REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
84
b'linkks'
75
b'jobert'
70
b'nyymi'
67
b'someonenobbd'
62
b'ooooooo_q'
54
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'AWS VDP'
disclosed a bug submitted by
b'nick_frichette_dd'
b'Non-Production API Endpoints for the bedrock-agent Service Fail to Log to CloudTrail Resulting in Silent Permission Enumeration'
28 May 2025
b'AWS VDP'
disclosed a bug submitted by
b'nick_frichette_dd'
b'Non-Production API Endpoints for the bedrock Service Fail to Log to CloudTrail Resulting in Silent Permission Enumeration'
28 May 2025
b'AWS VDP'
disclosed a bug submitted by
b'nick_frichette_dd'
b'Non-Production API Endpoint for the EventBridge Service Fails to Log to CloudTrail Resulting in Silent Permission Enumeration'
28 May 2025
b'AWS VDP'
disclosed a bug submitted by
b'nick_frichette_dd'
b'Non-Production API Endpoints for the Global Accelerator Service Fail to Log to CloudTrail Resulting in Silent Permission Enumeration'
28 May 2025
b'AWS VDP'
disclosed a bug submitted by
b'nick_frichette_dd'
b'Non-Production API Endpoints for the Health Service Fail to Log to CloudTrail Resulting in Silent Permission Enumeration'
28 May 2025
b'AWS VDP'
disclosed a bug submitted by
b'nick_frichette_dd'
b'Amazon Pinpoint SMS and Voice, version 2 Service Reporting "AWS Internal" for CloudTrail Events Generated from FIPS Endpoints'
28 May 2025
b'AWS VDP'
disclosed a bug submitted by
b'nick_frichette_dd'
b'Amazon Kendra Intelligent Ranking Service Reporting "AWS Internal" for CloudTrail Events Generated from FIPS Endpoints'
28 May 2025
b'AWS VDP'
disclosed a bug submitted by
b'nick_frichette_dd'
b'Non-Production API Endpoints for the Neptune Graph Service Fail to Log to CloudTrail Resulting in Silent Permission Enumeration'
27 May 2025
b'AWS VDP'
disclosed a bug submitted by
b'nick_frichette_dd'
b'Non-Production API Endpoints for the Route 53 Service Fail to Log to CloudTrail Resulting in Silent Permission Enumeration'
27 May 2025
b'Mars'
disclosed a bug submitted by
b'bughunter0x7'
b'unauthorized access and add user and change personal information all users'
27 May 2025
b'Mars'
disclosed a bug submitted by
b'bughunter0x7'
b'Customer Data Exposure via Insecure Endpoint of coupon'
27 May 2025
b'Internet Bug Bounty'
disclosed a bug submitted by
b'nxczje'
b'Apache Airflow Sql injection by authenticated user'
27 May 2025
b'Internet Bug Bounty'
disclosed a bug submitted by
b'nacl_123'
b'[SECURITY] CVE-2024-50379 Apache Tomcat - RCE via write-enabled default servlet'
27 May 2025
b'Internet Bug Bounty'
disclosed a bug submitted by
b'snhebrok'
b'TLS client authentication can be bypassed due to ticket resumption'
27 May 2025
b'Internet Bug Bounty'
disclosed a bug submitted by
b'sav_'
b'CVE-2024-56374: Denial-of-service vulnerability in IPv6 validation'
27 May 2025
b'Node.js'
disclosed a bug submitted by
b'jessewilson'
b'WASI sandbox escape via symlink'
24 May 2025
b'Monero'
disclosed a bug submitted by
b'sech1'
b"Dynamic fee algorithm doesn't check for zero fee"
23 May 2025
b'Monero'
disclosed a bug submitted by
b'ptrstr'
b'RPC service DOS'
23 May 2025
b'curl'
disclosed a bug submitted by
b'darkroomdragon'
b'Memory Leak in libcurl via Location Header Handling (CWE-770)'
22 May 2025
b'curl'
disclosed a bug submitted by
b'jmanojlovich'
b'`Curl_socketpair()` fallback vulnerable to man-in-the-middle attack'
20 May 2025
1
...
23
24
25
26
27
...
752
BY DENIS WERNER - @NOBBD -
IMPRESSUM
