| 4852 | POODLE SSLv3 bug on multiple twitter smtp servers |
Cryptographic issues |
Twitter |
Omar Espino (@omespino) |
Bug Bounty | 2018-02-21 | 2023-06-13 |
| 3638 | A mysterious bug in the firmware of Google%27s Titan M chip (CVE-2019-9465) |
Cryptographic issues |
Google |
Alexander Bakker |
Bug Bounty | 2020-02-29 | 2023-06-13 |
| 3483 | Weak Cryptography in Password Reset to Full Account Takeover |
Account takeover
Password reset
Cryptographic issues |
NA |
Harsh Bothra (@harshbothra_) |
Bug Bounty | 2020-05-15 | 2023-06-13 |
| 3135 | Advisory: security issues in AWS KMS and AWS Encryption SDKs |
Cryptographic issues
Information disclosure |
AWS |
Thai Duong (@XorNinja) |
Bug Bounty | 2020-09-25 | 2023-06-13 |
| 3028 | Weak Cryptography to Account Takeover’s |
Cryptographic issues
Account takeover
IDOR |
NA |
letmeslidein (@VasuYadaav) |
Bug Bounty | 2020-11-15 | 2023-06-13 |
| 2952 | Hack crypto secrets from heap memory to exploit Android application |
Cryptographic issues |
NA |
secureITmania (@secureitmania) |
Bug Bounty | 2020-12-22 | 2023-06-13 |
| 1907 | Finding vulnerabilities in Swiss Post’s future e-voting system - Part 1 |
Insecure deserialization
Cryptographic issues |
Swiss Post |
Ruben Santamarta (@reversemode) |
Bug Bounty | 2022-01-18 | 2023-06-13 |
| 1609 | CVE-2022-21449: Psychic Signatures in Java |
Signature bypass
Cryptographic issues |
Oracle |
Neil Madden (@neilmaddog) |
Bug Bounty | 2022-04-19 | 2023-06-13 |
| 1529 | Finding vulnerabilities in Swiss Post%27s future e-voting system - Part 2 |
Insecure deserialization
Cryptographic issues |
NA |
Ruben Santamarta (@reversemode) |
Bug Bounty | 2022-05-22 | 2023-06-13 |
| 1482 | ed25519-unsafe-libs |
Cryptographic issues |
NA |
Konstantinos Chalkias |
Bug Bounty | 2022-06-11 | 2023-06-13 |
| 1469 | Cryptographic Side-Channels (Timing Leaks) in JSBN |
Cryptographic issues
Side-channel attack
Timing attack |
Xfinity Opensource |
Soatok (@SoatokDhole) |
Bug Bounty | 2022-06-14 | 2023-06-13 |
| 1464 | Hertzbleed Attack |
Side-channel attack
Hardware hacking
Cryptographic issues |
Intel
Cloudflare
Microsoft |
Yingchen Wang (@YingchenWang96) |
Bug Bounty | 2022-06-14 | 2023-06-13 |
| 1174 | ASP.NET Boilerplate Multiple Vulnerabilities |
Authentication flaw
Hardcoded credentials
JWT
Padding oracle attack
Cryptographic issues |
Volosoft (ASP.NET Boilerplate) |
Sana Oshika (@bigshika) |
Bug Bounty | 2022-08-26 | 2023-06-13 |
| 1128 | How to Decrypt Manage Engine PMP Passwords for Fun and Domain Admin - a Red Teaming Tale |
Cryptographic issues |
Zoho (ManageEngine) |
smaury (@smaury92) |
Bug Bounty | 2022-09-05 | 2023-06-13 |
| 1022 | Practically-exploitable Cryptographic Vulnerabilities in Matrix |
Cryptographic issues |
Matrix |
Martin Albrecht (@martinralbrecht) |
Bug Bounty | 2022-09-28 | 2023-06-13 |
| 1016 | ECDSA Nonce Reuse |
Cryptographic issues |
NA |
Ingredous Labs |
Bug Bounty | 2022-09-29 | 2023-06-13 |
| 940 | Yet Another Telerik UI Revisit |
Cryptographic issues
RCE |
Progress (Telerik) |
Paul Mueller |
Bug Bounty | 2022-10-19 | 2023-06-13 |
| 927 | SHA-3 Buffer Overflow |
Buffer Overflow
Memory corruption
Cryptographic issues |
XKCP
Apple
Python
PHP
PyPy
SHA3 for Ruby |
Nicky Mouha |
Bug Bounty | 2022-10-20 | 2023-06-13 |
| 925 | The Curious Case Of The Password Database |
Cryptographic issues |
Zoho (ManageEngine) |
Travis Kaun (@W9HAX) |
Bug Bounty | 2022-10-20 | 2023-06-13 |
| 840 | Security and Privacy Failures in Popular 2FA Apps |
Cryptographic issues |
LastPass
Google
Twilio
Microsoft
Duo
Salesforce
Latch
Zoho |
Conor Gilsenan |
Bug Bounty | 2022-11-11 | 2023-06-13 |
| 839 | Every Signature is Broken: On the Insecurity of Microsoft Office’s OOXML Signatures |
Signature bypass
Signature forgery
Cryptographic issues
Windows |
Microsoft |
Simon Rohlmann |
Bug Bounty | 2022-11-11 | 2023-06-13 |
| 678 | Better Make Sure Your Password Manager Is Secure |
Hardcoded credentials
XSS
Cryptographic issues
Authorization flaw
Authentication bypass |
Click Studios |
kuekerino (@kuekerino) |
Bug Bounty | 2022-12-19 | 2023-06-13 |
| 543 | Exploiting a Critical Spoofing Vulnerability in Windows CryptoAPI |
Windows
Cryptographic issues |
Microsoft |
Tomer Peled |
Bug Bounty | 2023-01-25 | 2023-06-13 |
| 502 | WEEKEND DESTROYER - RCE in Western Digital PR4100 NAS |
RCE
Hardcoded credentials
Privilege escalation
Cryptographic issues
Security code review |
Western Digital |
Pedro Ribeiro (@pedrib1337) |
Bug Bounty | 2023-02-02 | 2023-06-13 |
| 474 | Cracking The Odd Case Of Randomness In Java |
Cryptographic issues |
NA |
Joseph (@josep68_) |
Bug Bounty | 2023-02-09 | 2023-06-13 |
