Top10 publishers:
bobrov107 
sp1d3rs54 
jobert41 
bigbear_38 
bl4de37 
guido37 Twitter
isox36 
4lemon35 
geeknik35 
edio34 

the unofficial HackerOne disclosure timeline.

X
Semmle disclosed a bug submitted by flamezzz 
DOMXSS in redirect param
20 Mar 2019 timeline
QIWI disclosed a bug submitted by postboy 
???????????? ????? ?????? ?????? ????? QVC (????????, ????? QVV ? QVP)
20 Mar 2019 timeline
Twitter disclosed a bug submitted by seifelsallamy 
url that twitter mobile site can not load
19 Mar 2019 timeline
Semmle disclosed a bug submitted by drspitfire 
Authenticated Cross-Site-Request-Forgery
19 Mar 2019 timeline
Semmle disclosed a bug submitted by 0ufzayed 
the login blocking mechanism does not work correctly
19 Mar 2019 timeline
Zomato disclosed a bug submitted by pasw 
[www.zomato.com] Availing Zomato Gold membership for free by tampering plan id(s)
18 Mar 2019 timeline
Zomato disclosed a bug submitted by xsam 
credentials leakage in public lead to view dev websites
18 Mar 2019 timeline
Valve disclosed a bug submitted by vinnievan 
RCE on Steam Client via buffer overflow in Server Info
15 Mar 2019 timeline
Inflection disclosed a bug submitted by foobar7 
Privilege Escalation: Read-Only to Admin
15 Mar 2019 timeline
Grabtaxi Holdings Pte Ltd disclosed a bug submitted by bagipro 
[Grab Android/iOS] Insecure deeplink leads to sensitive information disclosure
15 Mar 2019 timeline
GitLab disclosed a bug submitted by jobert 
Unauthenticated blind SSRF in OAuth Jira authorization controller
14 Mar 2019 timeline
Keybase disclosed a bug submitted by jordanmilne 
Persistent XSS on keybase.io via "payload" field in `/user/sigchain_signature.toffee` template
14 Mar 2019 timeline
Shopify disclosed a bug submitted by ruvlol 
POST-based XSS on apps.shopify.com
14 Mar 2019 timeline
Shopify disclosed a bug submitted by ruvlol 
Reverse Proxy misroute leading to steal X-Shopify-Access-Token header
14 Mar 2019 timeline
Unikrn disclosed a bug submitted by v4lid0l 
????????? on CRM server without authorization
14 Mar 2019 timeline
Ruby on Rails disclosed a bug submitted by ooooooo_q 
RCE which may occur due to `ActiveSupport::MessageVerifier` or `ActiveSupport::MessageEncryptor` (especially Active storage)
13 Mar 2019 timeline
Vanilla disclosed a bug submitted by mr_me 
Vanilla Forums AddonManager getSingleIndex Directory Traversal File Inclusion Remote Code Execution Vulnerability
13 Mar 2019 timeline
PortSwigger Web Security disclosed a bug submitted by 0x09al 
Privilege Escalation by abusing non-existent path. (Windows)
13 Mar 2019 timeline
Shopify disclosed a bug submitted by ishahriyar 
Reflected XSS in *.myshopify.com/account/register
12 Mar 2019 timeline
1 2 3 ... 327
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM