Top10 publishers:
bobrov113 
linkks69 
geeknik62 
sp1d3rs61 
jobert49 
guido45 Twitter
ryat40 
bl4de39 
bigbear_38 
isox36 

the unofficial HackerOne disclosure timeline.

X
Twitter disclosed a bug submitted by wesecureapp 
Flaw in login with twitter to steal Oauth tokens
18 Feb 2015 timeline
Localize disclosed a bug submitted by testalways 
PHP reveals potentially sensitive information via certain HTTP requests that contain specific QUERY strings.
17 Feb 2015 timeline
Localize disclosed a bug submitted by pulkit_pandey 
files likes of README.md is public
17 Feb 2015 timeline
Vimeo disclosed a bug submitted by harshafriend4all Twitter
profile photo update bypass
17 Feb 2015 timeline
itBit Exchange disclosed a bug submitted by harshafriend4all Twitter
weird bug ! ( missing validation on new email verfication )
14 Feb 2015 timeline
Vimeo disclosed a bug submitted by harshafriend4all Twitter
Buying ondemand videos that 0.1 and sometimes for free
13 Feb 2015 timeline
Dropbox disclosed a bug submitted by panchocosil 
WP User Enumeration is possible at https://blog.dropbox.com
12 Feb 2015 timeline
wont-fix
Nearby Live disclosed a bug submitted by m0rph3u5 
Group Invite not properly authenticated
12 Feb 2015 timeline
Flash disclosed a bug submitted by netfuzzer 
chrome allows POST requests with custom headers using flash + 307 redirect
09 Feb 2015 timeline
Vimeo disclosed a bug submitted by balag_py 
Misconfigured crossdomain.xml - vimeo.com
09 Feb 2015 timeline
wont-fix
Twitter disclosed a bug submitted by sappi 
Account Deleted without any confirmation
05 Feb 2015 timeline
wont-fix
Square disclosed a bug submitted by anshuman_bh Twitter
CSRF on adding clients
04 Feb 2015 timeline
Square disclosed a bug submitted by anshuman_bh Twitter
CSRF on adding a calendar event
04 Feb 2015 timeline
HackerOne disclosed a bug submitted by atom Twitter
Improper way of validating a program
04 Feb 2015 timeline
Python disclosed a bug submitted by ewok 
Multiple Python interger overflows
04 Feb 2015 timeline
Apache httpd disclosed a bug submitted by guido Twitter
mod_lua: Crash in websockets PING handling
04 Feb 2015 timeline
HackerOne disclosed a bug submitted by danlec 
Vulnerability with the way \ escaped characters in <http://danlec.com> style links are rendered
03 Feb 2015 timeline
Vimeo disclosed a bug submitted by testalways 
Brute force on "vimeo" cookie
02 Feb 2015 timeline
wont-fix
Vimeo disclosed a bug submitted by shubham 
CSRF bypass
30 Jan 2015 timeline
wont-fix
Vimeo disclosed a bug submitted by testalways 
ftp upload of video allows naming that is not sanitized as the manual naming
29 Jan 2015 timeline
1 ... 335 336 337 338 339 ... 374
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM