Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'58 
b'ooooooo_q'52 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'U.S. Dept Of Defense' disclosed a bug submitted by b'0r10nh4ck' 
b'AWS Credentials Disclosure at '
24 Feb 2023 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'0r10nh4ck' 
b'Upload and delete files in debug page without access control.'
24 Feb 2023 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'interc3pt3r' 
b'Reflected XSS at '
24 Feb 2023 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'hack3ron___1' 
b'Authentication Bypass Using Default Credentials on '
24 Feb 2023 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'syarifmsajjad' 
b'Sensitive information disclosure [HtUS]'
24 Feb 2023 timeline
b'Automattic' disclosed a bug submitted by b'0xwega74' 
b'Stored XSS on app.crowdsignal.com your-subdomain.crowdsignal.net via Thank You Header'
24 Feb 2023 timeline
b'Nextcloud' disclosed a bug submitted by b'rullzer' 
b'Download permissions can be changed by resharer'
24 Feb 2023 timeline
b'HackerOne' disclosed a bug submitted by b'jobert' 
b'Users querying dim_hacker_reports table through Analytics API can determine data from dim_reports table using WHERE or HAVING query'
22 Feb 2023 timeline
b'Krisp' disclosed a bug submitted by b'mikemyers' 
b'SQL Injection + Insecure Deserialization leads to Remote Code Execution on https://krisp.ai'
22 Feb 2023 timeline
b'Node.js' disclosed a bug submitted by b'timon8' 
b'CRLF Injection in Nodejs undici via host'
22 Feb 2023 timeline
b'curl' disclosed a bug submitted by b'monnerat' 
b'CVE-2023-23916: HTTP multi-header compression denial of service'
20 Feb 2023 timeline
b'U.S. Department of State' disclosed a bug submitted by b'ismailu' 
b'xss and html injection on ( https://labs.history.state.gov)'
20 Feb 2023 timeline
b'GitLab' disclosed a bug submitted by b'yvvdwf' 
b"Stored-XSS with CSP-bypass via labels' color"
19 Feb 2023 timeline
b'GitLab' disclosed a bug submitted by b'yvvdwf' 
b"Bypass: Stored-XSS with CSP-bypass via scoped labels' color"
19 Feb 2023 timeline
b'Slack' disclosed a bug submitted by b'analyz3r' 
b'Bypass invite accept for victim'
17 Feb 2023 timeline
b'TikTok' disclosed a bug submitted by b'amans' 
b'View thumbnail of any private video (friends or followers only) of Private/Public account '
17 Feb 2023 timeline
b'Node.js' disclosed a bug submitted by b'mjones-vsat' 
b'Multiple OpenSSL error handling issues in nodejs crypto library'
17 Feb 2023 timeline
b'Rocket.Chat' disclosed a bug submitted by b'f0ns1' 
b'Low authorization level at server side API operation e2e.updateGroupKey, let an attacker break the E2E architecture.'
16 Feb 2023 timeline
b'Cosmos' disclosed a bug submitted by b'bhatiagaurav1211' 
b'Unclaimed official s3 bucket of tendermint(tendermint-packages) which is used by many other blockchain companies in their code'
15 Feb 2023 timeline
b'curl' disclosed a bug submitted by b'nyymi' 
b'CVE-2023-23914: curl HSTS ignored on multiple requests'
15 Feb 2023 timeline
1 ... 83 84 85 86 87 ... 730
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM