Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'81 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'60 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'Node.js third-party modules' disclosed a bug submitted by b'chalker' 
b'Fastify uses allErrors: true ajv configuration by default which is susceptible to DoS'
29 Jul 2020 timeline
b'Nextcloud' disclosed a bug submitted by b'xcheater' 
b'Possible denial of service when entering a loooong password'
29 Jul 2020 timeline
b'Courier' disclosed a bug submitted by b'ahmed_almalky' 
b'Missing rate limit in signup Form '
28 Jul 2020 timeline
b'Razer' disclosed a bug submitted by b'dredd_589' 
b'User Access Control Bypass Via Razer elevated service ( RzKLService.exe ) which loads exe in misconfigured way.'
28 Jul 2020 timeline
b'Razer' disclosed a bug submitted by b'stealthy' 
b'SQL injection in Razer Gold List Admin at /lists/index.php via the `list[]` parameter. '
28 Jul 2020 timeline
b'Starbucks' disclosed a bug submitted by b'ko2sec' 
b'Singapore - Account Takeover via IDOR'
28 Jul 2020 timeline
b'Mapbox' disclosed a bug submitted by b'fransrosen' 
b'Test-scripts for postgis in mason-repository using unsafe unzip of content from unclaimed bucket creates potential RCE-issues'
28 Jul 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'hunter_py' 
b'HTML/iframe/XSS injection on https://www.ucs.ru/online/shelter/settings/check/'
28 Jul 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'sayaanalam' 
b"Blindy Replace User's Session with Attacker's Session"
28 Jul 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'samet' 
b'"????" + Unauthenticated Stored XSS in API at https://api.my.games/comments/v1/comments/update/'
28 Jul 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'urban_tramp' 
b'Content injection on shared event (calendar.mail.ru)'
28 Jul 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'sniper302' 
b'Stored XSS In mlbootcamp.ru'
28 Jul 2020 timeline
b'TTS Bug Bounty' disclosed a bug submitted by b'nagli' 
b'Wordpress Users Disclosure (/wp-json/wp/v2/users/) on data.gov'
28 Jul 2020 timeline
b'GitHub Security Lab' disclosed a bug submitted by b'porcupineyhairs' 
b'Python : Add query to detect Server Side Template Injection'
27 Jul 2020 timeline
b'8x8' disclosed a bug submitted by b'ameyanekar' 
b'IDOR: Adding Contacts to Other User Groups'
27 Jul 2020 timeline
b'Yelp' disclosed a bug submitted by b'walidhossain' 
b'JDBC credentials leaked via github'
27 Jul 2020 timeline
b'Automattic' disclosed a bug submitted by b'keer0k' 
b'DOM-Based XSS in tumblr.com'
27 Jul 2020 timeline
b'Stripo Inc' disclosed a bug submitted by b'3x3s' 
b'Cross-Site WebSocket Hijacking Lead to Steal XSRF-TOKEN'
27 Jul 2020 timeline
b'GitLab' disclosed a bug submitted by b'yvvdwf' 
b'Send arbitrary PUT requests when user clicks on a link'
27 Jul 2020 timeline
b'Helium' disclosed a bug submitted by b'w2w' 
b"Account takeover w/o interaction for a user that doesn't have 2fa enabled via 2fa linking and improper auth at /api/2fa/verify"
26 Jul 2020 timeline
1 ... 276 277 278 279 280 ... 733
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM