| | XSS on using the legacy "Graphie To PNG" API (hackerone.com) |
|
9 points by Rahat_Ahmed 12 days ago | past | 1 comment
|
|
| | Gitlab: Account Takeover via Password Reset (hackerone.com) |
|
1 point by jeeybee 58 days ago | past
|
|
| | Gitlab: Account Takeover via Password Reset (hackerone.com) |
|
5 points by samber 59 days ago | past | 3 comments
|
|
| | Exposed DoD database leaking sensitive information, including operation details (hackerone.com) |
|
2 points by AdeptusAquinas 87 days ago | past
|
|
| | Usernames still visible on report export pdf despite (hackerone.com) |
|
1 point by todayisnew 3 months ago | past | 2 comments
|
|
| | Buffer Overflow Risk in Curl_inet_ntop and Inet_ntop4 (hackerone.com) |
|
163 points by sprawl_ 4 months ago | past | 71 comments
|
|
| | Riot's kernel-anticheat: $100k bounty to solve DDoS affecting T1&other pro teams (hackerone.com) |
|
3 points by xeonmc 5 months ago | past | 1 comment
|
|
| | For some reason, the PS4/PS5 is vulnerable to [CVE-2006-4304] (hackerone.com) |
|
2 points by benjacksondev 5 months ago | past
|
|
| | Coinbase awarded a $500k bug bounty (hackerone.com) |
|
210 points by alexcos 8 months ago | past | 159 comments
|
|
| | Header Parsing Leads to Possible Denial of Service Vulnerability (hackerone.com) |
|
1 point by tomtom1989 11 months ago | past
|
|
| | GitHub Access Token Exposure (hackerone.com) |
|
1 point by Pyrobyte on April 19, 2024 | past | 3 comments
|
|
| | Broken Authentication and Session Management (hackerone.com) |
|
1 point by Buggybaby on Feb 19, 2024 | past
|
|
| | Sensitive Information Exposed at Test (hackerone.com) |
|
1 point by drosofray on Feb 2, 2024 | past
|
|
| | HackerOne Partners with Semgrep (hackerone.com) |
|
3 points by ajbt200128 on Jan 11, 2024 | past
|
|
| | The Start of AI-Generated BugBounty Reports (hackerone.com) |
|
4 points by paul-tharun on Jan 3, 2024 | past
|
|
| | Critical SSRF Vulnerability Disclosed in HackerOne (hackerone.com) |
|
1 point by rtvkiz on Dec 8, 2023 | past
|
|
| | HackerOne Employee Accidentally Posted Their Session Cookie on HackerOne (2019) (hackerone.com) |
|
1 point by karagenit on Nov 17, 2023 | past
|
|
| | Null Pointer Dereference in Idn.c (hackerone.com) |
|
2 points by beeburrt on Oct 1, 2023 | past | 1 comment
|
|
| | Login to any user account using other Facebook app access token (2015) (hackerone.com) |
|
18 points by Bikee on Sept 5, 2023 | past | 16 comments
|
|
| | HackerOne lays off 12% of its workforce (hackerone.com) |
|
67 points by Techbrunch on Aug 2, 2023 | past | 106 comments
|
|
| | Node.js HTTP Request Smuggling via Empty Headers Separated by CR (hackerone.com) |
|
20 points by osivertsson on July 4, 2023 | past | 2 comments
|
|
| | Login to any user account using other Facebook app access token (2015) (hackerone.com) |
|
2 points by nkosingimele on July 1, 2023 | past
|
|
| | Bypass Validation Parts in AWS IAM Authenticator for Kubernetes (hackerone.com) |
|
11 points by arkadiyt on May 25, 2023 | past
|
|
| | TikTok bug: bypass two-factor authentication in Android apps and web (hackerone.com) |
|
1 point by ledoge on Jan 9, 2023 | past
|
|
| | Leak of sensitive values to Airflow rendered template (hackerone.com) |
|
1 point by khan-gtxofied on Jan 8, 2023 | past
|
|
| | HTTP Request Smuggling via HTTP/2 (hackerone.com) |
|
2 points by chiragbro on Dec 30, 2022 | past
|
|
| | XSS while logging using Google (hackerone.com) |
|
1 point by goegle on Dec 10, 2022 | past
|
|
| | GitHub access token exposure (hackerone.com) |
|
19 points by malazgirt on Nov 20, 2022 | past | 3 comments
|
|
| | Blind SSRF on platform.dash.cloudflare.com Due to Sentry misconfiguration (hackerone.com) |
|
1 point by lohigowda on Sept 5, 2022 | past
|
|
| | Twitter paid $5000 bug bounty that resulted in 5.4mm leaked records (hackerone.com) |
|
18 points by hnburnsy on Aug 9, 2022 | past | 4 comments
|
|
|
|
More |
