REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'LinkedIn'
disclosed a bug submitted by
b'marvelmaniac'
b'CSRF that makes any linkedin user follow attacker controlled accounts by simply clicking https://www.linkedin.com/comm/mynetwork/discovery-see-all/*'
06 Dec 2023
b'LinkedIn'
disclosed a bug submitted by
b'marvelmaniac'
b'CSRF that makes any user send invitations to the attacker by simply clicking on a link.'
06 Dec 2023
b'curl'
disclosed a bug submitted by
b'nyymi'
b'CVE-2023-46218: cookie mixed case PSL bypass'
06 Dec 2023
b'GitHub'
disclosed a bug submitted by
b'inspector-ambitious'
b'Rogue collaborators and ambiguous branch names in GitHub'
05 Dec 2023
b'IBM'
disclosed a bug submitted by
b'sajidraza'
b'Unauthenticated Remote Access to Testing Endpoint'
04 Dec 2023
b'Internet Bug Bounty'
disclosed a bug submitted by
b'tniessen'
b'Integrity checks according to policies can be circumvented in Node.js 20 and Node.js 18'
30 Nov 2023
b'Tennessee Valley Authority'
disclosed a bug submitted by
b'mohs3n'
b'access to profile & reset password page without authentication'
30 Nov 2023
b'Tennessee Valley Authority'
disclosed a bug submitted by
b'mohs3n'
b'captcha bypass leads to register multiple user with one valid captcha'
30 Nov 2023
b'Tennessee Valley Authority'
disclosed a bug submitted by
b'mohs3n'
b'internal path disclosure via register error'
30 Nov 2023
b'Tennessee Valley Authority'
disclosed a bug submitted by
b'mohs3n'
b'Incorrect Authorization leads to see other users Documents Uploaded'
30 Nov 2023
b'Internet Bug Bounty'
disclosed a bug submitted by
b'tniessen'
b'Permission model improperly protects against path traversal in Node.js 20'
30 Nov 2023
b'Internet Bug Bounty'
disclosed a bug submitted by
b'mattaustin'
b'Permissions policies can be bypassed via Module._load and require.extensions (High) (CVE-2023-30587)'
30 Nov 2023
b'Internet Bug Bounty'
disclosed a bug submitted by
b'0xt4req'
b'CVE-2023-47037: Airflow Broken Access Control Vulnerability'
29 Nov 2023
b'Internet Bug Bounty'
disclosed a bug submitted by
b'mprogrammer'
b'CVE-2023-46695: Potential denial of service vulnerability in UsernameField on Windows'
29 Nov 2023
b'GitHub'
disclosed a bug submitted by
b'inspector-ambitious'
b'Git Reference Ambiguity in GitHub - Commit Smuggling, Account Takeover, and Remote Code Execution'
29 Nov 2023
b'Internet Bug Bounty'
disclosed a bug submitted by
b'balis0ng'
b'CVE-2023-42780: Apache Airflow: Improper access control vulnerability in the "List dag warnings" feature'
29 Nov 2023
b'Internet Bug Bounty'
disclosed a bug submitted by
b'klexadoc'
b'Secrets can be unmasked in the "Rendered Template"'
29 Nov 2023
b'Mozilla Critical Services'
disclosed a bug submitted by
b'yakirka'
b'Mozilla FuzzManager API Token Exposed in Git Commit'
29 Nov 2023
b'Tor'
disclosed a bug submitted by
b'newfunction'
b'Potential IP revealing using UNC Path in Windows File Picker'
28 Nov 2023
b'Tor'
disclosed a bug submitted by
b'wiloos'
b'SQL Injection in parameter REPORT'
28 Nov 2023
1
...
12
13
14
15
16
...
693
BY DENIS WERNER - @NOBBD -
IMPRESSUM