Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'58 
b'ooooooo_q'52 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'Internet Bug Bounty' disclosed a bug submitted by b'ooooooo_q' 
b'ReDoS (Rails::Html::PermitScrubber.scrub_attribute)'
14 Dec 2022 timeline
b'Ruby on Rails' disclosed a bug submitted by b'0b5cur17y' 
b'Rails::Html::SafeListSanitizer vulnerable to XSS when certain tags are allowed (math+style || svg+style)'
14 Dec 2022 timeline
b'Ruby on Rails' disclosed a bug submitted by b'0b5cur17y' 
b'Incomplete fix for CVE-2022-32209 (XSS in Rails::Html::Sanitizer under certain configurations)'
14 Dec 2022 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'theinternetofdefcon_' 
b'Electron CVE-2022-35954 Delimiter Injection Vulnerability in exportVariable'
14 Dec 2022 timeline
b'Ruby' disclosed a bug submitted by b'djspinmonkey' 
b'Attacker can smuggle a malicious domain in a URI object.'
13 Dec 2022 timeline
b'GitHub' disclosed a bug submitted by b'legit-security' 
b'DoS via markdown API from unauthenticated user'
13 Dec 2022 timeline
b'Twitter' disclosed a bug submitted by b'jub0bs' 
b'Link-shortener bypass (regression on fix for #1032610)'
12 Dec 2022 timeline
b'Cloudflare Public Bug Bounty' disclosed a bug submitted by b'mattipv4' 
b'cd=false (DNSSEC) not respected in DNS over HTTPS JSON requests'
12 Dec 2022 timeline
b'Nextcloud' disclosed a bug submitted by b'ibrahim71192' 
b'A vulnerability classified as critical has been found in gsi-openssh-server 7.9p1 on Fedora (Connectivity Software) on server (http://95.217.64.181:22'
10 Dec 2022 timeline
b'Kubernetes' disclosed a bug submitted by b'weinongw' 
b'SSRF vulnerability can be exploited when a hijacked aggregated api server such as metrics-server returns 30X'
10 Dec 2022 timeline
b'Nextcloud' disclosed a bug submitted by b'mik-patient' 
b'[nextcloud/server] Moment.js vulnerable to Inefficient Regular Expression Complexity'
09 Dec 2022 timeline
b'Rocket.Chat' disclosed a bug submitted by b'sectex' 
b'Insecure use of shell.openExternal() leads to RCE in Rocket.Chat-Desktop'
08 Dec 2022 timeline
b'Sony' disclosed a bug submitted by b'splint3rsec' 
b'SQL Injection on []'
07 Dec 2022 timeline
b'Node.js' disclosed a bug submitted by b'haxatron1' 
b'DNS rebinding in --inspect via invalid octal IP address'
07 Dec 2022 timeline
b'LinkedIn' disclosed a bug submitted by b'headhunter' 
b'Unauthorized access to resumes stored on LinkedIn'
07 Dec 2022 timeline
b'TikTok' disclosed a bug submitted by b'imran_nisar' 
b'Ability to change permissions across seller platform'
06 Dec 2022 timeline
b'8x8' disclosed a bug submitted by b'shuvam321' 
b'Unprotected Atlantis Server at https://152.70..'
06 Dec 2022 timeline
b'Linktree' disclosed a bug submitted by b'jagata' 
b'XSS in linktr.ee - on link thumbnail adding'
06 Dec 2022 timeline
b'EXNESS' disclosed a bug submitted by b'ashwarya' 
b'IDOR in Stats API Endpoint Allows Viewing Equity or Net Profit of Any MT Account '
05 Dec 2022 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'kurohiro' 
b'CVE-2022-35260: .netrc parser out-of-bounds access'
03 Dec 2022 timeline
1 ... 91 92 93 94 95 ... 730
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM