CVEs in Bug Bounty

CVE-2021-22884

Node.js: DNS rebinding in --inspect (insufficient fix of CVE-2018-7160)

submitted by v6ak about 2 months ago
publicly disclosed 5 days ago

CVE-2020-8294

5.4 MEDIUM

Nextcloud: Stored XSS in markdown file with Nextcloud Talk using Internet Explorer

submitted by verg 3 months ago
publicly disclosed 9 days ago

CVE-2021-22882

7.5 HIGH

Ubiquiti Inc.: Camera adoption DoS - UniFi Protect

submitted by rchase 4 months ago
publicly disclosed 16 days ago

CVE-2021-22881

6.1 MEDIUM

Ruby on Rails: HostAuthorization middleware does not suitably sanitize the Host / X-Forwarded-For header allowing redirection.

submitted by tktech 2 months ago
publicly disclosed 18 days ago

CVE-2021-22880

7.5 HIGH

Ruby on Rails: Regular expression denial of service in ActiveRecord's PostgreSQL Money type

submitted by dee-see 3 months ago
publicly disclosed 18 days ago

CVE-2020-8284

3.7 LOW

curl: CVE-2020-8284: trusting FTP PASV responses

submitted by vepe 3 months ago
publicly disclosed 19 days ago

CVE-2020-8179

4.1 MEDIUM

Nextcloud: Access Control: Inject tasks into other users decks

submitted by dedoc 9 months ago
publicly disclosed 26 days ago

CVE-2021-22875

6.1 MEDIUM

Revive Adserver: Reflected XSS on /admin/stats.php

submitted by solov9ev about 1 month ago
publicly disclosed about 1 month ago

CVE-2021-22874

6.1 MEDIUM

Revive Adserver: Reflected XSS on /admin/userlog-index.php

submitted by solov9ev about 1 month ago
publicly disclosed about 1 month ago

CVE-2020-8295

7.5 HIGH

Nextcloud: Denial of Service by requesting to reset a password

submitted by makerlab 11 months ago
publicly disclosed about 1 month ago