CVEs in Bug Bounty

CVE-2020-8293

6.5 MEDIUM

Nextcloud: Potential DDoS when posting long data into workflow validation rules

submitted by demonia 4 months ago
publicly disclosed about 1 month ago

CVE-2021-22873

6.1 MEDIUM

Revive Adserver: Open redirect in ck.php and lg.php

submitted by mbeccati about 1 month ago
publicly disclosed about 1 month ago

CVE-2021-22871

4.8 MEDIUM

Revive Adserver: Cross Site Scripting and Open Redirect in affiliate-preview.php file

submitted by keyurvala 11 months ago
publicly disclosed about 1 month ago

CVE-2021-22872

6.1 MEDIUM

Revive Adserver: Reflected XSS on /www/delivery/afr.php (bypass of report #775693)

submitted by axfla 5 months ago
publicly disclosed about 1 month ago

CVE-2019-15612

5.9 MEDIUM

Nextcloud: 2FA Session not expires after the password reset

submitted by jacksonkv67 about 2 years ago
publicly disclosed about 1 month ago

CVE-2019-15601

curl: SMB access smuggling via FILE URL on Windows

submitted by fms over 1 year ago
publicly disclosed about 1 month ago

CVE-2020-8288

5.4 MEDIUM

Rocket.Chat: XSS in message attachment fileds.

submitted by fabianfreyer 8 months ago
publicly disclosed about 1 month ago

CVE-2020-8292

5.4 MEDIUM

Rocket.Chat: Session Hijack via Self-XSS

submitted by jcardona 6 months ago
publicly disclosed about 1 month ago

CVE-2019-15615

6.1 MEDIUM

Nextcloud: Bypassing Passcode/Device credentials

submitted by ar-arvind over 1 year ago
publicly disclosed about 1 month ago

CVE-2020-29594

9.8 CRITICAL

Rocket.Chat: SAML authentication bypass through unauthenticated `addSamlProvider` Meteor Call

submitted by fabianfreyer 2 months ago
publicly disclosed about 2 months ago