Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'83 
b'linkks'75 
b'jobert'70 
b'nyymi'62 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'inDrive' disclosed a bug submitted by b'bugsv2' 
b"Disclosure of users' ip address whenever they view my fright offer on image preview (Without interaction)"
19 Feb 2024 timeline
b'PortSwigger Web Security' disclosed a bug submitted by b'joaxcar' 
b'CSP bypass on PortSwigger.net using Google script resources'
18 Feb 2024 timeline
b'Nextcloud' disclosed a bug submitted by b'mikaelgundersen' 
b'OAuth2 "authorization_code" is valid indefinetly'
17 Feb 2024 timeline
b'Nextcloud' disclosed a bug submitted by b'nickvergessen' 
b'Can download files by zipping the folder'
17 Feb 2024 timeline
b'TikTok' disclosed a bug submitted by b'ashrafabdelrazik' 
b'Multiple Open Redirect on TikTok domains'
16 Feb 2024 timeline
b'LocalTapiola' disclosed a bug submitted by b'shewhoisdeath' 
b'Secure Client-Initiated Renegotiation'
16 Feb 2024 timeline
b'Node.js' disclosed a bug submitted by b'tniessen' 
b'Path traversal by monkey-patching Buffer internals'
15 Feb 2024 timeline
b'Node.js' disclosed a bug submitted by b'tniessen' 
b'Improper handling of wildcards in --allow-fs-read and --allow-fs-write'
15 Feb 2024 timeline
b'Node.js' disclosed a bug submitted by b'tniessen' 
b'Code injection and privilege escalation through Linux capabilities'
15 Feb 2024 timeline
b'Node.js' disclosed a bug submitted by b'hkario' 
b'Node.js is vulnerable to the Marvin Attack (timing variant of the Bleichenbacher attack against PKCS#1 v1.5 padding)'
15 Feb 2024 timeline
b'Node.js' disclosed a bug submitted by b'bart' 
b'http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks'
15 Feb 2024 timeline
b'Node.js' disclosed a bug submitted by b'xion' 
b'Multiple permission model bypasses due to improper path traversal sequence sanitization'
15 Feb 2024 timeline
b'Stripo Inc' disclosed a bug submitted by b'deb0con' 
b'[SSRF] my.stripo.email via the setup-wizard parameter'
15 Feb 2024 timeline
b'Stripo Inc' disclosed a bug submitted by b'deb0con' 
b'[demo.stripo.email] HTTP request Smuggling'
15 Feb 2024 timeline
b'Stripo Inc' disclosed a bug submitted by b'sankalpa_1337' 
b'Non-revoked API Key Disclosure in a Disclosed API Key Disclosure Report on Stripo'
15 Feb 2024 timeline
b'Mars' disclosed a bug submitted by b'themarkib0x0' 
b'Client Side Template Injection to Stored XSS in Image Collection'
14 Feb 2024 timeline
b'Mars' disclosed a bug submitted by b'haoshokunoo' 
b'IDOR in one subdomain of -> change information of pets without athorization!'
14 Feb 2024 timeline
b'Mars' disclosed a bug submitted by b'stuux' 
b'Blind SQL Injection on via URI Path'
14 Feb 2024 timeline
b'Publitas' disclosed a bug submitted by b'azanul' 
b'CVE-2018-6389 exploitation - using scripts loader'
13 Feb 2024 timeline
b'Weblate' disclosed a bug submitted by b'aydinyunus' 
b'Information Disclosure'
12 Feb 2024 timeline
1 ... 50 51 52 53 54 ... 738
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM