REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
81
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
60
b'ooooooo_q'
54
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Nintendo'
disclosed a bug submitted by
b'crazy_man123'
b'[MK8DX] Improper ranking/replay file parsing'
06 Jul 2025
b'curl'
disclosed a bug submitted by
b'zzq1015'
b'TLS Cipher Misconfiguration in HTTP/3/QUIC Support'
06 Jul 2025
b'curl'
disclosed a bug submitted by
b'skrcprst'
b"CRLF injection in libcurl's SMTP client via --mail-from and --mail-rcpt allows SMTP command smuggling"
03 Jul 2025
b'Mozilla'
disclosed a bug submitted by
b'northsea'
b'MozillaVPN: Elevation of Privilege via a Logic Vulnerability'
03 Jul 2025
b'Mozilla'
disclosed a bug submitted by
b'northsea'
b'MozillaVPN: Elevation of Privilege via a Race Condition Vulnerability'
03 Jul 2025
b'Mozilla'
disclosed a bug submitted by
b'martinvw'
b'Subdomain takeover on live.firefox.com'
03 Jul 2025
b'curl'
disclosed a bug submitted by
b'stogusho'
b"curl doesn't hide credentials in /proc/XXX/cmdline provided via CLI arguments"
03 Jul 2025
b'curl'
disclosed a bug submitted by
b'justlikebono_official'
b'Elevation of Privileges (EoP) vulnerabilities related to the some easy_options on Windows'
03 Jul 2025
b'curl'
disclosed a bug submitted by
b'voggerloops'
b'Authorization Header Leak via --location-trusted in Curl'
03 Jul 2025
b'curl'
disclosed a bug submitted by
b'catenacyber'
b'Memory leak of ftp (with proxy reuse)'
01 Jul 2025
b'curl'
disclosed a bug submitted by
b'alphox'
b'HTTP Proxy Bypass via `CURLOPT_CUSTOMREQUEST` Verb Tunneling'
01 Jul 2025
b'curl'
disclosed a bug submitted by
b'evilginx1'
b'Speculative Execution Side-Channel in `curl` '
01 Jul 2025
b'curl'
disclosed a bug submitted by
b'demsese'
b'arbitrary file read via `file://` path traversal with `--path-as-is`'
01 Jul 2025
b'curl'
disclosed a bug submitted by
b'freak_coding'
b'Heap buffer overflow vulnerability in conncache.c: incorrect use of pointer arrays resulting in out-of-bounds memory writes.'
01 Jul 2025
b'curl'
disclosed a bug submitted by
b'wolfsage'
b'curl -OJ allows creating custom .curlrc file which allows exfiltrating private data, among other things'
01 Jul 2025
b'curl'
disclosed a bug submitted by
b'wolfsage'
b'curl_easy_header runs at O(N) or worse and can be abused to use minute(s) of CPU time'
01 Jul 2025
b'curl'
disclosed a bug submitted by
b'oicus'
b'[High] MITM via Insecure CA Path Handling in cURL (--capath, CURLOPT_CAPATH) (CWE-494: Download of Code Without Integrity Check)'
30 Jun 2025
b'curl'
disclosed a bug submitted by
b'oicus'
b'[High] Arbitrary File Write via Path Traversal in cURL CLI (`-o`, `--output`) (CWE-22: Improper Limitation of a Pathname to a Restricted Directory)'
30 Jun 2025
b'curl'
disclosed a bug submitted by
b'redfoxsec'
b'Potential XSS vector in curl via unsanitized URL parameter handling'
30 Jun 2025
b'curl'
disclosed a bug submitted by
b'tdp3kel9g'
b'Double free caused by mqtt_doing()'
30 Jun 2025
1
2
3
4
...
733
BY DENIS WERNER - @NOBBD -
IMPRESSUM