Top10 publishers:
bobrov114 
linkks75 
geeknik72 
sp1d3rs63 
jobert57 
netfuzzer47 
guido45 Twitter
bl4de42 
ryat40 
bigbear_38 

the unofficial HackerOne disclosure timeline.

X
Starbucks disclosed a bug submitted by toctou 
Time-based Blind SQLi on news.starbucks.com
24 Feb 2017 timeline
HackerOne disclosed a bug submitted by zombiehelp54 Twitter
Disclose any user's private email through API
24 Feb 2017 timeline
Boozt Fashion AB disclosed a bug submitted by dineshdinz 
Application code is not obfuscated -- OWASP M9 (2016)
24 Feb 2017 timeline
Boozt Fashion AB disclosed a bug submitted by implosion 
Bypass email validity in newsletter field
24 Feb 2017 timeline
Ubiquiti Networks disclosed a bug submitted by s_p_q_r 
[scores.ubnt.com] DOM based XSS at form.html
24 Feb 2017 timeline
Dovecot disclosed a bug submitted by socialfox 
Information About Your System(Sensitive Directories)
24 Feb 2017 timeline
Pornhub disclosed a bug submitted by r0bbyz 
vulnerabilitie
23 Feb 2017 timeline
Alvosec disclosed a bug submitted by edio 
Alvocrypt uses a cryptographically insecure PRNG.
23 Feb 2017 timeline
Nextcloud disclosed a bug submitted by nickvergessen 
Group admin can remove user from all his groups via API
23 Feb 2017 timeline
Zendesk disclosed a bug submitted by abhijeth 
Missing function level access controls allowing attacker to abuse file access controls. Multiple vulnerabilities
23 Feb 2017 timeline
LocalTapiola disclosed a bug submitted by modam3rly 
show control page if you insert ' at http://viestinta.lahitapiola.fi/
22 Feb 2017 timeline
GoCD disclosed a bug submitted by creased 
Reflected XSS vector
22 Feb 2017 timeline
Khan Academy disclosed a bug submitted by hack40077 
SSL/TLS Vulnerability at khanacademy.org
22 Feb 2017 timeline
LocalTapiola disclosed a bug submitted by putsi Twitter
Blind Stored XSS Against Lahitapiola Employees - Session and Information leakage
22 Feb 2017 timeline
Lyst disclosed a bug submitted by mrr3boot 
Mixed Active content issue on https://www.lyst.com
22 Feb 2017 timeline
New Relic disclosed a bug submitted by zuh4n 
Html injection in monitor name textbox
22 Feb 2017 timeline
LocalTapiola disclosed a bug submitted by joukahainen 
/icons/README available on viestinta.lahitapiola.fi
22 Feb 2017 timeline
Khan Academy disclosed a bug submitted by mohith_kalyan 
No Security check at changing password and at adding mobile number which leads to account takeover and spam
21 Feb 2017 timeline
New Relic disclosed a bug submitted by s_p_q_r 
[alerts.newrelic.com] Scanning local network via notification channel
21 Feb 2017 timeline
New Relic disclosed a bug submitted by s_p_q_r 
[download.newrelic.com] Access to private directories
21 Feb 2017 timeline
1 ... 286 287 288 289 290 ... 447
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM