Skip to content

Latest commit

 

History

History
275 lines (274 loc) · 38.2 KB

TOPDOS.md

File metadata and controls

275 lines (274 loc) · 38.2 KB
Raw

Top DoS reports from HackerOne:

  1. DoS on PayPal via web cache poisoning to PayPal - 820 upvotes, $9700
  2. profile-picture name parameter with large value lead to DoS for other users and programs on the platform to HackerOne - 464 upvotes, $0
  3. Denial of service to WP-JSON API by cache poisoning the CORS allow origin header to Automattic - 389 upvotes, $0
  4. Denial of service via cache poisoning to HackerOne - 233 upvotes, $2500
  5. Ability to DOS any organization's SSO and open up the door to account takeovers to Grammarly - 225 upvotes, $10500
  6. Uploading large payload on domain instructions causes server-side DoS to HackerOne - 196 upvotes, $2500
  7. Node disk DOS by writing to container /etc/hosts to Kubernetes - 159 upvotes, $0
  8. xmlrpc.php FILE IS enable it will used for Bruteforce attack and Denial of Service(DoS) to Nord Security - 154 upvotes, $0
  9. DoS on the Issue page by exploiting Mermaid. to GitLab - 138 upvotes, $3000
  10. character limitation bypass can lead to DoS on Twitter App and 500 Internal Server Error to X (Formerly Twitter) - 138 upvotes, $0
  11. Permanent DoS with one click. to Automattic - 126 upvotes, $0
  12. a very long name in hey.com can prevent anyone from accessing their contacts and probably can cause denial of service to Basecamp - 121 upvotes, $1000
  13. HTML Injection in Swing can disclose netNTLM hash or cause DoS to PortSwigger Web Security - 113 upvotes, $1000
  14. ActiveStorage throws exception when using whitespace as filename, may lead to denial of service of multiple pages to HackerOne - 110 upvotes, $0
  15. Denial of Service via Hyperlinks in Posts to Slack - 103 upvotes, $1500
  16. Cache Poisoning DoS on downloads.exodus.com to Exodus - 96 upvotes, $2500
  17. Attacker with an Old account might still be able to DoS ctf.hacker101.com by sending a Crafted request to HackerOne - 94 upvotes, $0
  18. Denial of Service | twitter.com & mobile.twitter.com to X (Formerly Twitter) - 86 upvotes, $1120
  19. Denial Of Service (Out Of Memory) on Updating Bounty Table [Urgent] to HackerOne - 83 upvotes, $0
  20. DoS attack via comment on Issue to GitLab - 79 upvotes, $1000
  21. [mijn.werkenbijdefensie.nl] Denial of service occurs due to lack of email length confirmation to Radancy - 79 upvotes, $0
  22. https://themes.shopify.com::: Host header web cache poisoning lead to DoS to Shopify - 73 upvotes, $2900
  23. Cache Poisoning DoS on updates.rockstargames.com to Rockstar Games - 73 upvotes, $500
  24. Cache poisoning Denial of Service affecting assets.gitlab-static.net to GitLab - 72 upvotes, $4850
  25. DoS of https://nordvpn.com/ via CVE-2018-6389 exploitation to Nord Security - 71 upvotes, $0
  26. [www.werkenbijbakertilly.nl] Denial of service due to incorrect server return can result in total denial of service. to Radancy - 67 upvotes, $0
  27. Denial of Service [Chrome] to X (Formerly Twitter) - 66 upvotes, $560
  28. Authenticated path traversal to Stored XSS and Denial-of-Service to phpBB - 66 upvotes, $0
  29. Authorization issue in Google G Suite allows DoS through HTTP redirect to Uber - 61 upvotes, $0
  30. DoS: type confusion in mrb_no_method_error to shopify-scripts - 60 upvotes, $0
  31. Web Cache Poisoning leads to XSS and DoS to Glassdoor - 59 upvotes, $0
  32. [api.tumblr.com] Denial of Service by cookies manipulation to Automattic - 51 upvotes, $0
  33. DoS via markdown API from unauthenticated user to GitHub - 50 upvotes, $4000
  34. DoS through PeerExplorer to Rootstock Labs - 49 upvotes, $4000
  35. Potential DoS vulnerability in Django in multipart parser to Internet Bug Bounty - 47 upvotes, $2400
  36. DOS in stream filters to Internet Bug Bounty - 44 upvotes, $0
  37. Google Maps API key stored as plain text leading to DOS and financial damage to Zenly - 42 upvotes, $750
  38. DOS via cache poisoning on [developer.mozilla.org] to Mozilla - 42 upvotes, $0
  39. Arbitrary file creation with semi-controlled content (leads to DoS, EoP and others) at Steam Windows Client to Valve - 41 upvotes, $1250
  40. http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks to Internet Bug Bounty - 40 upvotes, $3495
  41. DoS attacks utilizing camo.stream.highwebmedia.com to Chaturbate - 40 upvotes, $400
  42. Memory Leak in OCUtil.dll library in Desktop client can lead to DoS to Nextcloud - 40 upvotes, $100
  43. Hash-Collision Denial-of-Service Vulnerability in Markdown Parser to Reddit - 40 upvotes, $0
  44. Apache HTTP Server: HTTP/2 DoS by memory exhaustion on endless continuation frames to Internet Bug Bounty - 39 upvotes, $2580
  45. iOS group chat denial of service to LY Corporation - 38 upvotes, $300
  46. Application DOS via specially crafted payload on 3d.cs.money to CS Money - 35 upvotes, $0
  47. %0A (New line) and limitness URL leads to DoS at all system [Main adress (https://www.acronis.com/)] to Acronis - 35 upvotes, $0
  48. Regular expression denial of service in ActiveRecord's PostgreSQL Money type to Ruby on Rails - 33 upvotes, $0
  49. Remote denial of service in HyperLedger Fabric to Hyperledger - 32 upvotes, $0
  50. Chrome Extension is vulnerable to the self-DOS issues in case it process the security.txt with a big size to Ed - 31 upvotes, $0
  51. Cookie poisoning leads to DOS and Privacy Violation to CS Money - 30 upvotes, $700
  52. CryptoNote: remote node DoS to Monero - 30 upvotes, $0
  53. Use after free vulnerability in mruby Array#to_h causing DOS possible RCE to shopify-scripts - 29 upvotes, $0
  54. DoS on the Direct Messages to Slack - 28 upvotes, $500
  55. CVE-2023-46695: Potential denial of service vulnerability in UsernameField on Windows to Internet Bug Bounty - 27 upvotes, $2540
  56. JSON RPC methods for debugging enabled by default allow DoS to Rootstock Labs - 26 upvotes, $0
  57. Denial of Service by resource exhaustion in fetch() brotli decoding to Node.js - 26 upvotes, $0
  58. No redirect_uri in the db for web-internal clientKey leads to one-click DoS on gitter.im to GitLab - 25 upvotes, $1000
  59. Remote Server Restart Lead to Denial of Service by only one Request. to Keybase - 25 upvotes, $250
  60. Fastify denial-of-service vulnerability with large JSON payloads to Node.js third-party modules - 25 upvotes, $0
  61. Cache poisoning DoS to various TTS assets to GSA Bounty - 25 upvotes, $0
  62. DOS via issue preview to GitLab - 24 upvotes, $7640
  63. cookie injection allow dos attack to periscope.tv to X (Formerly Twitter) - 24 upvotes, $560
  64. xmlrpc.php FILE IS enable it will used for bruteforce attack and denial of service to LocalTapiola - 24 upvotes, $315
  65. DOS attack by consuming all CPU and using all available memory to Tron Foundation - 23 upvotes, $1500
  66. ICQ Android APP remote DoS to Mail.ru - 23 upvotes, $1000
  67. DoS through cache poisoning using invalid HTTP parameters to Greenhouse.io - 23 upvotes, $0
  68. Pixel Flood Attack leads to Application level DoS to CS Money - 22 upvotes, $200
  69. Cookie injection leads to complete DoS over whole domain *.mackeeper.com. Injection point accountstage.mackeeper.com/ to Clario - 22 upvotes, $50
  70. Bypass of request line length limit to DoS via cache poisoning to Greenhouse.io - 22 upvotes, $0
  71. Single User DOS by Poisoning Cookie via Get Parameter to Pornhub - 22 upvotes, $0
  72. XMLRPC, Enabling XPSA and Bruteforce and DOS + A file disclosing installer-logs. to MTN Group - 22 upvotes, $0
  73. DoS of LINE client for Android via message containing multiple unicode characters (0x0e & 0x0f) to LY Corporation - 22 upvotes, $0
  74. Insecure Processing of XML leads to Denial of Service through Billion Laughs Attack to Razer - 21 upvotes, $375
  75. DOS validator nodes of blockchain to block external connections to Hyperledger - 20 upvotes, $1500
  76. scripts loader (denial of service) vulnerability to MariaDB - 20 upvotes, $0
  77. [CVE-2024-26146] Header Parsing leads to Possible Denial of Service Vulnerability to Internet Bug Bounty - 20 upvotes, $0
  78. xmlrpc.php And /wp-json/wp/v2/users FILE IS enable it will used for bruteforce attack and denial of service to Sifchain - 19 upvotes, $50
  79. Comments Denial of Service in socialclub.rockstargames.com to Rockstar Games - 19 upvotes, $0
  80. Denial of Service by requesting to reset a password to Nextcloud - 19 upvotes, $0
  81. HTTP/2 PUSH_PROMISE DoS to curl - 19 upvotes, $0
  82. [CVE-2024-25126] Denial of Service Vulnerability in Rack Content-Type Parsing to Internet Bug Bounty - 19 upvotes, $0
  83. CVE-2024-27351: Potential regular expression denial-of-service in django.utils.text.Truncator.words() to Internet Bug Bounty - 18 upvotes, $2580
  84. DOS via move_issue to GitLab - 18 upvotes, $2300
  85. lack of input validation that can lead Denial of Service (DOS) to X (Formerly Twitter) - 18 upvotes, $560
  86. Variant of CVE-2013-0269 (Denial of Service and Unsafe Object Creation Vulnerability in JSON) to Ruby - 18 upvotes, $500
  87. Permanent Denial of Service to MS-DOS - 18 upvotes, $0
  88. Specially constructed multi-part requests cause multi-second response times; vulnerable to DoS to Ruby on Rails - 17 upvotes, $0
  89. Race condition on the Federalist API endpoints can lead to the Denial of Service attack to GSA Bounty - 16 upvotes, $150
  90. WEBrick::HTTPAuth::DigestAuth authentication is vulnerable to regular expression denial of service (ReDoS) to Ruby - 16 upvotes, $0
  91. Attacker may be able to bounce enough emails which suspend HackerOne's SES service and cause a DoS of HackerOne's email service to HackerOne - 16 upvotes, $0
  92. Possible denial of service when entering a loooong password to Nextcloud - 16 upvotes, $0
  93. Server-side denial of service via large payload sent to wiki.cs.money/graphql to CS Money - 16 upvotes, $0
  94. CVE-2023-23916: HTTP multi-header compression denial of service to curl - 16 upvotes, $0
  95. [Java] CWE-755: Query to detect Local Android DoS caused by NFE to GitHub Security Lab - 15 upvotes, $1800
  96. Single user DOS on selectedLanguage -cookie (yrityspalvelu.lahitapiola.fi) to LocalTapiola - 15 upvotes, $400
  97. Cookie-based client-side denial-of-service to all of the Lähitapiola domains to LocalTapiola - 15 upvotes, $0
  98. DoS for HTTP/2 connections by crafted requests (CVE-2018-1333) to Internet Bug Bounty - 15 upvotes, $0
  99. DoS of https://blog.yelp.com/ and other WP instances via CVE-2018-6389 to Yelp - 15 upvotes, $0
  100. xmlrpc.php file is enable it will used for (Denial of Service) and bruteforce attack to BlockDev Sp. Z o.o - 15 upvotes, $0
  101. Web Cache Poisoning leading to DoS to U.S. General Services Administration - 15 upvotes, $0
  102. DoS via Playbook to Mattermost - 15 upvotes, $0
  103. PNG compression DoS to HackerOne - 14 upvotes, $500
  104. xmlrpc.php FILE IS enabled it will used for Bruteforce attack and Denial of Service(DoS) to BlockDev Sp. Z o.o - 14 upvotes, $500
  105. Application-level DoS on image's "size" parameter. to Gratipay - 14 upvotes, $0
  106. Resource Consumption DOS on Edgemax v1.10.6 to Ubiquiti Inc. - 14 upvotes, $0
  107. xmlrpc.php FILE IS enable it will used for Bruteforce attack and Denial of Service(DoS) to Top Echelon Software - 14 upvotes, $0
  108. Null target_class DoS to shopify-scripts - 13 upvotes, $8000
  109. Chained vulnerabilities create DOS attack against users on desafio5estrelas.com to Uber - 13 upvotes, $1000
  110. DoS via large console messages to Mattermost - 13 upvotes, $150
  111. Possible denial of service when entering a loooong password to Nextcloud - 13 upvotes, $100
  112. Denial of Service with Cookie Bomb to Nord Security - 13 upvotes, $0
  113. CVE-2022-35252: control code in cookie denial of service to curl - 13 upvotes, $0
  114. DoS in bigdecimal's sqrt function due to miscalculation of loop iterations to Ruby - 13 upvotes, $0
  115. http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks to Node.js - 13 upvotes, $0
  116. No Rate Limiting on https://██████/██████████/accounts/password/reset/ endpoint leads to Denial of Service to U.S. Dept Of Defense - 12 upvotes, $0
  117. Cookie Bombing cause DOS - businesses.uber.com to Uber - 12 upvotes, $0
  118. [mtn.com.af] Multiple vulnerabilities allow to Application level DoS to MTN Group - 12 upvotes, $0
  119. Remote denial of service in HyperLedger Fabric to Hyperledger - 12 upvotes, $0
  120. WordPress application vulnerable to DoS attack via wp-cron.php to U.S. Dept Of Defense - 12 upvotes, $0
  121. User input validation can lead to DOS to X (Formerly Twitter) - 11 upvotes, $560
  122. Pre-auth Denial-of-Service in Dovecot RPA implementation to Open-Xchange - 11 upvotes, $550
  123. DOS: out of memory from gif through upload api to Mattermost - 11 upvotes, $150
  124. Content length restriction bypass can lead to DOS by reading large files on gip.rocks to Gratipay - 11 upvotes, $0
  125. memjs allocates and stores buffers on typed input, resulting in DoS and uninitialized memory usage to Node.js third-party modules - 11 upvotes, $0
  126. Application level denial of service due to shutting down the server to Node.js third-party modules - 11 upvotes, $0
  127. Denial Of Service in Strapi Framework using argument injection to Node.js third-party modules - 11 upvotes, $0
  128. Insufficient limitation of web page title leads to DoS against ICQ for Android to Mail.ru - 11 upvotes, $0
  129. Permanent DOS for new users! to Stripo Inc - 11 upvotes, $0
  130. Permanent DoS at https://happy.tools/ when inviting a user to Automattic - 11 upvotes, $0
  131. Denial of service via cache poisoning on https://www.data.gov/ to GSA Bounty - 11 upvotes, $0
  132. The parameter in the POST query allows to control size of returned page which in turn can lead to the potential DOS attack to LocalTapiola - 10 upvotes, $315
  133. xmlrpc.php FILE IS enable which enables attacker to XSPA Brute-force and even Denial of Service(DOS), in https://████/xmlrpc.php to U.S. Dept Of Defense - 10 upvotes, $0
  134. Denial of service due to invalid memory access in mrb_ary_concat to shopify-scripts - 9 upvotes, $8000
  135. Rack CVE-2022-30122: Denial of Service Vulnerability in Rack Multipart Parsing to Internet Bug Bounty - 9 upvotes, $2400
  136. Single User DOS on SelectedLocale -cookie (verkkopalvelu.tapiola.fi) to LocalTapiola - 9 upvotes, $400
  137. Single user DOS on selectedLanuage -cookie at (verkkopalvelu.tapiola.fi) to LocalTapiola - 9 upvotes, $100
  138. Proxy service crash DoS to Factlink - 9 upvotes, $0
  139. Denial of Service through set_preference.json to Keybase - 9 upvotes, $0
  140. Fix for self-DoS in Security-txt Chrome Extension. to Ed - 9 upvotes, $0
  141. XML hash collision DoS vulnerability in Python's xml.etree module to Internet Bug Bounty - 9 upvotes, $0
  142. DoS for remote nodes using Slow Loris attack to Monero - 9 upvotes, $0
  143. Cisco ASA Denial of Service & Path Traversal (CVE-2018-0296) to ok.ru - 9 upvotes, $0
  144. Multiple HTTP/2 DOS Issues to Node.js - 9 upvotes, $0
  145. CVE-2017-8779 exploit on open rpcbind port could lead to remote DoS to Endless Group - 9 upvotes, $0
  146. load scripts DOS vulnerability to OLX - 9 upvotes, $0
  147. Cache Posioning leading to denial of service at █████████ - Bypass fix from report #1198434 to U.S. Dept Of Defense - 9 upvotes, $0
  148. Denial of Service in mruby due to null pointer dereference to shopify-scripts - 8 upvotes, $8000
  149. CVE-2022-32206: HTTP compression denial of service to Internet Bug Bounty - 8 upvotes, $2400
  150. potential denial of service attack via the locale parameter to Internet Bug Bounty - 8 upvotes, $2400
  151. CVE-2023-25692: Apache Airflow Google Provider: Google Cloud Sql Provider Denial Of Service and Remote Command Execution to Internet Bug Bounty - 8 upvotes, $480
  152. Denial of Service by resource exhaustion CWE-400 due to unfinished HTTP/1.1 requests to Node.js - 8 upvotes, $250
  153. DoS in Brave browser for iOS to Brave Software - 8 upvotes, $80
  154. Возможность провести DoS атаку от имени vk.com сервера to VK.com - 8 upvotes, $0
  155. Denial of Service in Action Pack Exception Handling to Ruby on Rails - 8 upvotes, $0
  156. DoS of www.lahitapiolarahoitus.fi via CVE-2018-6389 exploitation to LocalTapiola - 8 upvotes, $0
  157. scripts loader DOS vulnerability to FormAssembly - 8 upvotes, $0
  158. CVE-2022-35252: control code in cookie denial of service to Internet Bug Bounty - 8 upvotes, $0
  159. Lack of Packet Sanitation in Goflow Results in Multiple DoS Attack Vectors and Bugs to Cloudflare Public Bug Bounty - 7 upvotes, $500
  160. WordPress Authentication Denial of Service to Instacart - 7 upvotes, $100
  161. SSRF / Local file enumeration / DoS due to improper handling of certain file formats by ffmpeg to Imgur - 7 upvotes, $0
  162. Malformed SHA512 ticket DoS (CVE-2016-6302) to Internet Bug Bounty - 7 upvotes, $0
  163. http-proxy-agent passes unsanitized options to Buffer(arg), resulting in DoS and uninitialized memory leak to Node.js third-party modules - 7 upvotes, $0
  164. Client DoS due to large DH parameter (CVE-2018-0732) to Internet Bug Bounty - 7 upvotes, $0
  165. Algorithmic complexity vulnerability in ZXCVBN leads to remote denial of service attack to Dropbox - 7 upvotes, $0
  166. SQL Injection or Denial of Service due to a Prototype Pollution to Node.js third-party modules - 7 upvotes, $0
  167. [cloudron-surfer] Denial of Service via LDAP Injection to Node.js third-party modules - 7 upvotes, $0
  168. Denial of Service in anti_ransomware_service.exe via logs files to Acronis - 7 upvotes, $0
  169. Application level DOS at Login Page ( Accepts Long Password ) to Reddit - 7 upvotes, $0
  170. DoS at ████████ (CVE-2018-6389) to U.S. Dept Of Defense - 7 upvotes, $0
  171. DoS at █████(CVE-2018-6389) to U.S. Dept Of Defense - 7 upvotes, $0
  172. Range constructor type confusion DoS to shopify-scripts - 6 upvotes, $10000
  173. CVE-2022-32205: Set-Cookie denial of service to Internet Bug Bounty - 6 upvotes, $480
  174. [DOS] denial of service using code snippet on brave browser to Brave Software - 6 upvotes, $25
  175. Denial of Service any Report to HackerOne - 6 upvotes, $0
  176. DOS Report FILE html inside <code> in markdown to HackerOne - 6 upvotes, $0
  177. DoS vulnerability in mod_auth_digest CVE-2016-2161 to Internet Bug Bounty - 6 upvotes, $0
  178. WordPress core - Denial of Service via Cross Site Request Forgery to WordPress - 6 upvotes, $0
  179. https-proxy-agent passes unsanitized options to Buffer(arg), resulting in DoS and uninitialized memory leak to Node.js third-party modules - 6 upvotes, $0
  180. Remote P2P DoS to Monero - 6 upvotes, $0
  181. Lodash "difference" (possibly others) Function Denial of Service Through Unvalidated Input to Node.js third-party modules - 6 upvotes, $0
  182. HTTP/2 Denial of Service Vulnerability to Node.js - 6 upvotes, $0
  183. DoS for client-go jsonpath func to Kubernetes - 6 upvotes, $0
  184. Camera adoption DoS - UniFi Protect to Ubiquiti Inc. - 6 upvotes, $0
  185. Ruby - Regular Expression Denial of Service Vulnerability of Date Parsing Methods to Internet Bug Bounty - 6 upvotes, $0
  186. Regular Expression Denial of Service vulnerability to Reddit - 6 upvotes, $0
  187. ruby DoS https://www.mruby.science to shopify-scripts - 5 upvotes, $8000
  188. Potential denial of service in hackerone.com/<program>/reward_settings to HackerOne - 5 upvotes, $0
  189. Denial of service attack on Brave Browser. to Brave Software - 5 upvotes, $0
  190. [tor] control connection pre-auth DoS (infinite loop) with --enable-bufferevents to Tor - 5 upvotes, $0
  191. Missing back-end user input validation can lead to DOS flaw to Liberapay - 5 upvotes, $0
  192. Cache Posioning leading do Denial of Service on www.█████████ to U.S. Dept Of Defense - 5 upvotes, $0
  193. monerod JSON RPC server remote DoS to Monero - 5 upvotes, $0
  194. DoS of https://research.adobe.com/ via CVE-2018-6389 exploitation to Adobe - 5 upvotes, $0
  195. DoS via Automatic Response Message to Mattermost - 5 upvotes, $0
  196. Thumbor misconfiguration at blogapi.uber.com can lead to DoS to Uber - 4 upvotes, $500
  197. [CVE-2023-22799] Possible ReDoS based DoS vulnerability in GlobalID to Internet Bug Bounty - 4 upvotes, $480
  198. Fastify uses allErrors: true ajv configuration by default which is susceptible to DoS to Node.js third-party modules - 4 upvotes, $250
  199. Denial of Service to HackerOne - 4 upvotes, $100
  200. Arbitrary command execution in MS-DOS to MS-DOS - 4 upvotes, $0
  201. help.nextcloud.com: Known DoS condition (null pointer deref) in Nginx running to Nextcloud - 4 upvotes, $0
  202. Filename enumeration && DoS to Nextcloud - 4 upvotes, $0
  203. No Password Length Restriction leads to Denial of Service to Weblate - 4 upvotes, $0
  204. Abuse of Api that causes spamming users and possible DOS due to missing rate limit on contact form to Weblate - 4 upvotes, $0
  205. pngcrush double-free/segfault could result in DoS (CVE-2015-7700) to Internet Bug Bounty - 4 upvotes, $0
  206. Denial of service in libxml2, using malicious lzma file to consume available system memory to Internet Bug Bounty - 4 upvotes, $0
  207. Denial of Service: nghttp2 use of uninitialized pointer to Node.js - 4 upvotes, $0
  208. Application level DoS via xmlrpc.php to U.S. Dept Of Defense - 4 upvotes, $0
  209. DoS for GCSArtifact.RealAll to Kubernetes - 4 upvotes, $0
  210. DoS due to improper input validation can break the admin access into the user data will disallow him from editing that user's data. to Nextcloud - 4 upvotes, $0
  211. Slowvote and Countdown can cause Denial of Service due to recursive inclusion to Phabricator - 4 upvotes, $0
  212. CVE-2022-32206: HTTP compression denial of service to curl - 4 upvotes, $0
  213. CVE-2022-32205: Set-Cookie denial of service to curl - 4 upvotes, $0
  214. DoS via lua_read_body() [zhbug_httpd_94] to Internet Bug Bounty - 4 upvotes, $0
  215. HTTP multi-header compression denial of service to Internet Bug Bounty - 4 upvotes, $0
  216. Potential denial of service in hackerone.com/teams/new to HackerOne - 3 upvotes, $0
  217. History Disclosure of MS-Dos to MS-DOS - 3 upvotes, $0
  218. Apache Range Header Denial of Service Attack (Confirmed PoC) to ownCloud - 3 upvotes, $0
  219. DoS Attack in Controller Lookup Code to Ruby on Rails - 3 upvotes, $0
  220. Denial of service (segfault) due to null pointer dereference in mrb_obj_instance_eval to shopify-scripts - 3 upvotes, $0
  221. doc.owncloud.com: CVE-2015-5477 BIND9 TKEY Vulnerability + Exploit (Denial of Service) to ownCloud - 3 upvotes, $0
  222. ci.nextcloud.com: CVE-2015-5477 BIND9 TKEY Vulnerability + Exploit (Denial of Service) to Nextcloud - 3 upvotes, $0
  223. Ruby 2.3.x and 2.2.x still bundle DoS vulnerable verision of libYAML to Ruby - 3 upvotes, $0
  224. CVE-2017-5969: libxml2 when used in recover mode, allows remote attackers to cause a denial of service (NULL pointer dereference) to Internet Bug Bounty - 3 upvotes, $0
  225. Dos https://iandunn.name/ via CVE-2018-6389 exploitation to Ian Dunn - 3 upvotes, $0
  226. load scripts DOS vulnerability to BlockDev Sp. Z o.o - 3 upvotes, $0
  227. HTTP2 'unknownProtocol' cause Denial of Service by resource exhaustion to Node.js - 3 upvotes, $0
  228. Instance Page DOS within Organization on TikTok Ads to TikTok - 3 upvotes, $0
  229. Denial of Service vulnerability in curl when parsing MQTT server response to curl - 3 upvotes, $0
  230. Self-DoS due to template injection via email field in password reset form on access.acronis.com to Acronis - 3 upvotes, $0
  231. Regular Expression Denial of Service in Headers to Node.js - 3 upvotes, $0
  232. Possible DOS in app with crashing exceptions_app to Ruby on Rails - 3 upvotes, $0
  233. moderate: mod_deflate denial of service to Internet Bug Bounty - 2 upvotes, $500
  234. Possible DoS Vulnerability in Multipart MIME parsing in rack to Internet Bug Bounty - 2 upvotes, $480
  235. [CVE-2022-44570] Possible Denial of Service Vulnerability in Rack’s Range header parsing to Internet Bug Bounty - 2 upvotes, $480
  236. [CVE-2023-22796] Possible ReDoS based DoS vulnerability in Active Support’s underscore to Internet Bug Bounty - 2 upvotes, $480
  237. [CVE-2022-44572] Possible Denial of Service Vulnerability in Rack’s RFC2183 boundary parsing to Internet Bug Bounty - 2 upvotes, $480
  238. [CVE-2022-44571] Possible Denial of Service Vulnerability in Rack Content-Disposition parsing to Internet Bug Bounty - 2 upvotes, $480
  239. DNS Max Responses for DOS to Node.js - 2 upvotes, $250
  240. Possible SQL injection can cause denial of service attack to Dropbox - 2 upvotes, $0
  241. Denial of service in report view. to HackerOne - 2 upvotes, $0
