REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Xiaomi'
disclosed a bug submitted by
b'h4x0r_dz'
b'Insecure file upload in xiaoai.mi.com Lead to Stored XSS'
09 Mar 2021
b'Status.im'
disclosed a bug submitted by
b'jackb898'
b'HTTP Parameter Pollution with semicolons in iframe allows loading external Greenhouse forms'
08 Mar 2021
b'Kartpay'
disclosed a bug submitted by
b'bugera'
b'Disclosure of Merchant_id into the source code without entered OTP code leads to Victims MID takeover.'
08 Mar 2021
b'GitLab'
disclosed a bug submitted by
b'knack2hack'
b'GraphQL Query leads to sensitive information disclosure'
08 Mar 2021
b'curl'
disclosed a bug submitted by
b'fdolev'
b'Proxy-Authorization header carried to a new host on a redirect'
08 Mar 2021
b'curl'
disclosed a bug submitted by
b'sanchitcfc'
b'Inadequate Cryptographic Key Size and Insecure Cryptographic Mode. File Name :- curl_ntlm_core.c'
08 Mar 2021
b'FetLife'
disclosed a bug submitted by
b'kapkan'
b'Stored XSS via Angular Expression injection via Subject while starting conversation with other users.'
07 Mar 2021
b'Ruby'
disclosed a bug submitted by
b'u75615'
b'DRb denial of service vulnerability'
07 Mar 2021
b'Ruby'
disclosed a bug submitted by
b'offftherecord'
b'Ruby OpenSSL Library - IV Reuse in GCM Mode'
07 Mar 2021
b'Ruby'
disclosed a bug submitted by
b'piao'
b'Command injection in OptionParser.load'
07 Mar 2021
b'Lark Technologies'
disclosed a bug submitted by
b'imran_nisar'
b'Sensitive information of helpdesk is being leaked.'
06 Mar 2021
b'Uber'
disclosed a bug submitted by
b'healdb'
b'Unauthorized access to .com allows access to Uber Brazil tax documents and system.'
06 Mar 2021
b'GitHub Security Lab'
disclosed a bug submitted by
b'artem'
b'Java: Query for detecting JEXL injections'
05 Mar 2021
b'GitHub Security Lab'
disclosed a bug submitted by
b'someonenobbd'
b'Java : Add query to detect Apache Struts enabled Development mode'
04 Mar 2021
b'GitHub Security Lab'
disclosed a bug submitted by
b'porcupineyhairs'
b'Java : Add a query to detect Spring View Manipulation Vulnerability'
04 Mar 2021
b'GitHub Security Lab'
disclosed a bug submitted by
b'ihsinme'
b'ihsinme: CPP add query for CWE-788 Access of memory location after the end of a buffer using strncat.'
04 Mar 2021
b'GitHub Security Lab'
disclosed a bug submitted by
b'luchua'
b'[Java] CWE-489: Query to detect main() method in Java EE applications'
04 Mar 2021
b'Nextcloud'
disclosed a bug submitted by
b'6661620a'
b'Formula Injection vulnerability in CSV export feature'
04 Mar 2021
b'Nextcloud'
disclosed a bug submitted by
b'daniel_calvino_sanchez'
b'The password of a mail share is not set if the password is given when the share is created (Nextcloud < 18)'
04 Mar 2021
b'TikTok'
disclosed a bug submitted by
b'gnux'
b'Lack of session expiration after password reset on TikTok Careers Portal'
03 Mar 2021
1
...
171
172
173
174
175
...
693
BY DENIS WERNER - @NOBBD -
IMPRESSUM