Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'84 
b'linkks'75 
b'jobert'70 
b'nyymi'64 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'Mail.ru' disclosed a bug submitted by b'dedsec69' 
b'Information Disclosure on {http://pro.tracker.my.com}'
30 Apr 2020 timeline
b'Razer' disclosed a bug submitted by b'zathu' 
b'Insecure HostnameVerifier within WebView of Razer Pay Android (TLS Vulnerability)'
30 Apr 2020 timeline
b'Razer' disclosed a bug submitted by b'reemer' 
b'SQL Injection in https://api-my.pay.razer.com/inviteFriend/getInviteHistoryLog'
30 Apr 2020 timeline
b'Razer' disclosed a bug submitted by b'sambal0x' 
b'[Razer Pay Mobile App] IDOR within /v1_IM/friends/queryDrawRedLog allowed unauthorised access to read logs'
30 Apr 2020 timeline
b'Starbucks' disclosed a bug submitted by b'b4bilal' 
b'Korea - LFI Server directory traversal at starbucks.co.kr'
30 Apr 2020 timeline
b'Razer' disclosed a bug submitted by b'sambal0x' 
b"Improper Authorization at https://api-my.pay.razer.com/v1/trxDetail?trxId=[Id] allowing unauthorised access to other user's transaction details"
30 Apr 2020 timeline
b'Razer' disclosed a bug submitted by b'sambal0x' 
b'[Razer Pay Android App] Multiple vulnerabilities chained to allow "RedPacket" money to be stolen by a 3rd party'
30 Apr 2020 timeline
b'Roblox' disclosed a bug submitted by b'albertl' 
b'Malformed string sent through FireServer leads to server freezing/hanging'
29 Apr 2020 timeline
b'HackerOne' disclosed a bug submitted by b'bencode' 
b'Read-only team members can read all properties of webhooks'
29 Apr 2020 timeline
b'concrete5' disclosed a bug submitted by b'sunny0day' 
b'XSS in select attribute options'
29 Apr 2020 timeline
b'Zomato' disclosed a bug submitted by b'nikhar123' 
b'Mathematical error found in meals for one'
29 Apr 2020 timeline
b'Ping Identity' disclosed a bug submitted by b'bug_digger21' 
b'Google Maps API key leaked during device pairing'
28 Apr 2020 timeline
b'Stripo Inc' disclosed a bug submitted by b'nihadp' 
b'CORS on my.stripo.email'
28 Apr 2020 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'posix' 
b'Prototype pollution attack (lodash)'
27 Apr 2020 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'macasun' 
b'Crash Node.js process from handlebars using a small and simple source'
27 Apr 2020 timeline
b'GitLab' disclosed a bug submitted by b'vakzz' 
b'Arbitrary file read via the UploadsRewriter when moving and issue'
27 Apr 2020 timeline
b'Shopify' disclosed a bug submitted by b'danerh' 
b'Session works after logout from Shopify account and password of online store is displayed'
27 Apr 2020 timeline
b'Roblox' disclosed a bug submitted by b'jfc5sb' 
b'Insecure redirect rule results in bypassing ban redirect on certain pages'
26 Apr 2020 timeline
b'Slack' disclosed a bug submitted by b'akaki' 
b'URL link spoofing'
26 Apr 2020 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'visat' 
b'[Total.js] Path traversal vulnerability allows to read files outside public directory'
25 Apr 2020 timeline
1 ... 313 314 315 316 317 ... 741
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM