REPORTS
PROGRAMS
PUBLISHERS
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Lark Technologies'
disclosed a bug submitted by
b'imran_nisar'
b'Sensitive information of helpdesk is being leaked.'
06 Mar 2021
b'Uber'
disclosed a bug submitted by
b'healdb'
b'Unauthorized access to .com allows access to Uber Brazil tax documents and system.'
06 Mar 2021
b'GitHub Security Lab'
disclosed a bug submitted by
b'artem'
b'Java: Query for detecting JEXL injections'
05 Mar 2021
b'GitHub Security Lab'
disclosed a bug submitted by
b'someonenobbd'
b'Java : Add query to detect Apache Struts enabled Development mode'
04 Mar 2021
b'GitHub Security Lab'
disclosed a bug submitted by
b'porcupineyhairs'
b'Java : Add a query to detect Spring View Manipulation Vulnerability'
04 Mar 2021
b'GitHub Security Lab'
disclosed a bug submitted by
b'ihsinme'
b'ihsinme: CPP add query for CWE-788 Access of memory location after the end of a buffer using strncat.'
04 Mar 2021
b'GitHub Security Lab'
disclosed a bug submitted by
b'luchua'
b'[Java] CWE-489: Query to detect main() method in Java EE applications'
04 Mar 2021
b'Nextcloud'
disclosed a bug submitted by
b'6661620a'
b'Formula Injection vulnerability in CSV export feature'
04 Mar 2021
b'Nextcloud'
disclosed a bug submitted by
b'daniel_calvino_sanchez'
b'The password of a mail share is not set if the password is given when the share is created (Nextcloud < 18)'
04 Mar 2021
b'TikTok'
disclosed a bug submitted by
b'gnux'
b'Lack of session expiration after password reset on TikTok Careers Portal'
03 Mar 2021
b'Lark Technologies'
disclosed a bug submitted by
b'imran_nisar'
b"User with single department permission can view applicant list of all department's"
03 Mar 2021
b'Algolia'
disclosed a bug submitted by
b'h4x0r_dz'
b'Information disclosure via a misconfigured third-party product'
03 Mar 2021
b'Mail.ru'
disclosed a bug submitted by
b'chaosbolt'
b'SDC bypass cloud.mail.ru for every /api/v3/* endpoint.'
02 Mar 2021
b'h1-ctf'
disclosed a bug submitted by
b'archerl'
b'Grinchs website takendown with various other exploits'
02 Mar 2021
b'h1-ctf'
disclosed a bug submitted by
b'luminougat'
b'hackyholidays CTF Writeup'
02 Mar 2021
b'Rockset'
disclosed a bug submitted by
b'afsec'
b'Leaking Rockset API key on Github'
02 Mar 2021
b'Rockstar Games'
disclosed a bug submitted by
b'gevakun'
b'Minor Account Privacy can Set to Everyone.'
02 Mar 2021
b'Stripo Inc'
disclosed a bug submitted by
b'3x3s'
b'Memory Dump and Env Disclosure via Spring Boot Actuator'
02 Mar 2021
b'Dropbox'
disclosed a bug submitted by
b'jackb898'
b'Coupon codes indexed by Google'
01 Mar 2021
b'Grammarly'
disclosed a bug submitted by
b'fransrosen'
b'Config override using non-validated query parameter allows at least reflected XSS by injecting configuration into state'
01 Mar 2021
1
...
247
248
249
250
251
...
769
BY DENIS WERNER - @NOBBD -
IMPRESSUM