Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'57 
b'ooooooo_q'50 
b'jon_bottarini'49 
b'haxta4ok00'48 

the unofficial HackerOne disclosure timeline.

X
b'Snapchat' disclosed a bug submitted by b'kiyell' 
b'Leaked JFrog Artifactory username and password exposed on GitHub - https://snapchat.jfrog.io'
12 Aug 2021 timeline
b'Snapchat' disclosed a bug submitted by b'damian89' 
b'Client IP Spoofing using "X-Forwarded-For: 127.0.0.1" on "studio-app.snapchat.com" exposing bucket details'
12 Aug 2021 timeline
b'GitHub Security Lab' disclosed a bug submitted by b'someonenobbd' 
b'[C#]: HttpOnly and Secure Cookies for .NET Core and .NET'
12 Aug 2021 timeline
b'GitHub Security Lab' disclosed a bug submitted by b'artem' 
b'Java: Timing attacks while comparing results of cryptographic operations'
12 Aug 2021 timeline
b'UPchieve' disclosed a bug submitted by b'scianto05' 
b'Business logic error'
11 Aug 2021 timeline
b'Nextcloud' disclosed a bug submitted by b'rtod' 
b'Add to your nextcloud endpoint is not properly protected'
11 Aug 2021 timeline
b'Nextcloud' disclosed a bug submitted by b'lukasreschkenc' 
b'Text app leaks file path of shared files'
11 Aug 2021 timeline
b'Nextcloud' disclosed a bug submitted by b'lukasreschkenc' 
b'ApiService#fetch serves content as text/html and inline Content-Disposition'
11 Aug 2021 timeline
b'Nextcloud' disclosed a bug submitted by b'foobar7' 
b'Bypass of privacy filter / tracking pixel blocker'
11 Aug 2021 timeline
b'Nextcloud' disclosed a bug submitted by b'rtod' 
b'public webdav endpoint not bruteforce protected'
11 Aug 2021 timeline
b'Nextcloud' disclosed a bug submitted by b'rtod' 
b'index.php/apps/files_sharing/shareinfo endpoint is not properly protected'
11 Aug 2021 timeline
b'Nextcloud' disclosed a bug submitted by b'foobar7' 
b'Download of file with arbitrary extension via injection into attachment header'
11 Aug 2021 timeline
b'Nextcloud' disclosed a bug submitted by b'lukasreschkenc' 
b'Ratelimits do not apply to OCS DataResponse'
11 Aug 2021 timeline
b'Valve' disclosed a bug submitted by b'drbrix' 
b'Modify in-flight data to payment provider Smart2Pay'
10 Aug 2021 timeline
b'Acronis' disclosed a bug submitted by b'aapo' 
b'Acronis True Image 2021 (windows) does not validate server hostname on a login TLS connection'
10 Aug 2021 timeline
b'UPchieve' disclosed a bug submitted by b'n1had' 
b'Password reset token leak on third party website via Referer header'
10 Aug 2021 timeline
b'Basecamp' disclosed a bug submitted by b'blackbibin' 
b'Login session not expire'
10 Aug 2021 timeline
b'Basecamp' disclosed a bug submitted by b'zofrex' 
b'Insecure Bundler configuration fetching internal Gems (okra) from Rubygems.org'
10 Aug 2021 timeline
b'Basecamp' disclosed a bug submitted by b'blackbibin' 
b'Password reset link not expiring after changing password in settings'
10 Aug 2021 timeline
b'HackerOne' disclosed a bug submitted by b'adhamsadaqah' 
b'Tab nabbing in Hackerone inbox.'
09 Aug 2021 timeline
1 ... 157 158 159 160 161 ... 718
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM