REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
83
b'linkks'
75
b'jobert'
70
b'nyymi'
62
b'someonenobbd'
62
b'ooooooo_q'
54
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Legal Robot'
disclosed a bug submitted by
b'aneeskhan'
b'External links should be served in HTTPS.'
19 Oct 2017
b'Tor'
disclosed a bug submitted by
b'tomvg'
b'languagechange event fires simultaneously on all tabs'
19 Oct 2017
b'Mail.Ru'
disclosed a bug submitted by
b't-pwn'
b'Clickjacking Full account takeover and editing the personal information at [account.my.com]'
19 Oct 2017
b'Tor'
disclosed a bug submitted by
b'dhiraj-mishra'
b'Enforce minimum master password complexity'
19 Oct 2017
b'Tor'
disclosed a bug submitted by
b'guido'
b'libevent (stack) buffer overflow in evutil_parse_sockaddr_port'
19 Oct 2017
b'Tor'
disclosed a bug submitted by
b'guido'
b'[tor] libevent dns remote stack overread vulnerability'
19 Oct 2017
b'Tor'
disclosed a bug submitted by
b'guido'
b'smartlist_add, smartlist_insert (may) cause heap corruption as a result of inadequate checks in smartlist_ensure_capacity'
19 Oct 2017
b'Tor'
disclosed a bug submitted by
b'guido'
b'Heap corruption via memarea.c'
19 Oct 2017
b'Tor'
disclosed a bug submitted by
b'guido'
b'[tor] libevent dns OOB read'
19 Oct 2017
b'Tor'
disclosed a bug submitted by
b'guido'
b'[tor] control connection pre-auth DoS (infinite loop) with --enable-bufferevents'
19 Oct 2017
b'Tor'
disclosed a bug submitted by
b'guido'
b'potential memory corruption in or/buffers.c (particularly on 32 bit)'
19 Oct 2017
b'Tor'
disclosed a bug submitted by
b'guido'
b'Overreads/overcopies in torsocks'
19 Oct 2017
b'Inflection'
disclosed a bug submitted by
b'raghavendra'
b'No password confirmation on changing primary email address'
18 Oct 2017
b'Gratipay'
disclosed a bug submitted by
b'myster'
b'Broken link for stale DNS entry may be leveraged for Phishing, Misinformation, Serving Malware'
18 Oct 2017
b'GitLab'
disclosed a bug submitted by
b'ysx'
b'[Markdown] Stored XSS via character encoding parser bypass'
18 Oct 2017
b'Lyst'
disclosed a bug submitted by
b'tripwire'
b'SSRF at iris.lystit.com'
18 Oct 2017
b'Vimeo'
disclosed a bug submitted by
b'opnsec'
b'Watch any Password Video without password'
18 Oct 2017
b'Vimeo'
disclosed a bug submitted by
b'opnsec'
b'OAuth 2 Authorization Bypass via CSRF and Cross Site Flashing'
18 Oct 2017
b'Vimeo'
disclosed a bug submitted by
b'opnsec'
b'Images and Subtitles Leakage from private videos'
18 Oct 2017
b'CodeIgniter'
disclosed a bug submitted by
b'hackerneo'
b'If the developer forgets to remove the built in controller welcome.php it helps the attacker to identify that the site is built with Codeigniter'
18 Oct 2017
1
...
503
504
505
506
507
...
738
BY DENIS WERNER - @NOBBD -
IMPRESSUM
