REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'sp1d3rs'
68
b'someonenobbd'
62
b'nyymi'
55
b'jon_bottarini'
49
b'haxta4ok00'
48
b'netfuzzer'
48
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'PayPal'
disclosed a bug submitted by
b'bagipro'
b'[Venmo Android] Remote theft of user session'
07 Feb 2019
b'PayPal'
disclosed a bug submitted by
b'bagipro'
b'[PayPal Android] Remote theft of user session using push_notification_webview deeplink'
07 Feb 2019
b'Node.js third-party modules'
disclosed a bug submitted by
b'skyn3t'
b'[serve] Access unlisted internal files/folders revealing sensitive information'
07 Feb 2019
b'Twitter'
disclosed a bug submitted by
b'bywalks'
b'[dev.twitter.com] XSS and Open Redirect Protection Bypass'
07 Feb 2019
b'U.S. Dept Of Defense'
disclosed a bug submitted by
b'archang31'
b'Information Disclosure (can access all Army HRC RFOs) within AIM view RFO Portal'
06 Feb 2019
b'Ubiquiti Networks'
disclosed a bug submitted by
b'csiete'
b'UBNT Amplification DDOS Attack'
06 Feb 2019
b'Mail.ru'
disclosed a bug submitted by
b'lincoln9932'
b'??????????? ????? ?? ????? ??????? https://pandao.ru/'
06 Feb 2019
b'GitLab'
disclosed a bug submitted by
b'jaykpatel'
b'gitter.im virtually authentication bypass by abusing authorizing callback?code'
04 Feb 2019
b'Mail.ru'
disclosed a bug submitted by
b'hossammesbah21'
b'ssl cookie without secure flag set'
04 Feb 2019
b'MariaDB'
disclosed a bug submitted by
b'mik317'
b'CRLF injection on https://buildbot.mariadb.org'
04 Feb 2019
b'Node.js third-party modules'
disclosed a bug submitted by
b'dienpv'
b'Prototype pollution attack (upmerge)'
04 Feb 2019
b'HackerOne'
disclosed a bug submitted by
b'yashrs'
b'Confidential data of users and limited metadata of programs and reports accessible via GraphQL'
03 Feb 2019
b'HackerOne'
disclosed a bug submitted by
b'yoyobabaji'
b'Open redirect vulnerability in index.php'
03 Feb 2019
b'RATELIMITED'
disclosed a bug submitted by
b'sxw'
b'Missing Protection Mechanism in Mail Servers allows malicious user to use staff.ratelimited.me email could lead to identity theft.'
02 Feb 2019
b'Nextcloud'
disclosed a bug submitted by
b'tomk'
b'Remote attacker can impersonate Social users via ActivityPub API'
01 Feb 2019
b'Starbucks'
disclosed a bug submitted by
b'seytan6161'
b'Information Exposure Through an Error Message at news.starbucks.com'
31 Jan 2019
b'Keybase'
disclosed a bug submitted by
b'0xcccc'
b'Privilege Escalation via Keybase Helper (incomplete security fix)'
31 Jan 2019
b'HackerOne'
disclosed a bug submitted by
b'rijalrojan'
b'Disclosure of h1 challenges name through the calendar'
30 Jan 2019
b'Keybase'
disclosed a bug submitted by
b'jinmo123'
b'Privilege Escalation through Keybase Installer via Helper'
30 Jan 2019
b'Keybase'
disclosed a bug submitted by
b'mirchr'
b'macOS privilege escalation via keybase install'
30 Jan 2019
1
...
368
369
370
371
372
...
692
BY DENIS WERNER - @NOBBD -
IMPRESSUM