REPORTS
PROGRAMS
PUBLISHERS
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'IBM'
disclosed a bug submitted by
b'thpless'
b'Information disclosure on IBM training service endpoint'
29 Apr 2025
b'Dust'
disclosed a bug submitted by
b'pent0ss'
b'Improper Session Invalidation Auto Sign-In Without Credentials After Logout (Affects Chrome & Firefox)'
29 Apr 2025
b'WakaTime'
disclosed a bug submitted by
b'ctrl_cipher'
b'Broken Access Control Exposes Email Verification Status and Privacy Settings via API Endpoint'
29 Apr 2025
b'Dust'
disclosed a bug submitted by
b'0xsom3a'
b'Privilege Escalation leads to Unauthorized Access to Private Conversations By any Regular user [Read , Edit and Delete]'
29 Apr 2025
b'Dust'
disclosed a bug submitted by
b'qatada'
b'User Limit Bypass via Pending Invitations in Workspace System'
29 Apr 2025
b'Dust'
disclosed a bug submitted by
b'0xsom3a'
b'Race Condition in Folder Creation Allows Bypassing Folder Limit'
29 Apr 2025
b'Internet Bug Bounty'
disclosed a bug submitted by
b'tyage'
b'Possible Sensitive Session Information Leak in Active Storage'
27 Apr 2025
b'Internet Bug Bounty'
disclosed a bug submitted by
b'l33thaxor'
b'CVE-2024-43398: DoS vulnerability in REXML'
27 Apr 2025
b'curl'
disclosed a bug submitted by
b'bsr13'
b'Heapbased buffer overflow in curl -K <config_file> allows arbitrary write .'
27 Apr 2025
b'Internet Bug Bounty'
disclosed a bug submitted by
b'masamune_'
b'Denial of Service by memory exhaustion in net/imap'
27 Apr 2025
b'Internet Bug Bounty'
disclosed a bug submitted by
b'sw0rd1ight'
b'CVE-2025-24813: Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet'
27 Apr 2025
b'Internet Bug Bounty'
disclosed a bug submitted by
b'lio346'
b'[CVE-2025-27219] Denial of Service in CGI::Cookie.parse'
27 Apr 2025
b'Internet Bug Bounty'
disclosed a bug submitted by
b'z2_'
b'CVE-2025-0725: Heap overflow in curl with Content-Encoding gzip and old libz versions'
27 Apr 2025
b'Internet Bug Bounty'
disclosed a bug submitted by
b'manun'
b'Possible DoS by memory exhaustion in net/imap '
27 Apr 2025
b'AWS VDP'
disclosed a bug submitted by
b'nick_frichette_dd'
b'Non-Production API Endpoint for the ElastiCache Service Fails to Log to CloudTrail Resulting in Silent Permission Enumeration'
25 Apr 2025
b'AWS VDP'
disclosed a bug submitted by
b'nick_frichette_dd'
b'Non-Production API Endpoints for the cloudwatch Service Fail to Log to CloudTrail Resulting in Silent Permission Enumeration'
25 Apr 2025
b'AWS VDP'
disclosed a bug submitted by
b'nick_frichette_dd'
b'Non-Production API Endpoints for the Glue Service Fail to Log to CloudTrail Resulting in Silent Permission Enumeration'
25 Apr 2025
b'Dust'
disclosed a bug submitted by
b'0xsom3a'
b'Privilege Escalation in Edit and Create Secret Endpoints Leads to Unauthorized Secret Modification'
24 Apr 2025
b'AWS VDP'
disclosed a bug submitted by
b'nick_frichette_dd'
b'Non-Production API Endpoints for the ssm Service Fail to Log to CloudTrail Resulting in Silent Permission Enumeration'
24 Apr 2025
b'Cosmos'
disclosed a bug submitted by
b'vakzz'
b'Groups module can halt chain when handling a proposal with malicious group weights '
23 Apr 2025
1
...
43
44
45
46
47
...
769
BY DENIS WERNER - @NOBBD -
IMPRESSUM