REPORTS
PROGRAMS
PUBLISHERS
Top10 publishers:
b'bobrov'
117
b'sp1d3rs'
86
b'geeknik'
80
b'linkks'
75
b'jobert'
70
b'someonenobbd'
62
b'nyymi'
58
b'ooooooo_q'
52
b'guido'
49
b'haxta4ok00'
49
Now on Twitter
the unofficial
HackerOne
disclosure timeline.
X
b'Hyperledger'
disclosed a bug submitted by
b'yacovm'
b'CVE-2023-46132'
08 Jan 2024
b'GitHub'
disclosed a bug submitted by
b'ahacker1'
b'View Repo and Title of Any Private Check Run'
08 Jan 2024
b'GitHub'
disclosed a bug submitted by
b'imrerad'
b'GHES Management console EoP (editor to site admin)'
08 Jan 2024
b'Ruby'
disclosed a bug submitted by
b'ooooooo_q'
b'The taint flag is not propagated at JSON.parse'
05 Jan 2024
b'Mozilla Core Services'
disclosed a bug submitted by
b'holybugx'
b'Subdomain takeover on one of the subdomain under mozaws.net'
04 Jan 2024
b'Mozilla Core Services'
disclosed a bug submitted by
b'holybugx'
b'Subdomain takeover on one of the subdomain under mozaws.net'
04 Jan 2024
b'Mozilla Core Services'
disclosed a bug submitted by
b'holybugx'
b'Subdomain takeover on one of the subdomain under mozaws.net'
04 Jan 2024
b'Mozilla Core Services'
disclosed a bug submitted by
b'holybugx'
b'Subdomain takeover on one of the subdomain under mozaws.net'
04 Jan 2024
b'HackerOne'
disclosed a bug submitted by
b'marvelmaniac'
b'An attacker can submit a Pentest Opportunity and change the status of the opportunity from submitted to in_review or reviewed'
04 Jan 2024
b'GitHub'
disclosed a bug submitted by
b'archangel'
b'[PATs] Ability to leak comments from issues without ANY "Issues" repo permissions by utilizing "Pull Request" permissions'
03 Jan 2024
b'GitHub'
disclosed a bug submitted by
b'archangel'
b'[PATs] Token with Read-Only permissions on Issues able to modify issue comments using content write permission'
03 Jan 2024
b'TikTok'
disclosed a bug submitted by
b'sinayeganeh'
b"1 Click to 'Close Account and Refund' via POSTMESSAGE"
03 Jan 2024
b'Teleport'
disclosed a bug submitted by
b'technolord1292'
b'Improper session management - Failure to invalidate old session after password change'
02 Jan 2024
b'curl'
disclosed a bug submitted by
b'dinesh_b'
b'Buffer Overflow Vulnerability in WebSocket Handling'
02 Jan 2024
b'Nextcloud'
disclosed a bug submitted by
b'retr02332'
b'DNS pin middleware can be tricked into DNS rebinding allowing SSRF'
01 Jan 2024
b'MTN Group'
disclosed a bug submitted by
b'zer0code'
b'Remote code execution via crafted pentaho report uploaded using default credentials for pentaho business server'
31 Dec 2023
b'Teleport'
disclosed a bug submitted by
b'moaz219'
b'access list owner can escalate his role to the highest roles'
29 Dec 2023
b'Nextcloud'
disclosed a bug submitted by
b'lukasreschke'
b'RCE on Wordpress website'
28 Dec 2023
b'Automattic'
disclosed a bug submitted by
b'sodium_'
b'Authentication bypass on JetPack SSO manager - Allows to access the administration panel of wordpress without user interaction'
28 Dec 2023
b'Khan Academy'
disclosed a bug submitted by
b'grassye'
b'Text Injection/ Content Spoofing on https://cloud.e.khanacademy.org by breaking out of input tag.'
22 Dec 2023
1
...
46
47
48
49
50
...
729
BY DENIS WERNER - @NOBBD -
IMPRESSUM
