Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'84 
b'linkks'75 
b'jobert'70 
b'nyymi'64 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'Uber' disclosed a bug submitted by b'orange' 
b'Arbitrary File Reading on Uber SSL VPN'
25 Feb 2021 timeline
b'Weblate' disclosed a bug submitted by b'anotherhoax' 
b'Race Condition allows to get more free trials and get more than 100 languages and strings for free'
25 Feb 2021 timeline
b'CS Money' disclosed a bug submitted by b'gatolouco' 
b'Cookie poisoning leads to DOS and Privacy Violation'
25 Feb 2021 timeline
b'Dropbox' disclosed a bug submitted by b'cybxis' 
b"`account_info.read` scope OAuth app access token can change token owner's account name."
25 Feb 2021 timeline
b'Automattic' disclosed a bug submitted by b'telaviv_h4x0r' 
b'information disclosure lead to disclose users private notes'
25 Feb 2021 timeline
b'FetLife' disclosed a bug submitted by b'kapkan' 
b'Stored XSS via `Create a Fetish` section.'
25 Feb 2021 timeline
b'Logitech' disclosed a bug submitted by b'nrockhouse' 
b'SSRF allows reading AWS EC2 metadata using "readapi" variable in Streamlabs Cloudbot'
24 Feb 2021 timeline
b'Shopify' disclosed a bug submitted by b'todayisnew' 
b'Subdomain Takeover Via unclaimed Heroku Instance tim-exclusive.shopify.com'
24 Feb 2021 timeline
b'Legal Robot' disclosed a bug submitted by b'todayisnew' 
b'AWS hosting bucket for Legal Robots set as public browse and list contents: s3://legalrobot'
24 Feb 2021 timeline
b'Grab' disclosed a bug submitted by b'todayisnew' 
b' Subdomain Takeover Via Insecure CloudFront Distribution cdn.grab.com'
24 Feb 2021 timeline
b'Uber' disclosed a bug submitted by b'alexbirsan' 
b'RCE via npm misconfig -- installing internal libraries from the public registry'
24 Feb 2021 timeline
b'Uber' disclosed a bug submitted by b'orange' 
b'Pre-auth Remote Code Execution on multiple Uber SSL VPN servers'
24 Feb 2021 timeline
b'Uber' disclosed a bug submitted by b'm4k' 
b'Cookie Bombing cause DOS - businesses.uber.com'
24 Feb 2021 timeline
b'Uber' disclosed a bug submitted by b'gamer7112' 
b'Reflected XSS on https://www.uber.com'
24 Feb 2021 timeline
b'Uber' disclosed a bug submitted by b'molejarka' 
b'[experience.uber.com] Node.js source code disclosure & anonymous access to internal Uber documents, templates and tools'
23 Feb 2021 timeline
b'Uber' disclosed a bug submitted by b'cablej' 
b'[manage.jumpbikes.com] Blind XSS on Jump admin panel via user name'
23 Feb 2021 timeline
b'Rockstar Games' disclosed a bug submitted by b'bugstar' 
b'RDR2 game service method allows adding any player to a new Posse without consent'
23 Feb 2021 timeline
b'Node.js' disclosed a bug submitted by b'v6ak' 
b'DNS rebinding in --inspect (insufficient fix of CVE-2018-7160)'
23 Feb 2021 timeline
b'Acronis' disclosed a bug submitted by b'theevilbit' 
b'Acronis True Image Local Privilege Escalation via insecure folder permissions'
23 Feb 2021 timeline
b'Acronis' disclosed a bug submitted by b'theevilbit' 
b'True Image 2021 - LPE via XPC service communication'
23 Feb 2021 timeline
1 ... 222 223 224 225 226 ... 741
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM