REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
81
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
60
b'ooooooo_q'
54
b'guido'
50
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'OX App Suite'
disclosed a bug submitted by
b'zee_shan'
b'Another Stored XSS in mail app using Drive app'
15 Aug 2019
b'OX App Suite'
disclosed a bug submitted by
b'zee_shan'
b'Stored XSS in mail app'
15 Aug 2019
b'Vanilla'
disclosed a bug submitted by
b'black_b'
b'xss reflected in littleguy.vanillastaging.com'
14 Aug 2019
b'Algolia'
disclosed a bug submitted by
b'badcracker'
b'subdomain take over at recommendation.algolia.com'
14 Aug 2019
b'Shopify'
disclosed a bug submitted by
b'tems'
b'Bypass of biometrics security functionality is possible in Android application (com.shopify.mobile)'
14 Aug 2019
b'Informatica'
disclosed a bug submitted by
b'0ang3el'
b'accounts.informatica.com - RCE due to exposed Groovy console'
14 Aug 2019
b'Node.js third-party modules'
disclosed a bug submitted by
b'chalker'
b'Yarn transfers npm credentials over unencrypted http connection'
14 Aug 2019
b'Maker Ecosystem Growth Holding'
disclosed a bug submitted by
b'lucash-dev'
b'Earn free DAI interest (inflation) through instant CDP+DSR in one tx'
12 Aug 2019
b'Grammarly'
disclosed a bug submitted by
b'linkworld'
b'\xe2\x80\x9cemail\xe2\x80\x9d MFA mode allows bypassing MFA from victim\xe2\x80\x99s device when the device trust is not expired'
12 Aug 2019
b'Lob'
disclosed a bug submitted by
b'common'
b'No Access Control'
12 Aug 2019
b'Brave Software'
disclosed a bug submitted by
b'padpao'
b'Link obfuscation bug'
12 Aug 2019
b'Nextcloud'
disclosed a bug submitted by
b'leonklingele'
b'Group admins can remove arbitrary data from "data" directory (including admin data)'
12 Aug 2019
b'Tron Foundation'
disclosed a bug submitted by
b'hayageek'
b'Private Key exposed in Travis Log can Compromise all the test servers.'
11 Aug 2019
b'Twitter'
disclosed a bug submitted by
b'orange'
b'Potential pre-auth RCE on Twitter VPN'
10 Aug 2019
b'TomTom'
disclosed a bug submitted by
b'zer0ttl'
b'Listing of Amazon S3 Bucket accessible to any amazon authenticated user (vector-maps-e457472599)'
09 Aug 2019
b'Maximum'
disclosed a bug submitted by
b'dawidczagan'
b'XSS risk reduction with X-XSS-Protection: 1; mode=block header'
09 Aug 2019
b'Dropbox'
disclosed a bug submitted by
b'davidrenardy'
b'Algorithmic complexity vulnerability in ZXCVBN leads to remote denial of service attack'
08 Aug 2019
b'Mail.ru'
disclosed a bug submitted by
b'mygf'
b'CSRF Vulnerability at https://aw.my.com/'
08 Aug 2019
b'HackerOne'
disclosed a bug submitted by
b'the_arch_angel'
b'Program Email Nofication settings ignored when being added as an external contributor'
07 Aug 2019
b'PayPal'
disclosed a bug submitted by
b'albinowax'
b'Bypass for #488147 enables stored XSS on https://paypal.com/signin again'
07 Aug 2019
1
...
377
378
379
380
381
...
733
BY DENIS WERNER - @NOBBD -
IMPRESSUM