the unofficial HackerOne disclosure timeline.

X
b'Twitter' disclosed a bug submitted by b'adarsh_p' 
b'NO username used in authenthication to www.mopub.com leading to direct password submission which has unlimited submission rate.'
28 Feb 2020 timeline
b'Valve' disclosed a bug submitted by b'kohtep2010' 
b'Malformed .BMP file in Counter-Strike 1.6 may cause shellcode injection'
27 Feb 2020 timeline
b'Valve' disclosed a bug submitted by b'kohtep2010' 
b'Potential buffer overflow in demoplayer module of GoldSource Engine'
27 Feb 2020 timeline
b'Valve' disclosed a bug submitted by b'chippy' 
b'Malformed .WAV triggers an Access Violation on GoldSRC (hl.exe)'
27 Feb 2020 timeline
b'Visma Bug Bounty Program' disclosed a bug submitted by b'spaceraccoon' 
b'A user can view the name and number of a customer in another company if the GUID is known'
27 Feb 2020 timeline
b'Starbucks' disclosed a bug submitted by b'l00ph0le' 
b'sdrc.starbucks.com - Information Disclosure via unsecured attachment directory'
26 Feb 2020 timeline
b'Visma Bug Bounty Program' disclosed a bug submitted by b'base_64' 
b"A 'Read only' user can modify the company logotype and invoice background image"
26 Feb 2020 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'chalker' 
b'[yarn] yarn.lock integrity & hash check logic is broken'
26 Feb 2020 timeline
b'Acronis' disclosed a bug submitted by b'vivek111' 
b'Accessing repository and other files by directory listing'
26 Feb 2020 timeline
b'Razer' disclosed a bug submitted by b'fpatrik' 
b'IDOR in eform.molpay.com leads to see other users application forms with private data'
25 Feb 2020 timeline
b'Razer' disclosed a bug submitted by b'l00ph0le' 
b'PHPInfo Page on www.razer.ru'
25 Feb 2020 timeline
b'Razer' disclosed a bug submitted by b'nnez' 
b'DOM-based XSS on https://zest.co.th/zestlinepay/'
25 Feb 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'd3athstrok3' 
b'XSS via HTTP request version in account.my.games'
25 Feb 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'orlserg' 
b'CSRF in attach phone API endpoint on delivery-club.ru'
25 Feb 2020 timeline
b'CompanyHub' disclosed a bug submitted by b'el_chapo' 
b'No Rate Limit On forgot Password Leading To Massive Email Flooding'
25 Feb 2020 timeline
b'Node.js' disclosed a bug submitted by b'alyssawilk' 
b'HTTP header values do not have trailing OWS trimmed'
24 Feb 2020 timeline
b'NordVPN' disclosed a bug submitted by b'alishah' 
b'No Rate Limit On Forgot Password Page Of affiliates.nordvpn.com'
24 Feb 2020 timeline
b'NordVPN' disclosed a bug submitted by b'mase289' 
b'Blind SSRF on debug.nordvpn.com due to misconfigured sentry instance'
24 Feb 2020 timeline
b'NordVPN' disclosed a bug submitted by b'enixium' 
b'Password Reset Link Works Multiple Times'
24 Feb 2020 timeline
b'ForeScout Technologies' disclosed a bug submitted by b'a_constant' 
b'HTML Injection & Content Spoofing'
24 Feb 2020 timeline
1 ... 356 357 358 359 360 ... 768
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM