REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
83
b'linkks'
75
b'jobert'
70
b'nyymi'
62
b'someonenobbd'
62
b'ooooooo_q'
54
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Reddit'
disclosed a bug submitted by
b'zqyzoid'
b'Moderators can send messages to users from banned subreddits via `oauth.reddit.com/api/mod/conversations`'
04 Jul 2022
b'Nextcloud'
disclosed a bug submitted by
b'rtod'
b'Federated editing allows iframing possibly malicious remotes'
02 Jul 2022
b'HackerOne'
disclosed a bug submitted by
b'jobert'
b'June 2022 Incident Report'
01 Jul 2022
b'Omise'
disclosed a bug submitted by
b'zombieesshx'
b'Unauthorized Access - downgraded admin roles to none can still edit projects through brupsuite'
01 Jul 2022
b'Brave Software'
disclosed a bug submitted by
b'tabaahi'
b'Open redirect found on account.brave.com'
30 Jun 2022
b'Brave Software'
disclosed a bug submitted by
b'd3f4u17'
b'Arbitrary file download via "Save .torrent file" option can lead to Client RCE and XSS'
30 Jun 2022
b'Brave Software'
disclosed a bug submitted by
b'd3f4u17'
b'Arbitrary file download due to bad handling of Redirects in WebTorrent'
30 Jun 2022
b'Brave Software'
disclosed a bug submitted by
b'd3f4u17'
b'Redirecting users to malicious torrent-files/websites using WebTorrent'
30 Jun 2022
b'Brave Software'
disclosed a bug submitted by
b'abhinavsecondary'
b'Browser is not following proper flow for redirection cause open redirect '
30 Jun 2022
b'TikTok'
disclosed a bug submitted by
b'aidilarf_2000'
b'XSS Payload on TikTok Seller Center endpoint'
29 Jun 2022
b'Internet Bug Bounty'
disclosed a bug submitted by
b'nyymi'
b'CVE-2022-32208: FTP-KRB bad message verification'
27 Jun 2022
b'Internet Bug Bounty'
disclosed a bug submitted by
b'nyymi'
b'CVE-2022-32206: HTTP compression denial of service'
27 Jun 2022
b'Internet Bug Bounty'
disclosed a bug submitted by
b'nyymi'
b'CVE-2022-32205: Set-Cookie denial of service'
27 Jun 2022
b'Internet Bug Bounty'
disclosed a bug submitted by
b'nyymi'
b'CVE-2022-32207: Unpreserved file permissions'
27 Jun 2022
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'ahmd_halabi'
b'Unauthorized Access to Internal Server Panel without Authentication'
27 Jun 2022
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'mdakh404'
b'Reflected XSS via `` parameter'
27 Jun 2022
b'Cloudflare Public Bug Bounty'
disclosed a bug submitted by
b'albertspedersen'
b'HTTP request smuggling with Origin Rules using newlines in the host_header action parameter'
27 Jun 2022
b'Cloudflare Public Bug Bounty'
disclosed a bug submitted by
b'bombon'
b'Bypassing Cache Deception Armor using .avif extension file'
27 Jun 2022
b'Cloudflare Public Bug Bounty'
disclosed a bug submitted by
b'mattipv4'
b'Sign in with Apple generates long-life JWTs, seemingly irrevocable, that grant immediate access to accounts'
27 Jun 2022
b'Cloudflare Public Bug Bounty'
disclosed a bug submitted by
b'mattipv4'
b'Sign in with Apple works on existing accounts, bypasses 2FA'
27 Jun 2022
1
...
123
124
125
126
127
...
738
BY DENIS WERNER - @NOBBD -
IMPRESSUM
