REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
bobrov
117
geeknik
79
linkks
75
sp1d3rs
68
jobert
66
someonenobbd
60
jon_bottarini
49
netfuzzer
48
haxta4ok00
48
ryat
47
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
Rocket.Chat
disclosed a bug submitted by
gronke
getUserMentionsByChannel leaks messages with mention from private channel
22 Sep 2022
Rocket.Chat
disclosed a bug submitted by
garretby
It is possible to elevate privileges for any authenticated user to view permissions matrix and view Direct messages without appropriate permissions.
22 Sep 2022
Rocket.Chat
disclosed a bug submitted by
danieljpp
Persistent CSS injection with marked markdown parser in Rocket.Chat
22 Sep 2022
Rocket.Chat
disclosed a bug submitted by
ghaem51
Regex account takeover
22 Sep 2022
GitLab
disclosed a bug submitted by
joaxcar
XSS in ZenTao integration affecting self hosted instances without strict CSP
22 Sep 2022
8x8
disclosed a bug submitted by
is-
DLL Search-Order Hijacking Vulnerability in work-64-exe-v7.16.3-1.exe
22 Sep 2022
TikTok
disclosed a bug submitted by
datph4m
Add products to any livestream.
21 Sep 2022
TikTok
disclosed a bug submitted by
datph4m
Create product discounts of any shop
21 Sep 2022
PlayStation
disclosed a bug submitted by
theflow0
size_t-to-int vulnerability in exFAT leads to memory corruption via malformed USB flash drives
21 Sep 2022
Mattermost
disclosed a bug submitted by
catenacyber
DOS: out of memory from gif through upload api
21 Sep 2022
TikTok
disclosed a bug submitted by
apapedulimu
IDOR on Tagged People
20 Sep 2022
PlayStation
disclosed a bug submitted by
theflow0
Use-after-free in setsockopt IPV6_2292PKTOPTIONS (CVE-2020-7457)
20 Sep 2022
Vanilla
disclosed a bug submitted by
admin0x00
CORS Misconfiguration on vanillaforums.com
20 Sep 2022
MTN Group
disclosed a bug submitted by
sachinrajput
There is no rate limit for SME REGISTRATION PORTAL
19 Sep 2022
HackerOne
disclosed a bug submitted by
mega7
HTML Injection in email via Name field
18 Sep 2022
Internet Bug Bounty
disclosed a bug submitted by
nyymi
Airflow Daemon Mode Insecure Umask Privilege Escalation
17 Sep 2022
Glassdoor
disclosed a bug submitted by
seifelsallamy
XSS in www.glassdoor.com
16 Sep 2022
Nextcloud
disclosed a bug submitted by
tomorrowisnew_
SSRF via potential filter bypass with too lax local domain checking
16 Sep 2022
Nextcloud
disclosed a bug submitted by
daniel_calvino_sanchez
Last video frame is still sent after video is disabled in a call
16 Sep 2022
Nextcloud
disclosed a bug submitted by
ro0telqayser
Information exposure in in guzzlehttp/guzzle (https://github.com/nextcloud/3rdparty/tree/master/guzzlehttp/guzzle)
16 Sep 2022
1
2
3
4
5
...
628
BY DENIS WERNER - @NOBBD -
IMPRESSUM
