| 299 | Backend Parameter Injection --> RCE |
RCE
HTTP parameter pollution
OS command injection |
NA |
Austin (@systemdumb) |
Bug Bounty | 2023-03-14 | 2023-06-13 |
| 139 | Azure Devops CICD Pipelines - Command Injection With Parameters, Variables And A Discussion On Runner Hijacking |
CI/CD
OS command injection
RCE |
Microsoft (Azure DevOps Pipelines) |
Sana Oshika (@bigshika) |
Bug Bounty | 2023-05-01 | 2023-06-13 |
| 120 | Bullied by Bugcrowd over Kape CyberGhost disclosure |
Local Privilege Escalation
OS command injection
Security code review |
Kape (CyberGhost) |
Ceri Coburn (@_ethicalchaos_) |
Bug Bounty | 2023-05-05 | 2023-06-13 |
| 91 | Triple Threat: Breaking Teltonika Routers Three Ways |
IoT
RCE
OS command injection
SSRF
XSS |
Teltonika |
Roni Gavrilov |
Bug Bounty | 2023-05-15 | 2023-06-13 |
| 87 | Unauthenticated Remote Command Execution in Multiple WAGO Products |
RCE
OS command injection
Security code review |
WAGO |
Quentin Kaiser (@QKaiser) |
Bug Bounty | 2023-05-16 | 2023-06-13 |
| 86 | Hardcore RCE via directory name for $3.000 |
RCE
OS command injection
Security code review |
NA |
Lev Shmelev |
Bug Bounty | 2023-05-16 | 2023-06-13 |
| 75 | Blind OS Command Injection via Activation Request |
OS command injection |
NA |
Arumusutakimu (@arumusutakimu) |
Bug Bounty | 2023-05-18 | 2023-06-13 |
| 74 | Blind OS Command Injection via Activation Request |
Memory corruption
Buffer Overflow
Out-of-bounds Read |
VMware |
Nguyễn Hoàng Thạch (@hi_im_d4rkn3ss) |
Bug Bounty | 2023-05-18 | 2023-06-13 |
| 41 | an offensive look at docker desktop extensions |
OS command injection
Container security |
Docker |
Leon Jacobs (@leonjza) |
Bug Bounty | 2023-05-30 | 2023-06-13 |
| 22 | SSD Advisory – Roundcube MarkAsJunk RCE |
RCE
OS command injection
Security code review |
Roundcube |
Selim Enes Karaduman (@Enesdex) |
Bug Bounty | 2023-06-06 | 2023-06-13 |
