| 2733 | Partially disable Cybereason EDR as low privileges user on Windows |
EDR bypass
Local Privilege Escalation |
Cybereason |
Mehdi Alouache |
Bug Bounty | 2022-10-28 | 2023-06-13 |
| 2693 | How I leveraged XSS to make Privilege Escalation to be Super Admin! |
XSS
Privilege escalation |
NA |
Asem Eleraky (@melotover) |
Bug Bounty | 2021-03-25 | 2023-06-13 |
| 2674 | Who Contains the Containers? |
Local Privilege Escalation |
Microsoft |
James Forshaw (@tiraniddo) |
Bug Bounty | 2021-04-01 | 2023-06-13 |
| 2621 | DMCA.COM Hack, Full Disclosure (With Proof-of-Concept) |
Privilege escalation
Client-side enforcement of server-side security
Stored XSS
Broken Access Control |
DMCA |
Joël Aviad Ossi |
Bug Bounty | 2021-04-21 | 2023-06-13 |
| 2604 | Relaying Potatoes: Another Unexpected Privilege Escalation Vulnerability in Windows RPC Protocol |
Local Privilege Escalation |
Microsoft |
Antonio Cocomazzi (@splinter_code) |
Bug Bounty | 2021-04-26 | 2023-06-13 |
| 2599 | The False Oracle — Azure Functions Padding Oracle Issue |
Padding oracle attack
Privilege escalation |
Microsoft |
polarply (@polarply) |
Bug Bounty | 2021-04-28 | 2023-06-13 |
| 2574 | CVE-2021-1815 – MacOS Local Privilege Escalation Via Preferences |
Local Privilege Escalation |
Apple |
Offensive Security (@offsectraining) |
Bug Bounty | 2021-05-06 | 2023-06-13 |
| 2564 | CVE-2021-27075: Microsoft Azure Vulnerability Allows Privilege Escalation and Leak of Private Data |
Privilege escalation |
Microsoft |
Intezer |
Bug Bounty | 2021-05-11 | 2023-06-13 |
| 2557 | Mass Assignment exploitation in the wild - Escalating privileges in style |
Mass assignment
Privilege escalation |
NA |
Gal Nagli (@naglinagli) |
Bug Bounty | 2021-05-14 | 2023-06-13 |
| 2537 | 13 Nagios Vulnerabilities, #7 will SHOCK you! |
RCE
Local Privilege Escalation
XSS
Security code review |
Nagios |
Samir Ghanem (@sam0x21r) |
Bug Bounty | 2021-05-20 | 2023-06-13 |
| 2532 | Finding and Exploiting Unintended Functionality in Main Web App APIs |
IDOR
Information disclosure
Privilege escalation |
NA |
Bend Theory (@bendtheory) |
Bug Bounty | 2021-05-21 | 2023-06-13 |
| 2517 | Metadata service MITM allows root privilege escalation (EKS / GKE) |
Kubernetes
Privilege escalation
MiTM |
Google |
Etienne Champetier / champtar |
Bug Bounty | 2021-05-30 | 2023-06-13 |
| 2509 | Huawei LTE USB Stick E3372: From File Overwrite to Code Execution |
Local Privilege Escalation |
Huawei |
Martin Rakhmanov (@mrakhmanov) |
Bug Bounty | 2021-06-02 | 2023-06-13 |
| 2495 | Joomla Password Reset Vulnerability And A Stored XSS For Full Compromise |
Password reset
Stored XSS
Privilege escalation
RCE
Security code review |
NA |
Adrian Tiron (@Adrian__T) |
Bug Bounty | 2021-06-07 | 2023-06-13 |
| 2485 | [Google VRP] Privilege escalation on https://dialogflow.cloud.google.com |
Authorization flaw
Logic flaw |
Google |
lalka (@0x01alka) |
Bug Bounty | 2021-06-13 | 2023-06-13 |
| 2473 | Part-1 Dive into Zoom Applications |
CSRF
Payment bypass
Logic flaw
Account takeover
Privilege escalation |
Zoom |
Rakesh Thodupunoori (@rakesh_3895) |
Bug Bounty | 2021-06-16 | 2023-06-13 |
| 2469 | Certified Pre-Owned |
Active Directory Privilege Escalation
ADCS
Windows |
Microsoft |
Will Schroeder (@harmj0y) |
Bug Bounty | 2021-06-17 | 2023-06-13 |
| 2467 | M1 Macs GateKeeper bypass aka CVE-2021-30658 |
Local Privilege Escalation |
Apple |
Wojciech Reguła (@_r3ggi) |
Bug Bounty | 2021-06-18 | 2023-06-13 |
| 2460 | Unprivileged User with Read/Write permission to `User Access` can escalate their role to ADMIN — Privilege Escalation |
Privilege escalation |
NA |
Ertugrul Ozdemir (@ertugrulphp) |
Bug Bounty | 2021-06-20 | 2023-06-13 |
| 2449 | From Information Disclosure to interesting Privilege Escalation |
Information disclosure
Account takeover
Privilege escalation |
NA |
David Shaul (@dudy2kk) |
Bug Bounty | 2021-06-25 | 2023-06-13 |
| 2427 | CVE-2021-22555: Turning x00x00 into 10000$ |
Memory corruption
Local Privilege Escalation |
Google |
Andy Nguyen (@theflow0) |
Bug Bounty | 2021-07-07 | 2023-06-13 |
| 2425 | Discovering Zero-Day Vulnerabilities in McAfee Products |
Local Privilege Escalation |
McAfee |
mr.d0x (@mrd0x) |
Bug Bounty | 2021-07-09 | 2023-06-13 |
| 2398 | IBM HMC Exploit CVE-2021-29707 |
Local Privilege Escalation |
IBM |
Thomas Cope |
Bug Bounty | 2020-10-21 | 2023-06-13 |
| 2389 | How I Found Multiple Bugs On FaceBook In 1 Month And a Part For My Methodology & Tools |
SSTI
SQL injection
Authentication bypass
Privilege escalation
Reflected XSS |
Meta / Facebook |
Orwa Atyat (@GodfatherOrwa) |
Bug Bounty | 2021-07-23 | 2023-06-13 |
| 2355 | Privilege Escalation | stealing user’s point | Bugcrowd |
IDOR
Privilege escalation |
NA |
Abhind Abhi |
Bug Bounty | 2021-08-02 | 2023-06-13 |
