the unofficial HackerOne disclosure timeline.

X
b'Mail.Ru' disclosed a bug submitted by b'obmihail' 
b'XSS on account.mail.ru/login'
26 Jan 2018 timeline
b'Mail.Ru' disclosed a bug submitted by b'hudmi' 
b'Uninitilized server memory disclosure via ImageMagick'
26 Jan 2018 timeline
b'Brave Software' disclosed a bug submitted by b'dutchgraa' 
b'Torrent Viewer extension web service available on all interfaces'
26 Jan 2018 timeline
b'Slack' disclosed a bug submitted by b'juji' 
b'Unauthenticated LFI revealing log information'
26 Jan 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'nwoltman' 
b'Fastify denial-of-service vulnerability with large JSON payloads'
25 Jan 2018 timeline
b'Razer US' disclosed a bug submitted by b'edio' 
b'Authenticated DOM-based XSS in deals.razerzone.com via the rurl parameter.'
24 Jan 2018 timeline
b'Razer US' disclosed a bug submitted by b's_p_q_r' 
b'[zvault.razerzone.com] URL validation bypass'
24 Jan 2018 timeline
b'Razer US' disclosed a bug submitted by b'edio' 
b'POST XSS in careers.razerzone.com via the txt_email parameter.'
24 Jan 2018 timeline
b'Razer US' disclosed a bug submitted by b'arafat' 
b'Reflected XSS on https://press.razerzone.com'
24 Jan 2018 timeline
b'Keybase' disclosed a bug submitted by b'edio' 
b'Claiming ownership of GitHub handles via forked GitHub gists.'
23 Jan 2018 timeline
b'HackerOne' disclosed a bug submitted by b'us111' 
b'While adding a payment method - Notification email not sent to newly added email ID as well as there is no verification for new email id (Paypal)'
23 Jan 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'bl4de' 
b'[serve] Directory index of arbitrary folder available due to lack of sanitization of %2e and %2f characters in url'
23 Jan 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'ysx' 
b'[augustine] Static Web Server Directory Traversal via Crafted GET Request'
23 Jan 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'ysx' 
b'[lactate] Static Web Server Directory Traversal via Crafted GET Request'
23 Jan 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'ysx' 
b'[redis-commander] Reflected SWF XSS via vulnerable "clipboard.swf" component'
23 Jan 2018 timeline
b'Starbucks' disclosed a bug submitted by b'bigbug' 
b'SQL injection in partner id field on https://www.teavana.com (Sign-up form)'
23 Jan 2018 timeline
b'Starbucks' disclosed a bug submitted by b'bobrov' 
b'[stagecafrstore.starbucks.com] CRLF Injection, XSS'
22 Jan 2018 timeline
b'HackerOne' disclosed a bug submitted by b'bigbug' 
b'Common response suggestion is sent to Google Analytics when user accepts duplicate comment Genius suggestion'
22 Jan 2018 timeline
b'Mavenlink' disclosed a bug submitted by b'aroly' 
b"Information disclosure when trying to delete an expense's attachment on m.mavenlink.com "
20 Jan 2018 timeline
b'QIWI' disclosed a bug submitted by b'tikoo_sahil' 
b'Information disclosure on https://paycard.rapida.ru'
20 Jan 2018 timeline
1 ... 508 509 510 511 512 ... 765
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM