REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Monero'
disclosed a bug submitted by
b'minerscan'
b'Array Index Underflow--http rpc'
11 Oct 2021
b'Rocket.Chat'
disclosed a bug submitted by
b'wreiske'
b'Custom crafted message object in Meteor.Call allows remote code execution and impersonation'
11 Oct 2021
b'GitHub Security Lab'
disclosed a bug submitted by
b'someonenobbd'
b'[Java] CWE-200: Query to detect exposure of sensitive information from android file intent'
11 Oct 2021
b'GitHub Security Lab'
disclosed a bug submitted by
b'someonenobbd'
b'[Python] CWE-348: Client supplied ip used in security check'
11 Oct 2021
b'Fastify'
disclosed a bug submitted by
b'drstrnegth'
b"1-click DOS in fastify-static via directly passing user's input to new URL() of NodeJS without try/catch"
11 Oct 2021
b'Fastify'
disclosed a bug submitted by
b'drstrnegth'
b"Open redirect in fastify-static via mishandled user's input when attempt to redirect"
11 Oct 2021
b'GitLab'
disclosed a bug submitted by
b'joaxcar'
b'Privilege escalation of "external user" (with maintainer privilege) to internal access through project token'
11 Oct 2021
b'Mail.ru'
disclosed a bug submitted by
b'melbadry9'
b'CVE-2020-11110: Grafana Unauthenticated Stored XSS - grafana-lms.rsv.bizml.ru'
11 Oct 2021
b'Ubiquiti Inc.'
disclosed a bug submitted by
b'nih8l'
b'XW 6.2.0 firmware: 5 Reflected XSS issues in link.cgi'
10 Oct 2021
b'Ubiquiti Inc.'
disclosed a bug submitted by
b'nih8l'
b'3x Reflected XSS vectors for services.cgi (XM.v6.1.6, build 32290)'
10 Oct 2021
b'Kubernetes'
disclosed a bug submitted by
b'champtar'
b'Man in the middle leading to root privilege escalation using hostNetwork=true (CAP_NET_RAW considered harmful)'
08 Oct 2021
b'Kubernetes'
disclosed a bug submitted by
b'lazydog'
b'SSRF for kube-apiserver cloudprovider scene'
07 Oct 2021
b'Elastic'
disclosed a bug submitted by
b'fdeleite'
b'CVE-2021-40870 on [52.204.160.31]'
06 Oct 2021
b'Zomato'
disclosed a bug submitted by
b'ashoka_rao'
b'Improper Validation at Partners Login'
06 Oct 2021
b'Automattic'
disclosed a bug submitted by
b'ajoekerr'
b'Ability to subscribe to inactive Post+ creators'
05 Oct 2021
b'Acronis'
disclosed a bug submitted by
b'skimask'
b'Domain does not Match SSL Certificate'
05 Oct 2021
b'Acronis'
disclosed a bug submitted by
b'hackipie'
b'No server side check on terms of service page which leads to bypass'
05 Oct 2021
b'Acronis'
disclosed a bug submitted by
b'lu3ky-13'
b'bypass sql injection #1109311'
05 Oct 2021
b'Concrete CMS'
disclosed a bug submitted by
b'bl4de'
b'Stored XSS in Conversations (both client and admin) when Active Conversation Editor is set to "Rich Text"'
04 Oct 2021
b'Concrete CMS'
disclosed a bug submitted by
b'pabl00nicarres'
b'SSRF bypass'
04 Oct 2021
1
...
122
123
124
125
126
...
694
BY DENIS WERNER - @NOBBD -
IMPRESSUM