writeups.xyz / Teddy Katz (@Not_aardvark)

Title	Vulnerabilities	Programs	Authors
Stealing a few more GitHub Actions secrets	Logic Flaw	GitHub	Teddy Katz (@Not_aardvark)
Stealing arbitrary GitHub Actions secrets	Logic Flaw	GitHub	Teddy Katz (@Not_aardvark)
Messing with GitHub's fork collaboration for fun and profit	Broken Access Control	GitHub	Teddy Katz (@Not_aardvark)
Exploiting padding oracles with fixed IVs	Padding Oracle Attack Account Takeover	Undisclosed	Teddy Katz (@Not_aardvark)
How I accidentally took down GitHub Actions	DoS Commit Hash Collisions	GitHub	Teddy Katz (@Not_aardvark)
Bypassing GitHub's OAuth flow	OAuth Authorization Bypass	GitHub	Teddy Katz (@Not_aardvark)

Page 1 of 1