Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'84 
b'linkks'75 
b'jobert'70 
b'nyymi'67 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'Mail.ru' disclosed a bug submitted by b'johndoe1492' 
b'OOB XXE '
11 Oct 2019 timeline
b'Mail.ru' disclosed a bug submitted by b'johndoe1492' 
b'OOB XXE '
11 Oct 2019 timeline
b'Mail.ru' disclosed a bug submitted by b'mase289' 
b'XSS via Cookie in Mail.ru'
11 Oct 2019 timeline
b'Mail.ru' disclosed a bug submitted by b'kiriknik' 
b'Blind SSRF on sentry.dev-my.com due to Sentry misconfiguration'
11 Oct 2019 timeline
b'Mail.ru' disclosed a bug submitted by b'iframe' 
b'[agent.33slona.ru] Recovery code bruteforce'
11 Oct 2019 timeline
b'Mail.ru' disclosed a bug submitted by b'iframe' 
b'[sso.33slona.ru] Application Messages Error stacktrace PHP.'
11 Oct 2019 timeline
b'QIWI' disclosed a bug submitted by b'circuit' 
b'account takeover https://qiwi.me '
11 Oct 2019 timeline
b'Shopify' disclosed a bug submitted by b'mariogh' 
b'Bypass report #416983 - Removed Staff members who had "Apps" permission can still modify flow app connections'
10 Oct 2019 timeline
b'Shopify' disclosed a bug submitted by b'mariogh' 
b'Unauthenticated read and write access to ALL endpoints of a store is possible for removed staff members who had "Apps" permission'
10 Oct 2019 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'alyssa_herrera' 
b'PII leakage-Full SSN on ???'
10 Oct 2019 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'alyssa_herrera' 
b'Partial SSN exposed through Presentation slides on ??????????'
10 Oct 2019 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'ragnar' 
b'MSSQL injection via param Customwho in https://?????/News/Transcripts/Search/Sort/ and WAF bypass'
10 Oct 2019 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'warsong' 
b'RCE on https://?????/ Using CVE-2017-9248'
10 Oct 2019 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'mason357' 
b'Examples directory is PUBLIC on https://????????mil, leading to multiple vulns'
10 Oct 2019 timeline
b'New Relic' disclosed a bug submitted by b'lamscun' 
b'Can fake content email of newrelic to any user'
10 Oct 2019 timeline
b'LocalTapiola' disclosed a bug submitted by b'geeknik' 
b'Non-secure requests to www.lahitapiola.fi are not automatically upgraded to HTTPS'
09 Oct 2019 timeline
b'Kartpay' disclosed a bug submitted by b'0xche' 
b'Bypass _token in forms [Merchant.Kartpay.com ]'
09 Oct 2019 timeline
b'Omise' disclosed a bug submitted by b'elmahdi' 
b"Found Origin IP's Lead To Access To [ Grafana Instance , PgHero Instance [ Can SQL Injection ] "
09 Oct 2019 timeline
b'Valve' disclosed a bug submitted by b'chippy' 
b'Malformed .MDL triggers an Access Violation on GoldSRC (hl.exe)'
09 Oct 2019 timeline
b'Valve' disclosed a bug submitted by b'shayhelman' 
b'Panorama UI XSS leads to Remote Code Execution via Kick/Disconnect Message'
08 Oct 2019 timeline
1 ... 382 383 384 385 386 ... 752
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM