REPORTS
PROGRAMS
PUBLISHERS
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Krisp'
disclosed a bug submitted by
b'n0_m3rcy'
b'Authentication bypass for leads to take over any users account.'
31 Oct 2022
b'Linktree'
disclosed a bug submitted by
b'sudi'
b'XSS in SocialIcon Link'
31 Oct 2022
b'MTN Group'
disclosed a bug submitted by
b'lu3ky-13'
b'Cross-Site Request Forgery (CSRF) to xss'
30 Oct 2022
b'MTN Group'
disclosed a bug submitted by
b'lu3ky-13'
b'Cross-site Scripting (XSS) - Reflected'
30 Oct 2022
b'Lark Technologies'
disclosed a bug submitted by
b'snapsec'
b'Accessing/Editing Folders of Other Users in the Orginisation.'
29 Oct 2022
b'Lark Technologies'
disclosed a bug submitted by
b'snapsec'
b'Privilege Escalation to All-staff group'
28 Oct 2022
b'Adobe'
disclosed a bug submitted by
b'dreamer_eh'
b'HTML INJECTION FOUND ON https://adobedocs.github.io/analytics-1.4-apis/swagger-docs.html DUE TO OUTDATED SWAGGER UI'
28 Oct 2022
b'Mars'
disclosed a bug submitted by
b'ramzanrl'
b'Jolokia Reflected XSS '
27 Oct 2022
b'curl'
disclosed a bug submitted by
b'kurohiro'
b'CVE-2022-42916: HSTS bypass via IDN'
27 Oct 2022
b'curl'
disclosed a bug submitted by
b'kurohiro'
b'CVE-2022-35260: .netrc parser out-of-bounds access'
27 Oct 2022
b'Gymshark'
disclosed a bug submitted by
b'a-p0c'
b"Subdomain takeover on 'de-headless.staging.gymshark.com'"
27 Oct 2022
b'Node.js'
disclosed a bug submitted by
b'bnoordhuis'
b'Weak randomness in WebCrypto keygen'
26 Oct 2022
b'Node.js'
disclosed a bug submitted by
b'vvx7'
b'HTTP Request Smuggling Due to Incorrect Parsing of Header Fields'
26 Oct 2022
b'Node.js'
disclosed a bug submitted by
b'haxatron1'
b'CVE-2022-32213 bypass via obs-fold mechanic'
26 Oct 2022
b'Node.js'
disclosed a bug submitted by
b'mhdawson'
b'Node 18 reads openssl.cnf from /home/iojs/build/... upon startup on MacOS'
26 Oct 2022
b'Node.js'
disclosed a bug submitted by
b'shacharm'
b'HTTP Request Smuggling Due to Incorrect Parsing of Multi-line Transfer-Encoding (improper fix for CVE-2022-32215)'
26 Oct 2022
b'PortSwigger Web Security'
disclosed a bug submitted by
b'xctzn'
b'Business Logic, currency arbitrage - Possibility to pay less than the price in USD'
26 Oct 2022
b'Adobe'
disclosed a bug submitted by
b'webcipher101'
b'Reflected Cross site scripting via Swagger UI'
25 Oct 2022
b'Linktree'
disclosed a bug submitted by
b'dewcode91'
b'A malicious admin can be able to permanently disable a Owner(Admin) to access his account'
25 Oct 2022
b'TikTok'
disclosed a bug submitted by
b'tw4v3sx'
b'Remotely Accessible Container Advisor exposed performance metrics and resource usage'
24 Oct 2022
1
...
136
137
138
139
140
...
769
BY DENIS WERNER - @NOBBD -
IMPRESSUM