $0
  269. A specifically designed sieve script can cause a DoS in lib-sieve during sieve script compilation via NULL pointer dereference to Open-Xchange - 0 upvotes, $0