REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
84
b'linkks'
75
b'jobert'
70
b'nyymi'
67
b'someonenobbd'
62
b'ooooooo_q'
54
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Hiro'
disclosed a bug submitted by
b'frozensolid'
b'Blockstack Browser For Mac leaks "Core API Password" to 3rd parties'
31 Oct 2025
b'Hiro'
disclosed a bug submitted by
b'anonymous--1000'
b'Logout Bypass Vulnerability in Hiro.so'
31 Oct 2025
b'curl'
disclosed a bug submitted by
b'sagorhawlader'
b'Buffer over-read,, Missing NUL termination in addvariable() causes undefined behavior'
31 Oct 2025
b'curl'
disclosed a bug submitted by
b'abdullah-107'
b'SOCKS5 Heap Buffer Overflow via Malicious HTTP Redirect with Oversized Hostname'
31 Oct 2025
b'curl'
disclosed a bug submitted by
b'exploitguru101'
b'Logical Flaw in curl_url_set Leads to Inconsistent Query Parameter Encoding'
29 Oct 2025
b'curl'
disclosed a bug submitted by
b'tjbecker_theori'
b'Memory leak in Curl_auth_create_ntlm_type3_message'
28 Oct 2025
b'curl'
disclosed a bug submitted by
b'geeknik'
b'curls persistence files inherit world-readable/writable perms from umask, leaking and tampering with cookies/HSTS/Alt-Svc caches'
28 Oct 2025
b'curl'
disclosed a bug submitted by
b'max_from_secmate'
b'libcurl MQTT PUBLISH length overflow (heap overflow)'
28 Oct 2025
b'curl'
disclosed a bug submitted by
b'nyymi'
b'Cookie exposure due to unexpected file permission change'
27 Oct 2025
b'curl'
disclosed a bug submitted by
b'sippysir'
b'CURLX_SET_BINMODE(NULL) can call fileno(NULL) and cause undefined behavior / crash'
27 Oct 2025
b'curl'
disclosed a bug submitted by
b'asdkjhasldkjahslfdkjfa'
b'Integer Overflow to Heap Overflow in DoH Response Handling'
25 Oct 2025
b'Revive Adserver'
disclosed a bug submitted by
b'kanon4'
b"Error-Based & Time-Based SQL Injection in 'keyword' Parameter of admin-search.php Allowing Full Database Access in Revive Adserver v6.0.0"
24 Oct 2025
b'curl'
disclosed a bug submitted by
b'idris_0x'
b'Use of Deprecated strcpy() with User-Controlled Environment Variable in Memory Debug Initialization'
22 Oct 2025
b'curl'
disclosed a bug submitted by
b'idris_0x'
b'Use of Deprecated strcpy() with Fixed-Size Buffers in Progress Time Formatting'
22 Oct 2025
b'Revive Adserver'
disclosed a bug submitted by
b'env_bak'
b'Reflected Cross-Site Scripting (XSS) in Revive Adserver 5.5.2'
22 Oct 2025
b'SingleStore'
disclosed a bug submitted by
b'axolot23'
b'2FA bypass possible on https://authsvc.singlestore.com'
22 Oct 2025
b'curl'
disclosed a bug submitted by
b'aybanda'
b'Buffer Overflow in WebSocket Handshake (lib/ws.c:1287)'
21 Oct 2025
b'arkadiyt-projects'
disclosed a bug submitted by
b'newby99'
b'DNS Rebinding Attack'
19 Oct 2025
b'arkadiyt-projects'
disclosed a bug submitted by
b'newby99'
b'Arbitrary File Write'
19 Oct 2025
b'Discourse'
disclosed a bug submitted by
b'theteatoast'
b'Application Level DoS - Large Markdown Payload in Reply Section Leading to Resource Exhaustion'
18 Oct 2025
1
...
10
11
12
13
14
...
752
BY DENIS WERNER - @NOBBD -
IMPRESSUM
