Top10 publishers:
bobrov107 
sp1d3rs54 
bigbear_38 
guido37 Twitter
bl4de37 
jobert37 
isox36 
4lemon35 
geeknik35 
edio34 

the unofficial HackerOne disclosure timeline.

X
Valve disclosed a bug submitted by xpaw 
Reflected XSS on help.steampowered.com
07 Jan 2019 timeline
Valve disclosed a bug submitted by tvmpt 
XSS @ store.steampowered.com via agecheck path name
07 Jan 2019 timeline
Valve disclosed a bug submitted by romesful 
CSRF | Ban or unban users in broadcast's chat
07 Jan 2019 timeline
Valve disclosed a bug submitted by mvc 
Stored XSS in the guide's GameplayVersion (www.dota2.com)
07 Jan 2019 timeline
Valve disclosed a bug submitted by zemnmez 
code injection, steam chat client
07 Jan 2019 timeline
Valve disclosed a bug submitted by zemnmez 
XSS in steam react chat client
07 Jan 2019 timeline
HackerOne disclosed a bug submitted by khoiasd 
Response program can create bounty table
07 Jan 2019 timeline
CFP Time disclosed a bug submitted by phsmile 
Missing Two Factor Authentication in /admin/login
07 Jan 2019 timeline
Nextcloud disclosed a bug submitted by ismailtsdln 
Information Exposure Through Directory Listing - https://apps.nextcloud.com/static/
07 Jan 2019 timeline
CFP Time disclosed a bug submitted by badcracker 
Error Page Content Spoofing or Text Injection
07 Jan 2019 timeline
Node.js third-party modules disclosed a bug submitted by cris_semmle 
Command Injection Vulnerability in kill-port Package
06 Jan 2019 timeline
Node.js third-party modules disclosed a bug submitted by skyn3t 
[buttle] Unsafe rendering of Markdown files
06 Jan 2019 timeline
Liberapay disclosed a bug submitted by gouveaheitor 
User Enumeration
05 Jan 2019 timeline
HackerOne disclosed a bug submitted by mga_bobo 
User login page doesn't implement any form of rate limiting
04 Jan 2019 timeline
Inflection disclosed a bug submitted by csanuragjain 
Malicious callback url can be set while creating application in identity
03 Jan 2019 timeline
Node.js third-party modules disclosed a bug submitted by shivasurya 
[static-resource-server] Path Traversal allows to read content of arbitrary file on the server
03 Jan 2019 timeline
Smule disclosed a bug submitted by fr_0_ank 
Disclosure of information about the system, configuration files.
03 Jan 2019 timeline
HackerOne disclosed a bug submitted by haxta4ok00 
Submitting report through Embedded Submission form gives user indefinite access to a profile
03 Jan 2019 timeline
Khan Academy disclosed a bug submitted by sameerphad72 
Creating Unlimited Fake Accounts.
02 Jan 2019 timeline
HackerOne disclosed a bug submitted by thefrog 
@wearehackerone.com is vulnerable to namespace attacks due to hackerone.com not being RFC2142 compliant.
02 Jan 2019 timeline
1 2 3 4 ... 321
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM