Skip to content

Latest commit

 

History

History
78 lines (77 loc) · 10.5 KB

TOPTHEINTERNET.md

File metadata and controls

78 lines (77 loc) · 10.5 KB
Raw

Top reports from The Internet program at HackerOne:

  1. Key Reinstallation Attacks: Breaking WPA2 by forcing nonce reuse to The Internet - 190 upvotes, $25000
  2. Ubuntu Linux privilege escalation (dirty_sock) to The Internet - 101 upvotes, $1000
  3. RCE via ssh:// URIs in multiple VCS to The Internet - 38 upvotes, $3000
  4. Race Conditions in OAuth 2 API implementations to The Internet - 35 upvotes, $2500
  5. ACME TLS-SNI-01/02 challenge vulnerable when combined with shared hosting providers to The Internet - 34 upvotes, $0
  6. ZeroMQ libzmq remote code execution to The Internet - 29 upvotes, $1000
  7. Mailsploit: a sender spoofing bug in over 30 email clients to The Internet - 27 upvotes, $0
  8. 4 severe remote + several minor OpenVPN vulnerabilities to The Internet - 27 upvotes, $0
  9. DOMPurify bypass to The Internet - 23 upvotes, $0
  10. Insufficient shell characters filtering leads to (potentially remote) code execution (CVE-2016-3714) to The Internet - 21 upvotes, $7500
  11. TLS Virtual Host Confusion to The Internet - 19 upvotes, $7500
  12. Multiple HTTP Smuggling reports to The Internet - 16 upvotes, $0
  13. GNU Bourne-Again Shell (Bash) 'Shellshock' Vulnerability to The Internet - 15 upvotes, $20000
  14. CVE-2019-5736: Escape from Docker and Kubernetes containers to root on host to The Internet - 14 upvotes, $1000
  15. TLS Triple Handshake Attack to The Internet - 12 upvotes, $7500
  16. Exim off-by-one RCE vulnerability to The Internet - 11 upvotes, $1500
  17. Cross-site information assertion leak via Content Security Policy to The Internet - 11 upvotes, $0
  18. Drupal 7 pre auth sql injection and remote code execution to The Internet - 10 upvotes, $3000
  19. Critical vulnerability in JSON Web Encryption (JWE) - RFC 7516 Invalid Curve attack to The Internet - 10 upvotes, $1000
  20. Linux kernel: CVE-2017-7308: a signedness issue in AF_PACKET sockets to The Internet - 10 upvotes, $0
  21. rpcbind "rpcbomb" CVE-2017-8779, CVE-2017-8804 to The Internet - 10 upvotes, $0
  22. Mercurial git subrepo lead to arbritary command injection to The Internet - 9 upvotes, $1500
  23. Linux kernel: CVE-2017-1000112: a memory corruption due to UFO to non-UFO path switch to The Internet - 9 upvotes, $0
  24. Linux kernel: CVE-2017-6074: DCCP double-free vulnerability to The Internet - 8 upvotes, $1000
  25. Industry-Wide MITM Vulnerability Impacting the JVM Ecosystem to The Internet - 8 upvotes, $0
  26. OpenSSH: Memory corruption in AES-GCM support to The Internet - 7 upvotes, $1500
  27. ntpd: read_mru_list() does inadequate incoming packet checks to The Internet - 7 upvotes, $500
  28. [bower] Arbitrary File Write through improper validation of symlinks while package extraction to The Internet - 7 upvotes, $500
  29. libtiff 4.0.6 heap bufer overflow / out of bounds read (CVE-2016-9273) to The Internet - 6 upvotes, $500
  30. RCE on default Ubuntu Desktop >= 12.10 Quantal to The Internet - 6 upvotes, $0
  31. Dragonblood: Design and Implementation Flaws in WPA3 and EAP-pwd to The Internet - 5 upvotes, $750
  32. libtiff 4.0.6 segfault / read outside of buffer (CVE-2016-9297) to The Internet - 5 upvotes, $500
  33. Unsecure: Bypass alerts of Little Flocker / Little Snitch / HandsOff! / BlockBlock (same concept can be applied to other security tools) to The Internet - 5 upvotes, $0
  34. CVE-2017-10966: Heap-use-after-free in Irssi <1.0.4 to The Internet - 5 upvotes, $0
  35. Exim use-after-free vulnerability while reading mail header involving BDAT commands to The Internet - 5 upvotes, $0
  36. Malicious Server can force read any file on clients system with default configuration in MySQL Clients to The Internet - 5 upvotes, $0
  37. Bypassing Same Origin Policy With JSONP APIs and Flash to The Internet - 4 upvotes, $3000
  38. OpenSSH / dropbearSSHd xauth command injection to The Internet - 4 upvotes, $1500
  39. Denial of service in libxml2, using malicious lzma file to consume available system memory to The Internet - 4 upvotes, $0
  40. CVE-2017-11367: Global buffer overflow (READ of size 4) in shoco C library to The Internet - 4 upvotes, $0
  41. Two vulnerability in GNU binutils to The Internet - 4 upvotes, $0
  42. FREAK: Factoring RSA_EXPORT Keys to Impersonate TLS Servers to The Internet - 3 upvotes, $7500
  43. open redirect in rfc6749 to The Internet - 3 upvotes, $3000
  44. Mercurial can be tricked into granting authorized users access to the Python debugger to The Internet - 3 upvotes, $500
  45. Silent omission of certificate hostname verification in LibreSSL and BoringSSL to The Internet - 3 upvotes, $0
  46. pngcrush double-free/segfault could result in DoS (CVE-2015-7700) to The Internet - 3 upvotes, $0
  47. CVE-2017-5969: libxml2 when used in recover mode, allows remote attackers to cause a denial of service (NULL pointer dereference) to The Internet - 3 upvotes, $0
  48. CVE-2017-10965: Null pointer dereference in Irssi <1.0.4 to The Internet - 3 upvotes, $0
  49. GarlicRust - heartbleed style vulnerability in major I2P C++ router implementations to The Internet - 3 upvotes, $0
  50. Exim handles BDAT data incorrectly and leads to crash/hang to The Internet - 3 upvotes, $0
  51. Widespread failure of certificate validation in Android apps to The Internet - 3 upvotes, $0
  52. Incorrect logic in MySQL & MariaDB protocol leads to remote SSRF/Remote file read to The Internet - 3 upvotes, $0
  53. Uncontrolled Resource Consumption with XMPP-Layer Compression to The Internet - 2 upvotes, $500
  54. pngcrush_measure_idat() off-by-one error (CVE-2015-2158) to The Internet - 2 upvotes, $0
  55. Multiple issues in Libxml2 (2.9.2 - 2.9.5) to The Internet - 2 upvotes, $0
  56. external entity expansion in Apache POI to The Internet - 2 upvotes, $0
  57. CVE-2017-8798 - miniupnp getHTTPResponse chunked encoding integer signedness error to The Internet - 2 upvotes, $0
  58. CVE-2016-4796 OpenJPEG color_cmyk_to_rgb Out-of-Bounds Read Vulnerability to The Internet - 2 upvotes, $0
  59. CVE-2016-7163 OpenJPEG opj_pi_create_decode Integer Overflow Vulnerability to The Internet - 2 upvotes, $0
  60. putty pscp client-side post-auth stack buffer overwrite when processing remote file size to The Internet - 2 upvotes, $0
  61. Heap overflow in H. Spencer’s regex library on 32 bit systems to The Internet - 1 upvotes, $3000
  62. CVE-2017-13090 wget heap smash to The Internet - 1 upvotes, $0
  63. CVE-2017-13089 wget stack smash to The Internet - 1 upvotes, $0
  64. Ericsson Erlang OTP Core Allocation Subsystem Integer Overflow (All Versions) to The Internet - 1 upvotes, $0
  65. Roundcube virtualmin privilege escalation (CVE-2017-8114) to The Internet - 1 upvotes, $0
  66. The “Malstaller” Attack, global hijacking of any installation process to achieve RCE with elevated privileges, Windows OS (vendor agnostic) to The Internet - 1 upvotes, $0
  67. CVE-2016-3182 OpenJPEG color_esycc_to_rgb Out-of-Bounds Read Vulnerability to The Internet - 1 upvotes, $0
  68. CVE-2016-3183 OpenJPEG sycc422_to_rgb Out-of-Bounds Read Vulnerability to The Internet - 1 upvotes, $0
  69. LZ4 Core to The Internet - 0 upvotes, $6000
  70. Multiple issues in looking-glass software (aka from web to BGP injections) to The Internet - 0 upvotes, $5000
  71. Bad Write in TTF font parsing (win32k.sys) to The Internet - 0 upvotes, $5000
  72. rsync hash collisions may allow an attacker to corrupt or modify files to The Internet - 0 upvotes, $3000
  73. libcurl: URL request injection to The Internet - 0 upvotes, $3000
  74. libcurl duphandle read out of bounds to The Internet - 0 upvotes, $1000
  75. CVE-2016-1924 OpenJPEG opj_tgt_reset Out-of-Bounds Read Vulnerability to The Internet - 0 upvotes, $0
  76. CVE-2016-5157 OpenJPEG opj_dwt_interleave_v Out-of-Bounds Write Vulnerability to The Internet - 0 upvotes, $0