Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'83 
b'linkks'75 
b'jobert'70 
b'nyymi'62 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'8x8' disclosed a bug submitted by b'whitehatmat' 
b'Directory listing of https://get8x8.com/'
09 Jun 2020 timeline
b'8x8' disclosed a bug submitted by b'madrobot' 
b'Xss (cross site scripting) on http://axa.dxi.eu/'
09 Jun 2020 timeline
b'InnoGames' disclosed a bug submitted by b'aeswagyewgyes' 
b'Impersonation and ticket id enumeration on support.innogames.com'
09 Jun 2020 timeline
b'WordPress' disclosed a bug submitted by b'simonscannell' 
b'RCE as Admin defeats WordPress hardening and file permissions'
09 Jun 2020 timeline
b'8x8' disclosed a bug submitted by b'sandrogauci' 
b'Open TURN relay abuse is possible due to lack of peer access control (Critical)'
08 Jun 2020 timeline
b'DRIVE.NET, Inc.' disclosed a bug submitted by b'what_web' 
b'[www.drive2.ru] There is no rate limit for comments endpoints.'
08 Jun 2020 timeline
b'GitLab' disclosed a bug submitted by b'vakzz' 
b'gitlab-workhorse bypass in Gitlab::Middleware::Multipart allowing files in `allowed_paths` to be read'
08 Jun 2020 timeline
b'GitLab' disclosed a bug submitted by b'vakzz' 
b'SSRF on project import via the remote_attachment_url on a Note'
07 Jun 2020 timeline
b'Semmle' disclosed a bug submitted by b'thehackerish' 
b'Docker Registry HTTP API v2 exposed in HTTP without authentication leads to docker images dumping and poisoning'
06 Jun 2020 timeline
b'GitHub Security Lab' disclosed a bug submitted by b'grzegol' 
b'CodeQL query to detect JNDI injections'
05 Jun 2020 timeline
b'HackerOne' disclosed a bug submitted by b'msdian7' 
b'Unauthorized access to metadata of undisclosed reports that were retested'
05 Jun 2020 timeline
b'GitHub Security Lab' disclosed a bug submitted by b'logicmap' 
b'gagliardetto: Query to detect incorrect conversion between numeric types'
04 Jun 2020 timeline
b'GitHub Security Lab' disclosed a bug submitted by b'grzegol' 
b'CodeQL query to detect open Spring Boot actuator endpoints'
04 Jun 2020 timeline
b'GitHub Security Lab' disclosed a bug submitted by b'someonenobbd' 
b'CPP: Missing/incomplete TLS server certificate hostname validation'
04 Jun 2020 timeline
b'GitHub Security Lab' disclosed a bug submitted by b'luchua' 
b'[Java] CWE-939 - Address improper URL authorization'
04 Jun 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'rainbow_json' 
b'[pulse.mail.ru] ?????? ? ?????????? ????? ????????'
04 Jun 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'urban_tramp' 
b'XSS on https://deti.mail.ru/'
04 Jun 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'byq' 
b'[my.games] Stored XSS via untrusted bucket'
04 Jun 2020 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'chalker' 
b'[crypto-js] Insecure entropy source - Math.random()'
04 Jun 2020 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'ryotak' 
b'[Limited bypass of #793704] Blind SSRF in Ghost CMS'
04 Jun 2020 timeline
1 ... 298 299 300 301 302 ... 738
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM