REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'GoCD'
disclosed a bug submitted by
b'redyetihacks'
b'XSS in new.loading.page.html'
17 Mar 2024
b'HackerOne'
disclosed a bug submitted by
b'akashhamal0x01'
b'Being able to disclose IBB bounty table of any public program'
17 Mar 2024
b'Node.js'
disclosed a bug submitted by
b'maple3142'
b'Denial of Service by resource exhaustion in fetch() brotli decoding'
16 Mar 2024
b'Node.js'
disclosed a bug submitted by
b'valette'
b'setuid() does not drop all privileges due to io_uring'
16 Mar 2024
b'GitHub'
disclosed a bug submitted by
b'inspector-ambitious'
b'Bypassing Collaborator Restrictions: Retaining Admin Access Post-Repository Transfer'
15 Mar 2024
b'GitHub'
disclosed a bug submitted by
b'inspector-ambitious'
b'Persistent Unauthorized Administrative Access on All Organization Repositories via RC in User Conversion to Organization'
15 Mar 2024
b'Doppler'
disclosed a bug submitted by
b'w3shi'
b'Github app(link) Takeover Listed on "https://docs.doppler.com/docs/github-actions" page'
15 Mar 2024
b'Mozilla Critical Services'
disclosed a bug submitted by
b'psycho_012'
b'Insecure S3 Bucket Exposing Git Directory in Mozilla Foundation Infographics Project'
13 Mar 2024
b'Publitas'
disclosed a bug submitted by
b'giwadaoud'
b'Unauthorized Access to Offline Publication Cover Pages via SOURCE_DOCUMENT_ID'
13 Mar 2024
b'LinkedIn'
disclosed a bug submitted by
b'marvelmaniac'
b'An attacker can submit arbitrary projects to their service accounts and obtain full information on projects of other users.'
12 Mar 2024
b'RubyGems'
disclosed a bug submitted by
b'ooooooo_q'
b"Bundler's RCE with response using Marshal"
12 Mar 2024
b'Internet Bug Bounty'
disclosed a bug submitted by
b'timon8'
b'Proxy-Authorization header is not cleared in cross-domain redirect in undici'
12 Mar 2024
b'Internet Bug Bounty'
disclosed a bug submitted by
b'timon8'
b'Apache Airflow: Bypass permission verification to read code of other dags'
12 Mar 2024
b'Node.js'
disclosed a bug submitted by
b'timon8'
b'Proxy-Authorization header is not cleared in cross-domain redirect in undici'
12 Mar 2024
b'Semrush'
disclosed a bug submitted by
b'a_d_a_m'
b'Exposure of service tokens to webpack bundle'
08 Mar 2024
b'Daimler Truck'
disclosed a bug submitted by
b'0xpaier'
b'Blind xss at https://homologation.omniplus.com/'
08 Mar 2024
b'HackerOne'
disclosed a bug submitted by
b'hillybot__'
b'Program admins could add verified domains to an organization'
07 Mar 2024
b'Semrush'
disclosed a bug submitted by
b'a_d_a_m'
b'IDOR vulnerability reveals additional information'
07 Mar 2024
b'Mozilla Core Services'
disclosed a bug submitted by
b'ryujinx'
b'IDOR on Delete Email address features'
07 Mar 2024
1
2
3
...
689
BY DENIS WERNER - @NOBBD -
IMPRESSUM