Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'81 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'60 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'U.S. Dept Of Defense' disclosed a bug submitted by b'rashedhasan007' 
b'Reflected XSS vulnerability in a DoD website '
27 Apr 2017 timeline
b'New Relic' disclosed a bug submitted by b'jon_bottarini' 
b'Restricted User can view multiple account details including customer_root_account_id, payment method, date of first payment, etc.'
27 Apr 2017 timeline
b'Imgur' disclosed a bug submitted by b'neex' 
b'RCE by command line argument injection to `gm convert` in `/edit/process?a=crop`'
26 Apr 2017 timeline
b'Rockstar Games' disclosed a bug submitted by b'scraps' 
b'Login form on non-HTTPS page'
26 Apr 2017 timeline
b'FormAssembly' disclosed a bug submitted by b'bogdantcaciuc' 
b'XSS on username when register to proffesional account'
26 Apr 2017 timeline
b'Nextcloud' disclosed a bug submitted by b'dr-cdqh' 
b'Cross Site Scripting'
26 Apr 2017 timeline
b'Homebrew' disclosed a bug submitted by b'zephrfish' 
b'[bot.brew.sh] Full Path Disclosure'
26 Apr 2017 timeline
b'Phabricator' disclosed a bug submitted by b'wester' 
b'The mailbox verification API interface is unlimited and can be used as a mailbox bomb'
26 Apr 2017 timeline
b'Mapbox' disclosed a bug submitted by b'saad_ahmed' 
b'Open Aws Amazon S3 Buckets'
25 Apr 2017 timeline
b'Homebrew' disclosed a bug submitted by b'mrr3boot' 
b'Sensitive information disclosure via response headers on jenkins.brew.sh'
25 Apr 2017 timeline
b'Nextcloud' disclosed a bug submitted by b'abdul1ah' 
b'information disclose'
25 Apr 2017 timeline
b'HackerOne' disclosed a bug submitted by b'ishahriyar' 
b'Able to create basic user account via Google login on HackerOne Drupal CMS'
25 Apr 2017 timeline
b'Weblate' disclosed a bug submitted by b'mrr3boot' 
b'https://hosted.weblate.org is vulnerable to Beast Attack'
24 Apr 2017 timeline
b'Nextcloud' disclosed a bug submitted by b'wester' 
b'The email API to test email-server settings is unlimited and can be used as a email bomb'
24 Apr 2017 timeline
b'Algolia' disclosed a bug submitted by b'ysx' 
b'[GitHub Extension] Unsanitised HTML leading to XSS on GitHub.com'
24 Apr 2017 timeline
b'Phabricator' disclosed a bug submitted by b'almanac' 
b'Autoclose can close any task regardless of policies/spaces'
24 Apr 2017 timeline
b'VK.com' disclosed a bug submitted by b'f4lrik' 
b'SSRF ????? Share-?????'
22 Apr 2017 timeline
b'VK.com' disclosed a bug submitted by b'shady-r' 
b'?????: "??????????? ?????????? ??? ????????????? ? ????? ???????."'
22 Apr 2017 timeline
b'YouPorn' disclosed a bug submitted by b'lisa122' 
b'[Android API] SQL injection ( errortoken.json )'
22 Apr 2017 timeline
b'Phabricator' disclosed a bug submitted by b'wester' 
b'The special code in editor has no Authority control and can lead to Information Disclosure'
22 Apr 2017 timeline
1 ... 554 555 556 557 558 ... 733
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM