Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'58 
b'ooooooo_q'52 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'LinkedIn' disclosed a bug submitted by b'find_me_here' 
b'Attackers can use TRIAL Premium only by paying **IDR 10,000.00** from the original price of `IDR462,400.00` per month'
24 Aug 2023 timeline
b'LinkedIn' disclosed a bug submitted by b'tushar6378' 
b'A Unverified User Can Post Newsletter (Which Is Not Allowed Through Application UI)'
24 Aug 2023 timeline
b'LinkedIn' disclosed a bug submitted by b'adilnbabras' 
b"IDOR allows an attacker to delete anyone's featured photo."
24 Aug 2023 timeline
b'LinkedIn' disclosed a bug submitted by b'cybergoddess' 
b'Improper access control on Linkedin Page'
24 Aug 2023 timeline
b'Uber' disclosed a bug submitted by b'lalit2020' 
b"Complete Admin account takeover due to PhpDebugBar turned on in Uber's production server"
23 Aug 2023 timeline
b'Nextcloud' disclosed a bug submitted by b'rullzer' 
b'Issuer not verified from obtained token in user_oidc '
23 Aug 2023 timeline
b'Nextcloud' disclosed a bug submitted by b'rullzer' 
b'App stores client secret unencrypted in database'
23 Aug 2023 timeline
b'Nextcloud' disclosed a bug submitted by b'rullzer' 
b"Text does not respect 'Allow download' permissions"
23 Aug 2023 timeline
b'Node.js' disclosed a bug submitted by b'leodog896' 
b'Dependency Policy Bypass via process.binding'
23 Aug 2023 timeline
b'HackerOne' disclosed a bug submitted by b'sudi' 
b'Bypass of #2035332 RXSS at image.hackerone.live via the `url` parameter'
22 Aug 2023 timeline
b'Nintendo' disclosed a bug submitted by b'crazy_man123' 
b'[WiiU/Switch] nullptr dereference in the ENL framework'
22 Aug 2023 timeline
b'Radancy' disclosed a bug submitted by b'kalendra456' 
b'Cross-origin resource sharing: arbitrary origin trusted'
22 Aug 2023 timeline
b'Radancy' disclosed a bug submitted by b'h03' 
b'insecure storage of information, you can view any file uploaded to the server without authentication and only with a single link'
21 Aug 2023 timeline
b'Rockstar Games' disclosed a bug submitted by b'floorball' 
b'Insecure Direct Object Reference allows Crew Invite deletion'
17 Aug 2023 timeline
b'Nintendo' disclosed a bug submitted by b'crazy_man123' 
b'[MK8DX] Improper metadata validation 2'
17 Aug 2023 timeline
b'Nintendo' disclosed a bug submitted by b'crazy_man123' 
b'[MK8DX] Improper metadata parsing'
17 Aug 2023 timeline
b'Node.js' disclosed a bug submitted by b'mattaustin' 
b'Permissions policies can be bypassed via Module._load.'
16 Aug 2023 timeline
b'Ruby on Rails' disclosed a bug submitted by b'ooooooo_q' 
b'Unexpected deserialization in Kredis'
16 Aug 2023 timeline
b'TikTok' disclosed a bug submitted by b'ashrafabdelrazik' 
b'CRLF to XSS & Open Redirection'
16 Aug 2023 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'ooooooo_q' 
b'CVE-2023-36617: ReDoS vulnerability in URI (Ruby)'
15 Aug 2023 timeline
1 ... 60 61 62 63 64 ... 730
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM