REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
84
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'ExpressionEngine'
disclosed a bug submitted by
b'maggick'
b'Multiple XSS and open HTTP redirection'
16 Jul 2024
b'Node.js'
disclosed a bug submitted by
b'tniessen'
b'Permission model improperly processes UNC paths'
15 Jul 2024
b'Nextcloud'
disclosed a bug submitted by
b'mikaelgundersen'
b'ID4ME does not validate signature or expiration'
14 Jul 2024
b'Nextcloud'
disclosed a bug submitted by
b'flood78'
b'Re-emergence of Security Vulnerability in Nextcloud Version 28 Previously Fixed in 25.0.4'
14 Jul 2024
b'Nextcloud'
disclosed a bug submitted by
b'fernandoenzo'
b'Can reshare read&share only folder with more permissions'
14 Jul 2024
b'Nextcloud'
disclosed a bug submitted by
b'simcard'
b'Event create can create attachments that link to other websites '
14 Jul 2024
b'Nextcloud'
disclosed a bug submitted by
b'juliushaertl'
b'Missing permission check when removing a photo from an album'
14 Jul 2024
b'Nextcloud'
disclosed a bug submitted by
b'everysinglusernametaken'
b'Ability to by-pass second factor '
14 Jul 2024
b'Internet Bug Bounty'
disclosed a bug submitted by
b'orange'
b'important: Apache HTTP Server weakness with encoded question marks in backreferences (CVE-2024-38474)'
13 Jul 2024
b'Internet Bug Bounty'
disclosed a bug submitted by
b'orange'
b'important: Apache HTTP Server on WIndows UNC SSRF (CVE-2024-38472)'
13 Jul 2024
b'Internet Bug Bounty'
disclosed a bug submitted by
b'orange'
b'important: Apache HTTP Server weakness in mod_rewrite when first segment of substitution matches filesystem path. (CVE-2024-38475)'
13 Jul 2024
b'Internet Bug Bounty'
disclosed a bug submitted by
b'orange'
b'important: Apache HTTP Server may use exploitable/malicious backend application output to run local handlers via internal redirect (CVE-2024-38476)'
13 Jul 2024
b'Internet Bug Bounty'
disclosed a bug submitted by
b'orange'
b'important: Apache HTTP Server: Crash resulting in Denial of Service in mod_proxy via a malicious request (CVE-2024-38477)'
13 Jul 2024
b'Internet Bug Bounty'
disclosed a bug submitted by
b'orange'
b'moderate: Apache HTTP Server: HTTP response splitting (CVE-2023-38709)'
13 Jul 2024
b'Internet Bug Bounty'
disclosed a bug submitted by
b'orange'
b'moderate: Apache HTTP Server proxy encoding problem (CVE-2024-38473)'
13 Jul 2024
b'TikTok'
disclosed a bug submitted by
b'xtt0k'
b'Account Takeover via Authentication Bypass in TikTok Account Recovery'
13 Jul 2024
b'Internet Bug Bounty'
disclosed a bug submitted by
b'noentry'
b'CVE-2024-3416: MTU of 4096 or greater without fragmentation may cause NGINX worker processes to leak previously freed memory'
12 Jul 2024
b'Rocket.Chat'
disclosed a bug submitted by
b'gronke'
b'NoSQL injection leaks visitor token and livechat messages'
11 Jul 2024
b'Mars'
disclosed a bug submitted by
b'0x999'
b'0 Click account takeover via timed requests to forgot-password (single-packet attack)'
11 Jul 2024
b'HackerOne'
disclosed a bug submitted by
b'aloneh1'
b'Reports submitted by a non 2fa setupped user account can be transferred to a 2fa require submission program '
11 Jul 2024
1
2
3
4
5
...
703
BY DENIS WERNER - @NOBBD -
IMPRESSUM