Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'58 
b'ooooooo_q'52 
b'haxta4ok00'49 
b'jon_bottarini'49 

the unofficial HackerOne disclosure timeline.

X
b'Automattic' disclosed a bug submitted by b'nightpool' 
b'Timeline API returns private post when target of a push notification'
17 Oct 2024 timeline
b'GitHub' disclosed a bug submitted by b'pinguluk' 
b'Information Leakage via Clicked Link in GitHub Repository (Fingerprinting)'
17 Oct 2024 timeline
b'Sorare' disclosed a bug submitted by b'thebeast99' 
b'Circular based introspetion Query leading to single request denial of service and cost consumption and query cost on api.sorare.com/graphql'
17 Oct 2024 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'4xpl0r3r' 
b'fs.fchown/fchmod bypasses permission model'
16 Oct 2024 timeline
b'Enjin' disclosed a bug submitted by b'ndizon_' 
b'Host header injection leads to account takeover'
15 Oct 2024 timeline
b'Enjin' disclosed a bug submitted by b'mo_salah12' 
b'Race Condition on Create API Function'
15 Oct 2024 timeline
b'Rocket.Chat' disclosed a bug submitted by b'yash24' 
b'IDOR vulnerability leads to Deleting message after leaving/getting banned from group using message ID'
13 Oct 2024 timeline
b'GitHub' disclosed a bug submitted by b'ahacker1' 
b'SAML Signature verification bypass allows logging into any user (with specific conditions)'
10 Oct 2024 timeline
b'GitLab' disclosed a bug submitted by b'a92847865' 
b'DOS: taking down a 1k users Gitlab EE instance or multiple Sidekiq instances by importing a malicious repo from a Github EE self-hosted server'
09 Oct 2024 timeline
b'GitLab' disclosed a bug submitted by b'fdeleite' 
b'Subdomain takeover in Gitlab pages'
09 Oct 2024 timeline
b'MTN Group' disclosed a bug submitted by b'm4lc0lmx' 
b'Remote code execution [CVE-2023-36845]'
09 Oct 2024 timeline
b'inDrive' disclosed a bug submitted by b'polem4rch' 
b'Change phone number OTP flaw leads to any phone number takeover'
09 Oct 2024 timeline
b'Ruby on Rails' disclosed a bug submitted by b'ooooooo_q' 
b'Path traversal in AcitveStorage, and lead RCE'
08 Oct 2024 timeline
b'Ruby on Rails' disclosed a bug submitted by b'trufflesecurity' 
b'Sauce Labs API key unencrypted in an old commit'
08 Oct 2024 timeline
b'GitLab' disclosed a bug submitted by b'cryptopone' 
b'HTML injection possible with soft email confirmations when Administrator manually confirms attacker email address'
08 Oct 2024 timeline
b'GitLab' disclosed a bug submitted by b'70rpedo' 
b'Maintainer can leak sentry token by changing the configured URL (fix bypass)'
08 Oct 2024 timeline
b'GitLab' disclosed a bug submitted by b'afewgoats' 
b'ReDoS due to device-detector parsing user agents'
08 Oct 2024 timeline
b'Mozilla' disclosed a bug submitted by b'anhchangmutrang' 
b'User API Key leakage in Github commit leads to unauthorized access to sql.telemetry.mozilla.org'
08 Oct 2024 timeline
b'MTN Group' disclosed a bug submitted by b'hazemhussien99' 
b'IDOR at mtnmobad.mtnbusiness.com.ng leads to PII leakage. '
05 Oct 2024 timeline
b'MTN Group' disclosed a bug submitted by b'hazemhussien99' 
b'Reflected XSS in https://nin.mtn.ng/nin/success?message=lol&nin=<VULNERABLE>'
05 Oct 2024 timeline
1 ... 12 13 14 15 16 ... 724
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM