Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'58 
b'ooooooo_q'52 
b'haxta4ok00'49 
b'jon_bottarini'49 

the unofficial HackerOne disclosure timeline.

X
b'Node.js third-party modules' disclosed a bug submitted by b'bl4de' 
b'[query-mysql] SQL Injection due to lack of user input sanitization allows to run arbitrary SQL queries when fetching data from database'
19 May 2018 timeline
b'Coursera' disclosed a bug submitted by b'nohack' 
b'No Password Verification on Changing Email Address Cause Account takeover '
19 May 2018 timeline
b'QIWI' disclosed a bug submitted by b'bigbear_' 
b'[wallet.rapida.ru] Mass SMS flood'
18 May 2018 timeline
b'Twitter' disclosed a bug submitted by b'filedescriptor' 
b'Highly wormable clickjacking in player card'
17 May 2018 timeline
b'ExpressionEngine' disclosed a bug submitted by b'lawrenceamer' 
b'Import File Converter - local File inclusion '
17 May 2018 timeline
b'Starbucks' disclosed a bug submitted by b'samidrif' 
b'Leaking sensitive files on Github leads to internal files (python scripts,SQL files)'
17 May 2018 timeline
b'Nextcloud' disclosed a bug submitted by b'cybertiger' 
b'Banner Grabbing - Apache Server Version Disclousure'
17 May 2018 timeline
b'Nextcloud' disclosed a bug submitted by b'kistimat' 
b'Banner Grabbing - Apache Server Version Disclosure'
17 May 2018 timeline
b'Nextcloud' disclosed a bug submitted by b'mobius07' 
b'Information Exposure Through Directory Listing'
17 May 2018 timeline
b'Reverb.com' disclosed a bug submitted by b'albatraoz' 
b"Api token exposed in Reverb.com's public github repository"
16 May 2018 timeline
b'Mail.Ru' disclosed a bug submitted by b's_p_q_r' 
b'[e.mail.ru] XSS ?? ???????? ???????? ????????? ????????'
16 May 2018 timeline
b'Data Processing (IBB)' disclosed a bug submitted by b'geeknik' 
b"Out of bounds read in libcurl's IMAP FETCH response parser"
16 May 2018 timeline
b'Data Processing (IBB)' disclosed a bug submitted by b'geeknik' 
b' CVE-2017-1000101: cURL: URL globbing out of bounds read'
16 May 2018 timeline
b'Data Processing (IBB)' disclosed a bug submitted by b'geeknik' 
b'heap-buffer-overflow (buffer read overrun) in curl: ourWriteOut() src/tool_writeout.c:115'
16 May 2018 timeline
b'Shopify' disclosed a bug submitted by b'flashdisk' 
b'ability to install paid themes for free'
16 May 2018 timeline
b'Reverb.com' disclosed a bug submitted by b'apapedulimu' 
b'Bypassing CSRF Token On Reply Message & Send Message'
15 May 2018 timeline
b'Vimeo' disclosed a bug submitted by b'bugdiscloseguys' 
b"Improper Authentication in Vimeo's API 'versions' endpoint."
15 May 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'ronperris' 
b'The react-marked-markdown module allows XSS injection in href values.'
13 May 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'chalker' 
b'`base64-url` below 2.0 allocates uninitialized Buffers when number is passed in input'
12 May 2018 timeline
b'Node.js third-party modules' disclosed a bug submitted by b'chalker' 
b'`sql` does not properly escape parameters when building SQL queries, resulting in potential SQLi'
12 May 2018 timeline
1 ... 449 450 451 452 453 ... 727
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM