AllVideoPocsFromHackerOne/weakness/Missing Required Cryptographic Step/readme.md at main · zeroc00I/AllVideoPocsFromHackerOne · GitHub

45 lines (33 loc) · 696 Bytes

Title

Constant-time comparison is not always implemented; critical areas are vulnerable to key-timing attacks

URL

https://hackerone.com/reports/363680

Severity score

null

Reporter

anonimal

Bounty paid

null

Title

Phabricator is vulnerable to padding oracle attacks and chosen-ciphertext attacks.

URL

https://hackerone.com/reports/216746

Severity score

5.3

Reporter

edoverflow

Bounty paid

$750

Title

Fedora installation instructions fetch repo and validation key from insecure source, allowing mitm attack

URL

https://hackerone.com/reports/638250

Severity score

null

Reporter

hanno

Bounty paid

$216