These are some of the security advisories I published during the last years. Most of them were released on BugTraq, my blog or on this repository.

11/04/2016Modem interface exposed via USB on Samsung smartphonesCVE-2016-4030, CVE-2016-4031, CVE-2016-4032
24/02/2016URL filtering bypass in Samsung module 'secfilter'CVE-2016-2567
02/02/2016Exposed provider and SQLi in SecEmailSyncCVE-2016-2565, CVE-2016-2566
20/01/2016URL filtering in kernel land: what could possibly go wrong?CVE-2016-2036
12/01/2016Multiple vulnerabilities in Samsung SRN camerasCVE-2015-8279, CVE-2015-8280, CVE-2015-8281
10/11/2015Remote stack overflow on D-Link cameras
06/11/2015Remote arbitrary file read on Huawei CPEsCVE-2015-7254
02/11/2015ZipFury: Yet another Zip arbitrary file write with system privilegesCVE-2015-8780
30/09/2015Huawei password schemes: Episode 3CVE-2015-8085, CVE-2015-8086
13/08/2015Security issue in kextCVE-2015-5763
13/08/2015Kernel memory leak in OS X Bluetooth subsystemCVE-2015-3780
30/06/2015Type confusion in XPC service systemstatsdCVE-2015-3718
30/06/2015Multiple NULL pointer dereferences in IOFireWireFamilyCVE-2015-3707
30/06/2015Multiple vulnerabilities in AppleMCCSCVE-2015-3691
30/06/2015LPE Issue in IOBluetoothHCIUserClientCVE-2015-3683
12/01/2015Multiple security issues in OS X Bluetooth driverCVE-2014-8837
30/10/2014Mac OS X local privilege escalation (IOBluetoothFamily)
07/07/2014Backdoor access to Techboard/Syac devices
24/04/2014Weak firmware encryption and predictable WPA key on Sitecom routers
24/03/2014Remote code execution on Praim thin client devices
19/08/2013Multiple vulnerabilities on Sitecom N300/N600 devices
05/08/2013Huawei B153 3G/UMTS router WPS weakness
01/08/2013Multiple vulnerabilities on D-Link DIR-645 devicesCVE-2013-7389
11/07/2013Hard-coded accounts on multiple network cameras
03/06/2013Unauthenticated command execution on Netgear DGN devices
06/05/2013Multiple buffer overflows on Huawei SNMPv3 serviceCVE-2013-4630
29/03/2013Authentication bypass on Netgear WNR1000
28/02/2013Unauthenticated remote access to D-Link DIR-645 devices
30/01/2013Unauthenticated remote access to D-Link DCS cameras
13/11/2012Weak password encryption on Huawei productsCVE-2012-4960
12/10/2012Hard-coded credentials and command-injection vulnerabilities on BigPond 3G21WB
11/09/2012Multiple vulnerabilities in Ezylog photovoltaic management serverCVE-2012-5861
08/02/2012Unauthenticated remote code execution on D-Link ShareCenter products
12/10/2011ZOHO ManageEngine ADSelfService Plus Administrative AccessCVE-2011-3485
09/06/2011Multiple vulnerabilities in several IP camera products
17/05/2011Linux Kernel 2.6.38 Remote NULL Pointer DereferenceCVE-2011-1927