Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'83 
b'linkks'75 
b'jobert'70 
b'nyymi'62 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'Elastic' disclosed a bug submitted by b'superman85' 
b'Improper authorization on `/api/as/v1/credentials/` for Dev Role User with Limited Engine Access'
03 Aug 2021 timeline
b'Informatica' disclosed a bug submitted by b'montypythin' 
b'Improper Sanitization leads to XSS Fire on admin panel'
03 Aug 2021 timeline
b'GitHub Security Lab' disclosed a bug submitted by b'artem' 
b'Java: Unsafe deserialization with Jackson'
02 Aug 2021 timeline
b'GitHub Security Lab' disclosed a bug submitted by b'someonenobbd' 
b"[Java] CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')"
02 Aug 2021 timeline
b'GitHub Security Lab' disclosed a bug submitted by b'jorgectf' 
b'[Python] CWE-287: LDAP Improper Authentication'
02 Aug 2021 timeline
b'GitHub Security Lab' disclosed a bug submitted by b'someonenobbd' 
b'[Python]: Add SqlAlchemy support for SQL injection query'
02 Aug 2021 timeline
b'GitHub Security Lab' disclosed a bug submitted by b'p0wn4j' 
b'[Java] CWE-601: Add Spring URL Redirect ResponseEntity sink'
02 Aug 2021 timeline
b'GitLab' disclosed a bug submitted by b'az3z3l' 
b'CSRF on /api/graphql allows executing mutations through GET requests'
02 Aug 2021 timeline
b'Bitwarden' disclosed a bug submitted by b'jjlin' 
b'When uploading attachments, unencrypted file names are made available to the server'
02 Aug 2021 timeline
b'Sifchain' disclosed a bug submitted by b'n33dm0n3y' 
b'Vulnerable javascript dependency at Main domain'
02 Aug 2021 timeline
b'Nextcloud' disclosed a bug submitted by b'abdullah-a' 
b'Two-factor authentication enforcement bypass'
31 Jul 2021 timeline
b'Rocket.Chat' disclosed a bug submitted by b'sonarsource' 
b'Post-Auth Blind NoSQL Injection in the users.list API leads to Remote Code Execution'
31 Jul 2021 timeline
b'Snapchat' disclosed a bug submitted by b'rms' 
b'Bitmoji source code is accessible'
31 Jul 2021 timeline
b'UPchieve' disclosed a bug submitted by b'ben_lay' 
b'url redirection'
30 Jul 2021 timeline
b'8x8' disclosed a bug submitted by b'melbadry9' 
b'DNS Misconfiguration (Subdomain Takeover) - .8x8.com'
30 Jul 2021 timeline
b'Stripo Inc' disclosed a bug submitted by b'jmrcsnchz' 
b'Bypassing Content-Security-Policy leads to open-redirect and iframe xss'
30 Jul 2021 timeline
b'Snapchat' disclosed a bug submitted by b'txt3rob' 
b'Exposed Kubernetes API - RCE/Exposed Creds'
29 Jul 2021 timeline
b'Snapchat' disclosed a bug submitted by b'coolboss' 
b'Stealing SSO Login Tokens (snappublisher.snapchat.com)'
29 Jul 2021 timeline
b'Snapchat' disclosed a bug submitted by b'apfeifer27' 
b'Publicly accessible Continuous Integration Tool'
29 Jul 2021 timeline
b'Snapchat' disclosed a bug submitted by b'sdushantha' 
b'CSRF when unlocking lenses leads to lenses being forcefully installed without user interaction'
29 Jul 2021 timeline
1 ... 179 180 181 182 183 ... 738
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM