Vulnerability Reports Full List

• 2018
  • Out-of-bounds read in Chrome V8 (reward $4,500 / CVE-2018-6142) (link)
  • Uninitialize Variable in Chrome V8 (reward $3,500) (link)
• 2017
  • Out of bounds access in Chrome V8 (reward $3,000 / CVE-2017-5122) (link)
  • Out of bounds read in Chrome V8 (reward $3,000 / CVE-2017-5071) (link)
  • Information Disclosure in Chrome V8 (reward $2,000 / CVE-2017-5040) (link)
  • Null Pointer Dereference in string prepend of mruby (reward $800) (link)
  • Heap Overflow in array splice of mruby (reward $800) (link)
  • Type Confusion in print_backtrace of mruby (reward $100) (link)
  • Use After Free in array replace of mruby (reward $800) (link)
  • Local File Inclusion Attack in Rocket (link)
  • Integer Overflow in array splice of mruby (reward $800) (link)
  • Integer Overflow in array set of mruby (reward $100) (link)
  • Remote Code Execution in icoutils (CVE-2017-5208) (link)
• 2016
  • Out-of-bounds write in Chrome V8 (reward $5,000 / CVE-2016-5200) (link)
  • Memory Corruption in Chrome V8 (reward $5,000 / CVE-2016-5172) (link)
  • Unauthorized branch access in GitHub (reward $5,000 + bonus $1,000) (link)
  • Heap Buffer Overflow in Chrome V8 (reward $3,000 / CVE-2016-1669) (link)
  • Out-of-bounds write in Chrome V8 (reward $5,000 / CVE-2016-1653) (link)
• 2015
  • Remote Code Execution in GitHub for Mac (reward $2,500) (link)
  • XSS in GitHub (reward $1,000) (link)
  • XSS in Dropbox (reward $1,331) (post)
• 2014
  • Remote Code Execution in Dr.Soft Netclient5 PMS (reward XXX / KISA 14-084)
  • Remote Code Execution in UNIST portal web site
• 2013
  • SQL Injection and Break password encryption in UNIST portal web site
  • SQL Injection in UNIST web mail
  • Remote Code Execution in UNIST attendance checking devices