Write-ups

Check The Published Writeups

Reset
WDBTitleTagsProgramsAuthorsTypePublicationAdded
444Technical Advisory – Azure B2C – Crypto Misuse and Account Compromise Cryptographic issues JWT Account takeover Authentication bypass Microsoft (Azure) John Novak Bug Bounty2023-02-152023-06-13
357GitHub Security Lab audited DataHub: Here’s what they found SSRF Insecure deserialization Cypher injection Authentication bypass Authorization bypass XSS Open redirect JWT JSON injection Cryptographic issues Session expiration issue Security code review DataHub Alvaro Muñoz (@pwntester) Bug Bounty2023-03-032023-06-13
341A Vulnerability in Implementations of SHA-3, SHAKE, EdDSA, and Other NIST-Approved Algorithms Cryptographic issues Buffer Overflow Python PHP PyPy SHA3 for Ruby Keccak Team Nicky Mouha Bug Bounty2023-03-062023-06-13
340Caveat Implementor! Key Recovery Attacks on MEGA Cryptographic issues MEGA Martin R. Albrecht (@martinralbrecht) Bug Bounty2023-03-062023-06-13
241Beware of Java%27s String.getBytes Hash collision Cryptographic issues Security code review Swiss E-Voting Ruben Santamarta (@reversemode) Bug Bounty2023-03-312023-06-13
213Account Take Over (Via an API) Account takeover Information disclosure Broken Access Control Cryptographic issues NA Thabiso Mokoena Bug Bounty2023-04-102023-06-13
112Sorting Your Way to Stolen Passwords Bruteforce Cryptographic issues NA Nightbane (@Nightbanes) Bug Bounty2023-05-082023-06-13
107Testing a new encrypted messaging app%27s extraordinary claims Android Firebase Cryptographic issues Privacy issue Information disclosure Converso Crnković Bug Bounty2023-05-102023-06-13