REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
57
b'ooooooo_q'
50
b'jon_bottarini'
49
b'haxta4ok00'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'GitLab'
disclosed a bug submitted by
b'ajxchapman'
b'FogBugz import attachment full SSRF requiring vulnerability in *.fogbugz.com'
13 Jul 2021
b'GitLab'
disclosed a bug submitted by
b'yvvdwf'
b'Stored-XSS in merge requests'
13 Jul 2021
b'GitLab'
disclosed a bug submitted by
b'yvvdwf'
b'Stored-XSS on wiki pages'
13 Jul 2021
b'Ruby'
disclosed a bug submitted by
b'chinarulezzz'
b"OS Command Injection in 'rdoc' documentation generator"
13 Jul 2021
b'GitLab'
disclosed a bug submitted by
b'taraszelyk'
b'Client-Side DOS via Mermaid Prototype Pollution vulnerability'
12 Jul 2021
b'GitLab'
disclosed a bug submitted by
b'taraszelyk'
b'Stored DOM XSS via Mermaid chart'
12 Jul 2021
b'Shopify'
disclosed a bug submitted by
b'danishalkatiri'
b'your-store.myshopify.com preview link is leak on third party website lead to preview all action from store owner Without store Password.'
12 Jul 2021
b'Topcoder'
disclosed a bug submitted by
b'c0mbo'
b'Reflected XSS in https://www.topcoder.com/blog/category/community-stories/'
12 Jul 2021
b'R3'
disclosed a bug submitted by
b'ian'
b'Exposed Prometheus instance at prometheus.qa.r3.com'
12 Jul 2021
b'TikTok'
disclosed a bug submitted by
b'sandipgyawali'
b'Blocked user can send notification by liking the message due to Logical Bug'
10 Jul 2021
b'Data Processing (IBB)'
disclosed a bug submitted by
b'hardik05'
b'Heap buffer overflow vulnerability while processing a malformed TIFF file.'
09 Jul 2021
b'Data Processing (IBB)'
disclosed a bug submitted by
b'karas'
b'CVE-2017-13040 The MPTCP parser in tcpdump before 4.9.2 has a buffer over-read in print-mptcp.c, several functions.'
09 Jul 2021
b'Data Processing (IBB)'
disclosed a bug submitted by
b'karas'
b'CVE-2017-13041 The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_nodeinfo_print().'
09 Jul 2021
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'brumens'
b'Cache Posioning leading do Denial of Service on `www.`'
09 Jul 2021
b'Acronis'
disclosed a bug submitted by
b'technical_junkie'
b'No Rate Limit On Forgot Password Page'
09 Jul 2021
b'Twitter'
disclosed a bug submitted by
b'iambouali'
b"Blind XSS on Twitter's internal Big Data panel at "
09 Jul 2021
b'Uber'
disclosed a bug submitted by
b'healdb'
b'API on campus-vtc.com allows access to ~100 Uber users full names, email addresses and telephone numbers.'
08 Jul 2021
b'Khan Academy'
disclosed a bug submitted by
b'lucenaxpl0it'
b'Bypass the fix of report #1078283 due to poor validation'
08 Jul 2021
b'Shopify'
disclosed a bug submitted by
b'jmp_35p'
b'Add new managed stores without permission'
08 Jul 2021
b'Shopify'
disclosed a bug submitted by
b'superbsic'
b'Removing parts of URL from jQuery request exposes links for download of Paid Digital Assets of the most recent Order placed by anyone on the store!'
08 Jul 2021
1
...
163
164
165
166
167
...
718
BY DENIS WERNER - @NOBBD -
IMPRESSUM
