REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'GitHub Security Lab'
disclosed a bug submitted by
b'jessforfun'
b'[Python]: Add shutil module sinks for path injection query'
30 Mar 2022
b'GitHub Security Lab'
disclosed a bug submitted by
b'artem'
b'Java: An experimental query for ignored hostname verification'
30 Mar 2022
b'GitHub Security Lab'
disclosed a bug submitted by
b'luchua'
b'[Java]: CWE-073 - File path injection with the JFinal framework'
30 Mar 2022
b'GitHub Security Lab'
disclosed a bug submitted by
b'ihsinme'
b'CPP: Add query for CWE-266 Incorrect Privilege Assignment'
30 Mar 2022
b'GitHub Security Lab'
disclosed a bug submitted by
b'luchua'
b'[C#] CWE-759: Query to detect password hash without a salt'
30 Mar 2022
b'GitHub Security Lab'
disclosed a bug submitted by
b'porcupineyhairs'
b'Java : Add query to detect Server Side Template Injection (SSTI)'
30 Mar 2022
b'GitHub Security Lab'
disclosed a bug submitted by
b'museljh'
b'Python: CWE-338 insecureRandomness'
30 Mar 2022
b'GitHub Security Lab'
disclosed a bug submitted by
b'farid_hunter'
b'[Java]: Timing attacks while comparing the headers value'
30 Mar 2022
b'GitHub Security Lab'
disclosed a bug submitted by
b'p0wn4j'
b'[Java]: Add JDBC connection SSRF sinks'
30 Mar 2022
b'GitHub Security Lab'
disclosed a bug submitted by
b'jorgectf'
b'[Python]: CWE-611: XXE'
30 Mar 2022
b'GitHub Security Lab'
disclosed a bug submitted by
b'ihsinme'
b'CPP: Add query for CWE-377 Insecure Temporary File'
30 Mar 2022
b'GitHub Security Lab'
disclosed a bug submitted by
b'luchua'
b'[Java]: CWE-200 - Query to detect insecure WebResourceResponse implementation'
30 Mar 2022
b'Stripo Inc'
disclosed a bug submitted by
b'whoisbinit'
b'Upload Profile Photo in any folder you want with any extension you want'
30 Mar 2022
b'Stripo Inc'
disclosed a bug submitted by
b'andformod'
b'Insecure Storage and Overly Permissive API Keys'
30 Mar 2022
b'Stripo Inc'
disclosed a bug submitted by
b'0xkira'
b'Ability to use premium templates as free user via https://stripo.email/templates/?utm_source=viewstripo&utm_medium=referral'
30 Mar 2022
b'Twitter'
disclosed a bug submitted by
b'aymen_mansour'
b'Identify the mobile number of a twitter user'
29 Mar 2022
b'Evernote'
disclosed a bug submitted by
b'hulkvision_'
b'2 click Remote Code execution in Evernote Android'
29 Mar 2022
b'curl'
disclosed a bug submitted by
b'jenny'
b'Denial of Service vulnerability in curl when parsing MQTT server response'
28 Mar 2022
b'Shopify'
disclosed a bug submitted by
b'0xd0m7'
b'EC2 Takeover at turn.shopify.com'
28 Mar 2022
b'Basecamp'
disclosed a bug submitted by
b'danielllewellyn'
b'Able to steal bearer token from deep link'
27 Mar 2022
1
...
92
93
94
95
96
...
692
BY DENIS WERNER - @NOBBD -
IMPRESSUM