关键字【U.S. Dept Of Defense】的搜索结果共239记录

公开时间 奖金 作者 标题 厂商 漏洞类型
2019-01-16 $ websecnl SOAP WSDL Parser SQL Code Execution U.S. Dept Of Defense SQL Injection
2019-01-11 $ mik317 Account takeover due to CSRF in "Account details" option on █████████ U.S. Dept Of Defense Cross-Site Request Forgery (CSRF)
2018-12-17 $150.0 mushicious Field Day With Protocol Handlers Brave Software none
2018-12-12 $ tvgfvghjbhunj Brave allows flash to follow 307 redirects to other origins with arbitrary content-types Brave Software Violation of Secure Design Principles
2018-12-06 $512.0 avinash_ Account takeover at https://try.discourse.org due to no CSRF protection in connecting Yahoo account Discourse Cross-Site Request Forgery (CSRF)
2018-11-18 $256.0 bobrov Web Cache Deception Attack (XSS) Discourse Cross-site Scripting (XSS) - Stored
2018-10-23 $650.0 qab chrome://brave navigation from web Brave Software Code Injection
2018-10-23 $300.0 qab chrome://brave can still be navigated to, leading to RCE Brave Software Code Injection
2018-10-22 $300.0 metnew RCE: DnDing shortcut files to chrome://brave allows loading HTML files in Muon's context Brave Software none
2018-10-22 $150.0 bobrov [Android] HTML Injection in BatterySaveArticleRenderer WebView Brave Software Cross-site Scripting (XSS) - Generic
2018-10-19 $250.0 bobrov [theacademy.upserve.com] Reflected XSS Query-String Upserve Cross-site Scripting (XSS) - Reflected
2018-10-09 $50.0 metnew Navigation to restricted origins via "Open in new tab" Brave Software none
2018-10-04 $ metnew `settingcontent-ms` files lacks "mark of the web" => execute code by dbl click in Downloads toolbar Brave Software none
2018-10-04 $50.0 metnew Cross-origin page stays focused before/after downloading + uninformative modal window for download Brave Software none
2018-10-04 $ metnew `alert()` dialogs on `chrome-extension://` origin (internal pages) Brave Software none