Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'84 
b'linkks'75 
b'jobert'70 
b'nyymi'64 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'Mail.ru' disclosed a bug submitted by b'chajer' 
b'Delete images of users with clickjacking in https://pw.mail.ru'
09 Sep 2019 timeline
b'Maker Ecosystem Growth Holding' disclosed a bug submitted by b'lucash-dev' 
b'Steal collateral during `end` process, by earning DSR interest after `flow`.'
09 Sep 2019 timeline
b'Shopify' disclosed a bug submitted by b'tems' 
b'Inject page in admin panel via Shopify.API.pushState'
09 Sep 2019 timeline
b'Uber' disclosed a bug submitted by b'appsecure_in' 
b"Sensitive user information disclosure at bonjour.uber.com/marketplace/_rpc via the 'userUuid' parameter"
09 Sep 2019 timeline
b'HackerOne' disclosed a bug submitted by b'japz' 
b'[Bypass #645264] Report title disclosure despite the program settings for email notification is set to "No Content"'
09 Sep 2019 timeline
b'Trint Ltd' disclosed a bug submitted by b'xh3n1' 
b'Insecure Zendesk SSO implementation by generating JWT client-side'
08 Sep 2019 timeline
b'HackerOne' disclosed a bug submitted by b'jobert' 
b'IDOR in Report CSV export discloses the IDs of Custom Field Attributes of Programs'
06 Sep 2019 timeline
b'HackerOne' disclosed a bug submitted by b'hisokamorou' 
b'Disclosure of Program email Title Report when being removed as contributor. Bypass for Report #645264'
06 Sep 2019 timeline
b'Kaspersky' disclosed a bug submitted by b'palant' 
b'MitM attacks on HSTS-protected hosts are possible'
05 Sep 2019 timeline
b'Nextcloud' disclosed a bug submitted by b'pamper' 
b'Content Spoofing /Text Injection in https://docs.nextcloud.com'
05 Sep 2019 timeline
b'shopify-scripts' disclosed a bug submitted by b'dgaletic' 
b'NULL pointer dereference in `mrb_check_frozen`'
04 Sep 2019 timeline
b'shopify-scripts' disclosed a bug submitted by b'dgaletic' 
b'Buffer overflow in yywarning_s'
04 Sep 2019 timeline
b'shopify-scripts' disclosed a bug submitted by b'dgaletic' 
b'Invalid read in `str_replace_partial`'
04 Sep 2019 timeline
b'shopify-scripts' disclosed a bug submitted by b'dgaletic' 
b'Crash in mrb_ary_push'
04 Sep 2019 timeline
b'Omise' disclosed a bug submitted by b'sheerwood' 
b'Email enumeration at SignUp page'
04 Sep 2019 timeline
b'Twitter' disclosed a bug submitted by b'faceless_man' 
b'Html Injection and Possible XSS via MathML'
03 Sep 2019 timeline
b'Imgur' disclosed a bug submitted by b'madrobot' 
b'Xss on community.imgur.com'
03 Sep 2019 timeline
b'Razer US' disclosed a bug submitted by b'yehtut_yehg' 
b'Synapse 2.21 - DLL Hijacking vulnerability'
03 Sep 2019 timeline
b'Blockstack' disclosed a bug submitted by b'the_predator' 
b'EXIF Geolocation Data Not Stripped From Uploaded Images'
03 Sep 2019 timeline
b'Nextcloud' disclosed a bug submitted by b'phil-davis' 
b'Delete permission can be added on reshare'
03 Sep 2019 timeline
1 ... 380 381 382 383 384 ... 741
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM