Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'83 
b'linkks'75 
b'jobert'70 
b'nyymi'62 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'Zendesk' disclosed a bug submitted by b'rubyroobs' 
b'Leaked artifactory_key, artifactory_api_key, and gcloud refresh_token via GitHub.'
23 Apr 2019 timeline
b'Revive Adserver' disclosed a bug submitted by b'mbeccati' 
b'Deserialization of Untrusted Data in www/delivery/adxmlrpc.php'
23 Apr 2019 timeline
b'Revive Adserver' disclosed a bug submitted by b'mbeccati' 
b'Deserialization of Untrusted Data in www/delivery/dxmlrpc.php'
23 Apr 2019 timeline
b'Revive Adserver' disclosed a bug submitted by b'sumni' 
b'Open redirect in switch account functionality'
23 Apr 2019 timeline
b'Grammarly' disclosed a bug submitted by b'metnew' 
b'`open-url` command allows opening unlimited number of tabs pointing to arbitrary URLs'
23 Apr 2019 timeline
b'HackerOne' disclosed a bug submitted by b'spaceraccoon' 
b'Unreleased CTF Levels are Revealed on /group/user/ID1?user=USERID endpoint'
23 Apr 2019 timeline
b'Shipt' disclosed a bug submitted by b'mdspr99' 
b'Sensitive Clickjacking on admin login page.'
22 Apr 2019 timeline
b'Monero' disclosed a bug submitted by b'organdonor1' 
b'RingCT malformed tx prevents target from being able to sweep balance'
20 Apr 2019 timeline
b'GitLab' disclosed a bug submitted by b'jobert' 
b'JSON serialization of any Project model results in all Runner tokens being exposed through Quick Actions'
20 Apr 2019 timeline
b'concrete5' disclosed a bug submitted by b'hexife' 
b'SVG file that HTML Included is able to upload via File Manager'
20 Apr 2019 timeline
b'HackerOne' disclosed a bug submitted by b'constructor2019' 
b'Homograph attack in escalate report'
19 Apr 2019 timeline
b'Twitter' disclosed a bug submitted by b'terjanq' 
b'Protected tweets exposure through the URL'
19 Apr 2019 timeline
b'GitLab' disclosed a bug submitted by b'rijalrojan' 
b'Full access to internal Gitlab instances at redash.gitlab.com, dashboards.gitlab.com, prometheus.gitlab.com'
19 Apr 2019 timeline
b'Shopify' disclosed a bug submitted by b'filedescriptor' 
b'H1514 DOMXSS on Embedded SDK via Shopify.API.setWindowLocation abusing cookie Stuffing'
17 Apr 2019 timeline
b'Nextcloud' disclosed a bug submitted by b'foobar7' 
b'Talk / spreed: Disclosure of Room names and participants for password protected rooms'
17 Apr 2019 timeline
b'Central Security Project' disclosed a bug submitted by b'amassey' 
b'c3p0 may be exploited by a Billion Laughs Attack when loading XML configuration'
16 Apr 2019 timeline
b'Zomato' disclosed a bug submitted by b'pasw' 
b'[api.zomato.com] Able to manipulate order amount'
16 Apr 2019 timeline
b'Zomato' disclosed a bug submitted by b'vipinbihari' 
b'Bypassing the SMS sending limit for download app link.'
16 Apr 2019 timeline
b'Zomato' disclosed a bug submitted by b'vipinbihari' 
b'Sending Unlimited Emails to anyone from zomato mail server.'
16 Apr 2019 timeline
b'Razer US' disclosed a bug submitted by b'abdilahrf_' 
b'Jenkins instance exposed without authentication'
15 Apr 2019 timeline
1 ... 403 404 405 406 407 ... 738
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM