REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
83
b'linkks'
75
b'jobert'
70
b'nyymi'
62
b'someonenobbd'
62
b'ooooooo_q'
54
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'NordVPN'
disclosed a bug submitted by
b'd4nt'
b'Clickjacking at join.nordvpn.com'
13 Feb 2020
b'Polymail, Inc.'
disclosed a bug submitted by
b'xaleraf4ra'
b'[share.polymail.io] XSS when uploading a file to the server'
13 Feb 2020
b'Data Processing (IBB)'
disclosed a bug submitted by
b'bugbasher'
b'Tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option() (CVE-2018-16229)'
13 Feb 2020
b'Data Processing (IBB)'
disclosed a bug submitted by
b'bugbasher'
b'Tcpdump before 4.9.3 has a buffer over-read in print-802_11.c (CVE-2018-16227)'
13 Feb 2020
b'Data Processing (IBB)'
disclosed a bug submitted by
b'geeknik'
b'tcpdump: CVE-2018-14879 - buffer overflow in tcpdump.c:get_next_file()'
13 Feb 2020
b'MobiSystems Ltd.'
disclosed a bug submitted by
b'emmano'
b'Firebase Firestore insecure database'
13 Feb 2020
b'Visma Bug Bounty Program'
disclosed a bug submitted by
b'anglecutter'
b"Stored XSS in 'Notes'"
13 Feb 2020
b'Ruby'
disclosed a bug submitted by
b'd3athstrok3'
b'Source code disclosed via S3 Bucket'
13 Feb 2020
b'8x8'
disclosed a bug submitted by
b'l34r00t'
b'Sensitive information disclosure'
12 Feb 2020
b'8x8'
disclosed a bug submitted by
b'konqi'
b'(Critical) Remote Code Execution Through Old TinyMCE upload bypass'
12 Feb 2020
b'8x8'
disclosed a bug submitted by
b'0x496'
b'Reflected xss on 8x8.com subdomain'
12 Feb 2020
b'Blueboard'
disclosed a bug submitted by
b'0_0eth0'
b'Leak of Internel IP, Browser, Browser version, OS, & Much more through Selenium Grid Console'
12 Feb 2020
b'Endless Hosting'
disclosed a bug submitted by
b'codermak'
b'Modify Host Header which is sent to email'
12 Feb 2020
b'Endless Hosting'
disclosed a bug submitted by
b'gr3yc4t26'
b'CVE-2017-8779 exploit on open rpcbind port could lead to remote DoS'
12 Feb 2020
b'Yelp'
disclosed a bug submitted by
b'md15ev'
b'No rate limiting for confirmation email lead to email flooding'
11 Feb 2020
b'Starbucks'
disclosed a bug submitted by
b'nnez'
b'Thailand - Insecure Direct Object Reference permits an unauthorized user to transfer funds from a victim using only the victims Starbucks card'
11 Feb 2020
b'HackerOne'
disclosed a bug submitted by
b'haxta4ok00'
b'Unauthorized user can obtain `report_sources` attribute through Team GraphQL object'
10 Feb 2020
b'VLC (European Commission - DIG'
disclosed a bug submitted by
b'qrayn'
b'VLC 4.0.0 - Stack Buffer Overflow (SEH)'
10 Feb 2020
b'Localize'
disclosed a bug submitted by
b'zerboa'
b'2-factor authentication can be disabled when logged in without confirming account password'
10 Feb 2020
b'Stripo Inc'
disclosed a bug submitted by
b'qotoz'
b'csrf bypass using flash file + 307 redirect method at plugins endpoint'
10 Feb 2020
1
...
330
331
332
333
334
...
738
BY DENIS WERNER - @NOBBD -
IMPRESSUM