Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'84 
b'linkks'75 
b'jobert'70 
b'nyymi'64 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'Mavenlink' disclosed a bug submitted by b'rajauzairabdullah' 
b'Cookies are not cleared from Server side on Logout'
09 May 2017 timeline
b'GitLab' disclosed a bug submitted by b'jobert' 
b'Stored XSS on Files overview by abusing git submodule URL'
09 May 2017 timeline
b'Harvest' disclosed a bug submitted by b'ysx' 
b'[platform.harvestapp.com] Reflected XSS in Error Message via URL parameters'
09 May 2017 timeline
b'Gratipay' disclosed a bug submitted by b'7h0r4pp4n' 
b'Unauthorized access to the slack channel via inside.gratipay.com/appendices/chat'
09 May 2017 timeline
b'VK.com' disclosed a bug submitted by b'povargek' 
b'?????? ?????? ?????? 2FA'
09 May 2017 timeline
b'shopify-scripts' disclosed a bug submitted by b'geeknik' 
b'heap-buffer-overflow (read outside of buffer) in mrb_vm_exec()'
09 May 2017 timeline
b'shopify-scripts' disclosed a bug submitted by b'geeknik' 
b'mirb only: stack-buffer-overflow (OOB write) in main()'
09 May 2017 timeline
b'Nextcloud' disclosed a bug submitted by b'makosdel' 
b'Limitation of app specific password scope can be bypassed (NC-SA-2017-009)'
08 May 2017 timeline
b'Twitter' disclosed a bug submitted by b'ysx' 
b'[Gnip Blogs] Reflected XSS via "plupload.flash.swf" component vulnerable to SOME '
08 May 2017 timeline
b'Twitter' disclosed a bug submitted by b'zlz' 
b'HTTP 401 response injection on "amp.twimg.com/amplify-web-player/prod/source.html" through "image_src" parameter'
08 May 2017 timeline
b'Nextcloud' disclosed a bug submitted by b'juliushaertl' 
b'Calendar and addressbook names disclosed (NC-SA-2017-012)'
08 May 2017 timeline
b'OLX' disclosed a bug submitted by b'thezawad' 
b'XSS @ *.letgo.com'
08 May 2017 timeline
b'InVision' disclosed a bug submitted by b'seifelsallamy' 
b'open redirect at https://projects.invisionapp.com'
07 May 2017 timeline
b'Ubiquiti Networks' disclosed a bug submitted by b'linkks' 
b'Subdomain takeover on https://cloudfront.ubnt.com/ due to non-used CloudFront DNS entry'
07 May 2017 timeline
b'Paragon Initiative Enterprises' disclosed a bug submitted by b'k_jagdish' 
b'Broken Authentication & Session Management - Failure to Invalidate Session on all other browsers at Password change'
07 May 2017 timeline
b'Paragon Initiative Enterprises' disclosed a bug submitted by b'pahan1234' 
b'Improper validation of Email '
07 May 2017 timeline
b'shopify-scripts' disclosed a bug submitted by b'ssarong' 
b'Null pointer dereferences in kh_copy_mt'
07 May 2017 timeline
b'shopify-scripts' disclosed a bug submitted by b'ssarong' 
b'heap use after free in fiber_switch'
07 May 2017 timeline
b'Paragon Initiative Enterprises' disclosed a bug submitted by b'jalka' 
b'There is an vulnerability in https://bridge.cspr.ng where an attacker can users directory'
07 May 2017 timeline
b'Paragon Initiative Enterprises' disclosed a bug submitted by b'jalka' 
b'no session logout after changing the password in https://bridge.cspr.ng/'
07 May 2017 timeline
1 ... 559 560 561 562 563 ... 741
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM