Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'84 
b'linkks'75 
b'jobert'70 
b'nyymi'64 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'Doppler' disclosed a bug submitted by b'w3shi' 
b'Github app(link) Takeover Listed on "https://docs.doppler.com/docs/github-actions" page'
15 Mar 2024 timeline
b'Mozilla Critical Services' disclosed a bug submitted by b'psycho_012' 
b'Insecure S3 Bucket Exposing Git Directory in Mozilla Foundation Infographics Project'
13 Mar 2024 timeline
b'Publitas' disclosed a bug submitted by b'giwadaoud' 
b'Unauthorized Access to Offline Publication Cover Pages via SOURCE_DOCUMENT_ID'
13 Mar 2024 timeline
b'LinkedIn' disclosed a bug submitted by b'marvelmaniac' 
b'An attacker can submit arbitrary projects to their service accounts and obtain full information on projects of other users.'
12 Mar 2024 timeline
b'RubyGems' disclosed a bug submitted by b'ooooooo_q' 
b"Bundler's RCE with response using Marshal"
12 Mar 2024 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'timon8' 
b'Proxy-Authorization header is not cleared in cross-domain redirect in undici'
12 Mar 2024 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'timon8' 
b'Apache Airflow: Bypass permission verification to read code of other dags'
12 Mar 2024 timeline
b'Node.js' disclosed a bug submitted by b'timon8' 
b'Proxy-Authorization header is not cleared in cross-domain redirect in undici'
12 Mar 2024 timeline
b'Semrush' disclosed a bug submitted by b'a_d_a_m' 
b'Exposure of service tokens to webpack bundle'
08 Mar 2024 timeline
b'Daimler Truck' disclosed a bug submitted by b'0xpaier' 
b'Blind xss at https://homologation.omniplus.com/'
08 Mar 2024 timeline
b'HackerOne' disclosed a bug submitted by b'hillybot__' 
b'Program admins could add verified domains to an organization'
07 Mar 2024 timeline
b'Semrush' disclosed a bug submitted by b'a_d_a_m' 
b'IDOR vulnerability reveals additional information'
07 Mar 2024 timeline
b'Mozilla Core Services' disclosed a bug submitted by b'ryujinx' 
b'IDOR on Delete Email address features'
07 Mar 2024 timeline
b'Semrush' disclosed a bug submitted by b'a_d_a_m' 
b'Lack of sanitization of the billing address in pdf invoice'
06 Mar 2024 timeline
b'Semrush' disclosed a bug submitted by b'a_d_a_m' 
b'IDOR allows information disclosure'
05 Mar 2024 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'bart' 
b'http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks'
05 Mar 2024 timeline
b'A.S. Watson Group ' disclosed a bug submitted by b'jfran_cbit' 
b'Access to internal info via Graphql on https://tng-api.watsons.com.my'
05 Mar 2024 timeline
b'Mars' disclosed a bug submitted by b'deb0con' 
b'CVE-2022-21371: Oracle WebLogic Server Local File Inclusion'
04 Mar 2024 timeline
b'SideFX' disclosed a bug submitted by b'0xchoudhary' 
b"Session Doesn't expire after 2fa and also other session can change passsword "
02 Mar 2024 timeline
b'X (Formerly Twitter)' disclosed a bug submitted by b'bugra' 
b'Able to see Twitter Circle tweets due to improper access control on the "FavoriteTweet" endpoint'
01 Mar 2024 timeline
1 ... 52 53 54 55 56 ... 742
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM