Top10 publishers:
bobrov108 
linkks60 
sp1d3rs56 
jobert46 
guido41 Twitter
bl4de39 
bigbear_38 
isox36 
4lemon35 
geeknik35 

the unofficial HackerOne disclosure timeline.

X
Informatica disclosed a bug submitted by e3xpl0it 
[kb.informatica.com] Dom Based xss
17 Aug 2019 timeline
Node.js disclosed a bug submitted by jasnell 
Multiple HTTP/2 DOS Issues
16 Aug 2019 timeline
OX App Suite disclosed a bug submitted by secator 
[XSS] RSS Feed Widget
16 Aug 2019 timeline
Zomato disclosed a bug submitted by sjvino 
Able to manipulate order amount by removing cancellation amount and cause financial impact
16 Aug 2019 timeline
Twitter disclosed a bug submitted by muhammad139 
Github Token Leaked publicly for https://github.com/mopub
15 Aug 2019 timeline
Starbucks disclosed a bug submitted by mindtrick 
Subdomain takeover of d02-1-ag.productioncontroller.starbucks.com
15 Aug 2019 timeline
Grammarly disclosed a bug submitted by chackmate 
Can register any mobile number in MFA without current code.
15 Aug 2019 timeline
U.S. Dept Of Defense disclosed a bug submitted by rootaccess 
SQL Injection vulnerability located at ????????
15 Aug 2019 timeline
OX App Suite disclosed a bug submitted by tbehroz 
Stored XSS
15 Aug 2019 timeline
OX App Suite disclosed a bug submitted by zee_shan 
Another window.opener issue
15 Aug 2019 timeline
OX App Suite disclosed a bug submitted by zee_shan 
Another Stored XSS in mail app using Drive app
15 Aug 2019 timeline
OX App Suite disclosed a bug submitted by zee_shan 
Stored XSS in mail app
15 Aug 2019 timeline
Vanilla disclosed a bug submitted by black_b 
xss reflected in littleguy.vanillastaging.com
14 Aug 2019 timeline
Algolia disclosed a bug submitted by badcracker 
subdomain take over at recommendation.algolia.com
14 Aug 2019 timeline
Shopify disclosed a bug submitted by tems 
Bypass of biometrics security functionality is possible in Android application (com.shopify.mobile)
14 Aug 2019 timeline
Informatica disclosed a bug submitted by 0ang3el 
accounts.informatica.com - RCE due to exposed Groovy console
14 Aug 2019 timeline
Node.js third-party modules disclosed a bug submitted by chalker 
Yarn transfers npm credentials over unencrypted http connection
14 Aug 2019 timeline
Maker Ecosystem Growth Holding disclosed a bug submitted by lucash-dev 
Earn free DAI interest (inflation) through instant CDP+DSR in one tx
12 Aug 2019 timeline
Grammarly disclosed a bug submitted by linkworld 
“email” MFA mode allows bypassing MFA from victim’s device when the device trust is not expired
12 Aug 2019 timeline
1 2 3 ... 355
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM