Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'58 
b'ooooooo_q'52 
b'haxta4ok00'49 
b'jon_bottarini'49 

the unofficial HackerOne disclosure timeline.

X
b'Rocket.Chat' disclosed a bug submitted by b'hackeriron1' 
b'Bypassing 2FA with conventional session management - open.rocket.chat'
10 Aug 2024 timeline
b'MTN Group' disclosed a bug submitted by b'alitoni224' 
b'Leaking usernames through endpoints Wordpress'
10 Aug 2024 timeline
b'Reddit' disclosed a bug submitted by b'saurabhb' 
b'IDOR lets a malicious user reveal the unpinned achievement badges of any Reddit user'
09 Aug 2024 timeline
b'Node.js' disclosed a bug submitted by b'xion' 
b'Permissions can be bypassed via arbitrary code execution through abusing libuv signal pipes'
08 Aug 2024 timeline
b'Smule' disclosed a bug submitted by b'cryptic_' 
b'Possible Subdomain Takeover For Inbound Emails'
07 Aug 2024 timeline
b'Valve' disclosed a bug submitted by b'njbooher' 
b'https://srcds.valve.net/find/ is leaking server config / API keys'
06 Aug 2024 timeline
b'Rocket.Chat' disclosed a bug submitted by b'mokusou' 
b'Unauthenticated full-read SSRF via Twilio integration'
04 Aug 2024 timeline
b'curl' disclosed a bug submitted by b'dubek' 
b'CVE-2024-7264: ASN.1 date parser overread'
01 Aug 2024 timeline
b'GitHub' disclosed a bug submitted by b'ahacker1' 
b'Access body and title of Internal Repo Issues in Projects'
31 Jul 2024 timeline
b'GitHub' disclosed a bug submitted by b'ahacker1' 
b'GitHub Apps can access suspended installations via scoped user-to-server tokens'
31 Jul 2024 timeline
b'Valve' disclosed a bug submitted by b'njbooher' 
b'Add any depot to your app and access its contents without decryption key; via /apps/setcommonredists'
30 Jul 2024 timeline
b'Valve' disclosed a bug submitted by b'njbooher' 
b'Shell command injection in https://partner.steamgames.com/admin/game/publish/ via screenshot URL'
30 Jul 2024 timeline
b'Valve' disclosed a bug submitted by b'njbooher' 
b'Shell command injection in https://partner.steamgames.com/bundles/savestore/ via overwriting asset_path_identifier'
30 Jul 2024 timeline
b'Valve' disclosed a bug submitted by b'njbooher' 
b'Shell command injection in https://partner.steamgames.com/apps/communityitems/ via file extension of item_image_small and item_image_large'
30 Jul 2024 timeline
b'Valve' disclosed a bug submitted by b'njbooher' 
b'SQL injection in /errors/viewbuild/'
30 Jul 2024 timeline
b'Valve' disclosed a bug submitted by b'njbooher' 
b'/applications/dpc_(get|post) provide full access to api.steampowered.com with the Dota2 API key'
30 Jul 2024 timeline
b'Valve' disclosed a bug submitted by b'njbooher' 
b'WG call injection in /economy/contextcommand'
30 Jul 2024 timeline
b'Valve' disclosed a bug submitted by b'njbooher' 
b'RCE on partner.steampowered.com'
30 Jul 2024 timeline
b'Zomato' disclosed a bug submitted by b'suryesh_92' 
b'OTP Bypass via Response Manipulation'
30 Jul 2024 timeline
b'Shopify' disclosed a bug submitted by b'g0lden1' 
b'Exposure of shopify employee summit page allows anonymous user to place orders for free books'
29 Jul 2024 timeline
1 ... 24 25 26 27 28 ... 729
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM