Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'84 
b'linkks'75 
b'jobert'70 
b'nyymi'65 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'Cuvva' disclosed a bug submitted by b'badcracker' 
b'Unclaimed facebook page at www.cuvva.com/about'
25 Jun 2019 timeline
b'Upserve ' disclosed a bug submitted by b'gamer7112' 
b'DOM Based XSS via postMessage at https://inventory.upserve.com/login/'
25 Jun 2019 timeline
b'Mail.ru' disclosed a bug submitted by b's_p_q_r' 
b'[e.mail.ru] XSS ? ??????'
25 Jun 2019 timeline
b'SEMrush' disclosed a bug submitted by b'fransrosen' 
b'Remote Code Execution on www.semrush.com/my_reports on Logo upload'
24 Jun 2019 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'toannc123' 
b'[serve-here.js] List any file in the folder by using path traversal.'
24 Jun 2019 timeline
b'Tube8' disclosed a bug submitted by b'tony_tsep' 
b'SSRF and local file disclosure by video upload on https://www.tube8.com/'
24 Jun 2019 timeline
b'YouPorn' disclosed a bug submitted by b'tony_tsep' 
b'SSRF and local file disclosure by video upload on http://www.youporn.com/'
24 Jun 2019 timeline
b'Twitter' disclosed a bug submitted by b'seifelsallamy' 
b'Verify any unused email address'
24 Jun 2019 timeline
b'Razer US' disclosed a bug submitted by b'lawway' 
b'DLL Hijacking Vulnerability in synapse-2'
23 Jun 2019 timeline
b'Khan Academy' disclosed a bug submitted by b'dermeister' 
b'Sensitive information/action is stored/done is done using a GET request'
23 Jun 2019 timeline
b'Automattic' disclosed a bug submitted by b'dermeister' 
b'Broken Authentication - Security token gets captured via man in the middle attack'
22 Jun 2019 timeline
b'Automattic' disclosed a bug submitted by b'dermeister' 
b'Captcha bypass for the most important function - At en.instagram-brand.com'
22 Jun 2019 timeline
b'Automattic' disclosed a bug submitted by b'dermeister' 
b'Cross Domain leakage of sensitive information - Leading to Account Takeover at Instagram Brand'
22 Jun 2019 timeline
b'Automattic' disclosed a bug submitted by b'dermeister' 
b'Authentication Bypass - Chaining two vulnerabilities leads to account takeover at en.instagram-brand.com'
22 Jun 2019 timeline
b'Trint Ltd' disclosed a bug submitted by b'dhakalananda' 
b'IDOR in changing shared file name'
22 Jun 2019 timeline
b'Slack' disclosed a bug submitted by b'freem0' 
b'Information leakage and default open port'
22 Jun 2019 timeline
b'Rocket.Chat' disclosed a bug submitted by b'theappsec' 
b'Broken access control on apps '
22 Jun 2019 timeline
b'Infogram' disclosed a bug submitted by b'theappsec' 
b'Stored XSS in infogram.com via language '
22 Jun 2019 timeline
b'Khan Academy' disclosed a bug submitted by b'rlaneth' 
b'Cross-Site Request Forgery (CSRF) vulnerability on API endpoint allows account takeovers'
22 Jun 2019 timeline
b'ecobee' disclosed a bug submitted by b'prinsfrank' 
b'Open API - AWS S3 GET Bucket (List Objects) Version 1'
21 Jun 2019 timeline
1 ... 400 401 402 403 404 ... 746
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM