Top10 publishers:
bobrov114 
linkks75 
geeknik72 
sp1d3rs63 
jobert57 
netfuzzer47 
guido45 Twitter
bl4de42 
ryat40 
bigbear_38 

the unofficial HackerOne disclosure timeline.

X
Informatica disclosed a bug submitted by yarbabin 
[marketplace.informatica.com] - XXE
09 Dec 2016 timeline
Informatica disclosed a bug submitted by yarbabin 
[rev-app.informatica.com] - XXE via SAML
09 Dec 2016 timeline
Envoy disclosed a bug submitted by zephrfish Twitter
Abuse of API can Lead to DoS
08 Dec 2016 timeline
Informatica disclosed a bug submitted by zephrfish Twitter
[product360.informatica.com] Unauthenticated Apache Tomcat 8 Installation
08 Dec 2016 timeline
LocalTapiola disclosed a bug submitted by bobrov 
SQL Injection /webApp/sijoitustalous_peruutus locId parameter (viestinta.lahitapiola.fi)
08 Dec 2016 timeline
LocalTapiola disclosed a bug submitted by bobrov 
SQL Injection /webApp/oma_conf ctx parameter (viestinta.lahitapiola.fi)
08 Dec 2016 timeline
HackerOne disclosed a bug submitted by zseano 
Bypass rate limiting on /users/password (possibly site-wide rate limit bypass?)
08 Dec 2016 timeline
OLX disclosed a bug submitted by 123456789100 
REFLECTED CROSS SITE SCRIPTING IN OLX
08 Dec 2016 timeline
Gratipay disclosed a bug submitted by promx 
CSRF csrftoken in cookies
07 Dec 2016 timeline
Instacart disclosed a bug submitted by archers123 
User Information sent to client through websockets
07 Dec 2016 timeline
PortSwigger Web Security disclosed a bug submitted by jelmer 
JSBeautifier BApp: Race condition leads to memory disclosure
07 Dec 2016 timeline
Trello disclosed a bug submitted by esmile 
SVG Uploads / Attachments can be viewed by anyone.
06 Dec 2016 timeline
GitLab disclosed a bug submitted by fransrosen 
Mailgun misconfiguration leads to email snooping and postmaster@-access on email.mg.gitlab.com
06 Dec 2016 timeline
GitLab disclosed a bug submitted by jobert 
State filter in IssuableFinder allows attacker to delete all issues and merge requests
06 Dec 2016 timeline
Ubiquiti Networks disclosed a bug submitted by benkhlifafahmi 
account.ubnt.com CSRF
05 Dec 2016 timeline
Nextcloud disclosed a bug submitted by ahsantahir 
[Nextcloud 9.0.53] Content Spoofing in 'trustDomain' parameter
05 Dec 2016 timeline
Nextcloud disclosed a bug submitted by madhur_bhargava 
Login Hints on Admin Panel
05 Dec 2016 timeline
New Relic disclosed a bug submitted by martijn 
CSRF vulnerability that allows an attacker to purge plugin metric data
05 Dec 2016 timeline
Sucuri disclosed a bug submitted by tw1sted 
Administrator Access to grafana instance logstash2.sucuri.net with default credentials
05 Dec 2016 timeline
Python (IBB) disclosed a bug submitted by johnleitch 
chain.__setstate__ Type Confusion
05 Dec 2016 timeline
1 ... 304 305 306 307 308 ... 447
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM