| 165 | Compromising Garmin’s Sport Watches: A Deep Dive into GarminOS and its MonkeyC Virtual Machine |
IoT
Memory corruption
Buffer Overflow
Integer overflow
Out-of-bounds Read
Out-of-bounds Write
Type confusion
Permission bypass
Reverse engineering |
Garmin |
Tao Sauvage |
Bug Bounty | 2023-04-21 | 2023-06-13 |
| 163 | How careless default credentials impact to massive account takeover |
Authentication bypass
Account takeover
Weak credentials |
NA |
M Maulana Abdullah |
Bug Bounty | 2023-04-22 | 2023-06-13 |
| 161 | No Portals Needed |
MFA bypass
Security misconfiguration |
NA |
Chen Levy Ben Aroy |
Bug Bounty | 2023-04-24 | 2023-06-13 |
| 158 | CVE-2023-27524: Insecure Default Configuration in Apache Superset Leads to Remote Code Execution |
RCE
Default Flask Secret Key
Hardcoded credentials |
Apache Superset |
Naveen Sunkavally |
Bug Bounty | 2023-04-25 | 2023-06-13 |
| 157 | New high-severity vulnerability (CVE-2023-29552) discovered in the Service Location Protocol (SLP) |
DoS
UDP spoofing |
Service Location Protocol (SLP) |
Pedro Umbelino |
Bug Bounty | 2023-04-25 | 2023-06-13 |
| 156 | Methodological approach to find business logic bugs |
Logic flaw
Payment tampering
IP address validation bypass |
NA |
Fady Othman (@Fady_Othman) |
Bug Bounty | 2023-04-25 | 2023-06-13 |
| 155 | API Misconfiguration - Algolia API Key |
Hardcoded API keys |
NA |
Jerry Shah (@Jerry) |
Bug Bounty | 2023-04-26 | 2023-06-13 |
| 153 | Finding XSS in a million websites (cPanel CVE-2023-29489) |
Reflected XSS
Security code review |
cPanel |
Shubham Shah (@infosec_au) |
Bug Bounty | 2023-04-26 | 2023-06-13 |
| 152 | Git Arbitrary Configuration Injection (CVE-2023-29007) |
Logic flaw
Arbitrary Code Execution
Security code review |
Git |
André Baptista (@0xacb) |
Bug Bounty | 2023-04-26 | 2023-06-13 |
| 150 | Avast Anti-Virus privileged arbitrary file create on virus quarantine (CVE-2023-1585 and CVE-2023-1587) |
TOCTOU
NULL pointer dereference
Arbitrary file write
Local Privilege Escalation |
Avast |
Denis Skvortcov (@Denis_Skvortcov) |
Bug Bounty | 2023-04-26 | 2023-06-13 |
| 149 | Microsoft Exchange Powershell Remoting Deserialization leading to RCE (CVE-2023-21707) |
RCE
Insecure deserialization |
Microsoft (Exchange) |
Nguyễn Tiến Giang (@testanull) |
Bug Bounty | 2023-04-28 | 2023-06-13 |
| 145 | How I Chained an Information Disclosure Bug with SQL Injection |
SQL injection
.git folder disclosure |
NA |
Mba-oji Chiagoziem (@g0ziem) |
Bug Bounty | 2023-04-30 | 2023-06-13 |
| 144 | Netflix — Bypassing Multi-Factor Authentication (MFA) |
MFA bypass |
Netflix |
Lyubomir Tsirkov (@lyubo_tsirkov) |
Bug Bounty | 2023-04-30 | 2023-06-13 |
| 142 | TENDA–N301-v6–(CVE-2023–29680,CVE-2023–29681) |
Sensitive Information Sent Over an Unencrypted Channel |
Tenda |
Mateus Pantoja |
Bug Bounty | 2023-04-30 | 2023-06-13 |
| 141 | Bug Bounty Writeup: Stored XSS Vulnerability WAF Bypass |
Stored XSS
WAF bypass |
NA |
Rafael Silva "lopseg" |
Bug Bounty | 2023-05-01 | 2023-06-13 |
| 140 | Unauthorized access to the admin panel via leaked credentials on the WayBackMachine |
Information disclosure |
NA |
Arman (@M7arm4n) |
Bug Bounty | 2023-05-01 | 2023-06-13 |
| 139 | Azure Devops CICD Pipelines - Command Injection With Parameters, Variables And A Discussion On Runner Hijacking |
CI/CD
OS command injection
RCE |
Microsoft (Azure DevOps Pipelines) |
Sana Oshika (@bigshika) |
Bug Bounty | 2023-05-01 | 2023-06-13 |
| 134 | CVE-2023-28231: RCE In The Microsoft Windows DHCPv6 Service |
RCE
Buffer Overflow
Memory corruption |
Microsoft (Windows) |
Guy Lederfein (@glederfein) |
Bug Bounty | 2023-05-02 | 2023-06-13 |
| 133 | How do I Bypass Payment when a Subscription ends so I don’t have to pay for my subscription |
Payment bypass
Logic flaw |
NA |
Aidil Arief |
Bug Bounty | 2023-05-02 | 2023-06-13 |
| 131 | Exploiting misconfigured Google Cloud Service Accounts from GitHub Actions |
OpenID Connect
Cloud
CI/CD |
NA |
Revblock (@revbl0ck) |
Bug Bounty | 2023-05-02 | 2023-06-13 |
| 130 | When you%27re so bored, you start debugging someone else%27s code: bug hunting in a random Cloud-Native project |
SSTI
RCE |
Foreman |
ONSEC.io Research Team |
Bug Bounty | 2023-05-03 | 2023-06-13 |
| 129 | Automating SQL Injection On Encrypted Request |
SQL injection
Client-side encryption bypass |
NA |
Janirudransh |
Bug Bounty | 2023-05-03 | 2023-06-13 |
| 128 | Accessing Admin Dashboard in 5 seconds: Hall of Fame. |
Default credentials |
NA |
Sumedh Dawadi |
Bug Bounty | 2023-05-03 | 2023-06-13 |
| 127 | The Art of Information Disclosure: A Deep Dive into CVE-2022-37985, a Unique Information Disclosure Vulnerability in Windows Graphics Component |
Out-of-bounds Read
Memory corruption |
Microsoft (Windows) |
Bing Sun |
Bug Bounty | 2023-05-03 | 2023-06-13 |
| 126 | CVE-2023-25394 - VideoStream Local Privilege Escalation |
Local Privilege Escalation |
Videostream |
Dan Revah (@danrevah) |
Bug Bounty | 2023-05-03 | 2023-06-13 |
