Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
1469Cryptographic Side-Channels (Timing Leaks) in JSBN Cryptographic issues Side-channel attack Timing attack Xfinity Opensource Soatok (@SoatokDhole) Bug Bounty2022-06-142023-06-13
1468403 bypass on a fortune 100 financial institution (P3) Information disclosure Authorization flaw Forced browsing NA Damaidec Bug Bounty2022-06-142023-06-13
1467Zimbra Email - Stealing Clear-Text Credentials via Memcache injection Memcache injection CRLF injection Zimbra Sonar (@SonarSource) Bug Bounty2022-06-142023-06-13
14662FA Bypass via Basic Authentication on private bug bounty program MFA bypass NA Sharat Kaikolamthuruthil (@sharp488) Bug Bounty2022-06-142023-06-13
1465Automating reflected XSS with burp-suite Intruder Reflected XSS NA Santosh Kumar Sha (@killmongar1996) Bug Bounty2022-06-142023-06-13
1464Hertzbleed Attack Side-channel attack Hardware hacking Cryptographic issues Intel Cloudflare Microsoft Yingchen Wang (@YingchenWang96) Bug Bounty2022-06-142023-06-13
1463[BugTales] UnZiploc: From 0-click To Platform Compromise Memory corruption Logic flaw RCE Local Privilege Escalation Huawei Daniel Komaromy (@kutyacica) Bug Bounty2022-06-142023-06-13
1462Privilege Escalation in AKS Clusters Privilege escalation Microsoft Anneke Breust Bug Bounty2022-06-152023-06-13
1461Breaking Secure Boot on Google Nest Hub (2nd Gen) to run Ubuntu Hardware hacking Memory corruption Google Frédéric Basse (@FredoBasse) Bug Bounty2022-06-152023-06-13
1460Amazon Linux "log4j hotpatch" <1.3-5 local privilege escalation to root (race condition) Local Privilege Escalation Amazon Justin Steven (@justinsteven) Bug Bounty2022-06-152023-06-13
1459CVE-2022-23088: Exploiting A Heap Overflow In The Freebsd Wi-fi Stack Memory corruption RCE FreeBSD Security Team m00nbsd (@m00nbsd) Bug Bounty2022-06-162023-06-13
1458Proofpoint Discovers Potentially Dangerous Microsoft Office 365 Functionality that can Ransom Files Stored on SharePoint and OneDrive Logic flaw Microsoft Proofpoint (@proofpoint) Bug Bounty2022-06-162023-06-13
1457XSS Blind Stored at Asset Domain Android Apps TikTok Stored XSS TikTok Aidil Arief Bug Bounty2022-06-162023-06-13
1456The Android kernel mitigations obstacle race Memory corruption Android Qualcomm Man Yue Mo (@mmolgtm) Bug Bounty2022-06-162023-06-13
1455Chaining MFA-Enabled IAM Users with IAM Roles for Potential Privilege Escalation in AWS Privilege escalation AWS Jason Kao Bug Bounty2022-06-162023-06-13
1454CSRF leads to account takeover in Yahoo! CSRF Account takeover Yahoo! / Verizon Media Retr02332 (@Retr02332) Bug Bounty2022-06-162023-06-13
1453That Pipe is Still Leaking: Revisiting the RDP Named Pipe Vulnerability RCE Microsoft Gabriel Sztejnworcel (@sztejnworcel) Bug Bounty2022-06-162023-06-13
1452How I was able to see likes and dislikes count which is hidden by victim | YouTube #2 Logic flaw Authorization flaw Google Jay Jani (@JayJani007) Bug Bounty2022-06-172023-06-13
1451Hacking a NFT Platform SSRF NA Muhammad Abdullah Bug Bounty2022-06-172023-06-13
1450How I hacked one of the biggest Airline in the world IDOR Account takeover Authorization flaw NA Dali Jandro (@Sazouki_) Bug Bounty2022-06-182023-06-13
1449Personal Access Token Disclosure in Asana Desktop Application Information disclosure Hardcoded credentials Asana Lauritz Holtmann (@_lauritz_) Bug Bounty2022-06-182023-06-13
1448Account Takeover by OTP bypass Information disclosure Client-side enforcement of server-side security OTP bypass Account takeover NA Vaibhav Kumar Srivastava Bug Bounty2022-06-192023-06-13
1447Every XSS is different XSS NA Leonardo Bug Bounty2022-06-202023-06-13
1445Hacking into the worldwide Jacuzzi SmartTub network SPA Android JWT Privilege escalation Mass assignment Jacuzzi Group SmartTub Eaton Z. (@XeEaton) Bug Bounty2022-06-202023-06-13
1444XSS Vulnerability in IBM Content Navigator (CVE-2020-4757) XSS IBM Olivier Laflamme (@olivier_boschko) Bug Bounty2022-06-212023-06-13