Top10 publishers:
bobrov116 
linkks75 
geeknik73 
sp1d3rs63 
jobert60 
jon_bottarini48 
netfuzzer47 
ryat47 
guido45 Twitter
skavans42 

the unofficial HackerOne disclosure timeline.

X
Instacart disclosed a bug submitted by footstep 
Authentication Bypass in Updating Personal Information
17 Jan 2017 timeline
Imgur disclosed a bug submitted by strukt Twitter
Stored XSS in albums on http://m.imgur.com/
17 Jan 2017 timeline
Algolia disclosed a bug submitted by malcolmx 
2-factor authentication bypass
17 Jan 2017 timeline
Nextcloud disclosed a bug submitted by rbcafe 
HTTP-Basic Authentication on logs.nextcloud.com
17 Jan 2017 timeline
Boozt Fashion AB disclosed a bug submitted by m7mdharoun 
xss in Theme http://bztfashion.booztx.com
16 Jan 2017 timeline
Nextcloud disclosed a bug submitted by dremos 
Avatar image upload and bypass real image verification
15 Jan 2017 timeline
shopify-scripts disclosed a bug submitted by kelia 
ruby DoS https://www.mruby.science
15 Jan 2017 timeline
shopify-scripts disclosed a bug submitted by raydot 
Type confusion in wrap_decimal leading to memory corruption
15 Jan 2017 timeline
shopify-scripts disclosed a bug submitted by raydot 
Null pointer dereference due to TOCTTOU bug in mrb_time_initialize
15 Jan 2017 timeline
Twitter disclosed a bug submitted by mishre 
Twitter for android is exposing user's location to any installed android app
13 Jan 2017 timeline
Nextcloud disclosed a bug submitted by rbcafe 
Disclosure of administrators via JSON on nextcloud.com Wordpress
13 Jan 2017 timeline
Nextcloud disclosed a bug submitted by dem0n 
WordPress <= 4.6.1 Stored XSS Via Theme File
13 Jan 2017 timeline
Starbucks disclosed a bug submitted by id-is-vulnerable 
Create New User Whilst Logged On
13 Jan 2017 timeline
Starbucks disclosed a bug submitted by meals 
Parameter Manipulation allowed for viewing of other user’s teavana.com orders
13 Jan 2017 timeline
Starbucks disclosed a bug submitted by e3xpl0it 
Dom Based Xss DIV.innerHTML parameters store.starbucks*
12 Jan 2017 timeline
Nextcloud disclosed a bug submitted by trichimtrich 
Bad content-type in response header when getting document can lead to html injection
12 Jan 2017 timeline
Nextcloud disclosed a bug submitted by trichimtrich 
URI scheme bypass in mail app lead to HTML content spoof and opener control
12 Jan 2017 timeline
OLX disclosed a bug submitted by mohamedsherif 
Directory Listing of all the resource files of olx.com.eg
12 Jan 2017 timeline
Legal Robot disclosed a bug submitted by vishnu1 
Near-duplicate accounts allowed with ignored email mutations
12 Jan 2017 timeline
U.S. Dept Of Defense disclosed a bug submitted by meals 
Remote code execution on an Army website
12 Jan 2017 timeline
1 ... 339 340 341 342 343 ... 490
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM