REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Mattermost'
disclosed a bug submitted by
b'thesecuritydev'
b'DoS via large console messages'
29 Apr 2022
b'Internet Bug Bounty'
disclosed a bug submitted by
b'nyymi'
b'CVE-2022-27776: Auth/cookie leak on redirect'
29 Apr 2022
b'Internet Bug Bounty'
disclosed a bug submitted by
b'nyymi'
b'CVE-2022-27775: Bad local IPv6 connection reuse'
29 Apr 2022
b'Internet Bug Bounty'
disclosed a bug submitted by
b'nyymi'
b'CVE-2022-27774: Credential leak on redirect'
29 Apr 2022
b'8x8'
disclosed a bug submitted by
b'bx_1'
b' subdomain takeover (abandoned Zendesk .easycontactnow.com)'
28 Apr 2022
b'GitLab'
disclosed a bug submitted by
b'ec0'
b'Container escape on public GitLab CI runners'
27 Apr 2022
b'curl'
disclosed a bug submitted by
b'nyymi'
b'CVE-2022-27776: Auth/cookie leak on redirect '
27 Apr 2022
b'curl'
disclosed a bug submitted by
b'nyymi'
b'CVE-2022-27775: Bad local IPv6 connection reuse'
27 Apr 2022
b'curl'
disclosed a bug submitted by
b'nyymi'
b'CVE-2022-27774: Credential leak on redirect'
27 Apr 2022
b'Tennessee Valley Authority'
disclosed a bug submitted by
b'yassinek3ch'
b'SQL Injection on https://soa-accp.glbx.tva.gov/ via "/api/" path - VI-21-015'
26 Apr 2022
b'Judge.me '
disclosed a bug submitted by
b'glister'
b'Stored XSS in "product type" field executed via product filters'
26 Apr 2022
b'Basecamp'
disclosed a bug submitted by
b'ian'
b'RCE via exposed JMX server on jabber.37signals.com/jabber.basecamp.com'
26 Apr 2022
b'Nutanix'
disclosed a bug submitted by
b'tosun'
b'Local file disclosure through SSRF at next.nutanix.com'
25 Apr 2022
b'Krisp'
disclosed a bug submitted by
b'sammam'
b"Force User to Accept Attacker's invite [ Restrict user to create account]"
25 Apr 2022
b'Krisp'
disclosed a bug submitted by
b'razahack'
b'Visibility Robots.txt file'
25 Apr 2022
b'Shopify'
disclosed a bug submitted by
b'danishalkatiri'
b'Xss triggered in Your-store.myshopify.com/myshopify.com/admin/apps/shopify-email/editor/****'
25 Apr 2022
b'curl'
disclosed a bug submitted by
b'nyymi'
b'CURLOPT_SSH_HOST_PUBLIC_KEY_SHA256 comparison disaster'
25 Apr 2022
b'curl'
disclosed a bug submitted by
b'nyymi'
b'CURLOPT_SSH_HOST_PUBLIC_KEY_MD5 bypass if string not 32 chars'
25 Apr 2022
b'curl'
disclosed a bug submitted by
b'nyymi'
b'--libcurl code injection via trigraphs'
24 Apr 2022
b'Internet Bug Bounty'
disclosed a bug submitted by
b'palmeral'
b' Renderers can obtain access to random bluetooth device without permission'
23 Apr 2022
1
...
89
90
91
92
93
...
694
BY DENIS WERNER - @NOBBD -
IMPRESSUM