the unofficial HackerOne disclosure timeline.

X
b'Twitter' disclosed a bug submitted by b'updatelap' 
b'Reports Modal in app.mopub.com Disclose by any user'
02 Oct 2019 timeline
b'GitLab' disclosed a bug submitted by b'petee' 
b'Privilege escalation due to insecure use of logrotate'
01 Oct 2019 timeline
b'TTS Bug Bounty' disclosed a bug submitted by b'manshum12' 
b'Stealing Users OAuth Tokens through redirect_uri parameter'
01 Oct 2019 timeline
b'Maker Ecosystem Growth Holding' disclosed a bug submitted by b'lucash-dev' 
b'Steal ALL collateral during liquidation by exploiting lack of validation in `flip.kick`'
01 Oct 2019 timeline
b'TomTom' disclosed a bug submitted by b'sbakhour' 
b'Anonymous user login to Nexus Repository Manager '
01 Oct 2019 timeline
b'ZEIT' disclosed a bug submitted by b'sbakhour' 
b'Stored XSS on Zeit.co user profile'
01 Oct 2019 timeline
b'GitLab' disclosed a bug submitted by b'abdilahrf_' 
b'Clientside resource Exhausting by exploiting gitlab math rendering '
01 Oct 2019 timeline
b'GitLab' disclosed a bug submitted by b'xanbanx' 
b'Bypassing push rules via MRs created by Email'
01 Oct 2019 timeline
b'GitLab' disclosed a bug submitted by b'xanbanx' 
b'Last pipeline status for MR leaked '
01 Oct 2019 timeline
b'pixiv' disclosed a bug submitted by b'katsuragicsl' 
b'Open redirect protection (https://www.pixiv.net/jump.php) is broken for novels'
01 Oct 2019 timeline
b'Starbucks' disclosed a bug submitted by b'bobrov' 
b'[mena.starbucks.com] Laravel App Log & Configuration Disclosure.'
30 Sep 2019 timeline
b'Starbucks' disclosed a bug submitted by b'k3mlol' 
b'Starbucks China Android app cloud storage service leaks a credential.'
30 Sep 2019 timeline
b'OpenSSL (IBB)' disclosed a bug submitted by b'jorandirkgreef' 
b'ChaCha20-Poly1305 with long nonces'
30 Sep 2019 timeline
b'HackerOne' disclosed a bug submitted by b'japz' 
b'Manipulate hacker profile and private program hacktivity to expose your name as researchers who is actively submitting reports with resolve status'
29 Sep 2019 timeline
b'Mail.ru' disclosed a bug submitted by b'taraszelyk' 
b'Avatar upload allows arbitrary file overwriting'
28 Sep 2019 timeline
b'Mail.ru' disclosed a bug submitted by b'elmahdi' 
b'Blind SSRF [ Sentry Misconfiguraton ]'
27 Sep 2019 timeline
b'U.S. Dept Of Defense' disclosed a bug submitted by b'root_pwn' 
b'Criticals Stored (XSS) at - 7TH AIR FORCE'
27 Sep 2019 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'3la2kb' 
b'Application level denial of service due to shutting down the server '
27 Sep 2019 timeline
b'Twitter' disclosed a bug submitted by b'antisocial_eng' 
b'Ability to perform actions (Tweet, Retweet, DM) and other actions, unauthenticated, on any account with SMS enabled.'
26 Sep 2019 timeline
b'Valve' disclosed a bug submitted by b'xi-tauw' 
b'Arbitrary file creation with semi-controlled content (leads to DoS, EoP and others) at Steam Windows Client'
26 Sep 2019 timeline
1 ... 400 401 402 403 404 ... 766
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM