Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'58 
b'ooooooo_q'52 
b'haxta4ok00'49 
b'jon_bottarini'49 

the unofficial HackerOne disclosure timeline.

X
b'AWS VDP' disclosed a bug submitted by b'hesham_elsheme' 
b'External service interaction (HTTP)'
04 Oct 2024 timeline
b'IBM' disclosed a bug submitted by b'mersa-v6' 
b'SSRF via host header let access localhost via https://go.dialexa.com'
03 Oct 2024 timeline
b'TikTok' disclosed a bug submitted by b'ahmed_xyz' 
b'Stored-XSS-ads.tiktok.com'
02 Oct 2024 timeline
b'GitLab' disclosed a bug submitted by b'tefa_' 
b'Remove obsolete domain from handbook subdomain'
01 Oct 2024 timeline
b'IBM' disclosed a bug submitted by b'0xhassan' 
b'IBM OpenPages vulnerable to exposure of sensitive information'
01 Oct 2024 timeline
b'Ruby on Rails' disclosed a bug submitted by b'ooooooo_q' 
b'XSS when using `translate` in Action Controller (Rails 7.0, 7.1)'
01 Oct 2024 timeline
b'Mattermost' disclosed a bug submitted by b'c0rydoras' 
b"Posts sent via websockets aren't sanitized properly"
01 Oct 2024 timeline
b'GitLab' disclosed a bug submitted by b'moblig' 
b'IDOR Exposes All Machine Learning Models'
01 Oct 2024 timeline
b'Rocket.Chat' disclosed a bug submitted by b'h0011' 
b'The initial E2EE password generated by Rocket.Chat mobile can be recovered in a practical timescale.'
01 Oct 2024 timeline
b'Nintendo' disclosed a bug submitted by b'regginator' 
b'[Switch, PIA/MK8DX] Stack buffer overflow and potential RCE in PIA (LAN/LDN, possibly NEX) room info deserialization'
30 Sep 2024 timeline
b'Acronis' disclosed a bug submitted by b'mr-medi' 
b'PUT Based CSRF via Client Side Path Traversal + Cookie Bomb on Acronis Cloud'
27 Sep 2024 timeline
b'LY Corporation' disclosed a bug submitted by b'never_die' 
b'Client-Side Path Traversal on LINE Developers Console'
26 Sep 2024 timeline
b'MTN Group' disclosed a bug submitted by b'renzi' 
b'SSRF Keycloak before 13.0.0 - CVE-2020-10770 on https://sponsoredata.mtn.ci'
26 Sep 2024 timeline
b'FetLife' disclosed a bug submitted by b'ezzra' 
b'Able to see location coordinates in any event without permission to do so'
25 Sep 2024 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'ooooooo_q' 
b'Possible DoS Vulnerability with Range Header in Rack'
25 Sep 2024 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'ooooooo_q' 
b'Possible XSS Vulnerability in Action Controller'
25 Sep 2024 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'l33thaxor' 
b'CVE-2024-41989: Denial-Of-Service vulnerability in the floatformat template filter when input string contains a big exponent in scientific notation'
22 Sep 2024 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'z2_' 
b'curl: stack-buffer overread during punycode conversions'
22 Sep 2024 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'manishpatidar' 
b'Unbounded memory growth with session handling in TLSv1.3'
22 Sep 2024 timeline
b'TikTok' disclosed a bug submitted by b'sh1yo' 
b'DOM XSS in tiktok.com/login via the redirect_url parameter'
21 Sep 2024 timeline
1 ... 13 14 15 16 17 ... 724
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM