Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'84 
b'linkks'75 
b'jobert'70 
b'nyymi'64 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'U.S. Dept Of Defense' disclosed a bug submitted by b'dmonsterrr' 
b'Expired SSL Certificate allows credentials steal'
29 Nov 2021 timeline
b'MCUboot' disclosed a bug submitted by b'r0m50' 
b'private keys exposed on the GitHub repository'
27 Nov 2021 timeline
b'XVIDEOS' disclosed a bug submitted by b'sbakhour' 
b'CSRF on delete friend requests - Not protected with CSRF Token'
26 Nov 2021 timeline
b'Shopify' disclosed a bug submitted by b'fr4via' 
b'Insufficient session expiration in the **com.shopify.ping** android app'
26 Nov 2021 timeline
b'Shopify' disclosed a bug submitted by b'stapia' 
b'A non-privileged user may create an admin account in Stocky'
25 Nov 2021 timeline
b'Shopify' disclosed a bug submitted by b'youstin' 
b'Sidekiq dashboard exposed at notary.shopifycloud.com'
25 Nov 2021 timeline
b'Traffic Factory' disclosed a bug submitted by b'vavkamil' 
b'WordPress Plugin Update Confusion at trafficfactory.com'
25 Nov 2021 timeline
b'Mail.ru' disclosed a bug submitted by b'ghost_shell' 
b'Cross-site Scripting (XSS) - Stored'
25 Nov 2021 timeline
b'DigitalOcean' disclosed a bug submitted by b'wshadow' 
b'Blind XSS via Digital Ocean Partner account creation form.'
23 Nov 2021 timeline
b'XVIDEOS' disclosed a bug submitted by b'rajput__16' 
b'No-Rate limit of current password on delete account endpoint(https://www.xvideos.com/account/close)'
23 Nov 2021 timeline
b'Shopify' disclosed a bug submitted by b'hydraxanon82' 
b'Staff who only have apps and channels permission can do a takeover account at the wholesale store (Bypass get invitation link)'
21 Nov 2021 timeline
b'A.S. Watson Group ' disclosed a bug submitted by b'sachin_kumar_' 
b'Full account takeover of any user through GET /checkout/psp/auth_response?'
21 Nov 2021 timeline
b'8x8' disclosed a bug submitted by b'plokta' 
b'[jitsi-meet] Authentication Bypass when using JWT w/ public keys'
20 Nov 2021 timeline
b'Lark Technologies' disclosed a bug submitted by b'imran_nisar' 
b'Non privileged user is able to approve his own app himself leading to mass privilege escalations.'
20 Nov 2021 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'itsecurityco' 
b'Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.50'
19 Nov 2021 timeline
b'Azbuka Vkusa' disclosed a bug submitted by b'ronr' 
b'Reflected XSS on av.ru via `q` parameter at https://av.ru/collections/*'
19 Nov 2021 timeline
b'UPchieve' disclosed a bug submitted by b'maisanisnotyours' 
b'Clickjacking ar https://hackers.upchieve.org/login'
19 Nov 2021 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'svalkanov' 
b'Ruby - Regular Expression Denial of Service Vulnerability of Date Parsing Methods'
19 Nov 2021 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'fms' 
b'Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 and 2.4.50 (incomplete fix of CVE-2021-41773) (CVE-2021-42013)'
19 Nov 2021 timeline
b'Shopify' disclosed a bug submitted by b'savik' 
b'Apache Flink Dashboard exposure at https://streaming-sales-model-production.flink.shopifykloud.com'
18 Nov 2021 timeline
1 ... 161 162 163 164 165 ... 742
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM