Top10 publishers:
bobrov114 
linkks75 
geeknik72 
sp1d3rs63 
jobert57 
netfuzzer47 
guido45 Twitter
bl4de42 
ryat40 
bigbear_38 

the unofficial HackerOne disclosure timeline.

X
Bime disclosed a bug submitted by michiel 
Subdomain takeover due to unclaimed Amazon S3 bucket on a2.bime.io
22 Jun 2016 timeline
ThisData disclosed a bug submitted by 7h0r4pp4n 
Host Header Poisoning in thisdata.com
22 Jun 2016 timeline
bitaccess disclosed a bug submitted by geekboy Twitter
BYASSING OTP Verification
22 Jun 2016 timeline
Pornhub disclosed a bug submitted by awake 
CSV Macro injection in Video Manager (CEMI)
22 Jun 2016 timeline
Pornhub disclosed a bug submitted by zephrfish Twitter
Public Facing Barracuda Login
22 Jun 2016 timeline
Pornhub disclosed a bug submitted by mak 
Multiple endpoints are vulnerable to XML External Entity injection (XXE)
22 Jun 2016 timeline
Pornhub disclosed a bug submitted by zephrfish Twitter
PornIQ Reflected Cross-Site Scripting
22 Jun 2016 timeline
Mail.Ru disclosed a bug submitted by samidrif 
Code source discloure & ability to get database information "SQL injection" in [townwars.mail.ru]
22 Jun 2016 timeline
Romit disclosed a bug submitted by eboda Twitter
Session Fixation
22 Jun 2016 timeline
Nextcloud disclosed a bug submitted by japongskie 
No Rate Limiting on stats.nextcloud.com login
22 Jun 2016 timeline
Zomato disclosed a bug submitted by dejavuln Twitter
Instagram OAuth2 Implementation Leaks Access Token; Allows for Cross-Site Script Inclusion (XSSI)
22 Jun 2016 timeline
Nextcloud disclosed a bug submitted by vivek_patil 
WordPress Vulnerabilities: User Enumeration, Vulnerable Akismet Plugin, XML-RPC Interface available
22 Jun 2016 timeline
Slack disclosed a bug submitted by mkbb 
Unauthenticated Access to some old file thumbnails
21 Jun 2016 timeline
HackerOne disclosed a bug submitted by jthetechguy 
All information is not removed from published reports
21 Jun 2016 timeline
Nextcloud disclosed a bug submitted by armfox97 
Deny access to download.nextcloud.com + folders
21 Jun 2016 timeline
Shopify disclosed a bug submitted by ksaurabh 
Fetching external resources through svg images
21 Jun 2016 timeline
Ruby disclosed a bug submitted by guido Twitter
Heap corruption in string.c tr_trans() due to undersized buffer
21 Jun 2016 timeline
Ruby disclosed a bug submitted by guido Twitter
Heap corruption in DateTime.strftime() on 32 bit for certain format strings
21 Jun 2016 timeline
Ruby disclosed a bug submitted by guido Twitter
StringIO strio_getline() can divulge arbitrary memory
21 Jun 2016 timeline
Nextcloud disclosed a bug submitted by bugdiscloseguy 
Email ID Disclosure.
20 Jun 2016 timeline
1 ... 343 344 345 346 347 ... 447
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM