Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'58 
b'ooooooo_q'52 
b'haxta4ok00'49 
b'jon_bottarini'49 

the unofficial HackerOne disclosure timeline.

X
b'GitLab' disclosed a bug submitted by b'ysx' 
b'[Repository Import] Open Redirect via "continue[to]" parameter '
06 Apr 2017 timeline
b'Phabricator' disclosed a bug submitted by b'edio' 
b'Phabricator is vulnerable to padding oracle attacks and chosen-ciphertext attacks.'
05 Apr 2017 timeline
b'Gratipay' disclosed a bug submitted by b'mhashim29' 
b'Inadequate/dangerous jQuery behavior'
05 Apr 2017 timeline
b'HackerOne' disclosed a bug submitted by b'0xffe4' 
b'Transitioning a Private Program to Public Does Not Clear Previously Private Updates to Hackers'
05 Apr 2017 timeline
b'Nextcloud' disclosed a bug submitted by b'm7mdharoun' 
b'Design Issues on ( ??? ) Lead to show ( IPS of Users ) '
05 Apr 2017 timeline
b'Ruby' disclosed a bug submitted by b'cloudyvirus' 
b'RCE (Remote Code Execution) Vulnerability on Ruby'
05 Apr 2017 timeline
b'Quora' disclosed a bug submitted by b'bobrov' 
b'[Android] XSS via start ContentActivity'
05 Apr 2017 timeline
b'Trello' disclosed a bug submitted by b'kartik1202' 
b'Rate limiting of incorrect Two Factor Authentication codes not enforced'
04 Apr 2017 timeline
b'Souq.com' disclosed a bug submitted by b'mohammedalsaggaf' 
b'reflected xss on search bar (uae.souq.com)'
04 Apr 2017 timeline
b'Phabricator' disclosed a bug submitted by b'kevin_c' 
b'An unsafe design practice in the Passphrase may result in Secret being accidentally changed.'
04 Apr 2017 timeline
b'shopify-scripts' disclosed a bug submitted by b'ssarong' 
b'Heap Buffer Overflow while processing OP_SEND'
03 Apr 2017 timeline
b'shopify-scripts' disclosed a bug submitted by b'ssarong' 
b"Null pointer dereference in 'get_file'"
03 Apr 2017 timeline
b'shopify-scripts' disclosed a bug submitted by b'ssarong' 
b'Invalid Pointer Reference from OP_RESCUE'
03 Apr 2017 timeline
b'Ubiquiti Networks' disclosed a bug submitted by b'jerusha' 
b'Content Spoofing or Text Injection in (403 forbidden page injection) and Nginx version disclosure via response header'
03 Apr 2017 timeline
b'Twitter' disclosed a bug submitted by b'filedescriptor' 
b'DOMXSS in Tweetdeck'
02 Apr 2017 timeline
b'Twitter' disclosed a bug submitted by b'yaworsk' 
b'niche s3 buckets are readable/writeable/deleteable by authorized AWS users'
02 Apr 2017 timeline
b'shopify-scripts' disclosed a bug submitted by b'dgaletic' 
b'Use-after-free leading to an invalid pointer dereference'
02 Apr 2017 timeline
b'QIWI' disclosed a bug submitted by b'bobrov' 
b'[qiwi.com] Information Disclosure'
31 Mar 2017 timeline
b'Algolia' disclosed a bug submitted by b'bobrov' 
b'[github.algolia.com] DOM Based XSS github-btn.html'
31 Mar 2017 timeline
b'Ubiquiti Networks' disclosed a bug submitted by b'bobrov' 
b'[account-global.ubnt.com] CRLF Injection'
31 Mar 2017 timeline
1 ... 553 554 555 556 557 ... 726
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM