REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
57
b'ooooooo_q'
50
b'jon_bottarini'
49
b'haxta4ok00'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Shopify'
disclosed a bug submitted by
b'augustozanellato'
b'Github access token exposure'
26 Jul 2021
b'Phabricator'
disclosed a bug submitted by
b'crownpeanut'
b'Git flag injection leads to arbitrary file write'
25 Jul 2021
b'The Internet'
disclosed a bug submitted by
b'metnew'
b'Uncovering file quarantine and UX security issues in macOS apps ( .terminal, .fileloc and .url) '
23 Jul 2021
b'The Internet'
disclosed a bug submitted by
b'simonscannell'
b'[CVE-2020-27194] Linux kernel: eBPF verifier bug in `or` binary operation tracking function leads to LPE'
23 Jul 2021
b'Data Processing (IBB)'
disclosed a bug submitted by
b'dotsecurity'
b'tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c'
23 Jul 2021
b'The Internet'
disclosed a bug submitted by
b'vanhoefm'
b'Fragmentation and Aggregation Flaws in Wi-Fi'
23 Jul 2021
b'The Internet'
disclosed a bug submitted by
b'itszn'
b'Canonical Snapcraft vulnerable to remote code execution under certain conditions'
23 Jul 2021
b'U.S. General Services Administration'
disclosed a bug submitted by
b'rajeshpatil'
b'Account takeover through multistage CSRF at https://autochoice.fas.gsa.gov/AutoChoice/changeQAOktaAnswer and ../AutoChoice/changePwOktaAnswer'
23 Jul 2021
b'Lark Technologies'
disclosed a bug submitted by
b'shell_c0de'
b'[Lark Android] Vulnerability in exported activity WebView'
22 Jul 2021
b'Mail.ru'
disclosed a bug submitted by
b'alexeysergeevich'
b'[tanks.mail.ru] SSRF + cookie '
22 Jul 2021
b'Mail.ru'
disclosed a bug submitted by
b'sec_zone64'
b'Bypassing SOP with XSS on account.my.games leading to steal CSRF token and user information'
22 Jul 2021
b'Mail.ru'
disclosed a bug submitted by
b'01alsanosi'
b'Unauthorized Access To Admin panel'
22 Jul 2021
b'Khan Academy'
disclosed a bug submitted by
b'renganathan'
b'Enumerate all the class codes via google dorking '
22 Jul 2021
b'Uber'
disclosed a bug submitted by
b'penguinsaretasty'
b'pam_ussh does not properly validate the SSH certificate authority'
21 Jul 2021
b'curl'
disclosed a bug submitted by
b'thoger'
b'CVE-2021-22925: TELNET stack contents disclosure again'
21 Jul 2021
b'Bumble'
disclosed a bug submitted by
b'robertheaton'
b"Exfiltrating a victim's exact location (to within 5m)"
21 Jul 2021
b'Phabricator'
disclosed a bug submitted by
b'thund3r17'
b'Broken Authentication and Session Management lead to take over account'
21 Jul 2021
b'curl'
disclosed a bug submitted by
b'nyymi'
b'CVE-2021-22924: Bad connection reuse due to flawed path name checks'
21 Jul 2021
b'curl'
disclosed a bug submitted by
b'nyymi'
b'CVE-2021-22926: CURLOPT_SSLCERT mixup with Secure Transport'
21 Jul 2021
b'curl'
disclosed a bug submitted by
b'nyymi'
b'CVE-2021-22923: Metalink download sends credentials'
21 Jul 2021
1
...
161
162
163
164
165
...
718
BY DENIS WERNER - @NOBBD -
IMPRESSUM
