REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
58
b'ooooooo_q'
52
b'haxta4ok00'
49
b'jon_bottarini'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'TikTok'
disclosed a bug submitted by
b'dxcoder'
b"Using Branded Hashtag Feature User Partnered with Account Manager Can View Videos Uploaded By A Private TikTok Account If 'item_id' Is Known"
03 Apr 2024
b'Internet Bug Bounty'
disclosed a bug submitted by
b'ooooooo_q'
b'CVE-2024-27281: RCE vulnerability with .rdoc_options in RDoc'
29 Mar 2024
b'Internet Bug Bounty'
disclosed a bug submitted by
b'hunt1'
b'Libuv: Improper Domain Lookup that potentially leads to SSRF attacks'
29 Mar 2024
b'Internet Bug Bounty'
disclosed a bug submitted by
b'frankyueh'
b'CVE-2024-2466: TLS certificate check bypass with mbedTLS (reward request)'
29 Mar 2024
b'Internet Bug Bounty'
disclosed a bug submitted by
b'fullmetal5'
b'CVE-2024-2379: QUIC certificate check bypass with wolfSSL'
29 Mar 2024
b'Internet Bug Bounty'
disclosed a bug submitted by
b'dfandrich'
b'Usage of disabled protocol in curl'
29 Mar 2024
b'HackerOne'
disclosed a bug submitted by
b'nitsec7'
b'New Hacktivity features:Bounty rewards leakage Where programs doesnt decide to disclose bounty in limited disclosure report'
28 Mar 2024
b'curl'
disclosed a bug submitted by
b'iylz'
b'cookie is sent on redirect'
28 Mar 2024
b'curl'
disclosed a bug submitted by
b'dfandrich'
b'CVE-2024-2004: Usage of disabled protocol'
27 Mar 2024
b'Internet Bug Bounty'
disclosed a bug submitted by
b'kurohiro'
b'CVE-2024-0853: OCSP verification bypass with TLS session reuse'
27 Mar 2024
b'curl'
disclosed a bug submitted by
b'w0x42'
b'HTTP/2 PUSH_PROMISE DoS'
27 Mar 2024
b'curl'
disclosed a bug submitted by
b'frankyueh'
b'CVE-2024-2466: TLS certificate check bypass with mbedTLS'
27 Mar 2024
b'curl'
disclosed a bug submitted by
b'w0x42'
b'CVE-2024-2398: HTTP/2 push headers memory-leak'
27 Mar 2024
b'curl'
disclosed a bug submitted by
b'fullmetal5'
b'CVE-2024-2379: QUIC certificate check bypass with wolfSSL'
27 Mar 2024
b'GoCD'
disclosed a bug submitted by
b'redyetihacks'
b'XSS in GOCD Analytics Plugin'
27 Mar 2024
b'X (Formerly Twitter)'
disclosed a bug submitted by
b'itsdavid'
b'Bypassing x profile verification to receive instant blue checkmark and unlimited profile changes'
26 Mar 2024
b'HackerOne'
disclosed a bug submitted by
b'0verw4tch'
b"View any user email using the Team's audit log section"
26 Mar 2024
b'HackerOne'
disclosed a bug submitted by
b'0verw4tch'
b'Creation of bounties through Customer API leads to private email disclosure'
26 Mar 2024
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'oxylis'
b' leaking PII of tour visitors (names, email addresses, phone numbers) via misconfigured record permissions'
22 Mar 2024
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'archyxsec'
b'Improper Authentication (Login without Registration with any user) at '
22 Mar 2024
1
...
32
33
34
35
36
...
724
BY DENIS WERNER - @NOBBD -
IMPRESSUM
