Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'84 
b'linkks'75 
b'jobert'70 
b'nyymi'64 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'PHP (IBB)' disclosed a bug submitted by b'fms' 
b'imagescale out-of-bounds read'
31 Oct 2019 timeline
b'Grammarly' disclosed a bug submitted by b'orlserg' 
b'Lack of CSRF header validation at https://g-mail.grammarly.com/profile'
31 Oct 2019 timeline
b'Vend' disclosed a bug submitted by b'z0idex' 
b'Open Redirect in the Path of vendhq.com'
31 Oct 2019 timeline
b'Central Security Project' disclosed a bug submitted by b'hland' 
b'Unrestricted File Upload Leading to Remote Code Execution'
30 Oct 2019 timeline
b'Mail.ru' disclosed a bug submitted by b'maxarr' 
b'touch.mail.ru / e.mail.ru memory content disclosure'
30 Oct 2019 timeline
b'Central Security Project' disclosed a bug submitted by b'badcode_' 
b'OS Command Injection in Nexus Repository Manager 2.x(bypass CVE-2019-5475)'
29 Oct 2019 timeline
b'Razer' disclosed a bug submitted by b'smalien' 
b'Unauthenticated access to sensitive user information'
29 Oct 2019 timeline
b'Kartpay' disclosed a bug submitted by b'nitrozeus' 
b'Referer issue in Kartpay.com'
28 Oct 2019 timeline
b'Mail.ru' disclosed a bug submitted by b'secator' 
b'[XSS] postMessage ? jsapi/button'
28 Oct 2019 timeline
b'Weblate' disclosed a bug submitted by b'fr0nk' 
b'no captcha for register user and weak question attacker can spam email'
26 Oct 2019 timeline
b'Zendesk' disclosed a bug submitted by b'geeknik' 
b'SMTP user enumeration via mail.zendesk.com'
25 Oct 2019 timeline
b'Zendesk' disclosed a bug submitted by b'nathand' 
b'"Test target" of the "HTTP target" extension can unintentionally send username and password in the Authorization header'
25 Oct 2019 timeline
b'HackerOne' disclosed a bug submitted by b'jobert' 
b'Reporter, external users, collaborators can mark sent swag awarded to reporter as unsent'
25 Oct 2019 timeline
b'Mail.ru' disclosed a bug submitted by b'harisec' 
b'Reflected XSS in https://light.mail.ru/login via page'
25 Oct 2019 timeline
b'SEMrush' disclosed a bug submitted by b'batuhanu' 
b'Open redirect in semrush.com'
25 Oct 2019 timeline
b'Moneybird' disclosed a bug submitted by b'rioncool22' 
b'Enable 2FA without verifying the email'
25 Oct 2019 timeline
b'Ruby' disclosed a bug submitted by b'znz' 
b'HTTP header can split /[\\r\\n]/ instead of /\\r\\n/'
25 Oct 2019 timeline
b'Perl (IBB)' disclosed a bug submitted by b'tmnt53' 
b'Heap-buffer-overflow in Perl__byte_dump_string (utf8.c) could lead to memory leak'
24 Oct 2019 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'bl4de' 
b'Command Injection due to lack of sanitisation of tar.gz filename passed as an argument to pm2.install() function'
24 Oct 2019 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'bl4de' 
b'Command Injection in npm module name passed as an argument to pm2.install() function'
24 Oct 2019 timeline
1 ... 364 365 366 367 368 ... 741
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM