Published Security Advisories

A list of all publicly disclosed vulnerabilities I discovered. Click Here

See also my blog for more details on the individual vulnerabilities.


Time to Patch Statistics

In my security advisories I keep record of the time a vendor or open source project needed to provide a fix or patch for the vulnerability I reported (time to patch). Here are some time to patch statistics of the vulnerabilities I reported so far. Click Here


Upcoming Security Advisories

A partial list of vulnerabilities I discovered that are yet to be publicly disclosed. The affected vendor has been contacted on the specified date. Once the flaws have been rectified, I will provide a detailed advisory for it. Click Here


Signature PGP Key

All advisories are PGP-signed. You can download the PGP key here.


Vulnerability Disclosure Process

If you are a vendor please take some time to read my Responsible Disclosure Policy document for further details on the advisory process.