  242. Denial of service in account statistics endpoint to Mapbox - 2 upvotes, $0
  243. Denial of service attack(window object) on brave browser to Brave Software - 2 upvotes, $0
  244. Denial of service (segfault) due to null pointer dereference in mrb_vm_exec to shopify-scripts - 2 upvotes, $0
  245. Abuse of Api that causes spamming users and possible DOS due to missing rate limit to Weblate - 2 upvotes, $0
  246. Regular Expression Denial of Service (ReDoS) to Node.js third-party modules - 2 upvotes, $0
  247. Server side includes in https://lgtm-com.pentesting.semmle.net/internal_api/v0.2/savePublicInformation leads to 500 server error and D-DOS to Semmle - 2 upvotes, $0
  248. Node.js HTTP/2 Large Settings Frame DoS to Node.js - 2 upvotes, $0
  249. Improper Input Validation allows an attacker to "double spend" or "respend", violating the integrity of the message command history or causing DoS to Agoric - 2 upvotes, $0
  250. DoS attack against the client when entering a long password to Nextcloud - 2 upvotes, $0
  251. API Server DoS (crash?) if many large resources (~1MB each) are concurrently/repeatedly sent to an external Validating WebHook endpoint to Kubernetes - 2 upvotes, $0
  252. [play.mtn.co.za] Application level DoS via xmlrpc.php to MTN Group - 2 upvotes, $0
  253. 1-click DOS in fastify-static via directly passing user's input to new URL() of NodeJS without try/catch to Fastify - 2 upvotes, $0
  254. Inadequate input validation on API endpoint leading to self denial of service and increased system load. to IRCCloud - 1 upvotes, $500
  255. Dashboard panel embedded onto itself causes a denial of service to Phabricator - 1 upvotes, $0
  256. owncloud.com: CVE-2015-5477 BIND9 TKEY Vulnerability + Exploit (Denial of Service) to ownCloud - 1 upvotes, $0
  257. CrashPlan Backup is Vulnerable Allowing to a DoS Attack Against Uber's Backups to backup.uber.com to Uber - 1 upvotes, $0
  258. Denial of service(POP UP Recursion) on Brave browser to Brave Software - 1 upvotes, $0
  259. xmlrpc.php FILE IS enable it can be used for conducting a Bruteforce attack and Denial of Service(DoS) to Ian Dunn - 1 upvotes, $0
  260. "Self" DOS with large deployment and scaling to Kubernetes - 1 upvotes, $0
  261. Denial of Service when entring an Array in email at seetings to Nextcloud - 1 upvotes, $0
  262. [meemo-app] Denial of Service via LDAP Injection to Node.js third-party modules - 1 upvotes, $0
  263. [json-bigint] DoS via __proto__ assignment to Node.js third-party modules - 1 upvotes, $0
  264. [http-live-simulator] Application-level DoS to Node.js third-party modules - 1 upvotes, $0
  265. DRb denial of service vulnerability to Ruby - 1 upvotes, $0
  266. Possibility of DoS attack at https://sifchain.finance// via CVE-2018-6389 exploitation to Sifchain - 1 upvotes, $0
  267. No Password Length Restriction leads to Denial of Service to Reddit - 1 upvotes, $0
  268. curl "globbing" can lead to denial of service attacks to curl - 1 upvotes, $0
  269. DOS in browser using window.print() function to Brave Software - 0 upvotes, $0
  270. Possibility of DOS Through logging System to Quora - 0 upvotes, $0
  271. Media parsing in canvas is at least vulnerable to Denial of Service through multiple vulnerabilities to Node.js third-party modules - 0 upvotes, $0
  272. DoS of https://blog.makerdao.com/ via CVE-2018-6389 to BlockDev Sp. Z o.o - 0 upvotes, $0
  273. A specifically designed sieve script can cause a DoS in lib-sieve during sieve script compilation via NULL pointer dereference to Open-Xchange - 0 upvotes, $0