Top10 publishers:
bobrov107 
sp1d3rs54 
bigbear_38 
guido37 Twitter
bl4de37 
jobert37 
isox36 
4lemon35 
geeknik35 
edio34 

the unofficial HackerOne disclosure timeline.

X
RATELIMITED disclosed a bug submitted by z0mb13 
Local File Download
01 Jan 2019 timeline
VK.com disclosed a bug submitted by shell_c0de 
???????? ????? WebView
31 Dec 2018 timeline
RubyGems disclosed a bug submitted by nmalkin 
Unpacker improperly validates symlinks, allowing gems writes to arbitrary locations
31 Dec 2018 timeline
RATELIMITED disclosed a bug submitted by wolfdroid 
Exposure of tinyMCE js source code with plugin version disclosure which can leads to exploit further attacks.
29 Dec 2018 timeline
Infogram disclosed a bug submitted by marataziat 
User account blocking by Internal Server error
28 Dec 2018 timeline
Node.js third-party modules disclosed a bug submitted by 3la2kb 
[http-live-simulator] Path traversal vulnerability
28 Dec 2018 timeline
Ruby on Rails disclosed a bug submitted by rosa 
ActiveStorage service's signed URLs can be hijacked via AppCache+Cookie stuffing trick when using GCS or DiskService
27 Dec 2018 timeline
Mail.ru disclosed a bug submitted by m00hdi 
Open Redirect In passport.maps.me/logout/?next=//fb.com/
27 Dec 2018 timeline
HackerOne disclosed a bug submitted by b258ea62bf297b02afa9854 
Information disclosure
27 Dec 2018 timeline
HackerOne disclosed a bug submitted by b258ea62bf297b02afa9854 
Timing attack towards endpoints on the web without CSRF
27 Dec 2018 timeline
HackerOne disclosed a bug submitted by cablej Twitter
Race condition in performing retest allows duplicated payments
27 Dec 2018 timeline
HackerOne disclosed a bug submitted by 3thic4l 
A user can request a report to be retested even though the program has not been verified by HackerOne
27 Dec 2018 timeline
FormAssembly disclosed a bug submitted by stfloresca 
xmlrpc.php file is enable it will used for (DOS) and bruteforce attack
27 Dec 2018 timeline
OLX disclosed a bug submitted by hdbreaker 
blog.praca.olx.pl database credentials exposure
26 Dec 2018 timeline
Avito disclosed a bug submitted by kxyry 
[avito.ru] ??????? ????? ?? ????????? ???????????
24 Dec 2018 timeline
RATELIMITED disclosed a bug submitted by shrey3 
Open Directory
24 Dec 2018 timeline
Kaspersky Lab disclosed a bug submitted by palant 
Kaspersky Password Manager: HTML injection in the browser action pop-up via user name
24 Dec 2018 timeline
Flash (IBB) disclosed a bug submitted by kinine 
HTTP MitM on Flash Player settings manager allows attacker to set sandbox settings
23 Dec 2018 timeline
RATELIMITED disclosed a bug submitted by hamad_iheb 
Server Header disclose The Os and Web server Version
22 Dec 2018 timeline
HackerOne disclosed a bug submitted by albinowax 
Denial of service via cache poisoning
22 Dec 2018 timeline
1 2 3 4 5 ... 321
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM