the unofficial HackerOne disclosure timeline.

X
b'Shopify' disclosed a bug submitted by b'zhurig' 
b'SSRF in hatchful.shopify.com'
04 Apr 2019 timeline
b'Shopify' disclosed a bug submitted by b'h13-' 
b'Using GraphQL, STAFF with NO explicit permissions on Store can retrieve Shopify Payments Balance.'
04 Apr 2019 timeline
b'Starbucks' disclosed a bug submitted by b'damian89' 
b'SSRF at ideas.starbucks.com'
03 Apr 2019 timeline
b'Monero' disclosed a bug submitted by b'thanhb' 
b'Unauthorized access of Monero wallet by an unprivileged process'
03 Apr 2019 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'chalker' 
b'typeorm does not properly escape parameters when building SQL queries, resulting in potential SQLi'
03 Apr 2019 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'chalker' 
b'`useragent` is vulnerable to ReDoS in user-agent string'
03 Apr 2019 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'max' 
b'Arbitrary file overwrites in `node-tar`'
03 Apr 2019 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'dienpv' 
b'Prototype pollution attack (smart-extend)'
03 Apr 2019 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'bl4de' 
b'[servey] Path Traversal allows to retrieve content of any file with extension from remote server'
03 Apr 2019 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'webtonull' 
b'Media parsing in canvas is at least vulnerable to Denial of Service through multiple vulnerabilities'
03 Apr 2019 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'bl4de' 
b'[statics-server] Path Traversal due to lack of provided path sanitization'
03 Apr 2019 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'danny_grander' 
b'Regular Expression Denial of Service (ReDoS)'
03 Apr 2019 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'tiblu' 
b'Remote code executio in NPM package getcookies'
03 Apr 2019 timeline
b'Rockstar Games' disclosed a bug submitted by b'jtjisgod' 
b'Open redirect vulnerability'
03 Apr 2019 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'cris_semmle' 
b'Code Injection Vulnerability in dot Package'
03 Apr 2019 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'asgerf' 
b'Prototype pollution attack through jQuery $.extend'
02 Apr 2019 timeline
b'Mail.ru' disclosed a bug submitted by b'ruvlol' 
b'XXE on pulse.mail.ru'
02 Apr 2019 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'verichains' 
b'[typeorm] SQL Injection'
02 Apr 2019 timeline
b'Twitter' disclosed a bug submitted by b'giddsec' 
b'Multiple XSS on account settings that can hijack any users in the company. '
01 Apr 2019 timeline
b'Twitter' disclosed a bug submitted by b'giddsec' 
b'Stored XSS on reports.'
01 Apr 2019 timeline
1 ... 438 439 440 441 442 ... 769
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM