REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Homebrew'
disclosed a bug submitted by
b'ryotak'
b'Broken parsing of Git diff allows an attacker to inject arbitrary Ruby scripts to Casks on official taps'
21 Apr 2021
b'Clario'
disclosed a bug submitted by
b'beerboy_ankit'
b'Social media link hijack of team member [Linkedin] at https://mackeeper.com/team/'
21 Apr 2021
b'Ruby'
disclosed a bug submitted by
b'chinarulezzz'
b"'net/ftp': Uncontrolled Resource Consumption (Memory/CPU)"
21 Apr 2021
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'hacker_as980'
b'CSRF in https://'
20 Apr 2021
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'lu3ky-13'
b'HTTP Request Smuggling '
20 Apr 2021
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'fiveguyslover'
b'Administration Authentication Bypass on https://'
20 Apr 2021
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'gentlemenhacker'
b" portal is open to enumeration once authenticated. Session ID's appear static. All PII available once a valid session ID is found."
20 Apr 2021
b'GitLab'
disclosed a bug submitted by
b'vakzz'
b'RCE via unsafe inline Kramdown options when rendering certain Wiki pages'
20 Apr 2021
b'Nintendo'
disclosed a bug submitted by
b'mrnbayoh'
b'[3DS][StreetPass] Buffer Overflow in Super Mario Maker level decompression'
20 Apr 2021
b'New Relic'
disclosed a bug submitted by
b'jon_bottarini'
b'Stored XSS via malicious key value of Synthetics monitor tag when visiting an Insights dashboard with filtering enabled'
20 Apr 2021
b'Nextcloud'
disclosed a bug submitted by
b'stregh'
b'bypassing dashboard without account + Information disclosure trough websockets '
20 Apr 2021
b'Nextcloud'
disclosed a bug submitted by
b'syachineko'
b'No set limit to try to login in "https://auth.nextcloud.com/auth/realms/master/protocol/openid-connect/auth" page.'
20 Apr 2021
b'Kryptor'
disclosed a bug submitted by
b'jaimaakali'
b'Kryptor/SECURITY.md missing HACKERONE program update.'
19 Apr 2021
b'Mail.ru'
disclosed a bug submitted by
b'3xternull'
b'Stored XSS on store.my.games'
17 Apr 2021
b'Node.js third-party modules'
disclosed a bug submitted by
b'd3lla'
b'[wireguard-wrapper] Command Injection via insecure command concatenation'
16 Apr 2021
b'CS Money'
disclosed a bug submitted by
b'sawmj'
b'Blind Based SQL Injection in 3d.sc.money'
16 Apr 2021
b'Glassdoor'
disclosed a bug submitted by
b'stregh'
b'web.xml configuration file disclosure'
16 Apr 2021
b'Glassdoor'
disclosed a bug submitted by
b'n1xk_10'
b'Reflected XSS at https://www.glassdoor.co.in/FAQ/Microsoft-Question-FAQ200086-E1651.htm?countryRedirect=true via PATH'
16 Apr 2021
b'Glassdoor'
disclosed a bug submitted by
b'n1xk_10'
b'Reflected XSS at https://www.glassdoor.com/Interview/Accenturme-Interview-Questions-E9931.htm via filter.jobTitleFTS parameter'
16 Apr 2021
b'Glassdoor'
disclosed a bug submitted by
b'n1xk_10'
b'Reflected XSS at https://www.glassdoor.co.in/Interview/BlackRock-Interview-Questions-E9331.htm via filter.jobTitleExact parameter'
16 Apr 2021
1
...
159
160
161
162
163
...
693
BY DENIS WERNER - @NOBBD -
IMPRESSUM