REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
bobrov
114
linkks
73
geeknik
70
sp1d3rs
62
jobert
52
guido
45
bl4de
42
ryat
40
bigbear_
38
zombiehelp54
37
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
Vimeo
disclosed a bug submitted by
jensk
Can message users without the proper authorization
01 Apr 2015
The Internet
disclosed a bug submitted by
prosecco-inria
FREAK: Factoring RSA_EXPORT Keys to Impersonate TLS Servers
01 Apr 2015
Coinbase
disclosed a bug submitted by
sasi2103
Invoice Details activate JS that filled in
30 Mar 2015
Sucuri
disclosed a bug submitted by
jitendra
Form contained inside page loaded over SSL submits its contents to another page over HTTP
29 Mar 2015
wont-fix
Vimeo
disclosed a bug submitted by
localpwn
Bypassing Email verification
29 Mar 2015
wont-fix
Square
disclosed a bug submitted by
aaj
Privilege Escalation
28 Mar 2015
HackerOne
disclosed a bug submitted by
mazengamal
Team member invitations to sandboxed teams are not invalidated consistently
28 Mar 2015
itBit Exchange
disclosed a bug submitted by
shahmeer_amir
Leakage of sensitive wallet tokens to third party sites
28 Mar 2015
Mail.Ru
disclosed a bug submitted by
zoczus
Same Origin Policy bypass
27 Mar 2015
Twitter
disclosed a bug submitted by
xorb
[Stored XSS] vine.co - profile page
26 Mar 2015
Phabricator
disclosed a bug submitted by
agarri_fr
SSRF vulnerability (access to metadata server on EC2 and OpenStack)
26 Mar 2015
Mavenlink
disclosed a bug submitted by
shahmeer_amir
DNS load balancing not enabled
25 Mar 2015
wont-fix
Flash
disclosed a bug submitted by
hhj4ck
Adobe Flash Player Out-of-Bound Access Vulnerability
25 Mar 2015
Flash
disclosed a bug submitted by
biloulehibou
Race condition in workers may cause an exploitable double free by abusing bytearray.compress()
25 Mar 2015
Flash
disclosed a bug submitted by
biloulehibou
Use after free during the StageVideoAvailabilityEvent can result in arbitrary code execution
25 Mar 2015
Flash
disclosed a bug submitted by
biloulehibou
Use After Free in Flash MessageChannel.send can cause arbitrary code execution
25 Mar 2015
HackerOne
disclosed a bug submitted by
siddiki
Restrict any user from logging into his account.
24 Mar 2015
Robocoin
disclosed a bug submitted by
anshuman_bh
Frictionless Transferring of Wallet Ownership
23 Mar 2015
Robocoin
disclosed a bug submitted by
yassineaboukir
CSRF token leakage
23 Mar 2015
wont-fix
HackerOne
disclosed a bug submitted by
smiegles
"learn more here", reward email - domain expired.
23 Mar 2015
1
...
348
349
350
351
352
...
392
BY DENIS WERNER - @NOBBD -
IMPRESSUM