Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'81 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'60 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'GitLab' disclosed a bug submitted by b'ngalog' 
b'Bypass Email Verification using Salesforce -- Reproducible in gitlab.com'
13 Dec 2019 timeline
b'Vimeo' disclosed a bug submitted by b'dphoeniixx' 
b'SSRF leaking internal google cloud data through upload function [SSH Keys, etc..]'
13 Dec 2019 timeline
b'Phabricator' disclosed a bug submitted by b'sectex' 
b'Markdown parsing issue enables insertion of malicious tags'
13 Dec 2019 timeline
b'GitLab' disclosed a bug submitted by b'logan5' 
b'Blocked user Git access through CI/CD token'
13 Dec 2019 timeline
b'HackerOne' disclosed a bug submitted by b'jobert' 
b'IDOR in Bugs overview enables attacker to determine the date range a hackathon was active'
13 Dec 2019 timeline
b'HackerOne' disclosed a bug submitted by b'ninetynine' 
b'ActiveStorage throws exception when using whitespace as filename, may lead to denial of service of multiple pages'
13 Dec 2019 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'chalker' 
b'`open` concatenates unsanitized input into exec() command'
13 Dec 2019 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'chalker' 
b'`rgb2hex` is vulnerable to ReDoS when parsing crafted invalid colors'
13 Dec 2019 timeline
b'GitLab' disclosed a bug submitted by b'xanbanx' 
b'Container scanning and Dependency scanning report leaked to unauthorized users'
13 Dec 2019 timeline
b'GitLab' disclosed a bug submitted by b'xanbanx' 
b'Head pipeline leaked to unauthorized users via blocking merge request feature'
13 Dec 2019 timeline
b'GitLab' disclosed a bug submitted by b'ngalog' 
b'Private System Note Disclosure using GraphQL'
13 Dec 2019 timeline
b'GitLab' disclosed a bug submitted by b'uzsunny9' 
b'Project Milestones Disclosed Via Groups When the Victim disabled milestones access in project settings'
13 Dec 2019 timeline
b'LocalTapiola' disclosed a bug submitted by b'muon4' 
b'CORS misconfiguration allows to steal client\'s "password", Authorization token and the customer details e.g. names, SSN, bank account etc.'
13 Dec 2019 timeline
b'Starbucks' disclosed a bug submitted by b'l00ph0le' 
b'Store Development Resource Center was vulnerable to a Remote Code Execution - Unauthenticated Remote Command Injection (CVE-2019-0604)'
12 Dec 2019 timeline
b'Starbucks' disclosed a bug submitted by b'gnux' 
b"Reflected XSS on card.starbucks.com.sg/unsubRevert.php via the 'ct' Parameter"
12 Dec 2019 timeline
b'Starbucks' disclosed a bug submitted by b'gnux' 
b"Reflected XSS on card.starbucks.com.sg/unsub.php via the 'ct' Parameter"
12 Dec 2019 timeline
b'Starbucks' disclosed a bug submitted by b'nukedx' 
b'Bulgaria - Subdomain takeover of mail.starbucks.bg'
12 Dec 2019 timeline
b'Starbucks' disclosed a bug submitted by b'mr_intrusionist' 
b'India - An Insecure Direct Object Reference (IDOR) allowed unauthorized access to view card index number and monetary balance'
12 Dec 2019 timeline
b'GitLab' disclosed a bug submitted by b'ajxchapman' 
b'GitLab::UrlBlocker validation bypass leading to full Server Side Request Forgery'
12 Dec 2019 timeline
b'Nextcloud' disclosed a bug submitted by b'foobar7' 
b'Persistent XSS on favorite via filename'
12 Dec 2019 timeline
1 ... 338 339 340 341 342 ... 733
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM