We no longer accept any new submissions to SVCRP, but will of course handle and process all submissions received prior to today.
Read the blog post from Secuniaís Head of Research here
If you have any questions or comments, you are very welcome to contact us.
SVCRP (Secunia Vulnerability Coordination Reward Program) is a reward incentive offered by Secunia to researchers, who have discovered a vulnerability and would like a third party to confirm their findings and handle the coordination process with the vendor on their behalf.
All classes of vulnerabilities in most products are applicable for SVCRP as long as the following basic criteria are met:
Minor rewards will be continuously awarded to researchers coordinating their discoveries through Secunia based on their individual performance. The two major rewards are currently awarded annually (the first one in January 2012!).
Most Valued Contributor:
This is a yearly prize awarded to the researcher, who based on Secunia Research's judgement has been consistently coordinating correct, clearly detailed vulnerability reports that have been quick and easy to confirm.
Most Interesting Coordination Report:
This is a yearly prize awarded to the researcher, who based on Secunia Research's judgement has been coordinating the most interesting vulnerability (criteria considered are e.g. complexity, impact, affected product, level of detail in provided vulnerability report).
The current list of qualifying conferences are:
The coordination process will follow the same disclosure policy as followed by the Secunia Research team when coordinating internally discovered vulnerabilities.
If you would like to report a vulnerability to Secunia via SVCRP then please send a vulnerability report prefixed with "[SVCRP]" in the subject to email@example.com. The report should contain details on the affected product/version and PoC or detailed steps to trigger the vulnerability to ensure that Secunia Research can reproduce your findings.
If you prefer to send an encrypted vulnerability report then please find our PGP key here.
|Xerox WorkCentre 3315/3325 OpenSSL TLS/DTLS Heartbeat Two Information Disclosure Vulnerabilities|
|IBM Flex System Integrated Management Module 2 (IMM2) OpenSSL Weakness and Two Vulnerabilities|
|D-Link Multiple Products OpenSSL TLS/DTLS Heartbeat Two Information Disclosure Vulnerabilities|
|Symantec Multiple Products OpenSSL TLS/DTLS Heartbeat Two Information Disclosure Vulnerabilities|
Not a customer already?
Learn more about how our market leading Vulnerability Management solutions can help you manage risk and ensure compliance.