REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
58
b'ooooooo_q'
52
b'haxta4ok00'
49
b'jon_bottarini'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'curl'
disclosed a bug submitted by
b'antypanty'
b'Memory Leak'
10 May 2025
b'Automattic'
disclosed a bug submitted by
b'root_geek280'
b'Race condition on add 1 free domain'
09 May 2025
b'XVIDEOS'
disclosed a bug submitted by
b'samtime'
b'Enable 2FA without verifying the email'
09 May 2025
b'HackerOne'
disclosed a bug submitted by
b'light3r'
b'Ability to access policy and updates for unauthorized program'
08 May 2025
b'curl'
disclosed a bug submitted by
b'oblivionsage'
b'CRLF Injection in `--proxy-header` allows extra HTTP headers (CWE-93)'
08 May 2025
b'Khan Academy'
disclosed a bug submitted by
b'firec4t'
b'Unauthorized Account Access via Leaked Credentials in URL Format (Account Takeover )'
07 May 2025
b'IBM'
disclosed a bug submitted by
b'0x4bdo'
b'Path Traversal Vulnerability found on IBM Cloud'
07 May 2025
b'LinkedIn'
disclosed a bug submitted by
b'nagu123'
b'HTML Injection in LinkedIn Premium Support Chat'
07 May 2025
b'Dust'
disclosed a bug submitted by
b'yoyomiski'
b'BAC Bypass chatbot restrictions via unauthorized mention injection'
06 May 2025
b'curl'
disclosed a bug submitted by
b'evilginx'
b'HTTP/3 Stream Dependency Cycle Exploit'
04 May 2025
b'RubyGems'
disclosed a bug submitted by
b'jagat-singh'
b'`/names.nsf` and all `/names*` files route to public API on rubygems.org'
03 May 2025
b'Fastly VDP'
disclosed a bug submitted by
b'hasn0x'
b'Open Redirect on https://api.fastly.com/'
02 May 2025
b'IBM'
disclosed a bug submitted by
b'muhammadwaseem3'
b'Middleware Authentication Bypass on IBM Portal'
02 May 2025
b'Dust'
disclosed a bug submitted by
b'sjalu'
b'Stored XSS in File Upload Leads to Privilege Escalation and Full Workspace Takeover'
02 May 2025
b'WakaTime'
disclosed a bug submitted by
b'ctrl_cipher'
b'Session Replay Attack Allows Authentication Bypass via Captured Login Responses Allowing Bypass of 429 Too many attempts for Multiple Failed Logins'
01 May 2025
b'Dust'
disclosed a bug submitted by
b'yoyomiski'
b'Privilege Persistence via Cloned Agent'
30 Apr 2025
b'curl'
disclosed a bug submitted by
b'tannicarcher'
b'Double Free Vulnerability in `libcurl` Cookie Management (`cookie.c`)'
29 Apr 2025
b'curl'
disclosed a bug submitted by
b'tannicarcher'
b'Use of a Broken or Risky Cryptographic Algorithm (CWE-327) in libcurl'
29 Apr 2025
b'IBM'
disclosed a bug submitted by
b'thpless'
b'Information disclosure on IBM training service endpoint'
29 Apr 2025
1
2
3
...
726
BY DENIS WERNER - @NOBBD -
IMPRESSUM