Company Name: PlayStation Company HackerOne URL: https://hackerone.com/playstation Submitted By:theflow0Link to Submitters Profile:https://hackerone.com/theflow0 Report Title:Blu-ray Disc Java Sandbox Escape via two...
Company Name: Discourse Company HackerOne URL: https://hackerone.com/discourse Submitted By:theteatoastLink to Submitters Profile:https://hackerone.com/theteatoast Report Title:Application Level DoS - Large Markdown Payload...
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:spolu-dustLink to Submitters Profile:https://hackerone.com/spolu-dust Report Title:SMTP Command Injection Vulnerability in libcurl 8160...
Company Name: Nextcloud Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:darooLink to Submitters Profile:https://hackerone.com/daroo Report Title:Path Traversal Vulnerability in Nextcloud Tables Enables...
internal IP Disclosure via Public DNS Record (blue.guest.hq.nasa.gov) internal IP Disclosure via Public DNS Record (blue.guest.hq.nasa.gov) Researcher: Theekshana_kusal Engagement: National...
open redirect vulnerability occurring at https://keycloak.shared-services.staging.appdat.jsc.nasa.gov/ open redirect vulnerability occurring at https://keycloak.shared-services.staging.appdat.jsc.nasa.gov/ Researcher: uko3211 Engagement: National Aeronautics and Space Administration...
Publicly editable Google Slides linked from nasa.gov enables unauthorized content modification (content integrity & brand abuse risk Publicly editable Google...
Sensitive NASA Jira & Employee Data Exposure via Public JSFiddle Sensitive NASA Jira & Employee Data Exposure via Public JSFiddle...
Directory Listing Vulnerability Directory Listing Vulnerability Researcher: Vinit06 Engagement: National Aeronautics and Space Administration (NASA) - Vulnerability Disclosure Program Disclosed...
Company Name: Brave Software Company HackerOne URL: https://hackerone.com/brave Submitted By:mingijungLink to Submitters Profile:https://hackerone.com/mingijung Report Title:SameSite restrictions are lifted, and SameSite:Strict...
Company Name: Dynatrace Company HackerOne URL: https://hackerone.com/dynatrace Submitted By:remiecLink to Submitters Profile:https://hackerone.com/remiec Report Title:OneAgent Unprivileged NTLM User CoercionReport Link:https://hackerone.com/reports/3313408Date Submitted:15...
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:nyymiLink to Submitters Profile:https://hackerone.com/nyymi Report Title:Missing enforcement of SFTP quote syntax can...
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:giant_anteaterLink to Submitters Profile:https://hackerone.com/giant_anteater Report Title:Apple SecTrust legacy path accepts untrusted certificates...
Company Name: PortSwigger Web Security Company HackerOne URL: https://hackerone.com/portswigger Submitted By:farmerLink to Submitters Profile:https://hackerone.com/farmer Report Title:DNS Rebinding SSRF in Burp...
Company Name: Omise Company HackerOne URL: https://hackerone.com/omise Submitted By:mantu1738Link to Submitters Profile:https://hackerone.com/mantu1738 Report Title:Pending invites remain valid even after the...
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:giant_anteaterLink to Submitters Profile:https://hackerone.com/giant_anteater Report Title:OpenSSL backend: X509 peer certificate not freed...
Public Exposure of PII of NASA Meeting Registrations Public Exposure of PII of NASA Meeting Registrations Researcher: chirag8023 Engagement: National...
Company Name: Insightly Company HackerOne URL: https://hackerone.com/insightly Submitted By:khaledxLink to Submitters Profile:https://hackerone.com/khaledx Report Title:Stored XSS in Email Notifcation Report Link:https://hackerone.com/reports/1597271Date...
Company Name: Insightly Company HackerOne URL: https://hackerone.com/insightly Submitted By:khaledxLink to Submitters Profile:https://hackerone.com/khaledx Report Title:CSRF vulnerability allows disabling Gmail contacts link...
Members can enumerate and delete organization invites Members can enumerate and delete organization invites Researcher: Engagement: PostHog Vulnerability Disclosure Engagement...
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:smiliesandcoLink to Submitters Profile:https://hackerone.com/smiliesandco Report Title:int overflow in krb5_read_data() leads to (possible)...
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:jfhgdsjkfLink to Submitters Profile:https://hackerone.com/jfhgdsjkf Report Title:Security Analysis Report: CURL Integer Overflow VulnerabilityReport...
Company Name: Shopify Company HackerOne URL: https://hackerone.com/shopify Submitted By:fr4viaLink to Submitters Profile:https://hackerone.com/fr4via Report Title:URL Scheme Validation Bypass in Shopify Mobile...
Company Name: Bykea Company HackerOne URL: https://hackerone.com/bykea Submitted By:sameer_aliLink to Submitters Profile:https://hackerone.com/sameer_ali Report Title:MongoDB Query Logs & Schema Leak via...
