Top10 publishers:
bobrov114 
linkks75 
geeknik72 
sp1d3rs63 
jobert57 
netfuzzer47 
guido45 Twitter
bl4de42 
ryat40 
bigbear_38 

the unofficial HackerOne disclosure timeline.

X
Mail.ru disclosed a bug submitted by m7mdharoun 
Subdomain Takeover at blog.instamart.ru
13 Jul 2020 timeline
Mail.ru disclosed a bug submitted by r0hack 
Cross-organization data access in city-mobil.ru
13 Jul 2020 timeline
Mail.ru disclosed a bug submitted by justchillin 
Reflected XSS in city-mobil.ru/
13 Jul 2020 timeline
Mail.ru disclosed a bug submitted by dedsec69 
Improper access control leading to deletion of Greeting videos on {https://smtp.8mar.mail.ru/}
13 Jul 2020 timeline
Mail.ru disclosed a bug submitted by ch0c0 
[icq.com/people/*uin*/edit] ??????????? ?????? ? ???????? ?? ????? ? ???? "???????"
13 Jul 2020 timeline
Stripo Inc disclosed a bug submitted by whitehatmat 
Integer Overflow (CVE_2017_7529)
13 Jul 2020 timeline
Stripo Inc disclosed a bug submitted by dotsecurity 
SSRF via Export Service in ActiveCampaign
13 Jul 2020 timeline
Ruby on Rails disclosed a bug submitted by ooooooo_q 
File writing by Directory traversal at actionpack-page_caching and RCE by it
13 Jul 2020 timeline
Helium disclosed a bug submitted by amr321 
Read-Only user can delete users
10 Jul 2020 timeline
Twitter disclosed a bug submitted by updatelap 
Ability to bruteforce mopub account’s password due to lack of rate limitation protection using {ip rotation techniques}
10 Jul 2020 timeline
Maximum disclosed a bug submitted by what_web 
[www.werkenbijbakertilly.nl] Denial of service due to incorrect server return can result in total denial of service.
10 Jul 2020 timeline
Maximum disclosed a bug submitted by what_web 
[www.werkenbijderet.nl] There is no rate limit for vacature-alert endpoints
10 Jul 2020 timeline
Moneybird disclosed a bug submitted by ant_pyne 
Pending MFA logins aren't immediatly expired after a password change
10 Jul 2020 timeline
TTS Bug Bounty disclosed a bug submitted by justchillin 
Blind SSRF on https://labs.data.gov/dashboard/Campaign/json_status/ Endpoint
10 Jul 2020 timeline
GitHub Security Lab disclosed a bug submitted by d3lla 
[javascript] CWE-020: CodeQL query to detect missing origin validation in cross-origin communication via postMessage
09 Jul 2020 timeline
Automattic disclosed a bug submitted by fuzzme 
[tumblr.com] 69< Firefox Only XSS Reflected
09 Jul 2020 timeline
Nextcloud disclosed a bug submitted by arezthehopebuster_ 
Full path disclosure vulnerability via Upload .htaccess file
09 Jul 2020 timeline
Nextcloud disclosed a bug submitted by jmdx 
Non-admin users can trigger writes to memcached by entering a malicious server as a share URL
09 Jul 2020 timeline
Zomato disclosed a bug submitted by defparam 
Stealing Zomato X-Access-Token: in Bulk using HTTP Request Smuggling on api.zomato.com
09 Jul 2020 timeline
U.S. Dept Of Defense disclosed a bug submitted by notdeghost 
CSRF Account Deletion on ??? Website
09 Jul 2020 timeline
1 2 3 4 ... 448
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM