Vulnerability Magazine - Bug Bounties, Acknoweldgements & Security Research | Vulnerability Magazine - Bug Bounties, Acknoweldgements & Security Research

Apple extends exisiting private bug bounty program at the end of the year

Friday, August 9, 2019

Posted by Editorial_Staff_Team

Reader's rate:

Apple Updates Bug Bounty Program Q4 In recent years, Apple and the company around cupertino have received massive criticism about the current Bug Bounty program. Among other things, well-known security researchers from the scene have criticized Apple for a faulty program, which attracts others but... + continue reading

Telekom Magenta Musik 360 - Multiple Cross Site Scripting Vulnerabilities

Thursday, March 7, 2019

Posted by Editorial_Staff_Team

Videos

1 comment(s)

Reader's rate:

Telekom Magenta Musik 360 - CERT Coordinates The videos shows the reproduce for the german telekom in a new service they did publish in 2019 Q1. The vulnerabilities are persistent and non-persistent cross site scripting issues within the front / backend of the online service. Remote attackers... + continue reading

Swiss Governemnt Starts E-Voting PIT Bug Bounty Program in February

Friday, February 15, 2019

Posted by Editorial_Staff_Team

Top Stories

1 comment(s)

Reader's rate:

Internation Bug Bounty Program to PenTest E-Voting System The federal government of switzerland offers hackers who can uncover vulnerabilities, privacy issues or simple bugs in its e-voting system up to 44,000 euros. International White Hat or ethics hackers are given the opportunity to... + continue reading

Apple iOS 12.0 - 12.1.1 - PassCode Bypass Vulnerability

Monday, December 24, 2018

Posted by Editorial_Staff_Team

Bug Bounty

0 comment(s)

Reader's rate:

Yes, we did it again! Due to the last few years we have discovered several problems that bypass the password protection mechanism of ios. In recent weeks we have discovered a new problem affecting the latest ios versions 12.1 and 12.1.1.1. The vulnerability allows password protection to be... + continue reading

Microsoft BingPlaces Business - (url) Redirect Vulnerability

Friday, November 16, 2018

Posted by Editorial_Staff_Team

Bug Bounty

2 comment(s)

Reader's rate:

Open Redirect in Microsoft BingPlaces Business uncovered Security researchers of the vulnerability laboratory uncovered this week an open redirect vulnerability in the famous microsoft bingplaces business web-application. The issue allows to redirect users by client-side get method request to... + continue reading

Google Expands Vulnerability Reward Program - Combat Platform Abuse in 2018

Monday, August 20, 2018

Posted by Editorial_Staff_Team

Bug Bounty

2 comment(s)

Reader's rate:

Google Expands Existing Bug Bounty Program in 2018 Google now wants to reward security researchers who are able to report methods of misuse of googles product series. Google has expanded its bug bounty program to include rewards that go beyond reporting specific vulnerabilities. Security... + continue reading

New Banana PI R1 SD V3 Case for Devs & PenTesters Available

Tuesday, July 24, 2018

Posted by Editorial_Staff_Team

Top Stories

0 comment(s)

Reader's rate:

New Banana PI R1 SD V3 Case Available The Banana Pi R1 is a router based on the same SoC as the M1 Classic Pi. The R1 is an open hardware router that runs on a variety of open source operating systems such as OpenWrt, Android and Bananian. The R1 has a slim router form factor with a bay for 2.5... + continue reading

Mozilla's New ASan Nightly Build Project Bug Bounty Program 2018

Monday, July 23, 2018

Posted by Editorial_Staff_Team

Top Stories

0 comment(s)

Reader's rate:

Mozilla's New ASan Nightly Build Project Bug Bounty Program 2018 A new solution of the Nightly Build was opened with a bug bounty program from Mozilla Corporation in the last days. With a special variant of the Nightly Builds of the Firefox browser, users can search for memory errors... + continue reading

Hacker Injects Arbitrary Codes to Main Lead Database of Adobe Systems

Thursday, July 19, 2018

Posted by Editorial_Staff_Team

Top Stories

1 comment(s)

Reader's rate:

Vulnerability Affecting Main Lead Database of Adobe Systems Within the last years the vulnerability lab core research team and individuals around the lab infrastructure discovered a lot of zero-day vulnerabilities to the psirt team of adobe system. More and more issues was resolved during the... + continue reading

Featured Cooperative Security Articles

Apple extends exisiting private bug bounty program at the end of the year

Friday, 09/08/19 - 2 comment(s)

Telekom Magenta Musik 360 - Multiple Cross Site Scripting Vulnerabilities

Thursday, 07/03/19 - 1 comment(s)

This Week Most Popular

BUG BOUNTY ISSUES

Apple iOS 12.0 - 12.1.1 - PassCode Bypass Vulnerability

Monday, 24/12/18 - 0 comment(s)

Microsoft BingPlaces Business - (url) Redirect Vulnerability

16/11/18 - 2 comment(s)

Google Expands Vulnerability Reward Program - Combat Platform Abuse in 2018

20/08/18 - 2 comment(s)

New Bug Bounty Program for Identity Technologie by Microsoft

18/07/18 - 0 comment(s)

VULNERABILITIES & BUGS

Lab Researcher discovered Microsoft Skype Denial of Service Vulnerability

Thursday, 29/03/18 - 1 comment(s)

Microsoft Skype Mobile v8.x - Remote Denial of Service Vulnerability Vulnerability Labs core team discovered a new denial of service vulnerability and rendering problem in Skype Mobile Client v8.... + continue reading

Apple iOS v10.2 & v10.3 - SMS Reply Access Permission Vulnerability

14/08/17 - 2 comment(s)

Stack Buffer Overflow Zero Day Vulnerability uncovered in Microsoft Skype v7.2, v7.35 & v7.36

28/05/17 - 3 comment(s)

Adobe Connect v9.5.6 - (CVE-2016-7851) Persistent Cross Site Vulnerability

10/11/16 - 0 comment(s)

BEST SECURITY VIDEOS

Telekom Magenta Musik 360 - Multiple Cross Site Scripting Vulnerabilities

Thursday, 07/03/19 - 1 comment(s)

PayPal Inc patched medium severity Cross Site Request Forgery Issue

25/08/15 - 0 comment(s)

Shopify | Buy Button | Persistent Embed POST Inject Vulnerability

13/08/15 - 8 comment(s)

UBNT Bug Bounty #3 - Persistent Filename Vulnerability

11/08/15 - 0 comment(s)

LAB MAGAZINE ISSUES

Welcome to "Vulnerability Magazine"

Wednesday, 12/03/14 - 1 comment(s)

Vulnerability Magazine Welcome to the Vulnerability Magazine! The the vulnerability magazine, publishes the latest vulnerabilities and security informations from our laboratory infrastructure.... + continue reading

IT-SECURITY EVENTS

Edward Snowden free speech at JBFone - Data Security & Privacy

Friday, 24/11/17 - 2 comment(s)

Legendary free speech - You are the Key! In the last weeks we got invited to the very famous JBFone Conference organized by the Fiducia & GAD IT AG. The Fiducia & GAD IT AG is a public... + continue reading

Internet Security Conference 2017 by Qihoo 360

22/09/17 - 0 comment(s)

Manchester City - Football Club hosts first Hackathon in July 2016

05/07/16 - 0 comment(s)

Hack in the Box | Amsterdam 2015 | HITB

31/05/15 - 3 comment(s)

ARTICLES - IMAGES GALLERY PREVIEW

Apple extends exisiting private bug bounty program at the...

Telekom Magenta Musik 360 - Multiple Cross Site Scripting...

Swiss Governemnt Starts E-Voting PIT Bug Bounty Program in...

Apple iOS 12.0 - 12.1.1 - PassCode Bypass Vulnerability

Microsoft BingPlaces Business - (url) Redirect Vulnerability

Google Expands Vulnerability Reward Program - Combat...

New Banana PI R1 SD V3 Case for Devs & PenTesters...

Mozilla's New ASan Nightly Build Project Bug Bounty...

Hacker Injects Arbitrary Codes to Main Lead Database of...

New Bug Bounty Program for Identity Technologie by Microsoft

New HackRF Case for Devs & Pentesters Released (ABS...

AT&T Corporation - Lab uncovers new details about...

Lab Researcher discovered Microsoft Skype Denial of Service...

PayPal Inc Increases Bug Bounty Payments in 2018 up to 30....

PayPal Inc Updates the Bug Bounty Program with Venmo...

Intel expands the own Bug Bounty Program for Security...

Banknotes Misproduction security & biometric weakness

Wickr Inc - App Clock & Message Deletion Glitch

Edward Snowden free speech at JBFone - Data Security &...

Google starts new - Security Reward Program for Android Apps

Fri

Jul

PayPal Bug Bounty - Ethernet Portal Backend Vulnerability in User Profile Values

Submitted by Editorial_Staff_Team on Fri, 07/04/2014 - 17:23

PayPal Inc Bug Bounty Program Rewards Researcher for Ethernet Portal Backend Vulnerability in User Profile Values

In 2013 the founder of the vulnerability laboratory "benjamin kunz mejri" discovered a vulnerability inside of the backend service of the paypal inc. The issue was tricky to exploit and located on the application-side of the paypal web-server account system.

In the morning of the 2013-12-02 the security researcher got notified by a secure mail service of an official paypal security manager. The mail reveals the details of an incident and the vulnerability laboratory started investigation in the reverse analysis because of the late response.

Tue

Jun

List of Bug Bounty Programs & Security Reward Programs became available in April! (NEW UPDATES!)

Submitted by Editorial_Staff_Team on Tue, 06/10/2014 - 15:32

List of Bug Bounty Programs & Security Reward Programs became available in April! (NEW UPDATES!)

2 weeks ago we updated the main static header of the laboratory to provide all visitors and members a new (up2date) security program list. The listing has been implemented to provide researchers a trusted place and point for exchange and work-share.

The list provides different categories like vendor, bug bounty/reward, gift/benefit/swag but also security acknowledgements. As special category we also a review of the public and silent security programs.

The list gets an update every 48h - 74h to become a stable, trusted and free resource. On top of the website are the `Last 5 - New Security Programs` as items to review. A count of the public and silent security program entries is also available to all members and public visitors.