Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'83 
b'linkks'75 
b'jobert'70 
b'nyymi'62 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'CS Money' disclosed a bug submitted by b'benjamin-mauss' 
b'Able to blocking users with 2fa from login into their accounts by just knowing the SteamID'
14 Dec 2023 timeline
b'EXNESS' disclosed a bug submitted by b'ashwarya' 
b'Unrestricted Access to Celery Flower Instance'
14 Dec 2023 timeline
b'Ruby' disclosed a bug submitted by b'dee-see' 
b"URI parser's RFC3986 regular expression has poor performance when there are two # characters, leading to ReDoS"
13 Dec 2023 timeline
b'Daimler Truck' disclosed a bug submitted by b'abhhinavsecondary' 
b'Default credential to login at site management panel'
12 Dec 2023 timeline
b'Valve' disclosed a bug submitted by b'xpaw' 
b'Web API key registration allows registering multiple keys by reusing `request_id` '
12 Dec 2023 timeline
b'HackerOne' disclosed a bug submitted by b'mega7' 
b'Server Side Request Forgery (SSRF) via Analytics Reports'
08 Dec 2023 timeline
b'Glassdoor' disclosed a bug submitted by b'saboorhakimi' 
b'Web Cache Deception'
08 Dec 2023 timeline
b'CS Money' disclosed a bug submitted by b'smalx' 
b'Authentication Bypass to (CVE-2023-2982)'
08 Dec 2023 timeline
b'HackerOne' disclosed a bug submitted by b'byq' 
b'Private program name disclosure in the invitation mail for another program'
08 Dec 2023 timeline
b'curl' disclosed a bug submitted by b'cxshakal' 
b'CVE-2023-46219: HSTS long file name clears contents'
08 Dec 2023 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'p4fg' 
b'Misconfiguration in AWS CloudFront CDN configuration makes rubygems.org serve (and cache) content from a unclaimed S3-bucket'
07 Dec 2023 timeline
b'LinkedIn' disclosed a bug submitted by b'tushar6378' 
b'User Details Can Be Disclosed Even If The Account IS In Hibernation State'
06 Dec 2023 timeline
b'LinkedIn' disclosed a bug submitted by b'marvelmaniac' 
b'CSRF that makes any linkedin user follow attacker controlled accounts by simply clicking https://www.linkedin.com/comm/mynetwork/discovery-see-all/*'
06 Dec 2023 timeline
b'LinkedIn' disclosed a bug submitted by b'marvelmaniac' 
b'CSRF that makes any user send invitations to the attacker by simply clicking on a link.'
06 Dec 2023 timeline
b'curl' disclosed a bug submitted by b'nyymi' 
b'CVE-2023-46218: cookie mixed case PSL bypass'
06 Dec 2023 timeline
b'GitHub' disclosed a bug submitted by b'inspector-ambitious' 
b'Rogue collaborators and ambiguous branch names in GitHub'
05 Dec 2023 timeline
b'IBM' disclosed a bug submitted by b'sajidraza' 
b'Unauthenticated Remote Access to Testing Endpoint'
04 Dec 2023 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'tniessen' 
b'Integrity checks according to policies can be circumvented in Node.js 20 and Node.js 18'
30 Nov 2023 timeline
b'Tennessee Valley Authority' disclosed a bug submitted by b'mohs3n' 
b'access to profile & reset password page without authentication'
30 Nov 2023 timeline
b'Tennessee Valley Authority' disclosed a bug submitted by b'mohs3n' 
b'captcha bypass leads to register multiple user with one valid captcha'
30 Nov 2023 timeline
1 ... 57 58 59 60 61 ... 738
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM