Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'57 
b'ooooooo_q'50 
b'haxta4ok00'49 
b'jon_bottarini'49 

the unofficial HackerOne disclosure timeline.

X
b'QIWI' disclosed a bug submitted by b'circuit' 
b'[qiwi.me] Stored XSS'
12 Nov 2020 timeline
b'' disclosed a bug submitted by b'oversecured' 
b'Android: Explanation of Access to app protected components vulnerability'
11 Nov 2020 timeline
b'Slack' disclosed a bug submitted by b'cyanpiny' 
b'DoS on the Direct Messages'
11 Nov 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'olidayw' 
b"Disclosure of personal support email addresses on 'support-fleet.city-mobil.ru'"
11 Nov 2020 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'ryotak' 
b'[node-downloader-helper] Path traversal via Content-Disposition header'
11 Nov 2020 timeline
b'Google' disclosed a bug submitted by b'oversecured' 
b"CVE-2020-8913 - Persistent arbitrary code execution in Android's Google Play Core Library: details, explanation and the PoC"
11 Nov 2020 timeline
b'Slack' disclosed a bug submitted by b'secalert' 
b'Access to some Slack workspace metadata and settings available to unauthorized parties'
10 Nov 2020 timeline
b'Slack' disclosed a bug submitted by b'bubbounty' 
b'Possibility to freeze/crash the host system of all Slack Desktop users easily'
10 Nov 2020 timeline
b'Slack' disclosed a bug submitted by b'pclinger' 
b'Uninstalling Slack for Windows (64-bit), then reinstalling keeps you logged in without authentication'
10 Nov 2020 timeline
b'BugPoC' disclosed a bug submitted by b'pirateducky' 
b'csp bypass leads to xss on wacky.buggywebsite.com'
10 Nov 2020 timeline
b'VK.com' disclosed a bug submitted by b'davscol94' 
b'XSS Reflected in m.vk.com'
10 Nov 2020 timeline
b'Basecamp' disclosed a bug submitted by b'tw4v3sx' 
b'a very long name in hey.com can prevent anyone from accessing their contacts and probably can cause denial of service'
10 Nov 2020 timeline
b'Dropbox' disclosed a bug submitted by b'sayaanalam' 
b'Server Side Request Forgery (SSRF) at app.hellosign.com leads to AWS private keys disclosure'
10 Nov 2020 timeline
b'Acronis' disclosed a bug submitted by b'sayaanalam' 
b'Ticket Trick at https://account.acronis.com'
10 Nov 2020 timeline
b'GitHub Security Lab' disclosed a bug submitted by b'luchua' 
b'Java: Detect remote source from Android intent extra'
09 Nov 2020 timeline
b'Brave Software' disclosed a bug submitted by b'root_geek' 
b'No rate limiting for confirmation email lead to email flooding and leads to enumeration of emails in publishers.basicattentiontoken.org'
09 Nov 2020 timeline
b'HackerOne' disclosed a bug submitted by b'nahamsec' 
b"Blind Stored XSS in HackerOne's Sal 4.1.4.2149 (sal..com)"
09 Nov 2020 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'silentbreach' 
b'IDOR + Account Takeover [UNAUTHENTICATED]'
09 Nov 2020 timeline
b'Badoo' disclosed a bug submitted by b'rijall404' 
b'XSS DI BIODATA'
09 Nov 2020 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'i_hack_everyone' 
b'CSRF to account takeover in https:///'
09 Nov 2020 timeline
1 ... 229 230 231 232 233 ... 718
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM