Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'83 
b'linkks'75 
b'jobert'70 
b'nyymi'62 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'Node.js third-party modules' disclosed a bug submitted by b'bl4de' 
b'Command Injection due to lack of sanitisation of tar.gz filename passed as an argument to pm2.install() function'
24 Oct 2019 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'bl4de' 
b'Command Injection in npm module name passed as an argument to pm2.install() function'
24 Oct 2019 timeline
b'Dovecot' disclosed a bug submitted by b'nick_roessler' 
b'Memory corruption in imap-parser.c'
24 Oct 2019 timeline
b'PayPal' disclosed a bug submitted by b'albinowax' 
b'DoS on PayPal via web cache poisoning'
23 Oct 2019 timeline
b'Mail.ru' disclosed a bug submitted by b'elmahdi' 
b'[ RCE ] Through stopping the redirect in /admin/* the attacker able to bypass Authentication And Upload Malicious File'
23 Oct 2019 timeline
b'HackerOne' disclosed a bug submitted by b'unknown_person' 
b'Private program disclosure via `vpn_suspended` GraphQL query'
21 Oct 2019 timeline
b'HackerOne' disclosed a bug submitted by b'jobert' 
b'Any user with access to program can resume and suspend HackerOne Gateway'
21 Oct 2019 timeline
b'Automattic' disclosed a bug submitted by b'poutine_hero' 
b'Stored XSS vulnerability in comments on *.wordpress.com'
21 Oct 2019 timeline
b'Automattic' disclosed a bug submitted by b'mygf' 
b'Stored Self XSS on https://app.crowdsignal.com (in Photo Insert App) + Stored XSS on https://*your-subdomain*.survey.fm'
21 Oct 2019 timeline
b'PHP (IBB)' disclosed a bug submitted by b'md4' 
b'Int Overflow lead to Heap OverFlow in exif_thumbnail_extract of exif.c'
21 Oct 2019 timeline
b'Semmle' disclosed a bug submitted by b'testanull' 
b'Worker container escape lead to arbitrary file reading in host machine [again]'
21 Oct 2019 timeline
b'Python (IBB)' disclosed a bug submitted by b'longwenzhang' 
b'A reflected XSS in python/Lib/DocXMLRPCServer.py'
19 Oct 2019 timeline
b'Flash (IBB)' disclosed a bug submitted by b'jouko' 
b'Internet-based attacker can run Flash apps in local sandboxes by using special URL schemes (PSIRT-3299, CVE-2015-3079)'
18 Oct 2019 timeline
b'Flash (IBB)' disclosed a bug submitted by b'jouko' 
b'Flash Player information disclosure (etc.) CVE-2015-3044, PSIRT-3298'
18 Oct 2019 timeline
b'Flash (IBB)' disclosed a bug submitted by b'jouko' 
b'Double free vulnerability in Flash Player Settings Manager (CVE-2015-0346)'
18 Oct 2019 timeline
b'Flash (IBB)' disclosed a bug submitted by b'irsdl' 
b'Flash \xe2\x80\x9clocal-with-filesystem\xe2\x80\x9d Bypass in navigateToURL'
17 Oct 2019 timeline
b'MyCrypto' disclosed a bug submitted by b'whitehacker18' 
b'URL is vulnerable to clickjacking'
17 Oct 2019 timeline
b'Rocket.Chat' disclosed a bug submitted by b'w2w' 
b'Blind SQL injection in third-party software, that allows to reveal user statistic from rocket.chat and possibly hack into the rocketchat.agilecrm.com'
17 Oct 2019 timeline
b'Nextcloud' disclosed a bug submitted by b'sohelahmed786' 
b'Exposing debug.log file leads to server full path disclosure'
17 Oct 2019 timeline
b'VK.com' disclosed a bug submitted by b'povargek' 
b'?????? ????? email ????????????? ???? ???????????? ????? ?????, ? ??? ?? ????? ?????? ????????'
17 Oct 2019 timeline
1 ... 362 363 364 365 366 ... 738
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM