the unofficial HackerOne disclosure timeline.

X
b'Node.js third-party modules' disclosed a bug submitted by b'chalker' 
b'`concat-with-sourcemaps` allocates uninitialized Buffers when number is passed as a separator'
28 Apr 2018 timeline
b'ICQ' disclosed a bug submitted by b'iframe' 
b'api.icq.com / ??????????? ??????????????? ????? ?????? ???????????? ??? ?????? ???????? ???.'
28 Apr 2018 timeline
b'LocalTapiola' disclosed a bug submitted by b'exadmin' 
b'DoS of www.lahitapiolarahoitus.fi via CVE-2018-6389 exploitation'
28 Apr 2018 timeline
b'ICQ' disclosed a bug submitted by b'iframe' 
b'api.icq.com / ????????? ?????? ?? ???????? ????????? ?????? ???????? ?????? "&r"'
28 Apr 2018 timeline
b'Ed' disclosed a bug submitted by b'cybertiger' 
b'Session Cookie Without Secure Flag '
28 Apr 2018 timeline
b'Zomato' disclosed a bug submitted by b'riya' 
b'[www.zomato.com] IDOR - Gold Subscription Details, Able to view "Membership ID" and "Validity Details" of other Users'
28 Apr 2018 timeline
b'ICQ' disclosed a bug submitted by b'iframe' 
b'api.icq.com / ??????????? ???????? ???? ?????? (???? icqsystem) '
28 Apr 2018 timeline
b'LocalTapiola' disclosed a bug submitted by b'muon4' 
b"Authorization issue on 'valtakirjat' (/e2/verkkopalvelu/)"
28 Apr 2018 timeline
b'LocalTapiola' disclosed a bug submitted by b'richardtelleng' 
b'Internal IP Address Disclosure at https://www.lahitapiolarahoitus.fi/wp-json/wp/v2/pages'
28 Apr 2018 timeline
b'GitLab' disclosed a bug submitted by b'jobert' 
b'GitLab CI runner can read and poison cache of all other projects'
27 Apr 2018 timeline
b'GitLab' disclosed a bug submitted by b'jobert' 
b'Evaluating Ruby code by injecting Rescue job on the system_hook_push queue through web hook'
27 Apr 2018 timeline
b'GitLab' disclosed a bug submitted by b'jobert' 
b'Command injection by overwriting authorized_keys file through GitLab import'
27 Apr 2018 timeline
b'GitLab' disclosed a bug submitted by b'jobert' 
b'SQL injection in MilestoneFinder order method'
27 Apr 2018 timeline
b'Reverb.com' disclosed a bug submitted by b'yaworsk' 
b'IDOR - Ability to view unlisted products'
27 Apr 2018 timeline
b'Reverb.com' disclosed a bug submitted by b'yaworsk' 
b'Possible Blind Writing to S3 Bucket'
27 Apr 2018 timeline
b'Mavenlink' disclosed a bug submitted by b'tolo7010' 
b'Users email can be changed without verification'
27 Apr 2018 timeline
b'Automattic' disclosed a bug submitted by b'opnsec' 
b'Wordpress.com REST API oauth bypass via Cross Site Flashing'
26 Apr 2018 timeline
b'Mail.Ru' disclosed a bug submitted by b'bigbear_' 
b'[maps.me] Reflected XSS'
26 Apr 2018 timeline
b'Mail.Ru' disclosed a bug submitted by b'bigbear_' 
b'[aw.my.com] Reflected XSS'
26 Apr 2018 timeline
b'Mail.Ru' disclosed a bug submitted by b'bigbear_' 
b'[games.my.com] Reflected XSS'
26 Apr 2018 timeline
1 ... 492 493 494 495 496 ... 766
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM