942 | The Danger of Falling to System Role in AWS SDK Client |
Cloud
Privilege escalation
Security misconfiguration |
NA |
Fracensco Lacerenza (@lacerenza_fra) |
Bug Bounty | 2022-10-18 | 2023-06-13 |
937 | Scan QR Code and Got Hacked (CVE-2021–43530 : UXSS on Firefox Android Version) |
Universal XSS
Android |
Mozilla |
hafiizh |
Bug Bounty | 2022-10-19 | 2023-06-13 |
936 | CVE-2022-3236: Sophos Firewall User Portal and Web Admin Code Injection |
RCE
Code injection
Security code review |
Sophos |
Guy Lederfein (@glederfein) |
Bug Bounty | 2022-10-19 | 2023-06-13 |
934 | FabriXss (CVE-2022-35829): How We Managed to Abuse a Custom Role User Using CSTI and Stored XSS in Azure Fabric Explorer |
CSTI
Stored XSS |
Microsoft |
Lidor Ben Shitrit |
Bug Bounty | 2022-10-19 | 2023-06-13 |
933 | Second Order XXE Exploitation |
XXE
Arbitrary file read |
NA |
Kuldeep Pandya (@kuldeepdotexe) |
Bug Bounty | 2022-10-19 | 2023-06-13 |
932 | HTTP/3 connection contamination: an upcoming threat? |
HTTP connection contamination |
NA |
James Kettle (@albinowax) |
Bug Bounty | 2022-10-19 | 2023-06-13 |
931 | A New Attack Surface on MS Exchange Part 4 - ProxyRelay! |
RCE
Privilege escalation |
Microsoft |
Orange Tsai (@orange_8361) |
Bug Bounty | 2022-10-19 | 2023-06-13 |
930 | 23000$ for Authentication Bypass & File Upload & Arbitrary File Overwrite |
JWT
Authentication bypass
Arbitrary file write
Unrestricted file upload |
NA |
Souhaib Naceri (@h4x0r_dz) |
Bug Bounty | 2022-10-19 | 2023-06-13 |
927 | SHA-3 Buffer Overflow |
Buffer Overflow
Memory corruption
Cryptographic issues |
XKCP
Apple
Python
PHP
PyPy
SHA3 for Ruby |
Nicky Mouha |
Bug Bounty | 2022-10-20 | 2023-06-13 |
923 | $1,000+ P1: PII Disclosure W/ IDOR |
IDOR |
NA |
Graham Zemel (@grahamzemel) |
Bug Bounty | 2022-10-21 | 2023-06-13 |
922 | Sail away, sail away, sail away |
RCE
Privilege escalation |
NA |
Reino Mostert |
Bug Bounty | 2022-10-21 | 2023-06-13 |
921 | Broken Link Hijacking — My Second Finding on Hackerone! |
Broken link hijacking |
NA |
mehedishakeel (@mehedishakeel) |
Bug Bounty | 2022-10-23 | 2023-06-13 |
916 | How I Found A Simple Stored XSS |
Stored XSS |
NA |
Raymond Lind |
Bug Bounty | 2022-10-24 | 2023-06-13 |
915 | SSRF & LFI In Uploads Feature |
SSRF
LFI |
NA |
Raymond Lind |
Bug Bounty | 2022-10-24 | 2023-06-13 |
913 | Remote Code Execution by Abusing Apache Spark SQL |
SQL injection
RCE |
NA |
Colin McQueen |
Bug Bounty | 2022-10-24 | 2023-06-13 |
910 | Eat What You Kill :: Pre-authenticated Remote Code Execution in VMWare NSX Manager |
RCE
Insecure deserialization
Security code review |
VMware |
Sina Kheirkhah (@SinSinology) |
Bug Bounty | 2022-10-25 | 2023-06-13 |
909 | Support supports a Hacker |
Social engineering
Spoofing
Authorization flaw
Account takeover |
NA |
mechboy (@mechboy_) |
Bug Bounty | 2022-10-25 | 2023-06-13 |
908 | Chaining multiple vulnerabilities for credential stealing |
CSRF
Self-XSS
XSS |
NA |
Bartłomiej Bergier (@_bergee_) |
Bug Bounty | 2022-10-25 | 2023-06-13 |
907 | Microsoft SharePoint Server Post-Authentication Server-Side Request Forgery vulnerability |
SSRF |
Microsoft |
Li Jiantao (@CurseRed) |
Bug Bounty | 2022-10-25 | 2023-06-13 |
906 | GL.iNET GL-MT300N-V2 Router Vulnerabilities and Hardware Teardown |
OS command injection
Arbitrary file read
Information disclosure
Account takeover
Stored XSS
Lack of rate limiting
Weak credentials
Password policy bypass |
GL.iNet |
Olivier Laflamme (@olivier_boschko) |
Bug Bounty | 2022-10-26 | 2023-06-13 |
905 | Stored XSS To Cookie Exfiltration |
Stored XSS |
NA |
Raymond Lind |
Bug Bounty | 2022-10-26 | 2023-06-13 |
904 | SSRF Bug Leads To AWS Metadata Exposure |
SSRF |
NA |
Raymond Lind |
Bug Bounty | 2022-10-26 | 2023-06-13 |
903 | SSD Advisory – Galaxy Store Applications Installation/Launching without User Interaction |
XSS |
Samsung |
- |
Bug Bounty | 2022-10-26 | 2023-06-13 |
901 | SiriSpy - iOS bug allowed apps to eavesdrop on your conversations with Siri |
iOS
MacOS
Bluetooth
Local Privilege Escalation
TCC bypass |
Apple |
Guilherme Rambo (@_inside) |
Bug Bounty | 2022-10-26 | 2023-06-13 |
900 | Client Side Desync Attack (CL.0 Request Smuggling) — Bounty of $150 |
HTTP Request Smuggling
Client-Side Desync attack |
NA |
Bodhendu Panda |
Bug Bounty | 2022-10-26 | 2023-06-13 |