Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'56 
b'ooooooo_q'50 
b'jon_bottarini'49 
b'haxta4ok00'48 

the unofficial HackerOne disclosure timeline.

X
b'Glassdoor' disclosed a bug submitted by b'0x7' 
b'Open redirect on https://www.glassdoor.com/profile/siwa.htm via state parameter'
08 Jun 2022 timeline
b'GitLab' disclosed a bug submitted by b'saltyyolk' 
b'Path traversal, to RCE'
07 Jun 2022 timeline
b'GitLab' disclosed a bug submitted by b'saltyyolk' 
b'Steal private objects of other projects via project import'
07 Jun 2022 timeline
b'GitLab' disclosed a bug submitted by b'saltyyolk' 
b'Private objects exposed through project import'
07 Jun 2022 timeline
b'GitLab' disclosed a bug submitted by b'saltyyolk' 
b'Path traversal in Nuget Package Registry'
07 Jun 2022 timeline
b'Acronis' disclosed a bug submitted by b'ub3rsick' 
b'Store Admin Page Accessible Without Authentication at http://www.grouplogic.com/ADMIN/store/index.cfm'
07 Jun 2022 timeline
b'Acronis' disclosed a bug submitted by b'ub3rsick' 
b'Stored Cross Site Scripting at http://www.grouplogic.com/ADMIN/store/index.cfm?fa=disprocode'
07 Jun 2022 timeline
b'Reddit' disclosed a bug submitted by b'h1ugroon' 
b'Misconfigurated login page able to lock login action for any account without user interaction'
06 Jun 2022 timeline
b'Exodus' disclosed a bug submitted by b'bismillahfortuner' 
b'2 Cache Poisoning Attack Methods Affect Core Functionality www.exodus.com'
06 Jun 2022 timeline
b'U.S. General Services Administration' disclosed a bug submitted by b'rptl' 
b'Registered users contact information disclosure on salesforce lightning endpoint https://disposal.gsa.gov'
06 Jun 2022 timeline
b'curl' disclosed a bug submitted by b'nyymi' 
b'Heap overflow via HTTP/2 PUSH_PROMISE'
05 Jun 2022 timeline
b'curl' disclosed a bug submitted by b'nyymi' 
b'KRB-FTP: Security level downgrade'
05 Jun 2022 timeline
b'Kubernetes' disclosed a bug submitted by b'codermak' 
b'Github Account Takeover from Docs page of `kubernetes-csi.github.io`'
04 Jun 2022 timeline
b'Imgur' disclosed a bug submitted by b'mr_baka' 
b'8ybhy85kld9zp9xf84x6.imgur.com Subdomain Takeover'
03 Jun 2022 timeline
b'Kubernetes' disclosed a bug submitted by b't0rr3sp3dr0' 
b'AWS Load Balancer Controller Managed Security Groups can be replaced by an unprivileged attacker'
02 Jun 2022 timeline
b'Kubernetes' disclosed a bug submitted by b't0rr3sp3dr0' 
b'AWS Load Balancer Controller can be used by an attacker to modify rules of any Security Group that they are able to tag'
02 Jun 2022 timeline
b'Dropbox' disclosed a bug submitted by b'staz0t' 
b'Exfiltrate GDrive access token using CSRF'
01 Jun 2022 timeline
b'Nextcloud' disclosed a bug submitted by b'michag86' 
b'user can bypass password enforcement when federated sharing is enabled'
01 Jun 2022 timeline
b'Glovo' disclosed a bug submitted by b'omarelfarsaoui' 
b'Django debug enabled showing information about system, database, configuration files'
31 May 2022 timeline
b'Phabricator' disclosed a bug submitted by b'dyls' 
b'Deprecated owners.query API bypasses object view policy'
31 May 2022 timeline
1 ... 106 107 108 109 110 ... 718
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM