Top10 publishers:
bobrov114 
linkks75 
geeknik72 
sp1d3rs63 
jobert57 
netfuzzer47 
guido45 Twitter
bl4de42 
ryat40 
bigbear_38 

the unofficial HackerOne disclosure timeline.

X
ownCloud disclosed a bug submitted by securitary 
owncloud.com: Persistent XSS In Account Profile
15 Feb 2016 timeline
Gratipay disclosed a bug submitted by rajatsharma 
nginx SPDY heap buffer overflow for https://grtp.co/
15 Feb 2016 timeline
Ubiquiti Networks disclosed a bug submitted by aparecekarl 
Subdomain Takeover in http://assets.goubiquiti.com/
14 Feb 2016 timeline
Ubiquiti Networks disclosed a bug submitted by 93c08539 
Arbritrary file Upload on AirMax
13 Feb 2016 timeline
Ruby on Rails disclosed a bug submitted by forced-request 
Explicit, dynamic render path: Dir. Trav + RCE
12 Feb 2016 timeline
Ruby on Rails disclosed a bug submitted by zachaysan 
Changeable model ids on vanilla update can lead to severely bad side-effects
12 Feb 2016 timeline
Ruby on Rails disclosed a bug submitted by jcoyne 
Nested attributes reject_if proc can be circumvented by providing "_destroy" parameter
12 Feb 2016 timeline
Ruby on Rails disclosed a bug submitted by backus 
Validation bypass for Active Record and Active Model
12 Feb 2016 timeline
Khan Academy disclosed a bug submitted by benmassaoud 
XSS vulnerability in "/coach/roster/" ( create your first class)
12 Feb 2016 timeline
Gratipay disclosed a bug submitted by prince 
grtp.co is vulnerable to http-vuln-cve2011-3192
12 Feb 2016 timeline
Caviar disclosed a bug submitted by cliffordtrigo Twitter
Remotely modifying courier Account Details
11 Feb 2016 timeline
Mail.Ru disclosed a bug submitted by konqi 
[allods.my.com] SSRF / XSPA
11 Feb 2016 timeline
ownCloud disclosed a bug submitted by arover7 
otrs.owncloud.com: Reflected Cross-Site Scripting
10 Feb 2016 timeline
Vimeo disclosed a bug submitted by sintheticlabs 
Legacy API exposes private video titles
10 Feb 2016 timeline
Paragon Initiative Enterprises disclosed a bug submitted by karthic 
Missing SPF for https://paragonie.com/
08 Feb 2016 timeline
Keybase disclosed a bug submitted by saeedhashem 
Content spoofing due to the improper behavior of the not-found meesage
08 Feb 2016 timeline
Coinbase disclosed a bug submitted by paulos_ Twitter
OAuth authorization page vulnerable to clickjacking
07 Feb 2016 timeline
Udemy disclosed a bug submitted by shekhar93 
information disclosure
07 Feb 2016 timeline
Paragon Initiative Enterprises disclosed a bug submitted by hat_mast3r 
Open-redirect on paragonie.com
07 Feb 2016 timeline
ownCloud disclosed a bug submitted by 00day 
Self-XSS in mails sent by hello@owncloud.com
06 Feb 2016 timeline
1 ... 370 371 372 373 374 ... 447
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM