Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'58 
b'ooooooo_q'52 
b'haxta4ok00'49 
b'jon_bottarini'49 

the unofficial HackerOne disclosure timeline.

X
b'Node.js' disclosed a bug submitted by b'haxatron1' 
b'Policy-restricted modules can escalate to higher privileges by impersonating other modules in a policy list using module.constructor.createRequire()'
11 Aug 2023 timeline
b'Node.js' disclosed a bug submitted by b'haxatron1' 
b'DNS rebinding in --inspect (again) via invalid IP addresses '
11 Aug 2023 timeline
b'Node.js' disclosed a bug submitted by b'msvrmiscovet' 
b'Node 18 reads openssl.cnf from /home/iojs/build/... upon startup.'
11 Aug 2023 timeline
b'IBM' disclosed a bug submitted by b'dk4trin' 
b'Nginx Alias Traversal - babel.bluetab.net'
11 Aug 2023 timeline
b'IBM' disclosed a bug submitted by b'tusnj' 
b'IDOR in channel ID leads to customer email disclosure on https://video.ibm.com'
11 Aug 2023 timeline
b'HackerOne' disclosed a bug submitted by b'hackit_bharat' 
b'Hackerone All Private Program Name Leaked to Public Via Collaborator OR Attacker can Easily Dump all Private Program Names through Collaborator '
11 Aug 2023 timeline
b'HackerOne' disclosed a bug submitted by b'todayisnew' 
b'RXSS at image.hackerone.live via the `url` parameter'
11 Aug 2023 timeline
b'HackerOne' disclosed a bug submitted by b'sayaanalam' 
b"Create miscellaneous support ticket on anyone's account through support@hackerone.com email"
11 Aug 2023 timeline
b'HackerOne' disclosed a bug submitted by b'rafsanzami' 
b"HackerOne Support System Doesn't Require Any Authentication May Lead Unauthorized Action"
11 Aug 2023 timeline
b'Nintendo' disclosed a bug submitted by b'crazy_man123' 
b'[WiiU/Switch] Remote code execution inside the ENL library'
11 Aug 2023 timeline
b'Nextcloud' disclosed a bug submitted by b'tareq4' 
b'Notes attachments render HTML in preview mode'
10 Aug 2023 timeline
b'Nextcloud' disclosed a bug submitted by b'unknownsh' 
b'Improper restriction of excessive authentication attempts on WebDAV endpoint '
10 Aug 2023 timeline
b'Nextcloud' disclosed a bug submitted by b'cult' 
b'Any (non-admin) user from an instance can destroy any (user and/or global) external filesystem'
10 Aug 2023 timeline
b'Nextcloud' disclosed a bug submitted by b'mikaelgundersen' 
b'New AppPassword can be generated without password confirmation'
10 Aug 2023 timeline
b'Nextcloud' disclosed a bug submitted by b'mikaelgundersen' 
b'Missing brute force protection on OAuth2 API controller'
10 Aug 2023 timeline
b'HackerOne' disclosed a bug submitted by b'fuzzsqlb0f' 
b'Private Email Address Leak of H1 Researchers.'
08 Aug 2023 timeline
b'HackerOne' disclosed a bug submitted by b'japz' 
b'Usernames still visible on report export pdf despite "I want to redact all usernames" is selected'
08 Aug 2023 timeline
b'TikTok' disclosed a bug submitted by b'7hamoody1' 
b'Dom XSS and open redirect in TikTok seller endpoint'
07 Aug 2023 timeline
b'JFrog' disclosed a bug submitted by b'protector_5512' 
b'Impersonation attack via Broken link in "blog-author" page'
06 Aug 2023 timeline
b'WakaTime' disclosed a bug submitted by b'talha828' 
b'Waketime Payment Gateway Vulnerability'
05 Aug 2023 timeline
1 ... 56 57 58 59 60 ... 724
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM