Top10 publishers:
bobrov114 
linkks74 
geeknik71 
sp1d3rs62 
jobert54 
guido45 Twitter
bl4de42 
ryat40 
bigbear_38 
zombiehelp5437 Twitter

the unofficial HackerOne disclosure timeline.

X
Uber disclosed a bug submitted by jouko Twitter
OneLogin authentication bypass on WordPress sites via XMLRPC
15 Jul 2016 timeline
Keybase disclosed a bug submitted by sarwarjahan 
Un-handled exception leads to Information Disclosure
15 Jul 2016 timeline
Gratipay disclosed a bug submitted by secbughunter 
stop serving grtp.co over HTTP
15 Jul 2016 timeline
Uber disclosed a bug submitted by mongo 
Change any Uber user's password through /rt/users/passwordless-signup - Account Takeover (critical)
14 Jul 2016 timeline
Snapchat disclosed a bug submitted by notnaffy 
Administrator access to a Django Administration Panel on *.sc-corp.net via bruteforced credentials
14 Jul 2016 timeline
Trello disclosed a bug submitted by theflofly 
If a team is public, the web socket receives data about the Team visible boards
14 Jul 2016 timeline
Trello disclosed a bug submitted by theflofly 
Using WebSocket I can always access organization data even if I am removed
14 Jul 2016 timeline
FantasyTote disclosed a bug submitted by ketankumar_godhani 
Weak HSTS age
14 Jul 2016 timeline
Gratipay disclosed a bug submitted by ashish_goanhacker Twitter
strengthen Diffie-Hellman (DH) key exchange parameters in grtp.co
14 Jul 2016 timeline
Gratipay disclosed a bug submitted by mackstaples 
suppress version in Server header on gratipay.com or grtp.co
14 Jul 2016 timeline
OLX disclosed a bug submitted by mefkan 
XSS yaman.olx.ph
14 Jul 2016 timeline
Gratipay disclosed a bug submitted by zuh4n 
Directory listening in grtp.co
14 Jul 2016 timeline
Gratipay disclosed a bug submitted by dotnick 
don't leak server version of grtp.co in error pages
14 Jul 2016 timeline
Paragon Initiative Enterprises disclosed a bug submitted by lukasreschke 
Content-type sniffing leads to stored XSS in CMS Airship on Internet Explorer
14 Jul 2016 timeline
Slack disclosed a bug submitted by thisishrsh 
File upload over private IM channel
13 Jul 2016 timeline
LocalTapiola disclosed a bug submitted by mlitchfield 
Blind Stored XSS Against Lahitapiola Employees - Session and Information leakage
13 Jul 2016 timeline
Uber disclosed a bug submitted by jutsuce 
Directory Browsing and Open Git Repository on Uber Development Box
13 Jul 2016 timeline
OLX disclosed a bug submitted by thezawad Twitter
XSS @ yaman.olx.ph
13 Jul 2016 timeline
OLX disclosed a bug submitted by thezawad Twitter
XSS @ *.olx.com.ar
13 Jul 2016 timeline
Gratipay disclosed a bug submitted by thezawad Twitter
prevent null bytes in email field
13 Jul 2016 timeline
1 ... 308 309 310 311 312 ... 417
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM