Top10 publishers:
bobrov62 
isox36 
sp1d3rs34 
4lemon34 
zombiehelp5430 Twitter
smiegles27 Twitter
haquaman27 
ston327 
guido26 Twitter
shahmeer_amir26 

the unofficial HackerOne disclosure timeline.

X
Weblate disclosed a bug submitted by alyanwarr 
Missing Restriction On String Size
16 Sep 2017 timeline
TTS Bug Bounty disclosed a bug submitted by sp1d3rs 
Information disclosure (system username) in the x-amz-meta-s3cmd-attrs response header on federation.data.gov
16 Sep 2017 timeline
Nextcloud disclosed a bug submitted by babayaga_ 
IDOR unsubscribe Anyone from NextClouds Newsletters by knowing their Email
16 Sep 2017 timeline
Perl (IBB) disclosed a bug submitted by mipu94 
Use-after-free in XML::LibXML::Node::replaceChild
16 Sep 2017 timeline
Automattic disclosed a bug submitted by slavco 
woocommerce - prevent_caching() bug / bypass
16 Sep 2017 timeline
Cuvva disclosed a bug submitted by leet-boy 
Insecure Direct Object Reference (IDOR) Allowing me to claim other user's photos (driving license and selfies) as mine
15 Sep 2017 timeline
TTS Bug Bounty disclosed a bug submitted by sp1d3rs 
Reflected XSS on the data.gov (WAF bypass+ Chrome XSS Auditor bypass+ works in all browsers)
15 Sep 2017 timeline
TTS Bug Bounty disclosed a bug submitted by sp1d3rs 
HTML injection (with XSS possible) on the https://www.data.gov/issue/ using media_url attribute
15 Sep 2017 timeline
Automattic disclosed a bug submitted by slavco 
Unauthenticated RCE in Vaultpress
15 Sep 2017 timeline
Ruby disclosed a bug submitted by mame 
Escape sequence injection vulnerability in WEBrick BasicAuth
15 Sep 2017 timeline
Legal Robot disclosed a bug submitted by hulskr 
Profile fields validation mismatch
15 Sep 2017 timeline
Legal Robot disclosed a bug submitted by d4rk_g1rl 
Futureoflife organization URL should be HTTPS
15 Sep 2017 timeline
Weblate disclosed a bug submitted by alyanwarr 
No rate limit or captcha to identify humans
15 Sep 2017 timeline
Legal Robot disclosed a bug submitted by goodhackonly 
2FA manual entry uses wrong encoding
14 Sep 2017 timeline
Zomato disclosed a bug submitted by 0xamir 
CSRF in the "Add restaurant picture" function
14 Sep 2017 timeline
Legal Robot disclosed a bug submitted by lov3_you 
observer.com URL should HTTPS
14 Sep 2017 timeline
TTS Bug Bounty disclosed a bug submitted by swag01 
Server Side Misconfiguration (EMAIL SPOOFING)
14 Sep 2017 timeline
Ubiquiti Networks disclosed a bug submitted by bobrov 
[dev-nightly.ubnt.com] Local File Reading
14 Sep 2017 timeline
VK.com disclosed a bug submitted by lincoln9932 
CSRF ????????? ???????? ?? ???????????? ??????? ??????.
14 Sep 2017 timeline
Grabtaxi Holdings Pte Ltd disclosed a bug submitted by paresh_parmar 
Blind stored xss [parcel.grab.com] > name parameter
14 Sep 2017 timeline
1 2 3 4 5 ... 227
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM