REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
56
b'ooooooo_q'
50
b'jon_bottarini'
49
b'haxta4ok00'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Adobe'
disclosed a bug submitted by
b'renzi'
b"Adobe Experience Manager 'Childlist selector' - Cross-Site Scripting on cbconnection.adobe.com"
02 May 2024
b'Deriv.com'
disclosed a bug submitted by
b'zacian'
b'Mailgun subdomain takeover '
02 May 2024
b'Shopify'
disclosed a bug submitted by
b'ryanmoles6'
b'Production Key and Data Found on Subdomain No Longer Operated by Shopify / Dangling DNS'
01 May 2024
b'Shopify'
disclosed a bug submitted by
b'niraj1mahajan'
b'No Session Expiry after log-out, attacker can reuse the old cookies'
01 May 2024
b'IBM'
disclosed a bug submitted by
b'suryahss'
b'Insecure Direct Object Reference Protection bypass by changing HTTP method in IBM Your Learning endpoint. '
01 May 2024
b'Internet Bug Bounty'
disclosed a bug submitted by
b'bart'
b'Assertion failed in node::http2::Http2Session::~Http2Session() leads to HTTP/2 server crash'
29 Apr 2024
b'HackerOne'
disclosed a bug submitted by
b'xklepxn'
b'Attachment disclosure via summary report '
29 Apr 2024
b'Hyperledger'
disclosed a bug submitted by
b'another_dude'
b'Code exec on Github runner via Pull request name'
28 Apr 2024
b'Internet Bug Bounty'
disclosed a bug submitted by
b'parantheses'
b'CVE-2024-25128: Apache Airflow: Authentication Bypass when Legacy OpenID(2.0) is in use as AUTH_TYPE'
28 Apr 2024
b'Internet Bug Bounty'
disclosed a bug submitted by
b'scyoon'
b'CVE-2024-27351: Potential regular expression denial-of-service in django.utils.text.Truncator.words()'
28 Apr 2024
b'PlayStation'
disclosed a bug submitted by
b'theflow0'
b'Remote vulnerabilities in spp'
25 Apr 2024
b'Internet Bug Bounty'
disclosed a bug submitted by
b'bart'
b'Apache HTTP Server: HTTP/2 DoS by memory exhaustion on endless continuation frames'
24 Apr 2024
b'IBM'
disclosed a bug submitted by
b'hassan_sheet'
b'RXSS in hidden parameter'
23 Apr 2024
b'Mozilla'
disclosed a bug submitted by
b'griffinf'
b'Jira Credential Disclosure within Mozilla Slack'
23 Apr 2024
b'Internet Bug Bounty'
disclosed a bug submitted by
b'w0x42'
b'CVE-2024-2398: HTTP/2 push headers memory-leak'
22 Apr 2024
b'Internet Bug Bounty'
disclosed a bug submitted by
b'bart'
b'Denial of Service caused by HTTP/2 CONTINUATION Flood'
22 Apr 2024
b'Adobe'
disclosed a bug submitted by
b'renzi'
b"Adobe Experience Manager 'Childlist selector' - Cross-Site Scripting on cbconnection-stage.adobe.com "
22 Apr 2024
b'Sheer'
disclosed a bug submitted by
b'tuannq_gg'
b'Cleartext Transmission of password via Email'
22 Apr 2024
b'Hyperledger'
disclosed a bug submitted by
b'adnanthekhan'
b'Docker Secret Disclosure via GitHub Actions Cache Poisoning'
20 Apr 2024
b'Revive Adserver'
disclosed a bug submitted by
b'karan'
b'Login page password-guessing attack'
19 Apr 2024
1
...
23
24
25
26
27
...
717
BY DENIS WERNER - @NOBBD -
IMPRESSUM