Top10 publishers:
bobrov114 
linkks73 
geeknik70 
sp1d3rs62 
jobert51 
guido45 Twitter
bl4de42 
ryat40 
bigbear_38 
zombiehelp5437 Twitter

the unofficial HackerOne disclosure timeline.

X
HackerOne disclosed a bug submitted by haxta4ok00 
Session hijacking attack
06 Dec 2019 timeline
concrete5 disclosed a bug submitted by arcturian 
Unauthenticated reflected XSS in preview_as_user function
06 Dec 2019 timeline
Zomato disclosed a bug submitted by mchinmoy 
Zomato Map server going out of memory while resizing map image
05 Dec 2019 timeline
Razer disclosed a bug submitted by dhakal_ananda 
OTP token bypass in accessing user settings
05 Dec 2019 timeline
Razer disclosed a bug submitted by so_h1 
[razer-assets2] Listing of Amazon S3 Bucket accessible to any AWS cli
05 Dec 2019 timeline
Razer disclosed a bug submitted by iamsahana 
Insecure Logging - OWASP (2016-M2)
05 Dec 2019 timeline
Razer disclosed a bug submitted by klaue 
Accessible Druid Monitor console on https://api.pay-staging.razer.com/
05 Dec 2019 timeline
Razer disclosed a bug submitted by cccaaasser 
DLL Hijacking in Synapse 2 CrashSender1402.exe via version.dll
05 Dec 2019 timeline
Node.js third-party modules disclosed a bug submitted by vineetpandey 
Path traversal in https://www.npmjs.com/package/http_server via symlink
04 Dec 2019 timeline
Node.js third-party modules disclosed a bug submitted by mik317 
[tree-kill] RCE via insecure command concatenation (only Windows)
04 Dec 2019 timeline
Node.js third-party modules disclosed a bug submitted by spengietz 
Lodash "difference" (possibly others) Function Denial of Service Through Unvalidated Input
04 Dec 2019 timeline
Node.js third-party modules disclosed a bug submitted by mik317 
[treekill] RCE via insecure command concatenation (only Windows)
04 Dec 2019 timeline
Node.js third-party modules disclosed a bug submitted by bl4de 
`indexFile` option passed as an argument to node-server can lead to arbitrary file read
04 Dec 2019 timeline
Node.js third-party modules disclosed a bug submitted by mik317 
[node-df] RCE via insecure command concatenation
04 Dec 2019 timeline
Grammarly disclosed a bug submitted by k4r4koyun 
Account takeover through the combination of cookie manipulation and XSS
03 Dec 2019 timeline
HackerOne disclosed a bug submitted by haxta4ok00 
Account takeover via leaked session cookie
03 Dec 2019 timeline
Imgur disclosed a bug submitted by alishah 
Password Reset Link not expiring after changing the email Leads To Account Takeover
03 Dec 2019 timeline
GitLab disclosed a bug submitted by rpadovani 
GraphQL query "namespace" leaks data
03 Dec 2019 timeline
U.S. Dept Of Defense disclosed a bug submitted by 00utsav00 
http://????/data.json showing users sensitive information via json file
02 Dec 2019 timeline
U.S. Dept Of Defense disclosed a bug submitted by hexdump 
[Partial] SSN & [PII] exposed through iPERMs Presentation Slide.
02 Dec 2019 timeline
1 2 3 4 ... 391
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM