Top10 publishers:
bobrov114 
linkks75 
geeknik72 
sp1d3rs63 
jobert57 
jon_bottarini48 
netfuzzer47 
guido45 Twitter
ryat42 
bl4de42 

the unofficial HackerOne disclosure timeline.

X
Node.js third-party modules disclosed a bug submitted by 0xd0ff 
[m-server] XSS reflected because path does not escapeHtml
28 Sep 2020 timeline
concrete5 disclosed a bug submitted by javakhishvili 
Unauthenticated HTML Injection Stored - ContactUs form
25 Sep 2020 timeline
concrete5 disclosed a bug submitted by javakhishvili 
Cross Site Scripting (XSS) Stored - Private messaging
25 Sep 2020 timeline
HackerOne disclosed a bug submitted by vakzz 
Reflected XSS on www.hackerone.com via Wistia embed code
24 Sep 2020 timeline
Node.js third-party modules disclosed a bug submitted by mik317 
[snekserve] Stored XSS via filenames HTML formatted
24 Sep 2020 timeline
Node.js third-party modules disclosed a bug submitted by mik317 
[commit-msg] RCE via insecure command formatting
24 Sep 2020 timeline
Node.js third-party modules disclosed a bug submitted by mik317 
[gity] RCE via insecure command formatting
24 Sep 2020 timeline
Node.js third-party modules disclosed a bug submitted by lightangel1412 
[http_server] Path Traversal allowing to read any files on the server
24 Sep 2020 timeline
Twitter disclosed a bug submitted by alesandroortiz 
Android WebViews in Twitter app are vulnerable to UXSS due to configuration and CVE-2020-6506
24 Sep 2020 timeline
Node.js third-party modules disclosed a bug submitted by lightangel1412 
[hnzserver] Path Traversal allowing to read any files on the server
24 Sep 2020 timeline
Node.js third-party modules disclosed a bug submitted by mik317 
[git-lib] RCE via insecure command formatting
24 Sep 2020 timeline
Visma Public disclosed a bug submitted by #zeop 
Bypassing Business ID/VAT # validation during registration to create accounts with duplicate Business ID/VAT
24 Sep 2020 timeline
Node.js third-party modules disclosed a bug submitted by ahihi 
property-expr - Prototype pollution
24 Sep 2020 timeline
Starbucks disclosed a bug submitted by xmfc 
China - IDOR on Reservation Staging/Non Production Site - https://reservation.stg.starbucks.com.cn
22 Sep 2020 timeline
Topcoder disclosed a bug submitted by sodium_ 
Stored-Xss at connect.topcoder.com/projects/ affected on project chat members
22 Sep 2020 timeline
Solana BBP disclosed a bug submitted by 0x4_aulia 
Public and secret api key leaked via Solana BBP github repo
22 Sep 2020 timeline
Valve disclosed a bug submitted by kbeckmann 
[steam client] Opening a specific steam:// url overwrites files at an arbitrary location
22 Sep 2020 timeline
Valve disclosed a bug submitted by kbeckmann 
[Half-Life 1] Malformed map name leads to memory corruption and code execution
22 Sep 2020 timeline
New Relic disclosed a bug submitted by jhimansh 
"Basic user" which can only access a limited subset of the platform can access certain pages which are restricted to the user by the account owner.
22 Sep 2020 timeline
8x8 disclosed a bug submitted by wh0ru 
DOM Based XSS at docs.8x8.com
22 Sep 2020 timeline
1 2 3 4 ... 471
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM