Top10 publishers:
b'bobrov'117 
b'sp1d3rs'86 
b'geeknik'80 
b'linkks'75 
b'jobert'70 
b'someonenobbd'62 
b'nyymi'56 
b'ooooooo_q'50 
b'jon_bottarini'49 
b'haxta4ok00'48 

the unofficial HackerOne disclosure timeline.

X
b'Nextcloud' disclosed a bug submitted by b'rullzer' 
b'Issuer not verified from obtained token in user_oidc '
23 Aug 2023 timeline
b'Nextcloud' disclosed a bug submitted by b'rullzer' 
b'App stores client secret unencrypted in database'
23 Aug 2023 timeline
b'Nextcloud' disclosed a bug submitted by b'rullzer' 
b"Text does not respect 'Allow download' permissions"
23 Aug 2023 timeline
b'Node.js' disclosed a bug submitted by b'leodog896' 
b'Dependency Policy Bypass via process.binding'
23 Aug 2023 timeline
b'HackerOne' disclosed a bug submitted by b'sudi' 
b'Bypass of #2035332 RXSS at image.hackerone.live via the `url` parameter'
22 Aug 2023 timeline
b'Nintendo' disclosed a bug submitted by b'crazy_man123' 
b'[WiiU/Switch] nullptr dereference in the ENL framework'
22 Aug 2023 timeline
b'Radancy' disclosed a bug submitted by b'kalendra456' 
b'Cross-origin resource sharing: arbitrary origin trusted'
22 Aug 2023 timeline
b'Radancy' disclosed a bug submitted by b'h03' 
b'insecure storage of information, you can view any file uploaded to the server without authentication and only with a single link'
21 Aug 2023 timeline
b'Rockstar Games' disclosed a bug submitted by b'floorball' 
b'Insecure Direct Object Reference allows Crew Invite deletion'
17 Aug 2023 timeline
b'Nintendo' disclosed a bug submitted by b'crazy_man123' 
b'[MK8DX] Improper metadata validation 2'
17 Aug 2023 timeline
b'Nintendo' disclosed a bug submitted by b'crazy_man123' 
b'[MK8DX] Improper metadata parsing'
17 Aug 2023 timeline
b'Node.js' disclosed a bug submitted by b'mattaustin' 
b'Permissions policies can be bypassed via Module._load.'
16 Aug 2023 timeline
b'Ruby on Rails' disclosed a bug submitted by b'ooooooo_q' 
b'Unexpected deserialization in Kredis'
16 Aug 2023 timeline
b'TikTok' disclosed a bug submitted by b'ashrafabdelrazik' 
b'CRLF to XSS & Open Redirection'
16 Aug 2023 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'ooooooo_q' 
b'CVE-2023-36617: ReDoS vulnerability in URI (Ruby)'
15 Aug 2023 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'ooooooo_q' 
b'[CVE-2023-27531] Possible Deserialization of Untrusted Data vulnerability in Kredis JSON'
15 Aug 2023 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'ooooooo_q' 
b'[CVE-2023-27539] Possible Denial of Service Vulnerability in Racks header parsing'
15 Aug 2023 timeline
b'Internet Bug Bounty' disclosed a bug submitted by b'addisoncrump' 
b' Cargo not respecting umask when extracting crate archives'
15 Aug 2023 timeline
b'Node.js' disclosed a bug submitted by b'tniessen' 
b'Renaming/aliasing relative symbolic links potentially redirects them to supposedly inaccessible locations'
15 Aug 2023 timeline
b'Yelp' disclosed a bug submitted by b'lil_endian' 
b'yelp.com XSS ATO (via login keylogger, link Google account)'
15 Aug 2023 timeline
1 ... 48 49 50 51 52 ... 717
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM