REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
bobrov
117
geeknik
79
linkks
75
jobert
69
sp1d3rs
68
someonenobbd
61
nyymi
50
jon_bottarini
49
haxta4ok00
48
netfuzzer
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
Nextcloud
disclosed a bug submitted by
lukasreschke
Chat room member disclosure via autocomplete API
25 Mar 2023
U.S. Department of State
disclosed a bug submitted by
hollaatm3
Bypassing Whitelist to perform SSRF for internal host scanning
24 Mar 2023
U.S. Dept Of Defense
disclosed a bug submitted by
pwnesec
DoS at (CVE-2018-6389)
24 Mar 2023
U.S. Dept Of Defense
disclosed a bug submitted by
miguel_santareno
Improper Access Control on Media Wiki allows an attackers to restart installation on DoD asset
24 Mar 2023
U.S. Dept Of Defense
disclosed a bug submitted by
rodriguezjorgex
Path traversal leads to reading of local files on and
24 Mar 2023
U.S. Dept Of Defense
disclosed a bug submitted by
0xd3adc0de
Reflected XSS in
24 Mar 2023
U.S. Dept Of Defense
disclosed a bug submitted by
iam_a_jinchuriki
xmlrpc.php file enabled at .org
24 Mar 2023
U.S. Dept Of Defense
disclosed a bug submitted by
abhinavsecondary
Client side authentication leads to Auth Bypass
24 Mar 2023
U.S. Dept Of Defense
disclosed a bug submitted by
0xd3adc0de
Reflected XSS in
24 Mar 2023
U.S. Dept Of Defense
disclosed a bug submitted by
abhinavsecondary
HAProxy stats panel exposed externally
24 Mar 2023
U.S. Dept Of Defense
disclosed a bug submitted by
0xd3adc0de
Reflected XSS in
24 Mar 2023
Uber
disclosed a bug submitted by
zhero_
HTML injection via insecure parameter [https://www.ubercarshare.com/]
23 Mar 2023
Uber
disclosed a bug submitted by
zhero_
DOM based XSS via insecure parameter on [ https://uberpay-mock-psp.uber.com ]
23 Mar 2023
Uber
disclosed a bug submitted by
kxyry
[uchat.uberinternals.com] Mattermost doesn't check Origin in Websockets, which leads to the Critical Inforamation Leakage.
23 Mar 2023
Uber
disclosed a bug submitted by
kxyry
[data-07.uberinternal.com] SSRF in Portainer app lead to access to Internal Docker API without Auth
23 Mar 2023
Internet Bug Bounty
disclosed a bug submitted by
kurohiro
CVE-2023-27537: HSTS double-free
23 Mar 2023
Internet Bug Bounty
disclosed a bug submitted by
nyxsorcerer
Apache HTTP Server: mod_proxy_uwsgi HTTP response splitting (CVE-2023-27522)
23 Mar 2023
curl
disclosed a bug submitted by
nyymi
CVE-2023-27538: SSH connection too eager reuse still
22 Mar 2023
curl
disclosed a bug submitted by
nyymi
CVE-2023-27536: GSS delegation too eager connection re-use
22 Mar 2023
1
2
3
...
650
BY DENIS WERNER - @NOBBD -
IMPRESSUM