REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Razer'
disclosed a bug submitted by
b'iamsahana'
b'Insecure Logging - OWASP (2016-M2)'
05 Dec 2019
b'Razer'
disclosed a bug submitted by
b'klaue'
b'Accessible Druid Monitor console on https://api.pay-staging.razer.com/'
05 Dec 2019
b'Razer'
disclosed a bug submitted by
b'cccaaasser'
b'DLL Hijacking in Synapse 2 CrashSender1402.exe via version.dll'
05 Dec 2019
b'Node.js third-party modules'
disclosed a bug submitted by
b'vineetpandey'
b'Path traversal in https://www.npmjs.com/package/http_server via symlink'
04 Dec 2019
b'Node.js third-party modules'
disclosed a bug submitted by
b'mik317'
b'[tree-kill] RCE via insecure command concatenation (only Windows)'
04 Dec 2019
b'Node.js third-party modules'
disclosed a bug submitted by
b'spengietz'
b'Lodash "difference" (possibly others) Function Denial of Service Through Unvalidated Input'
04 Dec 2019
b'Node.js third-party modules'
disclosed a bug submitted by
b'mik317'
b'[treekill] RCE via insecure command concatenation (only Windows)'
04 Dec 2019
b'Node.js third-party modules'
disclosed a bug submitted by
b'bl4de'
b'`indexFile` option passed as an argument to node-server can lead to arbitrary file read'
04 Dec 2019
b'Node.js third-party modules'
disclosed a bug submitted by
b'mik317'
b'[node-df] RCE via insecure command concatenation'
04 Dec 2019
b'Grammarly'
disclosed a bug submitted by
b'k4r4koyun'
b'Account takeover through the combination of cookie manipulation and XSS'
03 Dec 2019
b'HackerOne'
disclosed a bug submitted by
b'haxta4ok00'
b'Account takeover via leaked session cookie'
03 Dec 2019
b'Imgur'
disclosed a bug submitted by
b'alishah'
b'Password Reset Link not expiring after changing the email Leads To Account Takeover'
03 Dec 2019
b'GitLab'
disclosed a bug submitted by
b'rpadovani'
b'GraphQL query "namespace" leaks data'
03 Dec 2019
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'00utsav00'
b'http://????/data.json showing users sensitive information via json file'
02 Dec 2019
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'hexdump'
b'[Partial] SSN & [PII] exposed through iPERMs Presentation Slide.'
02 Dec 2019
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'usamasood'
b'[?????] \xe2\x80\x94 DOM-based XSS on endpoint `/?s=`'
02 Dec 2019
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'pirateducky'
b'Information disclousure by clicking on the link shown in http://????????/'
02 Dec 2019
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'alyssa_herrera'
b'PII leakage due to scrceenshot of health records'
02 Dec 2019
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'sp1d3rs'
b'Arbitrary File Reading leads to RCE in the Pulse Secure SSL VPN on the https://???'
02 Dec 2019
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'cdl'
b'[CVE-2019-11510 ] Path Traversal on ???????? leads to leaked passwords, RCE, etc'
02 Dec 2019
1
...
298
299
300
301
302
...
691
BY DENIS WERNER - @NOBBD -
IMPRESSUM