Reports in playstation program: S.No Title Bounty 1 bd-j exploit chain $20000.0 2 Websites Can Run Arbitrary Code on Machines Running the 'PlayStation Now' Application $15000.0 3 Remote vulnerabilities in spp $12500.0 4 Use-After-Free In IPV6_2292PKTOPTIONS leading To Arbitrary Kernel R/W Primitives $10000.0 5 SOCK_RAW sockets reachable from Webkit process allows triggering double free in IP6_EXTHDR_CHECK $10000.0 6 Use-after-free in setsockopt IPV6_2292PKTOPTIONS (CVE-2020-7457) $10000.0 7 size_t-to-int vulnerability in exFAT leads to memory corruption via malformed USB flash drives $10000.0 8 Access token stealing. $1200.0 9 Authorization Token on PlayStation Network Leaks via postMessage function $1000.0 10 Access Token Smuggling from my.playstation.com via Referer Header $1000.0 11 SSRF on image renderer $1000.0 12 SSRF chained to hit internal host leading to another SSRF which allows to read internal images. $1000.0 13 Reflected XSS on transact.playstation.com using postMessage from the opening window $1000.0 14 Unrestricted access to quiesce functionality in dss.api.playstation.com REST API leads to unavailability of application $1000.0 15 SMAP bypass $0.0 16 Remote kernel heap overflow $0.0