Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'84 
b'linkks'75 
b'jobert'70 
b'nyymi'67 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'Node.js third-party modules' disclosed a bug submitted by b'posix' 
b'Prototype pollution attack (lodash)'
27 Apr 2020 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'macasun' 
b'Crash Node.js process from handlebars using a small and simple source'
27 Apr 2020 timeline
b'GitLab' disclosed a bug submitted by b'vakzz' 
b'Arbitrary file read via the UploadsRewriter when moving and issue'
27 Apr 2020 timeline
b'Shopify' disclosed a bug submitted by b'danerh' 
b'Session works after logout from Shopify account and password of online store is displayed'
27 Apr 2020 timeline
b'Roblox' disclosed a bug submitted by b'jfc5sb' 
b'Insecure redirect rule results in bypassing ban redirect on certain pages'
26 Apr 2020 timeline
b'Slack' disclosed a bug submitted by b'akaki' 
b'URL link spoofing'
26 Apr 2020 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'visat' 
b'[Total.js] Path traversal vulnerability allows to read files outside public directory'
25 Apr 2020 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'mik317' 
b'[git-promise] RCE via insecure command formatting'
25 Apr 2020 timeline
b'Cuvva' disclosed a bug submitted by b'fsm' 
b'Time-limit Bypassing, Rate-limit Bypassing and Spamming at https://ops.cuvva.co'
24 Apr 2020 timeline
b'Roblox' disclosed a bug submitted by b'geekboy' 
b'Subdomain Takeover to Authentication bypass '
23 Apr 2020 timeline
b'Uber' disclosed a bug submitted by b'healdb' 
b'ubernycmarketplace.com is vulnerable to the Heartbleed Bug'
23 Apr 2020 timeline
b'Uber' disclosed a bug submitted by b'peroni' 
b'Full Path and internal information disclosure+ SQLNet.log file disclose internal network information'
23 Apr 2020 timeline
b'Visma Public' disclosed a bug submitted by b'gamliel' 
b'Able to continue user creation process after deleting the HTML element that shows the message that the session is closed'
23 Apr 2020 timeline
b'Omise' disclosed a bug submitted by b'rioncool22' 
b'Signup with any email and enable 2FA without verifying email'
23 Apr 2020 timeline
b'Stripo Inc' disclosed a bug submitted by b'what_web' 
b'[www.stripo.email] You can override the speed limit by adding the X-Forwarded-For header.'
23 Apr 2020 timeline
b'Ruby' disclosed a bug submitted by b'jeremyevans' 
b'Variant of CVE-2013-0269 (Denial of Service and Unsafe Object Creation Vulnerability in JSON)'
23 Apr 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'empty-jack' 
b'[v7lk.relap.io] Sending arbitrary emails to any user'
22 Apr 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'ksapphire' 
b'Mail.Ru Top - Website Counter Bruteforcing'
22 Apr 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'act1on3' 
b'[c-api.city-mobil.ru] Client authentication bypass leads to information disclosure'
22 Apr 2020 timeline
b'Mail.ru' disclosed a bug submitted by b'risinghunter' 
b'mailgun subdomain takeover on "email.mail.geekbrains.ru"'
22 Apr 2020 timeline
1 ... 324 325 326 327 328 ... 752
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM