the unofficial HackerOne disclosure timeline.

X
b'Vanilla' disclosed a bug submitted by b'vivek111' 
b' XSS through chat messages'
02 Apr 2020 timeline
b'SEMrush' disclosed a bug submitted by b'a_d_a_m' 
b'IDOR in marketing calendar tool'
02 Apr 2020 timeline
b'SEMrush' disclosed a bug submitted by b'yashrs' 
b'An attacker can buy marketplace articles for lower prices as it allows for negative quantity values leading to business loss'
02 Apr 2020 timeline
b'SEMrush' disclosed a bug submitted by b'nikitastupin' 
b'Content Injection on api.semrush.com to Reflected XSS'
02 Apr 2020 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'sontungatm' 
b'[utils-extend] Prototype pollution '
02 Apr 2020 timeline
b'Slack' disclosed a bug submitted by b'jhancock' 
b'Relative Path Vulnerability Results in Arbitrary Command Execution/Privilege Escalation'
01 Apr 2020 timeline
b'Razer' disclosed a bug submitted by b'sambal0x' 
b'[Razer Pay] Broken Access Control at /v1/verifyPhone/ allows enumeration of usernames and ID information'
01 Apr 2020 timeline
b'Razer' disclosed a bug submitted by b'p3rr0' 
b'Access to support tickets and payment history, impersonate razer support staff'
01 Apr 2020 timeline
b'Shopify' disclosed a bug submitted by b'ngalog' 
b'[Part II] Email Confirmation Bypass in myshop.myshopify.com that Leads to Full Privilege Escalation'
01 Apr 2020 timeline
b'Shopify' disclosed a bug submitted by b'ngalog' 
b'Email Confirmation Bypass in myshop.myshopify.com that Leads to Full Privilege Escalation to Any Shop Owner by Taking Advantage of the Shopify SSO'
01 Apr 2020 timeline
b'Shopify' disclosed a bug submitted by b'ngalog' 
b'Able to Takeover Merchants Accounts Even They Have Already Setup SSO, After Bypassing the Email Confirmation'
01 Apr 2020 timeline
b'Ubiquiti Inc.' disclosed a bug submitted by b'ajxchapman' 
b'UniFi Video web interface Configuration Restore user privilege escalation'
01 Apr 2020 timeline
b'Ubiquiti Inc.' disclosed a bug submitted by b'ajxchapman' 
b'UniFi Video Server web interface admin user Firmware Update path traversal leading to local system compromise'
01 Apr 2020 timeline
b'Starbucks' disclosed a bug submitted by b'neweq' 
b'China - Leaked credentials permitted a limited ability to create Starbucks coupons and cards'
01 Apr 2020 timeline
b'Ubiquiti Inc.' disclosed a bug submitted by b'b0yd' 
b'UniFi Video v3.10.1 (Windows) Local Privileges Escalation to SYSTEM from arbitrary filedelete and DLL hijack vulnerabilities.'
01 Apr 2020 timeline
b'Starbucks' disclosed a bug submitted by b'0xpatrik' 
b'China \xe2\x80\x93 Limited Partner PII Regarding Work Scheduling via Unauthenticated API Endpoint'
01 Apr 2020 timeline
b'Rocket.Chat' disclosed a bug submitted by b'codermak' 
b'API Keys Hardcoded in Github repository'
01 Apr 2020 timeline
b'Open-Xchange' disclosed a bug submitted by b'catenacyber' 
b'Buffer over-reads in i_stream_zlib_read'
01 Apr 2020 timeline
b'Open-Xchange' disclosed a bug submitted by b'catenacyber' 
b' Null pointer dereference in SMTP server function smtp_command_parse_data_with_size'
01 Apr 2020 timeline
b'Endless Hosting' disclosed a bug submitted by b'pr3r00t' 
b'Lets Encrypt Certificates affected by CAA Rechecking Incident'
01 Apr 2020 timeline
1 ... 343 344 345 346 347 ... 765
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM