The file-sharing service also disclosed details of past notable bugs for the first time.
Microsoft OS flaws, out-of-bounds reads, ICS gear and a record number of high-severity bugs marked 2019 for the ZDI program.
Larger winnings for underground skills competitions are attracting sophisticated crime groups.
Program is the latest the tech giant has launched that pay users and security researchers to find vulnerabilities in its numerous products.
Project Zero vulnerability disclosures will now happen at 90 days, even if a patch becomes available before then.
From ransomware ramp up, to voice assistant privacy perils, the Threatpost team breaks down the top news stories from this past year.
The tech giant is looking for full working exploits with any vulnerability submission.
An attacker could exploit CVE-2019-1491 to obtain sensitive information that could be used to mount further attacks.
Remote attackers can easily compromise the device and pivot to move laterally through the LAN or WAN.
The DevOps lifecycle management said that response to its year-old bug-bounty program has been robust.