HackerOne Bug Bounty Disclosure: html-injection-via-insecure-parameter-[https://www-ubercarshare-com/]byzhero_
Programme HackerOne Uber Uber Submitted by zhero_ zhero_ Report HTML injection via insecure parameter Full Report A considerable amount...
bug bounty
HackerOne Bug Bounty Disclosure: [uchat-uberinternals-com]-mattermost-doesn’t-check-origin-in-websockets,-which-leads-to-the-critical-inforamation-leakage-bykxyry
Programme HackerOne Uber Uber Submitted by kxyry kxyry Report Mattermost doesn't check Origin in Websockets, which leads to the Critical...
HackerOne Bug Bounty Disclosure: python-:-add-query-to-detect-pam-authorization-bypassbyporcupineyhairs
Programme HackerOne GitHub Security Lab GitHub Security Lab Submitted by porcupineyhairs porcupineyhairs Report Python : Add query to detect PAM...
HackerOne Bug Bounty Disclosure: [python]-tarslip-vulnerability-improvementsbysim4n6
Programme HackerOne GitHub Security Lab GitHub Security Lab Submitted by sim4n6 sim4n6 Report TarSlip vulnerability improvements Full Report A...
HackerOne Bug Bounty Disclosure: stealing-users-oauth-authorization-code-via-redirect_uribyhackit_bharat
Programme HackerOne pixiv pixiv Submitted by hackit_bharat hackit_bharat Report Stealing Users OAuth authorization code via redirect_uri Full Report A...
HackerOne Bug Bounty Disclosure: [go]:-add-beego-input-requestbody-source-to-beego-frameworkbygregxsunday
Programme HackerOne GitHub Security Lab GitHub Security Lab Submitted by gregxsunday gregxsunday Report : Add Beego.Input.RequestBody source to Beego framework...
HackerOne Bug Bounty Disclosure: cpp:-pam-authorization-bypassbykuzu7shiki
Programme HackerOne GitHub Security Lab GitHub Security Lab Submitted by kuzu7shiki kuzu7shiki Report CPP: Pam Authorization Bypass Full Report ...
HackerOne Bug Bounty Disclosure: [cpp]add-query-to-detect-bugs-like-cve-2017-5123by4b5f5f4b
Programme HackerOne GitHub Security Lab GitHub Security Lab Submitted by 4b5f5f4b 4b5f5f4b Report Add query to detect bugs like CVE-2017-5123...
HackerOne Bug Bounty Disclosure: [cpp]:-add-query-for-cwe-125-out-of-bounds-read-with-different-interpretation-of-the-string-when-use-mbtowcbyporcupineyhairs
Programme HackerOne GitHub Security Lab GitHub Security Lab Submitted by porcupineyhairs porcupineyhairs Report : Add query for CWE-125 Out-of-bounds Read...
HackerOne Bug Bounty Disclosure: [python]-unsafe-unpacking-using-shutil-unpack_archive()-query-and-testsbysim4n6
Programme HackerOne GitHub Security Lab GitHub Security Lab Submitted by sim4n6 sim4n6 Report Unsafe unpacking using shutil.unpack_archive() query and tests...
HackerOne Bug Bounty Disclosure: c/c++:-command-injection-via-wordexpbyihsinme
Programme HackerOne GitHub Security Lab GitHub Security Lab Submitted by ihsinme ihsinme Report C/C++: Command injection via wordexp Full Report...
HackerOne Bug Bounty Disclosure: cve-2023-27537:-hsts-double-freebykurohiro
Programme HackerOne curl curl Submitted by kurohiro kurohiro Report CVE-2023-27537: HSTS double-free Full Report A considerable amount of time...
HackerOne Bug Bounty Disclosure: potential-dos-vulnerability-in-django-in-multipart-parserbydas7pad
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by das7pad das7pad Report Potential DoS vulnerability in Django in multipart...
HackerOne Bug Bounty Disclosure: insecure-loading-of-icu-data-through-icu_data-environment-variablebybnoordhuis
Programme HackerOne Node.js Node.js Submitted by bnoordhuis bnoordhuis Report Insecure loading of ICU data through ICU_DATA environment variable Full Report...
HackerOne Bug Bounty Disclosure: permissions-policies-can-be-bypassed-via-process-mainmodulebygoums
Programme HackerOne Node.js Node.js Submitted by goums goums Report Permissions policies can be bypassed via process.mainModule Full Report A...
HackerOne Bug Bounty Disclosure: regular-expression-denial-of-service-in-headersbysno2
Programme HackerOne Node.js Node.js Submitted by sno2 sno2 Report Regular Expression Denial of Service in Headers Full Report A...
HackerOne Bug Bounty Disclosure: rce-vulnerability-in-apache-airflow-providers-apache-sqoop-3-1-0byleixiao
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by leixiao leixiao Report RCE vulnerability in apache-airflow-providers-apache-sqoop 3.1.0 Full Report...
HackerOne Bug Bounty Disclosure: [cve-2022-44268]-arbitrary-remote-leak-via-imagemagickbymikkocarreon
Programme HackerOne HackerOne HackerOne Submitted by mikkocarreon mikkocarreon Report Arbitrary Remote Leak via ImageMagick Full Report A considerable amount...
HackerOne Bug Bounty Disclosure: snowflake-server:-leak-of-tls-packets-from-other-clientsbyhazae41
Programme HackerOne Tor Tor Submitted by hazae41 hazae41 Report Snowflake server: Leak of TLS packets from other clients Full Report...
HackerOne Bug Bounty Disclosure: traffic-amplification-attack-via-discovery-protocolbyluk-matczak
Programme HackerOne IOVLabs IOVLabs Submitted by luk-matczak luk-matczak Report Traffic amplification attack via discovery protocol Full Report A considerable amount...
HackerOne Bug Bounty Disclosure: information-disclosure-of-another-company-bug-on-video-bymanish_adz
Programme HackerOne HackerOne HackerOne Submitted by manish_adz manish_adz Report information disclosure of another company bug on video. Full Report A...
HackerOne Bug Bounty Disclosure: scope-information-is-leaked-when-visiting-policy-scopes-tab-of-any-external-programbyburaaqsec
Programme HackerOne HackerOne HackerOne Submitted by buraaqsec buraaqsec Report Scope information is leaked when visiting policy scopes tab of any...
HackerOne Bug Bounty Disclosure: stored-xss-on-www-hackerone-com-due-to-deleted-s3-bucket-from-old-page_widgetbyfransrosen
Programme HackerOne HackerOne HackerOne Submitted by fransrosen fransrosen Report Stored XSS on www.hackerone.com due to deleted S3-bucket from old page_widget...
HackerOne Bug Bounty Disclosure: improper-handling-of-null-bytes-in-github-actions-runner-allows-an-attacker-to-set-arbitrary-environment-variablesbyryotak
Programme HackerOne GitHub GitHub Submitted by ryotak ryotak Report Improper handling of null bytes in GitHub Actions Runner allows an...
