readme.md
January 20, 2023 ยท View on GitHub
Title
Domain does not Match SSL Certificate
URL
https://hackerone.com/reports/504507
Severity score
null
Reporter
kittiesscript
Bounty paid
null
Title
http://lists.parrotsec.org vulnerable to MITM
URL
https://hackerone.com/reports/238344
Severity score
null
Reporter
nobody_cares_
Bounty paid
null
Title
XSS on account.mail.ru/login
URL
https://hackerone.com/reports/291522
Severity score
null
Reporter
obmi
Bounty paid
$500
Title
Build fetches jars over HTTP
URL
https://hackerone.com/reports/506161
Severity score
null
Reporter
jlleitschuh
Bounty paid
$1,000
Title
Email verification over an unencrypted channel
URL
https://hackerone.com/reports/224287
Severity score
null
Reporter
pavanw3b
Bounty paid
null
Title
registry.nodejs.org Subdomain Takeover
URL
https://hackerone.com/reports/340580
Severity score
null
Reporter
dade
Bounty paid
null
Title
federalist.18f.gov vulnerable to Sweet32 attack
URL
https://hackerone.com/reports/263553
Severity score
null
Reporter
r0p3
Bounty paid
null
Title
ssl cookkie without secure flag set
URL
https://hackerone.com/reports/481733
Severity score
2.5
Reporter
khalidhissen
Bounty paid
$100
Title
Free food bug done by burp suite
URL
https://hackerone.com/reports/762883
Severity score
null
Reporter
joker7889
Bounty paid
null
Title
Web protection component in Anti-Virus products family ignores HSTS security policy
URL
https://hackerone.com/reports/461780
Severity score
null
Reporter
palant
Bounty paid
null
Title
[Critical] billion dollars issue
URL
https://hackerone.com/reports/244836
Severity score
null
Reporter
abdel-fattah-elsisi
Bounty paid
null
Title
[https-proxy-agent] Socket returned without TLS upgrade on non-200 CONNECT response, allowing request data to be sent over unencrypted connection
URL
https://hackerone.com/reports/541502
Severity score
6.1
Reporter
kadler15
Bounty paid
null
Title
Repositories of datanucleus are fetched over insecure protocol (http insted of https)
URL
https://hackerone.com/reports/879740
Severity score
8.1
Reporter
keval_j
Bounty paid
null
Title
burp does not validate the common name of the presented collaborator server certificate
URL
https://hackerone.com/reports/337680
Severity score
null
Reporter
morisson
Bounty paid
$1,500
Title
Passive mixed content issues on the site https://*.fanduel.com
URL
https://hackerone.com/reports/437800
Severity score
null
Reporter
mobius07
Bounty paid
$100
Title
Node.js: TLS session reuse can lead to hostname verification bypass
URL
https://hackerone.com/reports/811502
Severity score
null
Reporter
fwilhelm
Bounty paid
$250
Title
Missing DNSSEC
URL
https://hackerone.com/reports/509390
Severity score
null
Reporter
jelle293
Bounty paid
null
Title
Download of (later executed) .NET installer over insecure channel
URL
https://hackerone.com/reports/272231
Severity score
null
Reporter
skanthak
Bounty paid
null
Title
Industry-Wide MITM Vulnerability Impacting the JVM Ecosystem
URL
https://hackerone.com/reports/608620
Severity score
7.1
Reporter
jlleitschuh
Bounty paid
null
Title
Mixed content issues on newrelic.com
URL
https://hackerone.com/reports/700091
Severity score
null
Reporter
reformedot
Bounty paid
null
Title
Uncloaking hidden services and hidden service users
URL
https://hackerone.com/reports/268113
Severity score
null
Reporter
hackerfactor
Bounty paid
null
Title
Catch mails sent to an SMTP Server over SSL using an Evil SMTP Server
URL
https://hackerone.com/reports/519582
Severity score
7.5
Reporter
smartnoob
Bounty paid
$1,604