the unofficial HackerOne disclosure timeline.

X
b'Nextcloud' disclosed a bug submitted by b'cybertiger' 
b'Banner Grabbing - Apache Server Version Disclousure'
17 May 2018 timeline
b'Nextcloud' disclosed a bug submitted by b'kistimat' 
b'Banner Grabbing - Apache Server Version Disclosure'
17 May 2018 timeline
b'Nextcloud' disclosed a bug submitted by b'mobius07' 
b'Information Exposure Through Directory Listing'
17 May 2018 timeline
b'Reverb.com' disclosed a bug submitted by b'albatraoz' 
b"Api token exposed in Reverb.com's public github repository"
16 May 2018 timeline
b'Mail.Ru' disclosed a bug submitted by b's_p_q_r' 
b'[e.mail.ru] XSS ?? ???????? ???????? ????????? ????????'
16 May 2018 timeline
b'Data Processing (IBB)' disclosed a bug submitted by b'geeknik' 
b"Out of bounds read in libcurl's IMAP FETCH response parser"
16 May 2018 timeline
b'Data Processing (IBB)' disclosed a bug submitted by b'geeknik' 
b' CVE-2017-1000101: cURL: URL globbing out of bounds read'
16 May 2018 timeline
b'Data Processing (IBB)' disclosed a bug submitted by b'geeknik' 
b'heap-buffer-overflow (buffer read overrun) in curl: ourWriteOut() src/tool_writeout.c:115'
16 May 2018 timeline
b'Shopify' disclosed a bug submitted by b'flashdisk' 
b'ability to install paid themes for free'
16 May 2018 timeline
b'Reverb.com' disclosed a bug submitted by b'apapedulimu' 
b'Bypassing CSRF Token On Reply Message & Send Message'
15 May 2018 timeline
b'Vimeo' disclosed a bug submitted by b'bugdiscloseguys' 
b"Improper Authentication in Vimeo's API 'versions' endpoint."
15 May 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'ronperris' 
b'The react-marked-markdown module allows XSS injection in href values.'
13 May 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'chalker' 
b'`base64-url` below 2.0 allocates uninitialized Buffers when number is passed in input'
12 May 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'chalker' 
b'`sql` does not properly escape parameters when building SQL queries, resulting in potential SQLi'
12 May 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'chalker' 
b'`npmconf` (and `npm` js api) allocate and write to disk uninitialized memory content when a typed number is passed as input on Node.js 4.x'
12 May 2018 timeline
b'VK.com' disclosed a bug submitted by b'trainzment' 
b'????????? ?????????? ? ??????? ?????? ??? ??????????'
12 May 2018 timeline
b'HackerOne' disclosed a bug submitted by b'haxta4ok00' 
b'Team object in GraphQL disclosed total number of whitelisted hackers'
12 May 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'chalker' 
b'`byte` allocates uninitialized buffers and reads data from them past the initialized length'
11 May 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'chalker' 
b'`base64url` allocates uninitialized Buffers when number is passed in input on Node.js 4.x and below'
11 May 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'chalker' 
b'`macaddress` concatenates unsanitized input into exec() command'
11 May 2018 timeline
1 ... 488 489 490 491 492 ... 766
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM