Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'56 
b'ooooooo_q'50 
b'jon_bottarini'49 
b'haxta4ok00'48 

the unofficial HackerOne disclosure timeline.

X
b'Valve' disclosed a bug submitted by b'xpaw' 
b'Web API key registration allows registering multiple keys by reusing `request_id` '
12 Dec 2023 timeline
b'HackerOne' disclosed a bug submitted by b'mega7' 
b'Server Side Request Forgery (SSRF) via Analytics Reports'
08 Dec 2023 timeline
b'Glassdoor' disclosed a bug submitted by b'saboorhakimi' 
b'Web Cache Deception'
08 Dec 2023 timeline
b'CS Money' disclosed a bug submitted by b'smalx' 
b'Authentication Bypass to (CVE-2023-2982)'
08 Dec 2023 timeline
b'HackerOne' disclosed a bug submitted by b'byq' 
b'Private program name disclosure in the invitation mail for another program'
08 Dec 2023 timeline
b'curl' disclosed a bug submitted by b'cxshakal' 
b'CVE-2023-46219: HSTS long file name clears contents'
08 Dec 2023 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'p4fg' 
b'Misconfiguration in AWS CloudFront CDN configuration makes rubygems.org serve (and cache) content from a unclaimed S3-bucket'
07 Dec 2023 timeline
b'LinkedIn' disclosed a bug submitted by b'tushar6378' 
b'User Details Can Be Disclosed Even If The Account IS In Hibernation State'
06 Dec 2023 timeline
b'LinkedIn' disclosed a bug submitted by b'marvelmaniac' 
b'CSRF that makes any linkedin user follow attacker controlled accounts by simply clicking https://www.linkedin.com/comm/mynetwork/discovery-see-all/*'
06 Dec 2023 timeline
b'LinkedIn' disclosed a bug submitted by b'marvelmaniac' 
b'CSRF that makes any user send invitations to the attacker by simply clicking on a link.'
06 Dec 2023 timeline
b'curl' disclosed a bug submitted by b'nyymi' 
b'CVE-2023-46218: cookie mixed case PSL bypass'
06 Dec 2023 timeline
b'GitHub' disclosed a bug submitted by b'inspector-ambitious' 
b'Rogue collaborators and ambiguous branch names in GitHub'
05 Dec 2023 timeline
b'IBM' disclosed a bug submitted by b'sajidraza' 
b'Unauthenticated Remote Access to Testing Endpoint'
04 Dec 2023 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'tniessen' 
b'Integrity checks according to policies can be circumvented in Node.js 20 and Node.js 18'
30 Nov 2023 timeline
b'Tennessee Valley Authority' disclosed a bug submitted by b'mohs3n' 
b'access to profile & reset password page without authentication'
30 Nov 2023 timeline
b'Tennessee Valley Authority' disclosed a bug submitted by b'mohs3n' 
b'captcha bypass leads to register multiple user with one valid captcha'
30 Nov 2023 timeline
b'Tennessee Valley Authority' disclosed a bug submitted by b'mohs3n' 
b'internal path disclosure via register error'
30 Nov 2023 timeline
b'Tennessee Valley Authority' disclosed a bug submitted by b'mohs3n' 
b'Incorrect Authorization leads to see other users Documents Uploaded'
30 Nov 2023 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'tniessen' 
b'Permission model improperly protects against path traversal in Node.js 20'
30 Nov 2023 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'mattaustin' 
b'Permissions policies can be bypassed via Module._load and require.extensions (High) (CVE-2023-30587)'
30 Nov 2023 timeline
1 ... 36 37 38 39 40 ... 717
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM