REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'LINE'
disclosed a bug submitted by
b'reinforchu'
b'Webview address bar spoofing in LINE client for iOS'
15 Sep 2021
b'GitHub Security Lab'
disclosed a bug submitted by
b'luchua'
b'[Java] CWE-079: Query to detect XSS with JavaServer Faces (JSF)'
15 Sep 2021
b'Flickr'
disclosed a bug submitted by
b'asad0x01_'
b'CSRF in Account Deletion feature (https://www.flickr.com/account/delete)'
14 Sep 2021
b'GitHub Security Lab'
disclosed a bug submitted by
b'someonenobbd'
b'[Java]: Add XXE sinks'
14 Sep 2021
b'Valve'
disclosed a bug submitted by
b'slidybat'
b'Buffer overrun in Steam SILK voice decoder'
13 Sep 2021
b'PortSwigger Web Security'
disclosed a bug submitted by
b'thespiritman'
b'No Rate Limit On Regenerate Password on Portswigger'
13 Sep 2021
b'Mattermost'
disclosed a bug submitted by
b'fuzzsqlb0f'
b'Privilege Escalation leading to post in channel without having privilege'
13 Sep 2021
b'Monero'
disclosed a bug submitted by
b'thecharlatan'
b'Unix time unlock_time values have dangerous validation rules enabling a number of exploits'
12 Sep 2021
b'Monero'
disclosed a bug submitted by
b'thecharlatan'
b'Hardware Wallets Do Not Check Unlock TIme'
12 Sep 2021
b'Shopify'
disclosed a bug submitted by
b'jmp_35p'
b'Create free Shopify application credits.'
10 Sep 2021
b'Node.js'
disclosed a bug submitted by
b'pimterry'
b'Built-in TLS module unexpectedly treats "rejectUnauthorized: undefined" as "rejectUnauthorized: false", disabling all certificate validation'
10 Sep 2021
b'Node.js'
disclosed a bug submitted by
b'philippjeitner'
b'Improper handling of untypical characters in domain names'
10 Sep 2021
b'MTN Group'
disclosed a bug submitted by
b'devhug'
b'[play.mtn.co.za] Application level DoS via xmlrpc.php'
10 Sep 2021
b'Mail.ru'
disclosed a bug submitted by
b'savproga'
b'Stored XSS on top.mail.ru'
10 Sep 2021
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'brumens'
b'SQL injection located in `` in POST param `` '
09 Sep 2021
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'miguel_santareno'
b'System Error Reveals SQL Information'
09 Sep 2021
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'lu3ky-13'
b'Sensitive data exposure via https:///jira//secure/QueryComponent!Default.jspa - CVE-2020-14179'
09 Sep 2021
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'fdeleite'
b'XSS due to CVE-2020-3580 []'
09 Sep 2021
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'fdeleite'
b'XSS due to CVE-2020-3580 []'
09 Sep 2021
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'simplyrishabh'
b'Subdomain takeover of '
09 Sep 2021
1
...
125
126
127
128
129
...
693
BY DENIS WERNER - @NOBBD -
IMPRESSUM