the unofficial HackerOne disclosure timeline.

X
b'Kubernetes' disclosed a bug submitted by b'njaysec' 
b'Private RSA key and Server key exposed on the GitHub repository'
22 Oct 2020 timeline
b'Shopify' disclosed a bug submitted by b'a_yang' 
b'User sensitive information disclosure'
22 Oct 2020 timeline
b'DRIVE.NET, Inc.' disclosed a bug submitted by b'what_web' 
b'[www.drive2.ru] Insufficient Security Configurability - Email notification is not being sent while changing passwords'
22 Oct 2020 timeline
b'Clario' disclosed a bug submitted by b'mayurudiniya' 
b'Cookie injection leads to complete DoS over whole domain *.mackeeper.com. Injection point accountstage.mackeeper.com/'
21 Oct 2020 timeline
b'PHP (IBB)' disclosed a bug submitted by b'anatoliq' 
b'mb_strtolower (UTF-32LE): stack-buffer-overflow at php_unicode_tolower_full (CVE-2020-7065)'
21 Oct 2020 timeline
b'8x8' disclosed a bug submitted by b'the_predator' 
b'2FA Disable With Wrong Password - Response Tampering.'
21 Oct 2020 timeline
b'Dropbox' disclosed a bug submitted by b'u0pattern' 
b'Broken OAuth leads to change photo profile users .'
21 Oct 2020 timeline
b'Acronis' disclosed a bug submitted by b'adr' 
b'Arbitrary DLL injection in mmsminisrv (Acronis Managed Machine Service Mini)'
20 Oct 2020 timeline
b'Acronis' disclosed a bug submitted by b'f_m' 
b'DOM based XSS in store.acronis.com/<id>/purl-corporate-standard-IT [cfg parameter]'
20 Oct 2020 timeline
b'Visma Public' disclosed a bug submitted by b'zeop' 
b'HTTP Request Smuggling at app.workbox.dk'
20 Oct 2020 timeline
b'GitHub Security Lab' disclosed a bug submitted by b'someonenobbd' 
b'Java: CWE-749 Unsafe resource loading in Android WebView leaking to injection attacks'
19 Oct 2020 timeline
b'Zivver' disclosed a bug submitted by b'nikolat3sla' 
b'Two-factor authentication can be disabled when logged in without 2fa or password confirmation '
19 Oct 2020 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'gkmr' 
b'[json8-merge-patch] Prototype Pollution'
18 Oct 2020 timeline
b'Node.js' disclosed a bug submitted by b'underflow0' 
b'Slowloris, body parsing'
17 Oct 2020 timeline
b'Node.js' disclosed a bug submitted by b'shogunpanda' 
b'Denial of Service by resource exhaustion CWE-400 due to unfinished HTTP/1.1 requests'
17 Oct 2020 timeline
b'Node.js' disclosed a bug submitted by b'ashi009' 
b'`fs.realpath.native` on darwin may cause buffer overflow'
17 Oct 2020 timeline
b'Node.js' disclosed a bug submitted by b'amitklein' 
b'HTTP Request Smuggling due to CR-to-Hyphen conversion'
17 Oct 2020 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'hassanshahid' 
b'https://?????? vulnerable to CVE-2020-3187 - Unauthenticated arbitrary file deletion in Cisco ASA/FTD'
16 Oct 2020 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'r4d1kal' 
b'Sensitive data exposure via https://????????.mil/secure/QueryComponent!Default.jspa - CVE-2020-14179'
16 Oct 2020 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'mzfr' 
b'[CVE-2020-3452] Unauthenticated file read in Cisco ASA'
16 Oct 2020 timeline
1 ... 286 287 288 289 290 ... 768
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM