HackerOne Bug Bounty Disclosure: remote-denial-of-service-in–hyperledger-fabricbyfatal0
Programme HackerOne Hyperledger Hyperledger Submitted by fatal0 fatal0 Report Remote denial of service in HyperLedger Fabric Full Report A considerable...
Bug Bounty
HackerOne Bug Bounty Disclosure: stack-buffer-overflow-via-`gmp_sprintf`in-`blssignature`-and-`blssigshare`byvoiddy
Programme HackerOne SKALE Network SKALE Network Submitted by voiddy voiddy Report Stack Buffer Overflow via `gmp_sprintf`in `BLSSignature` and `BLSSigShare` Full...
HackerOne Bug Bounty Disclosure: reflected-cross-site-scripting-(xss)-on-https://one-newrelic-combysairanga
Programme HackerOne New Relic New Relic Submitted by sairanga sairanga Report Reflected Cross site Scripting (XSS) on https://one.newrelic.com Full Report...
HackerOne Bug Bounty Disclosure: exposure-of-a-valid-gitlab-workhorse-jwt-leading-to-various-bad-thingsbyledz1996
Programme HackerOne GitLab GitLab Submitted by ledz1996 ledz1996 Report Exposure of a valid Gitlab-Workhorse JWT leading to various bad things...
HackerOne Bug Bounty Disclosure: reflected–xss-on–https://wwwapps-ups-com/ctc/request?loc=by3amoura
Programme HackerOne UPS VDP UPS VDP Submitted by 3amoura 3amoura Report Reflected XSS on https://wwwapps.ups.com/ctc/request?loc= Full Report A considerable amount...
HackerOne Bug Bounty Disclosure: smtp-command-injection-in-icalendar-attachments-to-emails-via-newlinesbyspaceraccoon
Programme HackerOne Nextcloud Nextcloud Submitted by spaceraccoon spaceraccoon Report SMTP Command Injection in iCalendar Attachments to Emails via Newlines Full...
HackerOne Bug Bounty Disclosure: moderators-can-send-messages-to-users-from-banned-subreddits-via-`oauth-reddit-com/api/mod/conversations`byzqyzoid
Programme HackerOne Reddit Reddit Submitted by zqyzoid zqyzoid Report Moderators can send messages to users from banned subreddits via `oauth.reddit.com/api/mod/conversations`...
HackerOne Bug Bounty Disclosure: federated-editing-allows-iframing-possibly-malicious-remotesbyrtod
Programme HackerOne Nextcloud Nextcloud Submitted by rtod rtod Report Federated editing allows iframing possibly malicious remotes Full Report A considerable...
HackerOne Bug Bounty Disclosure: xss-payload-on-tiktok-seller-center-endpointbyaidilarf_2000
Programme HackerOne TikTok TikTok Submitted by aidilarf_2000 aidilarf_2000 Report XSS Payload on TikTok Seller Center endpoint Full Report A considerable...
HackerOne Bug Bounty Disclosure: bypassing-cache-deception-armor-using–avif-extension-filebybombon
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by bombon bombon Report Bypassing Cache Deception Armor using...
HackerOne Bug Bounty Disclosure: sign-in-with-apple-works-on-existing-accounts,-bypasses-2fabymattipv4
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by mattipv4 mattipv4 Report Sign in with Apple works...
HackerOne Bug Bounty Disclosure: cve-2022-32205:-set-cookie-denial-of-servicebynyymi
Programme HackerOne curl curl Submitted by nyymi nyymi Report CVE-2022-32205: Set-Cookie denial of service Full Report
HackerOne Bug Bounty Disclosure: cve-2022-32206:-http-compression-denial-of-servicebynyymi
Programme HackerOne curl curl Submitted by nyymi nyymi Report CVE-2022-32206: HTTP compression denial of service Full Report
HackerOne Bug Bounty Disclosure: api-docs-expose-an-active-token-for-the-sample-domain-theburritobot-combysainaen
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by sainaen sainaen Report API docs expose an active...
HackerOne Bug Bounty Disclosure: sign-in-with-apple-generates-long-life-jwts,-seemingly-irrevocable,-that-grant-immediate-access-to-accountsbymattipv4
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by mattipv4 mattipv4 Report Sign in with Apple generates...
HackerOne Bug Bounty Disclosure: credential-leak-when-use-two-urlbychen172
Programme HackerOne curl curl Submitted by chen172 chen172 Report Credential leak when use two url Full Report
HackerOne Bug Bounty Disclosure: cve-2022-32207:-unpreserved-file-permissionsbynyymi
Programme HackerOne curl curl Submitted by nyymi nyymi Report CVE-2022-32207: Unpreserved file permissions Full Report
HackerOne Bug Bounty Disclosure: http-request-smuggling-with-origin-rules-using-newlines-in-the-host_header-action-parameterbyalbertspedersen
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by albertspedersen albertspedersen Report HTTP request smuggling with Origin...
HackerOne Bug Bounty Disclosure: cve-2022-32208:-ftp-krb-bad-message-verificationbynyymi
Programme HackerOne curl curl Submitted by nyymi nyymi Report CVE-2022-32208: FTP-KRB bad message verification Full Report
HackerOne Bug Bounty Disclosure: able-to-approve-admin-approval-and-change-effective-status-without-adding-payment-details–bybisesh
Programme HackerOne Reddit Reddit Submitted by bisesh bisesh Report Able to approve admin approval and change effective status without adding...
HackerOne Bug Bounty Disclosure: admin-authentication-bypass-lead-to-admin-account-takeoverby7odamo
Programme HackerOne UPS VDP UPS VDP Submitted by 7odamo 7odamo Report Admin Authentication Bypass Lead to Admin Account Takeover Full...
HackerOne Bug Bounty Disclosure: authentication-csrf-resulting-in-unauthorized-account-access-on-krisp-appbyyassineaboukir
Programme HackerOne Krisp Krisp Submitted by yassineaboukir yassineaboukir Report Authentication CSRF resulting in unauthorized account access on Krisp app Full...
HackerOne Bug Bounty Disclosure: add-more-seats-by-paying-less-via-put-/v2/seats-request-manipulationbylife__001
Programme HackerOne Krisp Krisp Submitted by life__001 life__001 Report Add more seats by paying less via PUT /v2/seats request manipulation...
BugCrowd Bug Bounty Disclosure: P1 – Asana Desktop Application Includes Personal Access Token – By lauritz
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
