REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
bobrov
117
geeknik
79
linkks
75
sp1d3rs
68
jobert
67
someonenobbd
60
jon_bottarini
49
haxta4ok00
48
netfuzzer
48
ryat
47
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
ownCloud
disclosed a bug submitted by
atorralba
GitHub Security Lab (GHSL) Vulnerability Report: Insufficient path validation in ReceiveExternalFilesActivity.java (GHSL-2022-060)
16 Jan 2023
Mattermost
disclosed a bug submitted by
annonmous
Uninstalling Mattermost Launcher for Windows (64-bit), then reinstalling keeps you logged in without authentication
14 Jan 2023
Yelp
disclosed a bug submitted by
ethack1886
Robots.txt file with potentially sensitive content.
13 Jan 2023
U.S. Dept Of Defense
disclosed a bug submitted by
berserkbd47
Critical sensitive information Disclosure. [HtUS]
13 Jan 2023
U.S. Dept Of Defense
disclosed a bug submitted by
berserkbd47
Wordpress Takeover using setup configuration at http://.edu [HtUS]
13 Jan 2023
GitHub
disclosed a bug submitted by
vaib25vicky
Github app Privilege Escalation to Administrator/Owner of the Organization
13 Jan 2023
Nextcloud
disclosed a bug submitted by
systemkeeper
Reference caching can leak data to unauthorized users
13 Jan 2023
Internet Bug Bounty
disclosed a bug submitted by
zeyu2001
DNS rebinding in --inspect (insufficient fix of CVE-2022-32212 affecting macOS devices)
12 Jan 2023
Hiro
disclosed a bug submitted by
bug_vs_me
Security Issue into Wallet lock protection
11 Jan 2023
Nextcloud
disclosed a bug submitted by
lukasreschke
CSRF vulnerability in Nextcloud Desktop Client 3.6.1 on Windows when clicking malicious link
11 Jan 2023
Node.js
disclosed a bug submitted by
algisec1337
Take over subdomain undici.nodejs.org.cdn.cloudflare.net
11 Jan 2023
Cloudflare Public Bug Bounty
disclosed a bug submitted by
smither
Origin IP address disclosure through Pingora response header
10 Jan 2023
Acronis
disclosed a bug submitted by
parshwa_21
Cross Origin Resource Sharing Misconfiguration
10 Jan 2023
TikTok
disclosed a bug submitted by
lu3ky-13
bypass two-factor authentication in Android apps and web
09 Jan 2023
Nextcloud
disclosed a bug submitted by
supr4s
Possibility to delete files attached to deck cards of other users
09 Jan 2023
Nextcloud
disclosed a bug submitted by
error_2001
Missing character limitation allows to put generate a database error
09 Jan 2023
Nextcloud
disclosed a bug submitted by
ctulhu
Passcode bypass on Talk Android app
09 Jan 2023
HackerOne
disclosed a bug submitted by
zeyu2001
Race condition in joining CTF group
08 Jan 2023
curl
disclosed a bug submitted by
nyymi
curl file writing susceptible to symlink attacks
07 Jan 2023
curl
disclosed a bug submitted by
nyymi
libssh backend CURLOPT_SSH_HOST_PUBLIC_KEY_SHA256 validation bypass
07 Jan 2023
1
2
3
4
5
...
644
BY DENIS WERNER - @NOBBD -
IMPRESSUM