Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by tdp3kel9g tdp3kel9g Report Controllable read beyond bounds in lua_websocket_readbytes() Full...
Programme HackerOne Glovo Glovo Submitted by mehdisadir mehdisadir Report Exposed valid AWS, Mysql, Sendgrid and other secrets Full Report A...
Programme HackerOne Hyperledger Hyperledger Submitted by fatal0 fatal0 Report Remote denial of service in HyperLedger Fabric Full Report A considerable...
Programme HackerOne SKALE Network SKALE Network Submitted by voiddy voiddy Report Stack Buffer Overflow via `gmp_sprintf`in `BLSSignature` and `BLSSigShare` Full...
Programme HackerOne New Relic New Relic Submitted by sairanga sairanga Report Reflected Cross site Scripting (XSS) on https://one.newrelic.com Full Report...
Programme HackerOne GitLab GitLab Submitted by ledz1996 ledz1996 Report Exposure of a valid Gitlab-Workhorse JWT leading to various bad things...
Programme HackerOne UPS VDP UPS VDP Submitted by 3amoura 3amoura Report Reflected XSS on https://wwwapps.ups.com/ctc/request?loc= Full Report A considerable amount...
Programme HackerOne Nextcloud Nextcloud Submitted by spaceraccoon spaceraccoon Report SMTP Command Injection in iCalendar Attachments to Emails via Newlines Full...
Programme HackerOne Reddit Reddit Submitted by zqyzoid zqyzoid Report Moderators can send messages to users from banned subreddits via `oauth.reddit.com/api/mod/conversations`...
Programme HackerOne Nextcloud Nextcloud Submitted by rtod rtod Report Federated editing allows iframing possibly malicious remotes Full Report A considerable...
Programme HackerOne TikTok TikTok Submitted by aidilarf_2000 aidilarf_2000 Report XSS Payload on TikTok Seller Center endpoint Full Report A considerable...
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by bombon bombon Report Bypassing Cache Deception Armor using...
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by mattipv4 mattipv4 Report Sign in with Apple works...
Programme HackerOne curl curl Submitted by nyymi nyymi Report CVE-2022-32206: HTTP compression denial of service Full Report
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by sainaen sainaen Report API docs expose an active...
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by mattipv4 mattipv4 Report Sign in with Apple generates...
Programme HackerOne curl curl Submitted by chen172 chen172 Report Credential leak when use two url Full Report
Programme HackerOne curl curl Submitted by nyymi nyymi Report CVE-2022-32207: Unpreserved file permissions Full Report
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by albertspedersen albertspedersen Report HTTP request smuggling with Origin...
Programme HackerOne curl curl Submitted by nyymi nyymi Report CVE-2022-32208: FTP-KRB bad message verification Full Report
Programme HackerOne curl curl Submitted by nyymi nyymi Report CVE-2022-32205: Set-Cookie denial of service Full Report
Programme HackerOne Reddit Reddit Submitted by bisesh bisesh Report Able to approve admin approval and change effective status without adding...
Programme HackerOne UPS VDP UPS VDP Submitted by 7odamo 7odamo Report Admin Authentication Bypass Lead to Admin Account Takeover Full...
Programme HackerOne Krisp Krisp Submitted by yassineaboukir yassineaboukir Report Authentication CSRF resulting in unauthorized account access on Krisp app Full...
