REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
58
b'ooooooo_q'
52
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Squid Cache (IBB)'
disclosed a bug submitted by
b'aaron_costello'
b'Buffer Overflow in ext_lm_group_acl helper'
28 Jul 2021
b'UPchieve'
disclosed a bug submitted by
b'171217'
b'Vulnerability Report - sweet32 UPchieve'
28 Jul 2021
b'UPchieve'
disclosed a bug submitted by
b'171217'
b'hackers.upchieve.org and argocd.upchieve.org is not preloaded.'
28 Jul 2021
b'UPchieve'
disclosed a bug submitted by
b'ben_lay'
b'blind sql on [ https://argocd.upchieve.org/login?return_url=id= ]'
28 Jul 2021
b'Mail.ru'
disclosed a bug submitted by
b'nakabonne'
b'[geekbrains.ru] Node modules path disclosure due to lack of error handling'
27 Jul 2021
b'Mail.ru'
disclosed a bug submitted by
b'act1on3'
b'[app-01.youdrive.club] RCE in CI/CD via dependency confusion'
27 Jul 2021
b'Shopify'
disclosed a bug submitted by
b'augustozanellato'
b'Github access token exposure'
26 Jul 2021
b'Phabricator'
disclosed a bug submitted by
b'crownpeanut'
b'Git flag injection leads to arbitrary file write'
25 Jul 2021
b'The Internet'
disclosed a bug submitted by
b'metnew'
b'Uncovering file quarantine and UX security issues in macOS apps ( .terminal, .fileloc and .url) '
23 Jul 2021
b'The Internet'
disclosed a bug submitted by
b'simonscannell'
b'[CVE-2020-27194] Linux kernel: eBPF verifier bug in `or` binary operation tracking function leads to LPE'
23 Jul 2021
b'Data Processing (IBB)'
disclosed a bug submitted by
b'dotsecurity'
b'tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c'
23 Jul 2021
b'The Internet'
disclosed a bug submitted by
b'vanhoefm'
b'Fragmentation and Aggregation Flaws in Wi-Fi'
23 Jul 2021
b'The Internet'
disclosed a bug submitted by
b'itszn'
b'Canonical Snapcraft vulnerable to remote code execution under certain conditions'
23 Jul 2021
b'U.S. General Services Administration'
disclosed a bug submitted by
b'rajeshpatil'
b'Account takeover through multistage CSRF at https://autochoice.fas.gsa.gov/AutoChoice/changeQAOktaAnswer and ../AutoChoice/changePwOktaAnswer'
23 Jul 2021
b'Lark Technologies'
disclosed a bug submitted by
b'shell_c0de'
b'[Lark Android] Vulnerability in exported activity WebView'
22 Jul 2021
b'Mail.ru'
disclosed a bug submitted by
b'alexeysergeevich'
b'[tanks.mail.ru] SSRF + cookie '
22 Jul 2021
b'Mail.ru'
disclosed a bug submitted by
b'sec_zone64'
b'Bypassing SOP with XSS on account.my.games leading to steal CSRF token and user information'
22 Jul 2021
b'Mail.ru'
disclosed a bug submitted by
b'01alsanosi'
b'Unauthorized Access To Admin panel'
22 Jul 2021
b'Khan Academy'
disclosed a bug submitted by
b'renganathan'
b'Enumerate all the class codes via google dorking '
22 Jul 2021
b'Uber'
disclosed a bug submitted by
b'penguinsaretasty'
b'pam_ussh does not properly validate the SSH certificate authority'
21 Jul 2021
1
...
173
174
175
176
177
...
730
BY DENIS WERNER - @NOBBD -
IMPRESSUM
