Top10 publishers:
bobrov107 
sp1d3rs54 
jobert44 
bl4de39 
bigbear_38 
guido37 Twitter
isox36 
geeknik35 
4lemon35 
edio34 

the unofficial HackerOne disclosure timeline.

X
IRCCloud disclosed a bug submitted by mantis 
Unvalidated Channel names causes IRC Command Injection
01 Oct 2014 timeline
The Internet disclosed a bug submitted by someone 
GNU Bourne-Again Shell (Bash) 'Shellshock' Vulnerability
01 Oct 2014 timeline
ExpressionEngine disclosed a bug submitted by charan 
Cross Site Scripting (Stored)
30 Sep 2014 timeline
Twitter disclosed a bug submitted by secgeek 
Delete Credit Cards from any Twitter Account in ads.twitter.com [New Vulnerability]
30 Sep 2014 timeline
Uzbey LLC disclosed a bug submitted by shahriyar 
Mass invitation send
29 Sep 2014 timeline
wont-fix
CloudFlare disclosed a bug submitted by sergeybelove 
User's data leak
28 Sep 2014 timeline
Mail.Ru disclosed a bug submitted by bigbear 
????????? ????? ??????? ?? ???? ??????????????? ??????? ? ???????? /home/berserk-online.com/public_html/forum/Themes/berserker/Profile.template.php
27 Sep 2014 timeline
Twitter disclosed a bug submitted by secanaly 
Stored xss
27 Sep 2014 timeline
HackerOne disclosed a bug submitted by christypriory 
Password Reset Bug
25 Sep 2014 timeline
Coinbase disclosed a bug submitted by michiel 
Bypassing 2FA for BTC transfers
25 Sep 2014 timeline
HackerOne disclosed a bug submitted by anand_m 
Change Any username and profile link in hackerone
25 Sep 2014 timeline
C2FO disclosed a bug submitted by faisalahmed 
All Active user sessions should be destroyed when user change his password!
23 Sep 2014 timeline
Twitter disclosed a bug submitted by vineet 
Captcha bypass with extension at http://www.mopub.com/about/contact/
22 Sep 2014 timeline
wont-fix
Square disclosed a bug submitted by pranav_hivarekar Twitter
CSRF login
21 Sep 2014 timeline
wont-fix
concrete5 disclosed a bug submitted by robin 
broken authentication
21 Sep 2014 timeline
Phabricator disclosed a bug submitted by shahmeer_amir 
Content Spoofing through URL
20 Sep 2014 timeline
wont-fix
Mail.Ru disclosed a bug submitted by vineet 
(m.mail.ru) Password type input with auto-complete enabled
19 Sep 2014 timeline
wont-fix
Mavenlink disclosed a bug submitted by vineet 
Clickjacking & CSRF attack can be done at https://app.mavenlink.com/login
19 Sep 2014 timeline
Mavenlink disclosed a bug submitted by vineet 
Clickjacking at https://www.mavenlink.com/ main website
19 Sep 2014 timeline
Detectify disclosed a bug submitted by mohdhaji87 
Password reset link not validated.
19 Sep 2014 timeline
1 ... 302 303 304 305 306 ... 333
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM