| | Header Parsing Leads to Possible Denial of Service Vulnerability (hackerone.com) |
|
1 point by tomtom1989 34 days ago | past
|
| | GitHub Access Token Exposure (hackerone.com) |
|
1 point by Pyrobyte 69 days ago | past | 3 comments
|
| | Broken Authentication and Session Management (hackerone.com) |
|
1 point by Buggybaby 4 months ago | past
|
| | Sensitive Information Exposed at Test (hackerone.com) |
|
1 point by drosofray 4 months ago | past
|
| | HackerOne Partners with Semgrep (hackerone.com) |
|
3 points by ajbt200128 5 months ago | past
|
| | The Start of AI-Generated BugBounty Reports (hackerone.com) |
|
4 points by paul-tharun 5 months ago | past
|
| | Critical SSRF Vulnerability Disclosed in HackerOne (hackerone.com) |
|
1 point by rtvkiz 6 months ago | past
|
| | HackerOne Employee Accidentally Posted Their Session Cookie on HackerOne (2019) (hackerone.com) |
|
1 point by karagenit 7 months ago | past
|
| | Null Pointer Dereference in Idn.c (hackerone.com) |
|
2 points by beeburrt 9 months ago | past | 1 comment
|
| | Login to any user account using other Facebook app access token (2015) (hackerone.com) |
|
18 points by Bikee 9 months ago | past | 16 comments
|
| | HackerOne lays off 12% of its workforce (hackerone.com) |
|
67 points by Techbrunch 11 months ago | past | 106 comments
|
| | Node.js HTTP Request Smuggling via Empty Headers Separated by CR (hackerone.com) |
|
20 points by osivertsson 11 months ago | past | 2 comments
|
| | Login to any user account using other Facebook app access token (2015) (hackerone.com) |
|
2 points by nkosingimele 12 months ago | past
|
| | Bypass Validation Parts in AWS IAM Authenticator for Kubernetes (hackerone.com) |
|
11 points by arkadiyt on May 25, 2023 | past
|
| | TikTok bug: bypass two-factor authentication in Android apps and web (hackerone.com) |
|
1 point by ledoge on Jan 9, 2023 | past
|
| | Leak of sensitive values to Airflow rendered template (hackerone.com) |
|
1 point by khan-gtxofied on Jan 8, 2023 | past
|
| | HTTP Request Smuggling via HTTP/2 (hackerone.com) |
|
2 points by chiragbro on Dec 30, 2022 | past
|
| | XSS while logging using Google (hackerone.com) |
|
1 point by goegle on Dec 10, 2022 | past
|
| | GitHub access token exposure (hackerone.com) |
|
19 points by malazgirt on Nov 20, 2022 | past | 3 comments
|
| | Blind SSRF on platform.dash.cloudflare.com Due to Sentry misconfiguration (hackerone.com) |
|
1 point by lohigowda on Sept 5, 2022 | past
|
| | Twitter paid $5000 bug bounty that resulted in 5.4mm leaked records (hackerone.com) |
|
18 points by hnburnsy on Aug 9, 2022 | past | 4 comments
|
| | Bypass SQL Injection #1109311 (hackerone.com) |
|
1 point by hackerkurdone on July 19, 2022 | past
|
| | Multiple vulnerability leading to account takeover in TikTok SMB subdomain (hackerone.com) |
|
2 points by hackerkurdone on July 19, 2022 | past
|
| | HackerOne June 2022 Incident Report (hackerone.com) |
|
30 points by uptown on July 1, 2022 | past | 6 comments
|
| | Playstation confirms chain of 5 vulnerabilities on PS4/PS5 (hackerone.com) |
|
288 points by guiambros on June 19, 2022 | past | 160 comments
|
| | Playstation bd-j exploit chain (hackerone.com) |
|
2 points by homarp on June 12, 2022 | past | 1 comment
|
| | Disclosure of Top Vulnerability (hackerone.com) |
|
1 point by akshobdhira on May 19, 2022 | past
|
| | PullRequest (YC S17) Acquired by HackerOne (hackerone.com) |
|
2 points by welder on April 28, 2022 | past
|
| | Theft of Protected Files on Android (hackerone.com) |
|
3 points by yohurahan on April 15, 2022 | past
|
| | Get all personal email IDs of Glassdoor users[No user interaction required] (hackerone.com) |
|
1 point by algore4prez2036 on March 22, 2022 | past
|
|
|
More |