Top10 publishers:
bobrov114 
linkks74 
geeknik71 
sp1d3rs62 
jobert54 
guido45 Twitter
bl4de42 
ryat40 
bigbear_38 
zombiehelp5437 Twitter

the unofficial HackerOne disclosure timeline.

X
concrete5 disclosed a bug submitted by jfolkins 
ProBlog 2.6.6 CSRF Exploit
22 May 2016 timeline
New Relic disclosed a bug submitted by arbaz_hussain 
SUBDOMAIN TAKEOVER(FIXED)
21 May 2016 timeline
Vimeo disclosed a bug submitted by tomash 
Private, embeddable videos leaks data through Facebook & Open Graph
21 May 2016 timeline
New Relic disclosed a bug submitted by shailesh4594 
Open redirection on login
21 May 2016 timeline
HackerOne disclosed a bug submitted by pisarenko 
DOS Report FILE html inside <code> in markdown
21 May 2016 timeline
Xero disclosed a bug submitted by dly Twitter
Default.aspx exposing full path and other info on wip.origin-community.xero.com
20 May 2016 timeline
New Relic disclosed a bug submitted by geeknik 
https://rpm.newrelic.com/.htaccess file is world readable
20 May 2016 timeline
New Relic disclosed a bug submitted by trabajoduro_2 
Clickjacking on authenticated pages which is inscope for New Relic
20 May 2016 timeline
Xero disclosed a bug submitted by droope 
Insecure Payment System Integration
20 May 2016 timeline
LocalTapiola disclosed a bug submitted by aaditya_purani Twitter
Abusing and Hacking the SMTP Server secure.lahitapiola.fi
20 May 2016 timeline
Dovecot disclosed a bug submitted by hari-cybex 
DIrectory Listing Found
20 May 2016 timeline
Informatica disclosed a bug submitted by psychomantis Twitter
[now.informatica.com] Reflective Xss
19 May 2016 timeline
HackerOne disclosed a bug submitted by ala_arfaoui 
HackerOne Important Emails Notification are sent in clear-text
19 May 2016 timeline
OpenSSL disclosed a bug submitted by jurajsomorovsky 
Padding oracle in AES-NI CBC MAC check (CVE-2016-2107)
19 May 2016 timeline
HackerOne disclosed a bug submitted by teo 
LinkedIN URL should be HTTPS
18 May 2016 timeline
Phabricator disclosed a bug submitted by vorpal 
Passphrase credential lock bypass
18 May 2016 timeline
PHP disclosed a bug submitted by cyberpunkych 
Null pointer deref (segfault) in stream_context_get_default
17 May 2016 timeline
Coinbase disclosed a bug submitted by hisham 
Email leak in transcations in Android app
17 May 2016 timeline
Dovecot disclosed a bug submitted by thalaivarsubu 
nginx server vulnerable
17 May 2016 timeline
Veris disclosed a bug submitted by kanwar 
Text injection can be used in phishing 404 page and should not include attacker text
17 May 2016 timeline
1 ... 324 325 326 327 328 ... 417
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM