Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'83 
b'linkks'75 
b'jobert'70 
b'nyymi'62 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'Mail.ru' disclosed a bug submitted by b'secator' 
b'[XSS] postMessage ? jsapi/button'
28 Oct 2019 timeline
b'Weblate' disclosed a bug submitted by b'fr0nk' 
b'no captcha for register user and weak question attacker can spam email'
26 Oct 2019 timeline
b'Zendesk' disclosed a bug submitted by b'geeknik' 
b'SMTP user enumeration via mail.zendesk.com'
25 Oct 2019 timeline
b'Zendesk' disclosed a bug submitted by b'nathand' 
b'"Test target" of the "HTTP target" extension can unintentionally send username and password in the Authorization header'
25 Oct 2019 timeline
b'HackerOne' disclosed a bug submitted by b'jobert' 
b'Reporter, external users, collaborators can mark sent swag awarded to reporter as unsent'
25 Oct 2019 timeline
b'Mail.ru' disclosed a bug submitted by b'harisec' 
b'Reflected XSS in https://light.mail.ru/login via page'
25 Oct 2019 timeline
b'SEMrush' disclosed a bug submitted by b'batuhanu' 
b'Open redirect in semrush.com'
25 Oct 2019 timeline
b'Moneybird' disclosed a bug submitted by b'rioncool22' 
b'Enable 2FA without verifying the email'
25 Oct 2019 timeline
b'Ruby' disclosed a bug submitted by b'znz' 
b'HTTP header can split /[\\r\\n]/ instead of /\\r\\n/'
25 Oct 2019 timeline
b'Perl (IBB)' disclosed a bug submitted by b'tmnt53' 
b'Heap-buffer-overflow in Perl__byte_dump_string (utf8.c) could lead to memory leak'
24 Oct 2019 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'bl4de' 
b'Command Injection due to lack of sanitisation of tar.gz filename passed as an argument to pm2.install() function'
24 Oct 2019 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'bl4de' 
b'Command Injection in npm module name passed as an argument to pm2.install() function'
24 Oct 2019 timeline
b'Dovecot' disclosed a bug submitted by b'nick_roessler' 
b'Memory corruption in imap-parser.c'
24 Oct 2019 timeline
b'PayPal' disclosed a bug submitted by b'albinowax' 
b'DoS on PayPal via web cache poisoning'
23 Oct 2019 timeline
b'Mail.ru' disclosed a bug submitted by b'elmahdi' 
b'[ RCE ] Through stopping the redirect in /admin/* the attacker able to bypass Authentication And Upload Malicious File'
23 Oct 2019 timeline
b'HackerOne' disclosed a bug submitted by b'unknown_person' 
b'Private program disclosure via `vpn_suspended` GraphQL query'
21 Oct 2019 timeline
b'HackerOne' disclosed a bug submitted by b'jobert' 
b'Any user with access to program can resume and suspend HackerOne Gateway'
21 Oct 2019 timeline
b'Automattic' disclosed a bug submitted by b'poutine_hero' 
b'Stored XSS vulnerability in comments on *.wordpress.com'
21 Oct 2019 timeline
b'Automattic' disclosed a bug submitted by b'mygf' 
b'Stored Self XSS on https://app.crowdsignal.com (in Photo Insert App) + Stored XSS on https://*your-subdomain*.survey.fm'
21 Oct 2019 timeline
b'PHP (IBB)' disclosed a bug submitted by b'md4' 
b'Int Overflow lead to Heap OverFlow in exif_thumbnail_extract of exif.c'
21 Oct 2019 timeline
1 ... 362 363 364 365 366 ... 738
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM