Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'84 
b'linkks'75 
b'jobert'70 
b'nyymi'64 
b'someonenobbd'62 
b'ooooooo_q'54 
b'guido'50 
b'haxta4ok00'49 

the unofficial HackerOne disclosure timeline.

X
b'New Relic' disclosed a bug submitted by b'hackerone77-222' 
b'DNS misconfiguration on email.alerts.newrelic.com'
17 Sep 2018 timeline
b'BOHEMIA INTERACTIVE a.s.' disclosed a bug submitted by b'meals' 
b'IDOR to view User Order Information'
17 Sep 2018 timeline
b'BOHEMIA INTERACTIVE a.s.' disclosed a bug submitted by b'meals' 
b'217.147.95.145 NFS Exposed with Zeus Server configs'
17 Sep 2018 timeline
b'Zomato' disclosed a bug submitted by b'akhil-reni' 
b'[www.zomato.com] Tampering with Order Quantity and paying less amount then actual amount, leads to business loss'
17 Sep 2018 timeline
b'Uber' disclosed a bug submitted by b'mefkan' 
b'Reflected XSS on Partners Subdomain'
16 Sep 2018 timeline
b'Greenhouse.io' disclosed a bug submitted by b'irvinlim' 
b'Cache poisoning using NULL bytes and long URLs'
16 Sep 2018 timeline
b'Greenhouse.io' disclosed a bug submitted by b'irvinlim' 
b'Bypass of request line length limit to DoS via cache poisoning'
16 Sep 2018 timeline
b'BOHEMIA INTERACTIVE a.s.' disclosed a bug submitted by b'ethancruize' 
b'Stealing Users OAUTH Tokens via redirect_uri '
14 Sep 2018 timeline
b'Dropbox' disclosed a bug submitted by b'todayisnew' 
b'Exposed Git Repo at http://fileserver.dropboxbusiness.com'
14 Sep 2018 timeline
b'Shipt' disclosed a bug submitted by b's3cur3' 
b'Any user can completely delete their own account without authorization and/or going through any kind of membership cancellation protocol.'
12 Sep 2018 timeline
b'OV-chipkaart' disclosed a bug submitted by b'bandjes' 
b'Personal data of all Dutch public transport cards ("OV-Chipkaart") accessible'
11 Sep 2018 timeline
b'HubSpot' disclosed a bug submitted by b'm7mdharoun' 
b'Reflected XSS and Server Side Template Injection in all HubSpot CMSes'
11 Sep 2018 timeline
b'Grabtaxi Holdings Pte Ltd' disclosed a bug submitted by b'xsam' 
b'Leaking sensitive information on Github lead full access to all Grab Slack channels '
11 Sep 2018 timeline
b'Zomato' disclosed a bug submitted by b'gerben_javado' 
b'[www.zomato.com] SQLi - /php/?????????? - item_id'
11 Sep 2018 timeline
b'Zomato' disclosed a bug submitted by b'shivasurya' 
b'Phishing user to download malicious app could lead to leakage of User Access Token, Email, Name and Profile photo via exported RemoteService'
11 Sep 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'becojo' 
b'[express-cart] Customer and admin email enumeration through MongoDB injection'
10 Sep 2018 timeline
b'Ubiquiti Networks' disclosed a bug submitted by b'smiegles' 
b'Public Jenkins instance with /script enabled'
10 Sep 2018 timeline
b'Weblate' disclosed a bug submitted by b'str33' 
b'Open port leads to information disclosure'
10 Sep 2018 timeline
b'LocalTapiola' disclosed a bug submitted by b'lovepakistan' 
b'User Information Disclosure via the REST API - /?_method=GET'
10 Sep 2018 timeline
b'LocalTapiola' disclosed a bug submitted by b'lovepakistan' 
b'F5 BigIP Backend Cookie Disclosure'
10 Sep 2018 timeline
1 ... 445 446 447 448 449 ... 744
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM