Top10 publishers:
bobrov114 
linkks75 
geeknik72 
sp1d3rs63 
jobert57 
netfuzzer47 
guido45 Twitter
bl4de42 
ryat40 
bigbear_38 

the unofficial HackerOne disclosure timeline.

X
Shopify disclosed a bug submitted by pouya Twitter
create staff member without owner access
29 Feb 2016 timeline
Gratipay disclosed a bug submitted by try_hack_x 
Sub Domian Take over
28 Feb 2016 timeline
Coinbase disclosed a bug submitted by datokaa 
Balance Manipulation - BUG
26 Feb 2016 timeline
LeaseWeb disclosed a bug submitted by cliffordtrigo Twitter
DOM Based XSS in Checkout
26 Feb 2016 timeline
ownCloud disclosed a bug submitted by mrsihag 
The csrf token remains same after user logs in
25 Feb 2016 timeline
KIWI.KI GmbH disclosed a bug submitted by paresh_parmar 
Subdomain takeover : URGENT
25 Feb 2016 timeline
Udemy disclosed a bug submitted by decay 
Reflected XSS and/or malicious redirection via JWPlayer 6 configuration modification
24 Feb 2016 timeline
HackerOne disclosed a bug submitted by zombiehelp54 Twitter
Interstitial redirect bypass / open redirect in https://hackerone.com/zendesk_session
24 Feb 2016 timeline
HackerOne disclosed a bug submitted by yaworsk Twitter
Unintended HTML inclusion as a result of https://hackerone.com/reports/110578
24 Feb 2016 timeline
Mail.Ru disclosed a bug submitted by konqi 
[3k.mail.ru] SQL Injection
24 Feb 2016 timeline
HackerOne disclosed a bug submitted by charfee 
Private Program Disclosure in /:handle/settings/allow_report_submission.json endpoint
24 Feb 2016 timeline
Mail.Ru disclosed a bug submitted by cyberpunkych 
SSRF ?? element.mail.ru
24 Feb 2016 timeline
InVision disclosed a bug submitted by sarwarjahan 
Deleting a Project for which the user is not owner but a normal member
23 Feb 2016 timeline
Shopify disclosed a bug submitted by brakhane 
S3 Buckets open to the world thanks to 'Authenticated Users' ACL
23 Feb 2016 timeline
HackerOne disclosed a bug submitted by zombiehelp54 Twitter
Null byte injection
23 Feb 2016 timeline
Udemy disclosed a bug submitted by geekboy Twitter
Misconfigured SPF Record Flag
22 Feb 2016 timeline
Udemy disclosed a bug submitted by manishbitr 
Stored XSS
22 Feb 2016 timeline
LeaseWeb disclosed a bug submitted by armaanpathan1 
MISSING SPF RECORDS & MISSING DKIM POLICY
22 Feb 2016 timeline
Coinbase disclosed a bug submitted by hackeroxo1 
Session Issue Maybe Can lead to huge loss [CRITICAL]
21 Feb 2016 timeline
Gratipay disclosed a bug submitted by n00b3rm4n 
proxy port 7000 and shell port 514 not filtered
20 Feb 2016 timeline
1 ... 368 369 370 371 372 ... 447
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM