Top10 publishers:
bobrov114 
linkks73 
geeknik70 
sp1d3rs62 
jobert51 
guido45 Twitter
bl4de42 
ryat40 
bigbear_38 
zombiehelp5437 Twitter

the unofficial HackerOne disclosure timeline.

X
Slack disclosed a bug submitted by computerality 
OSX slack:// protocol handler javascript injection
24 Jun 2016 timeline
Nextcloud disclosed a bug submitted by zeroknife 
REG: Content provider information leakage
24 Jun 2016 timeline
HackerOne disclosed a bug submitted by arneswinnen 
Web Authentication Endpoint Credentials Brute-Force Vulnerability
23 Jun 2016 timeline
Bime disclosed a bug submitted by michiel 
Subdomain takeover due to unclaimed Amazon S3 bucket on a2.bime.io
22 Jun 2016 timeline
ThisData disclosed a bug submitted by 7h0r4pp4n 
Host Header Poisoning in thisdata.com
22 Jun 2016 timeline
bitaccess disclosed a bug submitted by geekboy Twitter
BYASSING OTP Verification
22 Jun 2016 timeline
Pornhub disclosed a bug submitted by awake 
CSV Macro injection in Video Manager (CEMI)
22 Jun 2016 timeline
Pornhub disclosed a bug submitted by zephrfish Twitter
Public Facing Barracuda Login
22 Jun 2016 timeline
Pornhub disclosed a bug submitted by mak 
Multiple endpoints are vulnerable to XML External Entity injection (XXE)
22 Jun 2016 timeline
Pornhub disclosed a bug submitted by zephrfish Twitter
PornIQ Reflected Cross-Site Scripting
22 Jun 2016 timeline
Mail.Ru disclosed a bug submitted by samidrif 
Code source discloure & ability to get database information "SQL injection" in [townwars.mail.ru]
22 Jun 2016 timeline
Romit disclosed a bug submitted by eboda Twitter
Session Fixation
22 Jun 2016 timeline
Nextcloud disclosed a bug submitted by japongskie 
No Rate Limiting on stats.nextcloud.com login
22 Jun 2016 timeline
Zomato disclosed a bug submitted by dejavuln Twitter
Instagram OAuth2 Implementation Leaks Access Token; Allows for Cross-Site Script Inclusion (XSSI)
22 Jun 2016 timeline
Nextcloud disclosed a bug submitted by vivek_patil 
WordPress Vulnerabilities: User Enumeration, Vulnerable Akismet Plugin, XML-RPC Interface available
22 Jun 2016 timeline
Slack disclosed a bug submitted by mkbb 
Unauthenticated Access to some old file thumbnails
21 Jun 2016 timeline
HackerOne disclosed a bug submitted by jthetechguy 
All information is not removed from published reports
21 Jun 2016 timeline
Nextcloud disclosed a bug submitted by armfox97 
Deny access to download.nextcloud.com + folders
21 Jun 2016 timeline
Shopify disclosed a bug submitted by ksaurabh 
Fetching external resources through svg images
21 Jun 2016 timeline
Ruby disclosed a bug submitted by guido Twitter
Heap corruption in string.c tr_trans() due to undersized buffer
21 Jun 2016 timeline
1 ... 287 288 289 290 291 ... 391
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM