REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Algolia'
disclosed a bug submitted by
b'badcracker'
b'subdomain take over at recommendation.algolia.com'
14 Aug 2019
b'Shopify'
disclosed a bug submitted by
b'tems'
b'Bypass of biometrics security functionality is possible in Android application (com.shopify.mobile)'
14 Aug 2019
b'Informatica'
disclosed a bug submitted by
b'0ang3el'
b'accounts.informatica.com - RCE due to exposed Groovy console'
14 Aug 2019
b'Node.js third-party modules'
disclosed a bug submitted by
b'chalker'
b'Yarn transfers npm credentials over unencrypted http connection'
14 Aug 2019
b'Maker Ecosystem Growth Holding'
disclosed a bug submitted by
b'lucash-dev'
b'Earn free DAI interest (inflation) through instant CDP+DSR in one tx'
12 Aug 2019
b'Grammarly'
disclosed a bug submitted by
b'linkworld'
b'\xe2\x80\x9cemail\xe2\x80\x9d MFA mode allows bypassing MFA from victim\xe2\x80\x99s device when the device trust is not expired'
12 Aug 2019
b'Lob'
disclosed a bug submitted by
b'common'
b'No Access Control'
12 Aug 2019
b'Brave Software'
disclosed a bug submitted by
b'padpao'
b'Link obfuscation bug'
12 Aug 2019
b'Nextcloud'
disclosed a bug submitted by
b'leonklingele'
b'Group admins can remove arbitrary data from "data" directory (including admin data)'
12 Aug 2019
b'Tron Foundation'
disclosed a bug submitted by
b'hayageek'
b'Private Key exposed in Travis Log can Compromise all the test servers.'
11 Aug 2019
b'Twitter'
disclosed a bug submitted by
b'orange'
b'Potential pre-auth RCE on Twitter VPN'
10 Aug 2019
b'TomTom'
disclosed a bug submitted by
b'zer0ttl'
b'Listing of Amazon S3 Bucket accessible to any amazon authenticated user (vector-maps-e457472599)'
09 Aug 2019
b'Maximum'
disclosed a bug submitted by
b'dawidczagan'
b'XSS risk reduction with X-XSS-Protection: 1; mode=block header'
09 Aug 2019
b'Dropbox'
disclosed a bug submitted by
b'davidrenardy'
b'Algorithmic complexity vulnerability in ZXCVBN leads to remote denial of service attack'
08 Aug 2019
b'Mail.ru'
disclosed a bug submitted by
b'mygf'
b'CSRF Vulnerability at https://aw.my.com/'
08 Aug 2019
b'HackerOne'
disclosed a bug submitted by
b'the_arch_angel'
b'Program Email Nofication settings ignored when being added as an external contributor'
07 Aug 2019
b'PayPal'
disclosed a bug submitted by
b'albinowax'
b'Bypass for #488147 enables stored XSS on https://paypal.com/signin again'
07 Aug 2019
b'PayPal'
disclosed a bug submitted by
b'albinowax'
b'Stored XSS on https://paypal.com/signin via cache poisoning'
07 Aug 2019
b'TTS Bug Bounty'
disclosed a bug submitted by
b'rioncool22'
b'Blind Stored XSS In "Report a Problem" on www.data.gov/issue/'
07 Aug 2019
b'Maximum'
disclosed a bug submitted by
b'protector47'
b'Version Disclosure (NginX)'
07 Aug 2019
1
...
336
337
338
339
340
...
692
BY DENIS WERNER - @NOBBD -
IMPRESSUM