REPORTS
PROGRAMS
PUBLISHERS
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Nextcloud'
disclosed a bug submitted by
b'todayisnew'
b'https://xmpp.nextcloud.com///;@www.google.com allows open redirect'
13 Aug 2017
b'Legal Robot'
disclosed a bug submitted by
b'i1ackerone_'
b'Code injection'
12 Aug 2017
b'Starbucks'
disclosed a bug submitted by
b'hiorws'
b'out of date disqus shortname usage in the web app source code'
12 Aug 2017
b'Snapchat'
disclosed a bug submitted by
b'hiorws'
b'[spectacles.com] Bypassing quantity limit in orders'
12 Aug 2017
b'LibSass'
disclosed a bug submitted by
b'geeknik'
b'heap-use-after-free in Sass::SharedPtr::incRefCount()'
10 Aug 2017
b'Apache httpd (IBB)'
disclosed a bug submitted by
b'javier_sensepost'
b'ap_find_token() Buffer Overread'
10 Aug 2017
b'Brave Software'
disclosed a bug submitted by
b'ranjith16'
b'Brave: Admin Panel Access'
10 Aug 2017
b'Brave Software'
disclosed a bug submitted by
b'sumit'
b'Brave payments remembers history even after clearing all browser data.'
10 Aug 2017
b'Brave Software'
disclosed a bug submitted by
b'konduru-jashwanth'
b'Remote Stack Overflow Vulnerability (DoS)'
10 Aug 2017
b'Brave Software'
disclosed a bug submitted by
b'cybr0'
b'homograph-attack (unicode vuln)'
10 Aug 2017
b'Brave Software'
disclosed a bug submitted by
b'dhiraj-mishra'
b'Clickjacking or URL Masking '
10 Aug 2017
b'Brave Software'
disclosed a bug submitted by
b'paulos_'
b'Command Execution because of extension handling'
10 Aug 2017
b'Brave Software'
disclosed a bug submitted by
b'seifelsallamy'
b'links the user may download can be a malicious files'
10 Aug 2017
b'Brave Software'
disclosed a bug submitted by
b'xifengweiyu'
b'Address bar spoofing in Brave browser via. window close warnings'
10 Aug 2017
b'Brave Software'
disclosed a bug submitted by
b'xifengweiyu'
b'[iOS] URL can be replaceState by blob URL in iOS Brave'
10 Aug 2017
b'WakaTime'
disclosed a bug submitted by
b'reydd'
b'[Privilege Escalation] Authenticated users can manipulate others fullname without their knowledge [Team Vector]'
10 Aug 2017
b'WakaTime'
disclosed a bug submitted by
b'reydd'
b'[Privilege Escalation] Authenticated users can manipulate others fullname without their knowledge'
10 Aug 2017
b'ownCloud'
disclosed a bug submitted by
b'utkarsh123'
b'This is not the security issue.'
09 Aug 2017
b'Zomato'
disclosed a bug submitted by
b'iampwned'
b'Bypass OTP verification when placing Order'
09 Aug 2017
b'Ubiquiti Networks'
disclosed a bug submitted by
b'thenickdude'
b'Ability to log in as any user without authentication if ????????? is empty'
08 Aug 2017
1
...
555
556
557
558
559
...
769
BY DENIS WERNER - @NOBBD -
IMPRESSUM