Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'84 
b'linkks'75 
b'jobert'70 
b'nyymi'64 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'U.S. Dept Of Defense' disclosed a bug submitted by b'zhenwarx' 
b'Reflected XSS at via = parameter '
28 Oct 2021 timeline
b'Agoric' disclosed a bug submitted by b'pacmanx' 
b'Dependency on private SSH keys in public github'
27 Oct 2021 timeline
b'8x8' disclosed a bug submitted by b'ian' 
b'Exposed PHP dependencies at .8x8.com'
27 Oct 2021 timeline
b'Reddit' disclosed a bug submitted by b'm0hacks' 
b'Missing rate limit in current password change settings leads to Account takeover'
27 Oct 2021 timeline
b'Reddit' disclosed a bug submitted by b'karthik86' 
b'Content Spoofing/Text Injection at https://gateway-production.dubsmash.com'
27 Oct 2021 timeline
b'Reddit' disclosed a bug submitted by b'rahulkankrale' 
b'Third party app could steal access token as well as protected files using inAppBrowser'
27 Oct 2021 timeline
b'Reddit' disclosed a bug submitted by b'yashrs' 
b'Race condition leads to Inflation of coins when bought via Google Play Store at endpoint https://oauth.reddit.com/api/v2/gold/android/verify_purchase '
27 Oct 2021 timeline
b'Reddit' disclosed a bug submitted by b'trieulieuf9' 
b'Outsider can affect Upvote Percentage of private subreddit post by calling /api/vote API'
27 Oct 2021 timeline
b'Reddit' disclosed a bug submitted by b'moblig' 
b"Image queue default key of 'None' and GraphQL unhandled type exception"
27 Oct 2021 timeline
b'XVIDEOS' disclosed a bug submitted by b'ch1ck3n42' 
b'Script breaking tag (Forces website to render blank) (Informative)'
23 Oct 2021 timeline
b'TikTok' disclosed a bug submitted by b'arifmkhls' 
b'XSS on tiktok.com'
23 Oct 2021 timeline
b'GitHub Security Lab' disclosed a bug submitted by b'jessforfun' 
b'[Java] CWE-552: Unsafe url forward'
22 Oct 2021 timeline
b'GitHub Security Lab' disclosed a bug submitted by b'someonenobbd' 
b'[cpp] CWE-787: query to detect unsigned integer to signed integer conversions used in pointer arithmetics'
22 Oct 2021 timeline
b'GitHub Security Lab' disclosed a bug submitted by b'jessforfun' 
b'[Python]: CWE-117 Log Injection '
22 Oct 2021 timeline
b'GitHub Security Lab' disclosed a bug submitted by b'luchua' 
b'[Java] CWE-502: Unsafe deserialization with three JSON frameworks'
22 Oct 2021 timeline
b'Lacework' disclosed a bug submitted by b'spyata' 
b'Broken link profile in the website leads to identity theft.'
22 Oct 2021 timeline
b'TikTok' disclosed a bug submitted by b'sh1yo' 
b'Reflected XSS in TikTok endpoints'
22 Oct 2021 timeline
b'Slack' disclosed a bug submitted by b'kmap' 
b'Misuse of groups feature allows workspace members to join private channels without being invited'
21 Oct 2021 timeline
b'Reddit' disclosed a bug submitted by b'dinesh07' 
b'S3 bucket Upload on studio.redditinc.com (s3-r-w.ap-east-1.amazonaws.com)'
21 Oct 2021 timeline
b'Reddit' disclosed a bug submitted by b'ianonavy' 
b'GPS metadata preserved when converting HEIF to PNG'
21 Oct 2021 timeline
1 ... 166 167 168 169 170 ... 742
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM