Security Advisories I've Published

A list of all publicly disclosed vulnerabilities I discovered.

See also my blog for more details on the individual vulnerabilities.

Time to Patch Statistics

In my security advisories I keep record of the time a vendor or open source project needed to provide a fix or patch for the vulnerability I reported (time to patch). For some time to patch statistics of the vulnerabilities I reported click here.

Upcoming Security Advisories

A partial list of vulnerabilities I discovered that are yet to be publicly disclosed. The affected vendor has been contacted on the specified date. Once the flaws have been rectified, I will provide a detailed advisory for it.

Signature PGP Key

All my advisories are PGP-signed. You can download the PGP key here.

Vulnerability Disclosure Process

If you are a vendor please take some time to read my Responsible Disclosure Policy document for further details on the advisory process.