REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
58
b'ooooooo_q'
52
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Internet Bug Bounty'
disclosed a bug submitted by
b'ooooooo_q'
b'[CVE-2023-27531] Possible Deserialization of Untrusted Data vulnerability in Kredis JSON'
15 Aug 2023
b'Internet Bug Bounty'
disclosed a bug submitted by
b'ooooooo_q'
b'[CVE-2023-27539] Possible Denial of Service Vulnerability in Racks header parsing'
15 Aug 2023
b'Internet Bug Bounty'
disclosed a bug submitted by
b'addisoncrump'
b' Cargo not respecting umask when extracting crate archives'
15 Aug 2023
b'Node.js'
disclosed a bug submitted by
b'tniessen'
b'Renaming/aliasing relative symbolic links potentially redirects them to supposedly inaccessible locations'
15 Aug 2023
b'Yelp'
disclosed a bug submitted by
b'lil_endian'
b'yelp.com XSS ATO (via login keylogger, link Google account)'
15 Aug 2023
b'Snapchat'
disclosed a bug submitted by
b'jotita3'
b'HTML injection on newsroom.snap.com/* via search?q=1'
14 Aug 2023
b'Nextcloud'
disclosed a bug submitted by
b'fr4via'
b"Path traversal allows tricking the Talk Android app into writing files into it's root directory "
14 Aug 2023
b'ImpressCMS'
disclosed a bug submitted by
b'cyberinsane'
b'SQL Injection in version 1.4.3 and below'
12 Aug 2023
b'Node.js'
disclosed a bug submitted by
b'haxatron1'
b'fs.mkdtemp() and fs.mkdtempSync() are missing getValidatedPath() checks.'
11 Aug 2023
b'Node.js'
disclosed a bug submitted by
b'haxatron1'
b'Permission model bypass by specifying a path traversal sequence in a buffer, '
11 Aug 2023
b'Node.js'
disclosed a bug submitted by
b'haxatron1'
b'Policy-restricted modules can escalate to higher privileges by impersonating other modules in a policy list using module.constructor.createRequire()'
11 Aug 2023
b'Node.js'
disclosed a bug submitted by
b'haxatron1'
b'DNS rebinding in --inspect (again) via invalid IP addresses '
11 Aug 2023
b'Node.js'
disclosed a bug submitted by
b'msvrmiscovet'
b'Node 18 reads openssl.cnf from /home/iojs/build/... upon startup.'
11 Aug 2023
b'IBM'
disclosed a bug submitted by
b'dk4trin'
b'Nginx Alias Traversal - babel.bluetab.net'
11 Aug 2023
b'IBM'
disclosed a bug submitted by
b'tusnj'
b'IDOR in channel ID leads to customer email disclosure on https://video.ibm.com'
11 Aug 2023
b'HackerOne'
disclosed a bug submitted by
b'hackit_bharat'
b'Hackerone All Private Program Name Leaked to Public Via Collaborator OR Attacker can Easily Dump all Private Program Names through Collaborator '
11 Aug 2023
b'HackerOne'
disclosed a bug submitted by
b'todayisnew'
b'RXSS at image.hackerone.live via the `url` parameter'
11 Aug 2023
b'HackerOne'
disclosed a bug submitted by
b'sayaanalam'
b"Create miscellaneous support ticket on anyone's account through support@hackerone.com email"
11 Aug 2023
b'HackerOne'
disclosed a bug submitted by
b'rafsanzami'
b"HackerOne Support System Doesn't Require Any Authentication May Lead Unauthorized Action"
11 Aug 2023
b'Nintendo'
disclosed a bug submitted by
b'crazy_man123'
b'[WiiU/Switch] Remote code execution inside the ENL library'
11 Aug 2023
1
...
61
62
63
64
65
...
730
BY DENIS WERNER - @NOBBD -
IMPRESSUM
