PlayStation Bug Bounty Program Statistics | BugBountyHunter.com

You are viewing our old website

We are busy working on a brand new website and platform. All of the content on this website is considered out-dated, however challenges and our members section are working as before. Stay tuned for updates!

PlayStation Program Statistics

18 total issues disclosed

$120,700 total paid publicly

Most disclosed (3 disclosures) — Use After Free

Disclosed Reports

Report Title	Vulnerability Type	Disclosed By	Severity	Disclosed on
Double fdrop on a socket through sys_netcontrol	Double Free	slidybat	High	2026-05-01
PS4 BD-J privilege escalation using nested JAR	Privilege Escalation	gezine	Medium	2026-04-29
Blu-ray Disc Java Sandbox Escape via two vulnerabilities	Execution with Unnecessary Privileges	theflow0	Medium	2025-10-18
sys_fsc2h_ctrl kernel stack free	Use After Free	theflow0	High	2025-04-18
Remote vulnerabilities in spp	Classic Buffer Overflow	theflow0	High	2024-04-25
size_t-to-int vulnerability in exFAT leads to memory corruption via malformed USB flash drives	Incorrect Calculation of Buffer Size	theflow0	High	2022-09-21
Use-after-free in setsockopt IPV6_2292PKTOPTIONS (CVE-2020-7457)	Use After Free	theflow0	High	2022-09-20
bd-j exploit chain	Privilege Escalation	theflow0	High	2022-06-10
Remote kernel heap overflow	Heap Overflow	m00nbsd	High	2022-05-11
SMAP bypass	None supplied	m00nbsd	Medium	2021-05-27
SSRF chained to hit internal host leading to another SSRF which allows to read internal images.	Server-Side Request Forgery (SSRF)	bugdiscloseguys	High	2021-03-30
Reflected XSS on transact.playstation.com using postMessage from the opening window	Cross-site Scripting (XSS) - Reflected	vakzz	High	2021-03-30
Unrestricted access to quiesce functionality in dss.api.playstation.com REST API leads to unavailability of application	Missing Authorization	wiiiiam	High	2021-03-30
SOCK_RAW sockets reachable from Webkit process allows triggering double free in IP6_EXTHDR_CHECK	Double Free	theflow0	High	2021-01-12
Websites Can Run Arbitrary Code on Machines Running the 'PlayStation Now' Application	Code Injection	parsiya	Critical	2020-12-04
Access token stealing.	Missing Authorization	bugdiscloseguys	High	2020-11-21
Authorization Token on PlayStation Network Leaks via postMessage function	Violation of Secure Design Principles	nnez	High	2020-11-21
Use-After-Free In IPV6_2292PKTOPTIONS leading To Arbitrary Kernel R/W Primitives	Use After Free	theflow0	High	2020-07-06