the unofficial HackerOne disclosure timeline.

X
b'Node.js third-party modules' disclosed a bug submitted by b'mlucool' 
b'npm packages that overlap with core node packages'
16 Jun 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'caioluders' 
b'[git-dummy-commit] Command injection on the msg parameter'
15 Jun 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'greendog' 
b'Insecure implementation of deserialization in funcster'
15 Jun 2018 timeline
b'Nextcloud' disclosed a bug submitted by b'reinism' 
b'File access control rules not enforced on image files'
15 Jun 2018 timeline
b'Shopify' disclosed a bug submitted by b'tbh' 
b'Improper access check by Kit leads to controlling attributes of store & getting analytics by deleted Store member via dual messenger A/C'
15 Jun 2018 timeline
b'Shopify' disclosed a bug submitted by b'rijalrojan' 
b'Publicly Accessible Datadog link'
15 Jun 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'chalker' 
b'`njwt` allocates uninitialized Buffers when number is passed in base64urlEncode input'
14 Jun 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'lirantal' 
b'Remote Command Execution vulnerability in pullit'
14 Jun 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'bl4de' 
b'[file-static-server] Path Traversal allows to read content of arbitrary file on the server'
14 Jun 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'chalker' 
b'`utile` allocates uninitialized Buffers when number is passed in input'
14 Jun 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'chalker' 
b'`put` allocates uninitialized Buffers when non-round numbers are passed in input'
14 Jun 2018 timeline
b'Vanilla' disclosed a bug submitted by b'samux' 
b'A user can create an event in a group without being in it http://littleguy.vanillastaging.com/'
14 Jun 2018 timeline
b'Nextcloud' disclosed a bug submitted by b'samix' 
b'Disclosed Version of PORTS SSH|HTTP|SSL'
14 Jun 2018 timeline
b'Dropbox' disclosed a bug submitted by b'zeq3ul' 
b'Bypass Local Authentication (TouchID)'
13 Jun 2018 timeline
b'PortSwigger Web Security' disclosed a bug submitted by b'morisson' 
b'burp does not validate the common name of the presented collaborator server certificate'
13 Jun 2018 timeline
b'PortSwigger Web Security' disclosed a bug submitted by b'jupenur' 
b'Leak of Platform Authentication credentials via Repeater'
13 Jun 2018 timeline
b'Ruby' disclosed a bug submitted by b'etsukata' 
b'SEGV in parse_rat()'
13 Jun 2018 timeline
b'SEMrush' disclosed a bug submitted by b'kunal94' 
b'XSS on redirection page( Bypassed) '
13 Jun 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'tungpun' 
b'[mcstatic] Server Directory Traversal'
12 Jun 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'tungpun' 
b'[html-pages] Stored XSS in the filename when directories listing'
12 Jun 2018 timeline
1 ... 482 483 484 485 486 ... 766
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM