REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
83
b'linkks'
75
b'jobert'
70
b'nyymi'
62
b'someonenobbd'
62
b'ooooooo_q'
54
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Node.js'
disclosed a bug submitted by
b'haxatron1'
b'The use of __proto__ in process.mainModule.__proto__.require() bypasses the permission system in Node v19.6.1'
20 Jul 2023
b'LinkedIn'
disclosed a bug submitted by
b'them4les_l1r'
b'Ad Account Takeover'
20 Jul 2023
b'Mozilla Core Services'
disclosed a bug submitted by
b'quikke'
b'[Hubs] - Broken access control in placing objects in hubs room'
20 Jul 2023
b'Bitwarden'
disclosed a bug submitted by
b'rink_'
b'Bypass for forced re-authentication upon biometrics change'
19 Jul 2023
b'Ruby'
disclosed a bug submitted by
b'piao'
b'heap-buffer-overflow in gc_writebarrier_incremental'
19 Jul 2023
b'Ruby'
disclosed a bug submitted by
b'sighook'
b'RDoc::MethodAttr is vulnerable to Regular Expression Denial of Service (ReDoS)'
18 Jul 2023
b'Ruby'
disclosed a bug submitted by
b'sighook'
b'Arbitrary file injection via symlink attack in rdoc generator'
18 Jul 2023
b'Ruby'
disclosed a bug submitted by
b'sighook'
b'XSS exploit of RDoc documentation generated by rdoc'
18 Jul 2023
b'Ruby'
disclosed a bug submitted by
b'sighook'
b'XSS exploit of RDoc documentation generated by rdoc (CVE-2013-0256)'
18 Jul 2023
b'Ruby'
disclosed a bug submitted by
b'sighook'
b'Stored XSS in RDoc hyperlinks through javascript scheme'
18 Jul 2023
b'Ruby'
disclosed a bug submitted by
b'ooooooo_q'
b'XSS in HTML generated by RDoc'
18 Jul 2023
b'Teleport'
disclosed a bug submitted by
b'notme404'
b'robots.txt file '
17 Jul 2023
b'Unikrn'
disclosed a bug submitted by
b'miquinho'
b'An IDOR that can lead to enumeration of a user and disclosure of email and phone number within cashier'
17 Jul 2023
b'Nord Security'
disclosed a bug submitted by
b'tlsh1'
b'Subscription check bypass of NordVPN service '
17 Jul 2023
b'Nextcloud'
disclosed a bug submitted by
b'polapain1337'
b'Brute force protection allows to send more requests than intended'
13 Jul 2023
b'Internet Bug Bounty'
disclosed a bug submitted by
b'sw0rd1ight'
b'CVE-2023-28710 Apache Airflow Spark Provider Arbitrary File Read via JDBC'
12 Jul 2023
b'TikTok'
disclosed a bug submitted by
b'zerody'
b'CSRF protection bypass on TikTok Webcast Endpoints'
12 Jul 2023
b'HackerOne'
disclosed a bug submitted by
b'the_arch_angel'
b'Asset Inventory Internal Descriptions are leaked in CSV export'
12 Jul 2023
b'Tennessee Valley Authority'
disclosed a bug submitted by
b'dreamer_eh'
b'Rate limit missing sign-in page'
11 Jul 2023
b'HackerOne'
disclosed a bug submitted by
b'nagli'
b'2M Reports on HackerOne Celebration! - Ability to bulk-submit many reports.'
11 Jul 2023
1
...
73
74
75
76
77
...
738
BY DENIS WERNER - @NOBBD -
IMPRESSUM
