Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'83 
b'linkks'75 
b'jobert'70 
b'nyymi'62 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'Udemy' disclosed a bug submitted by b'caffeinewriter' 
b"Able to view others' gifts on /gift/share URL, giftId is predictable, and easy to manipulate"
26 Mar 2017 timeline
b'Twitter' disclosed a bug submitted by b'r3ligious' 
b'Attacker can get vine repost user all informations even Ip address and location .'
25 Mar 2017 timeline
b'CloudFlare' disclosed a bug submitted by b'bobrov' 
b'[http2.cloudflare.com] Open Redirect'
24 Mar 2017 timeline
b'Harvest' disclosed a bug submitted by b'zuh4n' 
b"Cookie Injection at 'harvestapp.com'"
24 Mar 2017 timeline
b'OWOX, Inc.' disclosed a bug submitted by b'haxormad' 
b'Subdomain takeover in many subdomains'
24 Mar 2017 timeline
b'Airbnb' disclosed a bug submitted by b'dr-cdqh' 
b'Nginx Version Disclosure'
23 Mar 2017 timeline
b'Nextcloud' disclosed a bug submitted by b'bagipro' 
b'Android - Possible to intercept broadcasts about uploaded files'
23 Mar 2017 timeline
b'Nextcloud' disclosed a bug submitted by b'ryudox' 
b'Server version/OS type disclosure via HTTP Response Header'
23 Mar 2017 timeline
b'Blockchain' disclosed a bug submitted by b'cloudyvirus' 
b'HTTP Header Injection/HTTP_Response_Splitting'
23 Mar 2017 timeline
b'Gratipay' disclosed a bug submitted by b'valievkarim' 
b'upgrade Aspen on inside.gratipay.com to pick up CR injection fix'
22 Mar 2017 timeline
b'Nextcloud' disclosed a bug submitted by b'lukasreschke' 
b'Reflected XSS in U2F plugin by shipping the example endpoints'
22 Mar 2017 timeline
b'Xero' disclosed a bug submitted by b'4lemon' 
b'stored xss issue in folder name on go.xero.com/Docs/Folders'
21 Mar 2017 timeline
b'Whisper' disclosed a bug submitted by b'1n3' 
b'SMS Invite Form Abuse'
21 Mar 2017 timeline
b'Uber' disclosed a bug submitted by b'kazan71p' 
b'SQL injection in 3rd party software Anomali'
21 Mar 2017 timeline
b'GitLab' disclosed a bug submitted by b'edio' 
b'Gitlab.com is vulnerable to reverse tabnabbing.'
21 Mar 2017 timeline
b'Mapbox' disclosed a bug submitted by b'mishre' 
b'Mapbox Android SDK uses Broadcast Receiver instead of Local Broadcast Manager'
21 Mar 2017 timeline
b'Gratipay' disclosed a bug submitted by b'edio' 
b'Content-Length restriction bypass to heap overflow in gip.rocks.'
20 Mar 2017 timeline
b'Uber' disclosed a bug submitted by b'solardiz' 
b"pam-ussh may be tricked into using another logged in user's ssh-agent"
20 Mar 2017 timeline
b'Gratipay' disclosed a bug submitted by b's_p_q_r' 
b'Avoid "resend verification email" confusion'
20 Mar 2017 timeline
b'ok.ru' disclosed a bug submitted by b'4lemon' 
b'Stored XSS ? ????? ????? (2) ?? ????????? ?????.'
20 Mar 2017 timeline
1 ... 568 569 570 571 572 ... 738
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM