the unofficial HackerOne disclosure timeline.

X
b'pixiv' disclosed a bug submitted by b'katsuragicsl' 
b'Open redirect protection (https://www.pixiv.net/jump.php) is broken for novels'
01 Oct 2019 timeline
b'Starbucks' disclosed a bug submitted by b'bobrov' 
b'[mena.starbucks.com] Laravel App Log & Configuration Disclosure.'
30 Sep 2019 timeline
b'Starbucks' disclosed a bug submitted by b'k3mlol' 
b'Starbucks China Android app cloud storage service leaks a credential.'
30 Sep 2019 timeline
b'OpenSSL (IBB)' disclosed a bug submitted by b'jorandirkgreef' 
b'ChaCha20-Poly1305 with long nonces'
30 Sep 2019 timeline
b'HackerOne' disclosed a bug submitted by b'japz' 
b'Manipulate hacker profile and private program hacktivity to expose your name as researchers who is actively submitting reports with resolve status'
29 Sep 2019 timeline
b'Mail.ru' disclosed a bug submitted by b'taraszelyk' 
b'Avatar upload allows arbitrary file overwriting'
28 Sep 2019 timeline
b'Mail.ru' disclosed a bug submitted by b'elmahdi' 
b'Blind SSRF [ Sentry Misconfiguraton ]'
27 Sep 2019 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'root_pwn' 
b'Criticals Stored (XSS) at - 7TH AIR FORCE'
27 Sep 2019 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'3la2kb' 
b'Application level denial of service due to shutting down the server '
27 Sep 2019 timeline
b'Twitter' disclosed a bug submitted by b'antisocial_eng' 
b'Ability to perform actions (Tweet, Retweet, DM) and other actions, unauthenticated, on any account with SMS enabled.'
26 Sep 2019 timeline
b'Valve' disclosed a bug submitted by b'xi-tauw' 
b'Arbitrary file creation with semi-controlled content (leads to DoS, EoP and others) at Steam Windows Client'
26 Sep 2019 timeline
b'The Internet' disclosed a bug submitted by b'tiran' 
b'Silent omission of certificate hostname verification in LibreSSL and BoringSSL'
26 Sep 2019 timeline
b'The Internet' disclosed a bug submitted by b'adam_iwaniuk' 
b'CVE-2019-5736: Escape from Docker and Kubernetes containers to root on host'
26 Sep 2019 timeline
b'The Internet' disclosed a bug submitted by b'mehqq' 
b'Exim off-by-one RCE vulnerability'
26 Sep 2019 timeline
b'The Internet' disclosed a bug submitted by b'pnig0s' 
b'Mercurial git subrepo lead to arbritary command injection'
26 Sep 2019 timeline
b'Maker Ecosystem Growth Holding' disclosed a bug submitted by b'lucash-dev' 
b'Steal all MKR from `flap` during liquidation by exploiting lack of validation in `flap.kick`'
26 Sep 2019 timeline
b'phpBB' disclosed a bug submitted by b'hanno' 
b'CSS injection via BB code tag "?????"'
26 Sep 2019 timeline
b'Twitter' disclosed a bug submitted by b'deeptiman' 
b'Periscope-all Firebase database takeover'
25 Sep 2019 timeline
b'Perl (IBB)' disclosed a bug submitted by b'jkrshnmenon' 
b'Integer overflow leading to buffer overflow'
25 Sep 2019 timeline
b'SEMrush' disclosed a bug submitted by b'farmsec_alice' 
b'Github information leaked'
25 Sep 2019 timeline
1 ... 400 401 402 403 404 ... 765
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM