REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
84
b'linkks'
75
b'jobert'
70
b'nyymi'
64
b'someonenobbd'
62
b'ooooooo_q'
54
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Mars'
disclosed a bug submitted by
b'ramzanrl'
b'Jolokia Reflected XSS '
27 Oct 2022
b'curl'
disclosed a bug submitted by
b'kurohiro'
b'CVE-2022-42916: HSTS bypass via IDN'
27 Oct 2022
b'curl'
disclosed a bug submitted by
b'kurohiro'
b'CVE-2022-35260: .netrc parser out-of-bounds access'
27 Oct 2022
b'Gymshark'
disclosed a bug submitted by
b'a-p0c'
b"Subdomain takeover on 'de-headless.staging.gymshark.com'"
27 Oct 2022
b'Node.js'
disclosed a bug submitted by
b'bnoordhuis'
b'Weak randomness in WebCrypto keygen'
26 Oct 2022
b'Node.js'
disclosed a bug submitted by
b'vvx7'
b'HTTP Request Smuggling Due to Incorrect Parsing of Header Fields'
26 Oct 2022
b'Node.js'
disclosed a bug submitted by
b'haxatron1'
b'CVE-2022-32213 bypass via obs-fold mechanic'
26 Oct 2022
b'Node.js'
disclosed a bug submitted by
b'mhdawson'
b'Node 18 reads openssl.cnf from /home/iojs/build/... upon startup on MacOS'
26 Oct 2022
b'Node.js'
disclosed a bug submitted by
b'shacharm'
b'HTTP Request Smuggling Due to Incorrect Parsing of Multi-line Transfer-Encoding (improper fix for CVE-2022-32215)'
26 Oct 2022
b'PortSwigger Web Security'
disclosed a bug submitted by
b'xctzn'
b'Business Logic, currency arbitrage - Possibility to pay less than the price in USD'
26 Oct 2022
b'Adobe'
disclosed a bug submitted by
b'webcipher101'
b'Reflected Cross site scripting via Swagger UI'
25 Oct 2022
b'Linktree'
disclosed a bug submitted by
b'dewcode91'
b'A malicious admin can be able to permanently disable a Owner(Admin) to access his account'
25 Oct 2022
b'TikTok'
disclosed a bug submitted by
b'tw4v3sx'
b'Remotely Accessible Container Advisor exposed performance metrics and resource usage'
24 Oct 2022
b'Lark Technologies'
disclosed a bug submitted by
b'snapsec'
b"IDOR Allows Viewer to Delete Bin's Files"
24 Oct 2022
b'Lark Technologies'
disclosed a bug submitted by
b'snapsec'
b'Viewer is able to leak the previous versions of the file'
24 Oct 2022
b'Yelp'
disclosed a bug submitted by
b'whitehacker18'
b'installed.json sensitive file was publicly accessible on your web application which discloses information about authors and admins '
22 Oct 2022
b'U.S. General Services Administration'
disclosed a bug submitted by
b'ahmed0x0mahmoud'
b'access nagios dashboard using default credentials in ** omon1.fpki.gov, 3.220.248.203**'
21 Oct 2022
b'Krisp'
disclosed a bug submitted by
b'n0_m3rcy'
b'Full payment bypass to use premium subscription.'
21 Oct 2022
b'Hyperledger'
disclosed a bug submitted by
b'shakedreiner'
b'POOL_UPGRADE request handler may allow an unauthenticated attacker to remotely execute code on every node in the network. '
20 Oct 2022
b'Lark Technologies'
disclosed a bug submitted by
b'imran_nisar'
b'Removed user can still view comments on the file/documents.'
20 Oct 2022
1
...
109
110
111
112
113
...
742
BY DENIS WERNER - @NOBBD -
IMPRESSUM
