Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'57 
b'ooooooo_q'50 
b'haxta4ok00'49 
b'jon_bottarini'49 

the unofficial HackerOne disclosure timeline.

X
b'Mail.ru' disclosed a bug submitted by b'bazzy' 
b'SQL LIKE clauses wildcard injection'
31 Oct 2020 timeline
b'Kubernetes' disclosed a bug submitted by b'mr_incompetent' 
b'Kubelet resource exhaustion attack via metric label cardinality explosion from unauthenticated requests'
31 Oct 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'bobrov' 
b'[my.games, lootdog.io] XSS via MCS Bucket'
31 Oct 2020 timeline
b'Basecamp' disclosed a bug submitted by b'carbon61' 
b'stored XSS in hey.com message content'
31 Oct 2020 timeline
b'Blueboard' disclosed a bug submitted by b'gururaj_r' 
b'Transport security is not imposed strictly which may cause user to loose their data when they are connected in common/public networks'
31 Oct 2020 timeline
b'Kubernetes' disclosed a bug submitted by b'lazydog' 
b'Grafana Improper authorization '
31 Oct 2020 timeline
b'Kubernetes' disclosed a bug submitted by b'alex_orange' 
b'Compromise of auth via subset/superset namespace names.'
30 Oct 2020 timeline
b'Kubernetes' disclosed a bug submitted by b'wtm' 
b'Compromise of node can lead to compromise of pods on other nodes'
30 Oct 2020 timeline
b'Kubernetes' disclosed a bug submitted by b'reeverzax' 
b'Half-Blind SSRF found in kube/cloud-controller-manager can be upgraded to complete SSRF (fully crafted HTTP requests) in vendor managed k8s service.'
30 Oct 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'derision' 
b'SQL Injection [unauthenticated] with direct output at https://news.mail.ru/'
30 Oct 2020 timeline
b'Basecamp' disclosed a bug submitted by b'carbon61' 
b'CSRF on launchpad.37signals.com OAuth2 authorization endpoint'
30 Oct 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'mainteemoforfun' 
b'[api.my.games/social/chat/multi/add] Privilege escalation on adding new members to group chat '
30 Oct 2020 timeline
b'Bitwala' disclosed a bug submitted by b'soe_htet' 
b'Open Redirect on https://go.bitwala.com/'
30 Oct 2020 timeline
b'TikTok' disclosed a bug submitted by b'gnux' 
b'Bypass "Industry Documents" Validation'
29 Oct 2020 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'ryotak' 
b'[zenn-cli] Path traversal on Windows allows the attacker to read arbitrary .md files'
29 Oct 2020 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'mik317' 
b'[expressjs-ip-control] Whitelist IP bypass leads to authorization bypass and sensitive info disclosure'
29 Oct 2020 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'prathis' 
b' [ts-dot-prop] Prototype Pollution'
29 Oct 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'haxonaut' 
b'Multiple SQL Injections and constrained LFI in esk-static.3igames.mail.ru'
29 Oct 2020 timeline
b'curl' disclosed a bug submitted by b'brumbrum' 
b'Parallel upload hangs curl if upload file not found'
29 Oct 2020 timeline
b'Ruby' disclosed a bug submitted by b'piao' 
b'Potential HTTP Request Smuggling in ruby webrick'
29 Oct 2020 timeline
1 ... 233 234 235 236 237 ... 718
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM