-
@crystalhazen and I were discussing how we could leverage some of the things we've discussed and turn it into an MVP that we could see some value out of, the following is what we came up with.
## P…
-
## CVE-2018-3737 - High Severity Vulnerability
Vulnerable Library - sshpk-1.13.0.tgz
A library for finding and using SSH public keys
Library home page: https://registry.npmjs.org/sshpk/-/sshpk-1.13.…
-
Link: https://hackerone.com/reports/972043
Date: 2020-09-01 12:02:34 UTC
By: bishop
Weakness: Insufficiently Protected Credentials
Details:
This is awesome.
And we can write multiple …
-
# https://hackerone.com/reports/2481394
## Summary:
Malicious validator send fake block locator and halt the network(node is syncing)
## Steps To Reproduce:
1. Use this [branch](https://…
-
Hi there,
I've seen that your leaking your API Key and tokens publicly
You can see the leak here:
https://github.com/xkjyeah/ams-bookings/blob/99234495f245472af02459f3a6d79240b2b4a0a9/src/main.…
-
## CVE-2018-3737 - High Severity Vulnerability
Vulnerable Library - sshpk-1.13.1.tgz
A library for finding and using SSH public keys
Library home page: https://registry.npmjs.org/sshpk/-/sshpk-1.13.…
-
## Service name
Medium - [https://medium.com/](https://medium.com/)
## Proof
https://hackerone.com/reports/1034023
## Documentation
https://help.medium.com/hc/en-us/articles/115003053487-Settin…
-
## Description
There is Denial of Service (DoS) because `imageproxy` didn't check the size of the pixel image
## Affected version
Latest version (0.11.2)
## CVSS Score
CVSS:3.1/AV:N/AC:L/PR:N…
-
Original report: https://hackerone.com/reports/837706
Upstream bug (wontfix): https://bugs.chromium.org/p/chromium/issues/detail?id=1067872
Proposed fix is to check that the binary is either:
- o…
-
## this is what security.md says
![Image](https://github.com/user-attachments/assets/1ba38b4c-f131-447e-a245-2f1e927d2241)
## this is what happens if you follow security.md
https://x.com/gadikian/s…