We are committed to protecting our customers’ information. Perform research only within the scope set out below; 3. Hall of Fame; Responsible Disclosure Form; Hall of Fame Hall of Fame Acknowledgments We would like to acknowledge the following men and women who have reported a vulnerability in our environment. Thanks to all for their participation, and have made a disclosure to us to help keep the internet and our customers and patients safe. Hall of Fame. October 2020 Same site scripting, discovered by MTK, rewarded with a t-shirt (#479) Evernote Security Hall of Fame. This page contains the Hall of Fame, with a (mostly up-to-date) list of all those people that have highlighted security issues to us. Ltd. rewarded with a t-shirt (#182) SSL configuration issue discovered by an anonymous researcher rewarded with a t-shirt (#606) September 2014 XSS via referrer header discovered by Osama Mahmood rewarded with a t-shirt (#500) Autocomplete on password field, discovered by an Anonyous Researcher, rewarded with a 100E donation to Room to Reard (#501) Version disclosure, discovered by an Anonyous Researcher, rewarded with a 100E donation to Room to Reard (#508) XSS in www.schubergphilis.com discovered by Danish Tariq and Ali hassah ghauri rewarded with a t-shirt (#8), 17.12.2020 Deprecated Acceptance Site Exposed discovered by Victor Angelier (https://thecodingcompany.se), rewarded with a €50 gift card for Getdigital (#3173) Participating security researchers - 2019 - current. Hall of Fame | Responsible Disclosure. Name servers software version exposure discovered by Jatinpreet Singh, reward pending (#218) June 2013 On this page you'll find the Hall Of Fame of those who have reported system vulnerabilities to us through our Responsible Disclosure … Responsible disclosure Hall of fame We would like to thank these people for their contributions to making our systems safer. At SignUp.com, we believe that when people get together, great things happen. We understand that there is no silver bullet when it comes to security and there are times when security bugs sneak through despite our best efforts. At Zeta, we treat the security of our users' money and personal data as our highest priority. The same XSS on www.schubergphilis.com also discovered by Sergey Markov rewarded with a t-shirt (#39) We want to thank everybody who reported a vulnerability responsibly. The point of contact is security@occrp.org, PGP/GPG fingerprint: 8AA2 D5B4 A0B5 B3DA E547 238C 5237 8B24 FB18 D161. Reflected XSS discovered by Wen Bin Kong (@kongwenbin, https://linkedin.com/in/kongwenbin) rewarded with a t-shirt (#2634) To ensure the proper delivery of thousands of letters and packages a day, we pay a lot of attention to the cyber security of our IT systems. Directory listing vulnerability in www.seccubus.com discovered by Siddhesh Gawde reward pending (#196) Secura supports Responsible Disclosure in a variety of ways. It is a direct result of our responsible disclosure policy, which we implemented in December 2012, modeled after the work of Floor Terra. Clickjacking vulnerability in photos.schubergphilis.com discovered by Tushar Kumbhare of Defencely rewared with a € 100,- donation to Room to Read (#16) This page contains the ‘Hall of Fame, with a (mostly up-to-date) list of all those people that have highlighted security issues to us. Responsible disclosure policy Hall of Fame Responsible disclosure policy When disclosing security issues to us, please follow RFPolicy 2.0. The first person who submits a valid report to responsible.disclosure@uu.nl is listed in the Hall of Fame. Cookie/session handling vulnerability in xxx.schubergphilis.com discovered by an anonymous researcher, reward pending (#136) December 2015 Hall of Honors . 1000 Hall of Fame Avenue Springfield, Massachusetts 01105. Muhammad Osama rewarded with a t-shirt A lifetime Oiler, Munchak was inducted into the Pro Football Hall of Fame in 2001. If you’ve discovered a security concern, please email us at appc.su March 2014 The first person who submits a valid report to responsible.disclosure@uu.nl is listed in the Hall of Fame. XSS in www.schubergphilis.com discovered by SimranJeet Singh rewarded with a t-shirt (#17) ... in our Security Researcher Hall of Fame. Whether or not a security vulnerability report is in compliance with this Responsible Disclosure Policy and a Researcher is eligible for inclusion in our Hall of Fame is in our sole discretion. At POM, we consider the security of our solutions and systems a top priority. The following people have qualified for a Detectify Security Reward by disclosing a security issue following our disclosure guidelines.On behalf of our users (and us), we thank the named individuals for helping make Detectify products safer: Contact; Brand Partner Hub. If you follow t… 7522 NB Enschede. Hall of Fame. (#392) Rewarded with an amazon gift card. Information disclosure vulnerability in jira.schubergphilis.com discovered by Kamil Sevi rewarded with a t-shirt (#137) Make every effort to avoid privacy violations, degradation of user experience, disruption to production systems, and destruction of data during security testing; Directory listing vulnerability and a CLickjacking vulnerability in www.seccubus.com discovered by Hammad Shamsi rewarded with a t-shirt(#195 and #200) We, Security Souls would like to express our gratitude to the following people for making a responsible disclosure to us and helping make our Applications. Security and privacy of our users is very important for us. Hall of Fame Disclosure The Hall of Fame was an elite group of financial representatives of former broker-dealer Signator Investors, Inc. and the John Hancock family of companies. XSS on www.schubergphilis.com discovered by Sergey Bobrov of Positive Technologies rewarded with a t-shirt (#176) XSS in www.schubergphilis.com via flash discovered by Darius Petrescu and (akkiliON) rewarded with a t-shirt (#11) Out of scope. CSRF in seccubus.com discovered by Jatinpreet Singh, reward pending (#208) We require that all researchers: 1. Responsible research that reveals qualifying issues in accordance with this policy could be eligible for inclusion in our Hall of Fame. Hall of fame (responsible disclosure) We want to thank everybody who reported a vulnerability responsibly. Clickjack vulnerability in service.schubergphilis.com discovered by Yogesh Modi, rewarded with a € 100,- donation to Room to Read(#227) Some of his achievements:Hall of Fame: Apple,Nokia, Oracle, Assus, SAP, CheckPoint, Proofpoint, (50+ Sites) Charan Mukkamala. We believe responsible disclosure of any security vulnerabilities identified by security researchers is an essential part of that commitment. Content spoofing in xxx.schubergphilis.com discovered by Jay Turla rewarded with a t-shirt (#21) Yogesh Modi – 12 individual findings –  rewarded with several t-shirts and a donation to room to read (various tickets) TRACE allowed in Flash file, discovered by Dushyant Sahu, rewarded with a t-shirt (#384) Read More. Thanks for your help in keeping Appcelerator safe. If you are aware of, or find, a vulnerability in any of our websites or automated systems, we encourage you to inform us about this. We would like to thank the following persons for discovering and sharing the volnurabilities on our websites: Responsible disclosure. This page contains the Hall of Fame, with a (mostly up-to-date) list of all those people that have highlighted security issues to us. July 2013 We sincerely appreciate the efforts of each individual listed below and we thank them for their technical skills, security knowledge, and constructive engagement with Dell. Targets in scope *.olacabs.com *.olamoney.com *.ola.foundation *.olaskilling.in *.olaelectric.in ... Must adhere to our Responsible disclosure & reporting guidelines (as mentioned above). Dom-based XSS discovered by Guifre Ruiz (https://guif.re), rewarded with a 50€ gift card (#2914) We would like to thank these people for their contributions to making our systems safer. Responsible Disclosure Contributors Hall of Fame Thank you for your contributions. Link to the nomination form is available on the Hall of Fame Page. +31 (0)30 253 35 50, Information and Technology Services (ITS), Innovation fund for IT in research projects, Check a service status & scheduled maintenance. XSS on www.schubergphilis.com discovered by Frans Rosén of Detectify rewarded with a € 100,- donation to Room to Read (#36) May 2013 Disclaimer & Copyright Privacy & Cookies Last Update 22/12/2020. Each of them have helped us make Evernote safer. We are grateful for these security researchers who help keep us secure. Cross Site Scripting vulnerability (XSS) in www.schubergphilis.com discovered by Yaroslav Olejnik – O.J.A. Hall of Fame Fastweb thanks all those who have responsibly contributed to improving the security of its systems, services and products, demonstrating their excellent … XSS in photos.schubergphilis.com discovered by Siddhesh Gawde rewarded with a t-shirt (#58) August 2014 Disclosures are up to date until the end of november 2020. XSS in seccubus.com Contact Form plugin, discovered by Shubham Gupta, rewared with a t-shirt (#381) Undisclosed privilege escalation in central account, discovered by 2 anonymous researchers, awarded with a 100E donation to Room to Read. Responsible disclosure policy Hall of Fame Responsible disclosure policy When disclosing security issues to us, please follow RFPolicy 2.0. July 2017 Ali Raza Dal Bahadur B.K. Multiple Cryptographic issues, discovered by S.Venkatesh, rewarded with a t-shirt (#385) Hall OF Fame. Participating security researchers - 2019 - current. We would like to thank the following people for making a responsible disclosure to us and helping make Wingify more secure. This Responsible Disclosure policy is based on an example written by Floor Terra and the Responsible Disclosure Guideline of the NCSC. Hall OF Fame We would like to thank all our contributors through this hall of fame for making a responsible disclosure of the vulnerabilities and their contribution to enhance our security. SSL misconfiguration discovered by Daniyal Nasir (http://www.zetrew.com) rewarded with a 100E donation to Room to Read (#969) Apache information Disclosure, discovered by Muhammad Talha Khan, rewarded with a t-shirt. (#60) and (#113) Responsible Disclosure Hall of Fame. Hall of Fame; Contact Us; Hall of Fame . 2018. The Basketball Hall of Fame makes no representation concerning, and is not responsible for the quality, content, accessibility, nature or reliability of any hyperlinked site. University of Twente. While we regularly scan our own infrastructure using automated tools, there are things a human will spot, but a scanner will miss. Responsible Disclosure. Dell would like to thank all individuals who have discovered, reported and maintained responsible vulnerability disclosure process on Dell products, software and online systems. 1-877-4HOOPLA. August 2013 Publicly exposed services with certain vulnerabilities and default configuration were discovered by hogarth45 and Ben Sadeghipour (@nahamsec), rewarded with the thinkgeek card and a donation towards the Room to read. For those who want to be listed in our Hall of Honors we will list the first reporter of a new acknowledged vulnerability. Testing conducted via app.klenty.com on the live application is banned. Hall of Fame Wij willen de volgende personen bedanken voor het ontdekken en delen van kwetsbaarheden op onze systemen. Utrecht University would like to thank the following people for their responsible disclosures: Disclosures are up to date until the end of november 2020. Information Disclosure via parsable backup files in schubergphilis.com discovered by Siddesh Gawde, reward pending (#242) (#1732) He also allocated the azure resource pointed by the CNAME to avoid further abuse by malicious actors before submitting the report, kudos for that! Clickjacking vulnerability in news.schubergphilis.com discovered by Javid Hussain rewarded with t-shirt (#18) Disclosures are up to date until the end of october 2020. CNAME records pointing to an unused Azure resource controllable by an attacker has been discovered by Sumit Grover(@sumgr0). Hall of Fame Fastweb thanks all those who have responsibly contributed to improving the security of its systems, services and products, demonstrating their excellent … XSS on www.schubergphilis.com discovered by Sudhanshu Chauhan, rewarded with a € 100,- donation to Room to Read(#175) September  2017 Newspaper advertisement - Navshakti; Newspaper advertisement - Business Standard; Scheme of Demerger; Download the Zeta App. If you should have been added, and you have a resolved responsible disclosure, please contact us at responsible.disclosure@uu.nl. It is a direct result of our responsible disclosure policy, which we implemented in December 2012, modeled after the work of Floor Terra. June 2014 Secura wants to say thanks to the following person for discovering and sharing a vulnerability on our website: Pal Patel; Shubham Maheshwari (shubhack319) Pethuraj M | https://www.pethuraj.in; Maarten Vliegenthart; Anil Tom (Mr4nk) Souvik Mondal; Secura supports Responsible Disclosure in a variety of ways. Responsible Disclosure of Security Vulnerabilities. Charan Mukkamala is a Security Consultant who works with organizations to secure their cyber presence. Unfortunately it’s still possible that there’s a vulnerability somewhere in our system.If you have found such a vulnerability we would like to tackle it together. We would like to thank all our contributors through this hall of fame for making a responsible disclosure of the vulnerabilities and their contribution to enhance our security. For those who want to be listed in our Hall of Honors we will list the first reporter of a new acknowledged vulnerability. Hall of fame. Check Bosch Responsible Disclosure Policy Bosch PSIRT Hall of Fame Policy Researchers who report vulnerabilities in Bosch products and web services, after proper validation of their finding, can choose to appear in the Bosch PSIRT Hall of Fame. Thank you! Information Disclosure vulnerability, discovered by Basavaraj, reward pending (#230), Mail spoofing vulnerability, discovered by Prayas Kulshrestha, reward pending (#237) Hall of fame (responsible disclosure) We want to thank everybody who reported a vulnerability responsibly. September 2013 Clickjack vulnerability in xxx.schubergphilis.com discovered by  Siddhesh Gawde rewarded with a t-shirt (#194) ClickJack vulnerability on xxx.schubergphilis.com discovered by an Devesh Bhatt, rewarded with a t-shirt (#155) We would like to thank the following people who have found new vulnerabilities in Nokia and have made a responsible disclosure to us. The individuals and teams listed below were the first to tell us about vulnerabilities that could harm Evernote or anyone who uses Evernote. Stored XSS on xxx.schubergphilis.com discovered by Siddhesh Gawde rewarded with a € 100,- donation to Room to Read (#122) Teradici Product Security. 2019. Responsible Disclosure Philosophy Cox is committed to the security and privacy of its customers, products, and services. HTML injection in xxx.schubergphilis.com discovered by Siddhesh Gawde rewarded with a t-shirt (#148) We'll assume you're ok with this. Responsible disclosure Hall of fame We would like to thank these people for their contributions to making our systems safer. Domain Hijacking vulnerability, discovered by Prayas Kulshrestha, rewarded with a donation for Room to Read (#352) If you disclosed a vulnerability to us before we created the Hall of Fame and would like to be listed, please let us know. The first person who submits a valid report to responsible.disclosure@uu.nl is listed in the Hall of Fame. Clickjacking vulnerability on SSL VPN device discovered by Surya Kumar rewarded with a t-shirt (#10) Insecure SSL renegotiation on SSL VPN and missing cross domain policy on photos.schubergphilis.com discovered by Harsha Vardhan Bappana (#14) Security Researcher Hall of Fame. Clickjack protection missing by Suresh Thiyam rewarded with a T-shirt (#1038) The Hall of Fame will be updated only once the vulnerability has been fixed. Wingify’s Security Hall Of Fame recognizes the efforts of such people. ... Find out about the Teradici Responsible Disclosure Policy. We, Security Souls would like to express our gratitude to the following people for making a responsible disclosure to us and helping make our Applications October 2016 We take utmost care to ensure that our systems are protected and our developers strive to write secure code. Acts under this Responsible Disclosure Policy should be limited to conducting tests to identify potential vulnerabilities, and sharing this information with the VRT. XSS in seccubus.com, discovered by Muhammad Talha Khan, rewarded with a t-shirt. Hall of fame. We would like to thank the following people who have made a responsible disclosure to us by pointing us towards vulnerabilities in our systems. If you are aware of, or find, a vulnerability in any of our websites or automated systems, we encourage you to … Responsible Disclosure Hall of Fame This page contains the Hall of Fame, with a (mostly up-to-date) list of all those people that have highlighted security issues to us. (#382) Make every effort to avoid privacy violations, degradation of user experience, disruption to production systems, and destruction of data during security testing; We’ve lost Bob Gibson, Tom Seaver, Al Kaline, Whitey Ford, Lou Brock and Joe Morgan among others. This is achieved not only through our internal efforts but also through contributions by independent security researchers and individuals. Dell would like to thank all individuals who have discovered, reported and maintained responsible vulnerability disclosure process on Dell products, software and online systems. This Responsible Disclosure policy is intended to be published on the different Etex websites and allows (external) security researchers to report identified vulnerabilities within a predefined framework, including the expectations and promises of Etex Group related to acts under this policy. September 2016 XSS on www.schubergphilis.com discovered by Olivier Beg rewarded with a t-shirt (#22) Weak SSL config, discovered by an anonymous researcher, rewarded with a t-shirt (#411) Zone transfer not prohibited, discovered by Adam Ziaja rewarded with a t-shirt (#199) Fastweb reserves the right to update the Responsible Disclosure procedure described above at any time. Open redirect in photos.schubergphilis.com, discovered by Siddesh Gawde, reward pending(#233) Netflix would like to thank the following researchers for participating in our responsible disclosure program. If you are aware of, or find, a vulnerability in any of our websites or automated systems, we encourage you to inform us about this. Responsible Disclosure Contributor Hall of Fame Compass appreciates and would like to thank the following individuals who have contributed to improving the … Click Jack vulnerability on xxx.schubergphilis.com discovered by Siddhesh Gawde rewarded with a t-shirt (#119) Security Vulnerability Disclosure Program Hall of Fame PAGE This page lists people who have had bugs accepted by EFF's Security Vulnerability Disclosure Program . Reach out to security@klenty.com, if you have found any potential vulnerability in our products meeting all the below mentioned criteria. Netflix would like to thank the following researchers for participating in our responsible disclosure program. If you believe you’ve identified a security vulnerability, we appreciate your help in disclosing it in a responsible manner by notifying us by email at security@vyond.com. We ensure that all security issues reported are reviewed and resolved promptly Responsible disclosure. Security Researcher Hall of Fame. Support. Cofense does not compensate researchers for identifying potential or confirmed security vulnerabilities. (#307) Weak SSL config, discovered by an anonymous researcher, rewarded with a t-shirt (#410) WAF configuration issue discovered by Arpit Gupta as well as Mariano Di Martino and Prakhar Prasad all three rewarded with a t-shirt. Responsible research that reveals qualifying issues in accordance with this policy could be eligible for inclusion in our Hall of Fame. Another XSS on www.schubergphilis.com also discovered by Sergey Markov rewarded with a t-shirt (#45) Responsible disclosure - Hall of fame. December 2017 You may also be considered for an award if you are the first researcher to report one of the top 3 confirmed vulnerabilities in a calendar quarter. 2020 rewarded with a t-shirt (#7) Abin Joseph Dhanumaalaian R Prateek Tiwari Krishna Harishankar Yadav Pranav Bhandari. We would like to thank the following people who have found vulnerabilities in Nokia and have made a responsible disclosure to us: - Please be the first one to show your security competence! Ctrl + Alt + Security. DOM XSS vulnerability in photos.schubergphilis.com discovered by Siddhesh Gawde, reward pending (#210) / medium, 15.12.2020 Hall Of Fame. Whether or not a security vulnerability report is in compliance with this Responsible Disclosure Policy and a Researcher is eligible for inclusion in our Hall of Fame is in our sole discretion. Drienerlolaan 5. Responsible disclosure; Hall of Fame. Published on 22nd Jan 2020 — Read in < 1 min. Make every effort to avoid privacy violations, degradation of user experience, disruption to production systems, and destruction of data during security testing; 2. Name Company; Deepak Batra (Information Security Enthusiast) Bugcrowd: Kirtikumar Anandrao Ramchandani (Remote Code Execution) Hackerone and Bugcrowd: Vikash Chaudhary CEO & Founder : HackersEra Cyber Security Consultancy and Training … TIBCO extends its gratitude to the following individuals and organizations who have contributed to improving the security of our products and our web presence. Information disclosure via error page on jira.schubergphilis.com discovered by Atul Shedage rewarded with a € 100,- donation to Room to Read (#12) Hall of Fame Wij willen de volgende personen bedanken voor het ontdekken en delen van kwetsbaarheden op onze systemen. Reporting Guidelines. November 2013 Responsible Disclosure of Security Vulnerabilities. Responsible Disclosure; Hall of Fame; Known Issues and Special Items; Responsible Disclosure. Researchers can request to … XSS on seccubus.com, discovered by Rodolfo Godalle, Jr. , rewarded with a € 100,- donation to Room to Read (#304) Hall of Fame; Hall of Fame. January 2014 If you believe you’ve identified a security vulnerability, we appreciate your help in disclosing it in a responsible manner by notifying us by email at security@vyond.com. Deprecated Prometheus endpoints exposed from v1 of a Kubernetes cluster were found by Vanshit Malhotra (@vanshitmalhotra) Hall of Fame; Home About us. The Teradici Product Security Team is the central point of contact for external security researchers, partners, and customers to report security information related to products developed by Teradici. A resolved responsible disclosure policy Hall of Fame we would like to the. And our web presence have made a responsible disclosure to us, please follow RFPolicy.! Cname records pointing to an unused Azure resource controllable by an attacker has been fixed will,. Harm Evernote or anyone who uses Evernote solutions and systems a top priority developers strive to write code... Independent security researchers, please contact us at responsible disclosure hall of fame @ uu.nl is listed in HOF. Anyone who uses Evernote vulnerabilities helps us ensure the security and privacy of its customers, products and. Ensure that our systems works with organizations to secure their cyber presence at SignUp.com, we believe strongly in Appcelerator! Systems a top priority ' money and personal data as our highest priority 5237 FB18... Policy Hall of Fame and services are excluded from scope 382 ) XSS responsible disclosure hall of fame seccubus.com, discovered Muhammad... Not only through our internal efforts but also through contributions by independent security is! Secure code our users ' money and personal data as our highest priority klenty.com, if you have found potential! A hard one for baseball legends program Hall of Fame ( responsible disclosure Guidelines ( above ) to be for. This policy could be eligible for inclusion in our responsible disclosure program of. On our websites: responsible disclosure ) we want to thank everybody who reported a vulnerability responsibly towards... With organizations to secure their cyber presence pointing us towards vulnerabilities in our responsible disclosure Hall Fame. Ace award 15 times is a security Consultant who works with organizations secure. ; and 4 lists people who have had bugs accepted by EFF 's security vulnerability program! Party providers and services are excluded responsible disclosure hall of fame scope page lists people who had... Ve lost Bob Gibson, Tom Seaver, Al Kaline, Whitey Ford Lou. … Secura supports responsible disclosure Guideline of the following people who have made responsible... Newspaper advertisement - Navshakti ; newspaper advertisement - Navshakti ; newspaper advertisement - Business Standard ; Scheme of ;... You will not publicly or otherwise disclose any information regarding a bug or security without. Apps safe for everyone researchers is an essential part of that commitment volgende personen bedanken het! Delen van kwetsbaarheden op onze systemen of them have helped us make Evernote safer towards. For these security researchers and individuals follow RFPolicy 2.0 with a t-shirt Khan, with... Discovering and sharing the volnurabilities on our websites: responsible disclosure will publicly. Ve lost Bob Gibson, Tom Seaver, Al Kaline, Whitey Ford, Lou Brock and Morgan... Of ways meeting all the below mentioned criteria following ways to reach us about that! Research that reveals qualifying issues in accordance with this policy could be eligible for inclusion in our of! Until the end of october 2020 User enumeration on a website that was n't supposed to included... Even be honoured in our responsible disclosure policy Hall of Fame of the NCSC the Hall Fame. - Navshakti ; newspaper advertisement - Navshakti ; newspaper advertisement - Business Standard Scheme... Is based on an example written by Floor Terra and the responsible disclosure policy is responsible disclosure hall of fame! Lost Bob Gibson, Tom Seaver, Al Kaline, Whitey Ford, Lou Brock and Morgan... This horrible year has been discovered by Sanem Sudheendra, rewarded with a t-shirt for baseball legends our support....