Lucene search
K

31 matches found

MSRC
MSRC
added 2023/10/12 7:0 a.m.19 views

Introducing the Microsoft AI Bug Bounty Program featuring the AI-powered Bing experience

Today at BlueHat we announced the new Microsoft AI bug bounty program with awards up to $15,000. This new bounty program features the AI-powered Bing experience as the first in scope product. The following products and integrations are eligible for bounty awards: AI-powered Bing experiences on...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/08/07 12:0 a.m.8 views

Flashloan excess debt is not sent to user

Lines of code Vulnerability details Impact These vulnerabilities can have the following impacts: 1. Liquidators may lose their eligible funds due to missing transfers of excess debt assets. 2. Excess debt TR tokens could remain in the contract after LP.flashloan claim back borrowed funds, which c...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/08/04 12:0 a.m.8 views

AirdropBroker.sol#L442 : _participatePhase3 - PHASE_3_AMOUNT_PER_USER should be multiplied by 1e18

Lines of code Vulnerability details Impact Incorrect eligibleAmount is minted to the user. Proof of Concept An eligible user can call the participatePhase3 function and mint the aToken to them. function participatePhase3 bytes calldata data internal returns uint256 oTAPTokenID uint256 tokenID =...

6.9AI score
Exploits0
MSRC
MSRC
added 2022/04/14 7:0 a.m.9 views

Expanding High Impact Scenario Awards for Microsoft Bug Bounty Programs

We are excited to announce the addition of scenario-based bounty awards to the Dynamics 365 and Power Platform Bounty Program and M365 Bounty Program. Through these new scenario-based bounty awards, we encourage researchers to focus their research on vulnerabilities that have the highest potentia...

0.8AI score
Exploits0
MSRC
MSRC
added 2021/07/19 7:0 a.m.15 views

Introducing Bounty Awards for Teams Mobile Applications Security Research

We are pleased to announce the addition of Microsoft Teams mobile applications to the Microsoft Applications Bounty Program. Through the expanded program we welcome researchers from across the globe to seek out and disclose any high impact security vulnerabilities they may find in Teams mobile...

1.3AI score
Exploits0
The Hacker News
The Hacker News
added 2019/12/20 1:18 p.m.3 views

Apple Opens Its Invite-Only Bug Bounty Program to All Researchers

As promised by Apple in August this year, the company today finally opened its bug bounty program to all security researchers, offering monetary rewards to anyone for reporting vulnerabilities in the iOS, macOS, watchOS, tvOS, iPadOS, and iCloud to the company. Since its launch three years ago,...

6.2AI score
Exploits0
MSRC
MSRC
added 2019/03/12 11:44 p.m.54 views

Practical advice for earning higher Microsoft bounty awards

This year at the Nullcon International Security Conference I shared practical advice for how security researchers can maximize the impact of their security vulnerability submissions and earn higher bounty awards under the Microsoft Bounty Program. For those who couldn’t be there, I had two core...

0.1AI score
Exploits0
Hacker One
Hacker One
added 2015/10/07 6:58 a.m.35 views

HackerOne: HackerOne Private Programs users disclosure and de-anonymous-ize

Hi HackerOne Team, I have found a bug in HackerOne Platform allows any attacker to deanonymousize any security researcher using the platform and the most wild usage is to disclose some information about this security researcher if he is invited to a private program or not. Unfortunately HackerOne...

0.2AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.9 views

ESUEditions_Server2012R2_08022022

Detetcoid that verifies if a machine has ESU eligible Editions...

2.8AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.8 views

ESUEditions_Win7_01032020

Detetcoid that verifies if a machine has ESU eligible Editions...

2.8AI score
Exploits0
Microsoft Security Update
Microsoft Security Update
added 1970/01/01 12:0 a.m.12 views

ESUEditions_Server2K8_2K8R2_01032020

Detectoid that evaluates to true for ESU eligible editions on Server 2008 and Server 2008 R2...

2.4AI score
Exploits0
Rows per page
Query Builder