August 28, 2024 at 02:09PM Google significantly increases rewards for Chrome browser vulnerabilities through its VRP. Researchers may now earn up to $250,000 for a single issue, with the highest payouts for memory corruption bugs in non-sandboxed processes. Additional rewards are possible for specific exploit conditions. Google also offers rewards for other vulnerability classes based … Read more
July 2, 2024 at 02:11PM Google has initiated the kvmCTF, a new VRP to enhance the security of the KVM hypervisor. Offering $250,000 for full VM escape exploits, the program targets zero-day vulnerabilities through a controlled lab environment. Researchers will use exploits to capture flags, earning rewards based on the severity of the attack. Rules … Read more
July 1, 2024 at 10:06AM Google has introduced kvmCTF, a bug bounty program for the KVM hypervisor, offering significant rewards for vulnerabilities. Participants can attempt to conduct guest-to-host attacks in a lab environment, with potential payouts including $250,000 for a full VM escape. The program aims to enhance the security of widely used virtualization technology. … Read more
December 18, 2023 at 03:42PM Zoom developed the Vulnerability Impact Scoring System (VISS) as a more objective approach to assess the severity of vulnerabilities found during bug bounty programs. This system, providing a transparent and defensible way to calculate potential rewards for vulnerabilities, aims to prioritize critical and high-severity issues. VISS received positive feedback from … Read more