Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'58 
b'ooooooo_q'52 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'WordPress' disclosed a bug submitted by b'hoangkien1020' 
b'CSRF in Profile Fields allows deleting any field in BuddyPress'
22 May 2020 timeline
b'WordPress' disclosed a bug submitted by b'hoangkien1020' 
b'Privilege Escalation in BuddyPress core allows Moderate to Administrator '
22 May 2020 timeline
b'Alibaba BBP' disclosed a bug submitted by b'testert1ng' 
b'SSRF / Arbitrary File Read on Alibaba Cloud Academy'
21 May 2020 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'mayaseven' 
b'Pixel flood attack cause the javascript heap out of memory'
21 May 2020 timeline
b'Top Echelon Software' disclosed a bug submitted by b'darkshadow1733' 
b'able to login into login.topechelon.com'
20 May 2020 timeline
b'Open-Xchange' disclosed a bug submitted by b'mnordhoff' 
b'Recursor accepts unsigned, empty NXDOMAINs in secure zones'
20 May 2020 timeline
b'Visma Public' disclosed a bug submitted by b'm0chan' 
b'Arbitrary File Upload to Stored XSS'
20 May 2020 timeline
b'PayPal' disclosed a bug submitted by b'linkks' 
b'Reflected XSS at https://www.paypal.com/ppcreditapply/da/us'
19 May 2020 timeline
b'Starbucks' disclosed a bug submitted by b'nnez' 
b'Thailand - IDOR on www.starbuckscardth.in.th: A logged in user could view any Thailand Starbucks card balance if they knew that Starbucks card number'
19 May 2020 timeline
b'LINE' disclosed a bug submitted by b'shaolin_tw' 
b'Request smuggling on admin-official.line.me could lead to account takeover'
19 May 2020 timeline
b'Ruby on Rails' disclosed a bug submitted by b'travispew' 
b'ActiveStorage direct upload fails to sign content-length header for S3 service'
18 May 2020 timeline
b'Ruby on Rails' disclosed a bug submitted by b'abuisman' 
b'ActionController::Parameters .each returns an unsafe hash'
18 May 2020 timeline
b'Open-Xchange' disclosed a bug submitted by b'catenacyber' 
b'Use after free in smtp_server_connection_handle_command'
18 May 2020 timeline
b'Open-Xchange' disclosed a bug submitted by b'catenacyber' 
b'Null pointer dereference in SMTP server function smtp_string_parse'
18 May 2020 timeline
b'Clario' disclosed a bug submitted by b'sec0ndw0lf' 
b'CORS Misconfiguration, could lead to disclosure of sensitive information (translate.kromtech.com)'
18 May 2020 timeline
b'InnoGames' disclosed a bug submitted by b'batee5a' 
b'Chaining Bugs: Leakage of CSRF token which leads to Stored XSS and Account Takeover (xs1.tribalwars.cash)'
18 May 2020 timeline
b'curl' disclosed a bug submitted by b'geeknik' 
b'Invalid write (or double free) triggers curl command line tool crash'
18 May 2020 timeline
b'InnoGames' disclosed a bug submitted by b'batee5a' 
b'Race condition in activating email resulting in infinite amount of diamonds received'
18 May 2020 timeline
b'Clario' disclosed a bug submitted by b'dilawer01' 
b'Multiple Links Vulnerable to Reflected xss'
17 May 2020 timeline
b'Clario' disclosed a bug submitted by b'dilawer01' 
b'Reflected xss'
17 May 2020 timeline
1 ... 294 295 296 297 298 ... 730
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM