Top10 publishers:
bobrov113 
linkks69 
geeknik62 
sp1d3rs61 
jobert49 
guido45 Twitter
ryat40 
bl4de39 
bigbear_38 
isox36 

the unofficial HackerOne disclosure timeline.

X
HackerOne disclosed a bug submitted by unknown_person 
Private program disclosure via `vpn_suspended` GraphQL query
21 Oct 2019 timeline
HackerOne disclosed a bug submitted by jobert 
Any user with access to program can resume and suspend HackerOne Gateway
21 Oct 2019 timeline
Automattic disclosed a bug submitted by poutine_hero 
Stored XSS vulnerability in comments on *.wordpress.com
21 Oct 2019 timeline
Automattic disclosed a bug submitted by mygf 
Stored Self XSS on https://app.crowdsignal.com (in Photo Insert App) + Stored XSS on https://*your-subdomain*.survey.fm
21 Oct 2019 timeline
PHP (IBB) disclosed a bug submitted by md4 
Int Overflow lead to Heap OverFlow in exif_thumbnail_extract of exif.c
21 Oct 2019 timeline
Semmle disclosed a bug submitted by testanull 
Worker container escape lead to arbitrary file reading in host machine [again]
21 Oct 2019 timeline
Python (IBB) disclosed a bug submitted by longwenzhang 
A reflected XSS in python/Lib/DocXMLRPCServer.py
19 Oct 2019 timeline
Flash (IBB) disclosed a bug submitted by jouko Twitter
Internet-based attacker can run Flash apps in local sandboxes by using special URL schemes (PSIRT-3299, CVE-2015-3079)
18 Oct 2019 timeline
Flash (IBB) disclosed a bug submitted by jouko Twitter
Flash Player information disclosure (etc.) CVE-2015-3044, PSIRT-3298
18 Oct 2019 timeline
Flash (IBB) disclosed a bug submitted by jouko Twitter
Double free vulnerability in Flash Player Settings Manager (CVE-2015-0346)
18 Oct 2019 timeline
Flash (IBB) disclosed a bug submitted by irsdl 
Flash “local-with-filesystem” Bypass in navigateToURL
17 Oct 2019 timeline
MyCrypto disclosed a bug submitted by whitehacker18 
URL is vulnerable to clickjacking
17 Oct 2019 timeline
Rocket.Chat disclosed a bug submitted by w2w 
Blind SQL injection in third-party software, that allows to reveal user statistic from rocket.chat and possibly hack into the rocketchat.agilecrm.com
17 Oct 2019 timeline
Nextcloud disclosed a bug submitted by sohelahmed786 
Exposing debug.log file leads to server full path disclosure
17 Oct 2019 timeline
VK.com disclosed a bug submitted by povargek 
?????? ????? email ????????????? ???? ???????????? ????? ?????, ? ??? ?? ????? ?????? ????????
17 Oct 2019 timeline
Ruby disclosed a bug submitted by ooooooo_q 
Null character at fnmatch
16 Oct 2019 timeline
Ruby disclosed a bug submitted by ooooooo_q 
Potential command injection in `Shell#[]` and `Shell#test`
16 Oct 2019 timeline
Starbucks disclosed a bug submitted by stealthy 
Reflected cross-site scripting on multiple Starbucks assets.
16 Oct 2019 timeline
Brave Software disclosed a bug submitted by xiaoyinl 
[Brave browser] WebTorrent has DNS rebinding vulnerability
16 Oct 2019 timeline
1 2 3 ... 374
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM