Google Git
Sign in
android / platform / docs / source.android.com / dc15581cd922e7f9af57841ed95f18f2d7e5495b / . / en / security / overview / acknowledgements.html
blob: 52cb91dad2a67009f624d0e45e50ef27e56d0300 [file] [log] [blame]
<html devsite>
<head>
<title>Android Security Acknowledgements</title>
<meta name="project_path" value="/_project.yaml" />
<meta name="book_path" value="/_book.yaml" />
</head>
<body>
<!--
Copyright 2017 The Android Open Source Project
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<p>The Android Security Team would like to thank the following people and
parties for helping to improve Android security. They have done this either by
finding and responsibly reporting security vulnerabilities through the AOSP bug
tracker <a
href="https://www.google.com/appserve/security-bugs/m2/new">Security
bug report</a> template or by committing code that has a positive
impact on Android security, including code that qualifies
for the <a href="https://www.google.com/about/appsecurity/patch-rewards/">Patch
Rewards</a> program.</p>
<h2 id="2019">2019</h2>
<p>Starting in 2018 and continuing in 2019, the security acknowledgements are listed by month.
In prior years, acknowledgements were listed together.
</p>
<h4 id="jan-2019">January</h4>
<table>
<col width="85%">
<col width="15%">
<tr>
<th>Researchers</th>
<th>CVEs</th>
</tr>
<tr>
<td>Chong Wang (<a
href="https://www.weibo.com/csddl" class="external">weibo.com/csddl</a>)
of Chengdu Security Response Center, Qihoo 360 Technology Co. Ltd.
</td>
<td>CVE-2018-9589</td>
</tr>
<tr>
<td>D2.Y.P of NON Team</td>
<td>CVE-2018-9594</td>
</tr>
<tr>
<td><a
href="https://www.linkedin.com/in/dzima"
class="external">Dzmitry Lukyanenka</a></td>
<td>CVE-2018-9587</td>
</tr>
<tr>
<td><a href="mailto:[email protected]" class="external">Hanxiang Wen</a>
and Mingjian Zhou (周明建) (<a href="https://twitter.com/Mingjian_Zhou"
class="external">@Mingjian_Zhou</a>)
of <a href="http://c0reteam.org/" class="external">C0RE Team</a></td>
<td>CVE-2018-6241</td>
</tr>
<tr>
<td>Jann Horn of Google Project Zero</td>
<td>CVE-2018-17182, CVE-2018-18281</td>
</tr>
<tr>
<td>Maddie Stone of Google</td>
<td>CVE-2018-9586</td>
</tr>
<tr>
<td>Niky1235 (<a href="https://twitter.com/jiych_guru"
class="external">@jiych_guru</a>)
</td>
<td>CVE-2018-9584</td>
</tr>
<tr>
<td>Ricky Wai of Google</td>
<td>CVE-2018-9582</td>
</tr>
<tr>
<td>Yongke Wang (王永科)
(<a href="https://twitter.com/rudykewang" class="external">@Rudykewang</a>)
and Xiangqian Zhang (张向前)
(<a href="https://twitter.com/h3rb0x" class="external">@h3rb0x</a>) of
<a href="https://xlab.tencent.com/en/" class="external">Tencent Security
Xuanwu Lab</a></td>
<td>CVE-2018-9585, CVE-2018-9588</td>
</tr>
<tr>
<td>Zinuo Han (<a href="http://weibo.com/ele7enxxh"
class="external">weibo.com/ele7enxxh</a>)
of Chengdu Security Response Center, Qihoo 360 Technology Co. Ltd.</td>
<td>CVE-2018-9583, CVE-2018-9590, CVE-2018-9591, CVE-2018-9592, CVE-2018-9593</td>
</tr>
</table>
<h2 id="2018">2018</h2>
<p>In 2018, the security acknowledgements are listed by month. In prior years,
acknowledgements were listed together.</p>
<h4 id="dec-2018">December</h4>
<table>
<tr>
<th>Researchers</th>
<th>CVEs</th>
</tr>
<tr>
<td>Baozeng Ding (<a href="https://twitter.com/sploving1" class="external">@sploving1</a>)
</td>
<td>CVE-2017-18320</td>
</tr>
<tr>
<td>Daniel Micay (<a href="https://twitter.com/DanielMicay" class="external">@DanielMicay</a>)
</td>
<td>CVE-2018-9567</td>
</tr>
<tr>
<td>Hao Chen and Guang Gong of Alpha Team, Qihoo 360 Technology Co. Ltd.</td>
<td>CVE-2018-9557</td>
</tr>
<tr>
<td>Joydeep Mitra and Venkatesh-Prasad Ranganath of Ghera project at
Kansas State University, USA</td>
<td>CVE-2018-9548</td>
</tr>
<tr>
<td>Mingjian Zhou (周明建) (
<a href="https://twitter.com/Mingjian_Zhou"
class="external">@Mingjian_Zhou</a>)
of <a href="http://c0reteam.org/" class="external">C0RE Team</a></td>
<td>CVE-2018-9547</td>
</tr>
<tr>
<td>Newroot (<a href="https://twitter.com/newroot" class="external">@newroot</a>)</td>
<td>CVE-2018-9560</td>
</tr>
<tr>
<td>Scott Bauer (<a href="https://twitter.com/ScottyBauer1" class="external">@ScottyBauer1</a>)</td>
<td>CVE-2018-9555, CVE-2018-9558, CVE-2018-9566</td>
</tr>
<tr>
<td>Yong Wang (王勇) (<a href="https://twitter.com/ThomasKing2014" class="external">@ThomasKing2014</a>)
of Alibaba Inc.</td>
<td>CVE-2018-9568</td>
</tr>
<tr>
<td>Zinuo Han (<a href="http://weibo.com/ele7enxxh"
class="external">weibo.com/ele7enxxh</a>)
of Chengdu Security Response Center, Qihoo 360 Technology Co. Ltd.</td>
<td>CVE-2018-9549, CVE-2018-9552, CVE-2018-9553, CVE-2018-9562</td>
</tr>
</table>
<h4 id="nov-2018">November</h4>
<table>
<tr>
<th>Researchers</th>
<th>CVEs</th>
</tr>
<tr>
<td><a href="https://twitter.com/amarekano" class="external">Amar
Menezes</a> of <a href="https://labs.mwrinfosecurity.com/"
class="external">MWR Labs</a></td>
<td>CVE-2018-9524</td>
</tr>
<tr>
<td>Elphet and Gong Guang of Alpha Team, Qihoo 360 Technology Co. Ltd.</td>
<td>CVE-2018-9569, CVE-2018-9570, CVE-2018-9573, CVE-2018-9576,
CVE-2018-9577</td>
</tr>
<tr>
<td>En He (<a href="https://twitter.com/@heeeeen4x"
class="external">@heeeeen4x</a>) and Bo Liu of MS509Team
(<a href="http://www.ms509.com" class="external">www.ms509.com</a>)</td>
<td>CVE-2018-9457</td>
</tr>
<tr>
<td>Joshua Laney of Deja vu Security</td>
<td>CVE-2018-9542</td>
</tr>
<tr>
<td><a href="https://github.com/michalbednarski" class="external">Michał
Bednarski</a></td>
<td>CVE-2018-9522, CVE-2018-9523</td>
</tr>
<tr>
<td>Niky1235 (<a href="https://twitter.com/jiych_guru"
class="external">@jiych_guru</a>)</td>
<td>CVE-2018-9347</td>
</tr>
<tr>
<td>Tamir Zahavi-Brunner (<a href="https://twitter.com/tamir_zb"
class="external">@tamir_zb</a>)
of Zimperium zLabs Team</td>
<td>CVE-2018-9539</td>
</tr>
<tr>
<td>Xiaobo Xiang of IIE; Gong Guang of Alpha Team, Qihoo 360 Technology Co.
Ltd.</td>
<td>CVE-2018-9571, CVE-2018-9572, CVE-2018-9574, CVE-2018-9575</td>
</tr>
<tr>
<td>Yongke Wang
(<a href="https://twitter.com/rudykewang" class="external">@Rudykewang</a>)
and Xiangqian Zhang
(<a href="https://twitter.com/h3rb0x" class="external">@h3rb0x</a>) of
<a href="https://xlab.tencent.com/en/" class="external">Tencent Security
Xuanwu Lab</a></td>
<td>CVE-2018-9540, CVE-2018-9541</td>
</tr>
<tr>
<td>Zinuo Han(<a href="http://weibo.com/ele7enxxh"
class="external">weibo.com/ele7enxxh</a>)
of Chengdu Security Response Center, Qihoo 360 Technology Co. Ltd.</td>
<td>CVE-2018-9527, CVE-2018-9544, CVE-2018-9545, CVE-2018-9578</td>
</tr>
</table>
<h4 id="oct-2018">October</h4>
<table>
<tr>
<th>Researchers</th>
<th>CVEs</th>
</tr>
<tr>
<td>Abhishek Sidharthan (Amrita School of Engineering) and Pratheesh P
Narayanan (Sree Narayana Gurukulam College of Engineering)</td>
<td>CVE-2018-9452</td>
</tr>
<tr>
<td>Chong Wang (<a href="weibo.com/csddl">weibo.com/csddl</a>) of Chengdu
Security Response Center, Qihoo 360 Technology Co. Ltd.</td>
<td>CVE-2018-9503, CVE-2018-9505</td>
</tr>
<tr>
<td>Daniel Kachakil, Senior Security Consultant, IOActive</td>
<td>CVE-2018-9493, CVE-2018-9546</td>
</tr>
<tr>
<td>Guang Gong of Alpha Team, Qihoo 360 Technology Co. Ltd.</td>
<td>CVE-2018-9490</td>
</tr>
<tr>
<td>Jann Horn of Google Project Zero</td>
<td>CVE-2018-9514, CVE-2018-9515</td>
</tr>
<tr>
<td>Jianjun Dai (<a href="https://twitter.com/jioun_dai">@Jioun_dai</a>) and
Guang Gong (<a href="https://twitter.com/oldfresher">@oldfresher</a>) of
Alpha Team, Qihoo 360 Technology Co. Ltd</td>
<td>CVE-2017-13283</td>
</tr>
<tr>
<td><a href="https://github.com/michalbednarski">Michał Bednarski</a></td>
<td>CVE-2018-9492</td>
</tr>
<tr>
<td>Niky1235 (<a href="https://twitter.com/jiych_guru">@jiych_guru</a>)</td>
<td>CVE-2018-9473</td>
</tr>
<tr>
<td>Pengfei Ding (丁鹏飞) of Huawei Mobile Security Lab (华为移动安全实验室)</td>
<td>CVE-2018-9506, CVE-2018-9507</td>
</tr>
<tr>
<td><a href="https://linkedin.com/in/raywdude">Raymond Wang</a></td>
<td>CVE-2018-9501</td>
</tr>
<tr>
<td><a href="https://github.com/stze">Stephan Zeisberg</a> of <a
href="https://srlabs.de">Security Research Labs</a></td>
<td>CVE-2018-9497</td>
</tr>
<tr>
<td>Tamir Zahavi-Brunner (<a
href="https://twitter.com/tamir_zb">@tamir_zb</a>) of Zimperium zLabs Team</td>
<td>CVE-2018-9499</td>
</tr>
<tr>
<td>Yongke Wang (<a href="https://twitter.com/rudykewang">@Rudykewang</a>)
and Xiangqian Zhang (<a href="https://twitter.com/h3rb0x">@h3rb0x</a>) of <a
href="xlab.tencent.com">Tencent Security Xuanwu Lab</a></td>
<td>CVE-2018-9502, CVE-2018-9508, CVE-2018-9509, CVE-2018-9510</td>
</tr>
<tr>
<td>Zinuo Han (<a href="weibo.com/ele7enxxh">weibo.com/ele7enxxh</a>) of
Chengdu Security Response Center, Qihoo 360 Technology Co. Ltd.</td>
<td>CVE-2018-9476, CVE-2018-9498, CVE-2018-9504</td>
</tr>
</table>
<h4 id="sept-2018">September</h4>
<table>
<col width="70%">
<col width="30%">
<tr>
<th>Researchers</th>
<th>CVEs</th>
</tr>
<tr>
<td>Baozeng Ding (<a href="https://twitter.com/@sploving1"
class="external">@sploving1</a>), Chengming Yang, and Yang Song
of Alibaba Mobile Security Group</td>
<td>CVE-2018-9517</td>
</tr>
<tr>
<td>Chong Wang
(<a href="http://weibo.com/csddl" class="external">weibo.com/csddl</a>) of
Chengdu Security Response Center, Qihoo 360 Technology Co. Ltd.</td>
<td>CVE-2018-9480, CVE-2018-9481, CVE-2018-9482, CVE-2018-9485</td>
</tr>
<tr>
<td>Cusas of L.O. Team</td>
<td>CVE-2018-9440, CVE-2018-9467</td>
</tr>
<tr>
<td>Daniel Kachakil, Senior Security Consultant, IOActive</td>
<td>CVE-2018-9468</td>
</tr>
<tr>
<td>En He
(<a href="https://twitter.com/@heeeeen4x" class="external">@heeeeen4x</a>)
and Bo Liu of MS509Team
(<a href="http://www.ms509.com" class="external">ms509.com</a>)</td>
<td>CVE-2018-9475</td>
</tr>
<tr>
<td>Hector Cuesta Garcia
(<a href="https://twitter.com/hectorcuesta"
class="external">@HectorCuesta</a>) of Innotec System</td>
<td>CVE-2018-9470</td>
</tr>
<tr>
<td>Hongli Han
(<a href="https://twitter.com/hexb1n" class="external">@hexb1n</a>) and
Mingjian Zhou (周明建) (<a href="https://twitter.com/mingjian_zhou"
class="external">@Mingjian_Zhou</a>) of C0RE Team</td>
<td>CVE-2018-11261</td>
</tr>
<tr>
<td>Jann Horn of Google Project Zero</td>
<td>CVE-2018-9488</td>
</tr>
<tr>
<td>Jianjun Dai (<a href="https://twitter.com/jioun_dai"
class="external">@jioun_dai</a>) and Guang Gong
(<a href="https://twitter.com/@oldfresher" class="external">@oldfresher</a>)
of Alpha Team, Qihoo 360 Technology Co. Ltd.</td>
<td>CVE-2018-9478, CVE-2018-9479</td>
</tr>
<tr>
<td>Jianqiang Zhao (@jianqiangzhao) and pjf
(<a href="http://weibo.com/jfpan" class="external">weibo.com/jfpan</a>)
of IceSword Lab, Qihoo 360</td>
<td>CVE-2018-9516</td>
</tr>
<tr>
<td>M3, Inc.</td>
<td>CVE-2018-9469</td>
</tr>
<tr>
<td>Mingjian Zhou (周明建)
(<a href="https://twitter.com/@Mingjian_Zhou"
class="external">@Mingjian_Zhou</a>) of C0RE Team</td>
<td>CVE-2018-11816</td>
</tr>
<tr>
<td>Pengfei Ding (丁鹏飞) of Huawei Mobile Security Lab (华为移动安全实验室)</td>
<td>CVE-2018-9519</td>
</tr>
<tr>
<td>Tamir Zahavi-Brunner
(<a href="https://twitter.com/@tamir_zb" class="external">@tamir_zb</a>)
of Zimperium zLabs Team</td>
<td>CVE-2018-9411</td>
</tr>
<tr>
<td>Zinuo Han
(<a href="http://weibo.com/ele7enxxh" class="external">weibo.com/ele7enxxh</a>)
of Chengdu Security Response Center, Qihoo 360 Technology Co. Ltd.</td>
<td>CVE-2018-9471, CVE-2018-9474, CVE-2018-9483, CVE-2018-9484, CVE-2018-9486</td>
</tr>
</table>
<h4 id="aug-2018">August</h4>
<table>
<col width="70%">
<col width="30%">
<tr>
<th>Researchers</th>
<th>CVEs</th>
</tr>
<tr>
<td>Chao Dai @ L.O. Team</td>
<td>CVE-2018-9437</td>
</tr>
<tr>
<td><a href="weibo.com/csddl" class="external">Chong Wang</a> of Chengdu
Security Response Center, Qihoo 360 Technology Co. Ltd.</td>
<td>CVE-2018-9436, CVE-2018-9448, CVE-2018-9454, CVE-2018-9455</td>
</tr>
<tr>
<td>Dinesh Venkatesan (<a
href="https://twitter.com/malwareresearch" class="external">@malwareresearch</a>)
of Symantec</td>
<td>CVE-2017-13295</td>
</tr>
<tr>
<td><a href="https://www.linkedin.com/in/dzima" class="external">Dzmitry
Lukyanenka</a></td>
<td>CVE-2018-9459, CVE-2018-9461</td>
</tr>
<tr>
<td>En He
(<a href="https://twitter.com/heeeeen4x" class="external">@heeeeen4x</a>)
and Bo Liu of
<a href="http://www.ms509.com" class="external">MS509Team</a></td>
<td>CVE-2017-13242, CVE-2018-9457</td>
</tr>
<tr>
<td><a href="mailto:[email protected]" class="external">Francesco
Pinci</a></td>
<td>CVE-2018-9447</td>
</tr>
<tr>
<tr>
<td>Jann Horn of Google Project Zero</td>
<td>CVE-2018-9445</td>
</tr>
<tr>
<td>Joshua Steiner of Introne Apps</td>
<td>CVE-2017-13322</td>
</tr>
<tr>
<td>Scott Bauer
(<a href="https://twitter.com/ScottyBauer1" class="external">&#64;ScottyBauer1</a>)</td>
<td>CVE-2018-9441</td>
</tr>
<tr>
<td>Tencent Blade Team</td>
<td>CVE-2017-18306, CVE-2017-18307</td>
</tr>
<tr>
<td>Tong Lin (<a
href="mailto:[email protected]" class="external">[email protected]</a>)
and Mingjian Zhou (周明建)
(<a href="https://twitter.com/Mingjian_Zhou" class="external">@Mingjian_Zhou</a>)
of <a href="http://c0reteam.org" class="external">C0RE Team</a></td>
<td>CVE-2018-9439</td>
</tr>
<tr>
<td>V.E.O (<a href="https://twitter.com/vysea" class="external">@VYSEa</a>)
of <a
href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile/"
class="external">Mobile Security Research Team</a>,
<a href="http://www.trendmicro.com" class="external">Trend Micro</a></td>
<td>CVE-2018-9444</td>
</tr>
<tr>
<td><a href="weibo.com/ele7enxxh" class="external">Zinuo Han</a> of Chengdu
Security Response Center, Qihoo 360 Technology Co. Ltd.</td>
<td>CVE-2018-9435, CVE-2018-9446, CVE-2018-9449, CVE-2018-9450,
CVE-2018-9451, CVE-2018-9453</td>
</tr>
</table>
<h4 id="july-2018">July</h4>
<table>
<col width="70%">
<col width="30%">
<tr>
<th>Researchers</th>
<th>CVEs</th>
</tr>
<tr>
<td>Baozeng Ding (丁保增)
(<a href="https://twitter.com/sploving1">&#64;sploving</a>)
of Pandora Lab, Ali Security</td>
<td>CVE-2018-9422</td>
</tr>
<tr>
<td>Billy Lau of Android Security Research</td>
<td>CVE-2018-9416</td>
</tr>
<tr>
<td>Cusas of L.O. Team</td>
<td>CVE-2018-9412</td>
</tr>
<tr>
<td>En He (<a href="https://twitter.com/heeeeen4x">&#64;heeeeen4x</a>) and
Bo Liu of <a href="http://www.ms509.com">MS509Team</a></td>
<td>CVE-2018-9432, CVE-2018-9414</td>
</tr>
<tr>
<td>Guang Gong of Alpha Team, Qihoo 360 Technology Co. Ltd.</td>
<td>CVE-2018-9433</td>
</tr>
<tr>
<td>Jann Horn of Google Project Zero</td>
<td>CVE-2018-9434</td>
</tr>
<tr>
<td>Jianjun Dai (<a href="https://twitter.com/Jioun_dai">&#64;Jioun_dai</a>) and
Guang Gong (<a href="https://twitter.com/oldfresher">&#64;oldfresher</a>)
of Alpha Team, Qihoo 360 Technology Co. Ltd.</td>
<td>CVE-2018-9418, CVE-2018-9419, CVE-2018-9413, CVE-2018-9365</td>
</tr>
<tr>
<td>Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao"
class="external">&#64;jianqiangzhao</a>) and
pjf (<a href="http://weibo.com/jfpan">weibo.com/jfpan</a>)
of IceSword Lab, Qihoo 360</td>
<td>CVE-2018-9417</td>
</tr>
<tr>
<td>Nathan Crandall (<a href="https://twitter.com/natecray">&#64;natecray</a>)
of Tesla's Product Security Team</td>
<td>CVE-2017-0606</td>
</tr>
<tr>
<td>niky1235 (<a href="mailto:jiych.guru&#64;gmail.com">jiych.guru&#64;gmail.com</a>,
<a href="https://twitter.com/jiych_guru">&#64;jiych_guru</a>)</td>
<td>CVE-2018-9423</td>
</tr>
<tr>
<td>Pengfei Ding (丁鹏飞), Chenfu Bao (包沉浮), Lenx Wei (韦韬)
of Baidu X-Lab (百度安全实验室)</td>
<td>CVE-2017-15851</td>
</tr>
<tr>
<td>Scott Bauer
(<a href="https://twitter.com/ScottyBauer1">&#64;ScottyBauer1</a>)</td>
<td>CVE-2018-9430</td>
</tr>
<tr>
<td>Tamir Zahavi-Brunner
<a href="https://twitter.com/tamir_zb">(&#64;tamir_zb</a>)
of Zimperium zLabs Team</td>
<td>CVE-2018-9411</td>
</tr>
<tr>
<td>Tencent Blade Team</td>
<td>CVE-2018-9421, CVE-2018-9420</td>
</tr>
<tr>
<td>Yonggang Guo (<a href="https://twitter.com/guoygang">&#64;guoygang</a>)
of IceSword Lab, Qihoo 360 Technology Co. Ltd.</td>
<td>CVE-2018-9415</td>
</tr>
<tr>
<td>Zinuo Han (<a href="http://weibo.com/ele7enxxh">weibo.com/ele7enxxh</a>)
of Chengdu Security Response Center, Qihoo 360 Technology Co. Ltd.</td>
<td>CVE-2018-9410, CVE-2018-9424, CVE-2018-9431</td>
</tr>
</table>
<h4 id="june-2018">June</h4>
<table>
<col width="70%">
<col width="30%">
<tr>
<th>Researchers</th>
<th>CVEs</th>
</tr>
<tr>
<td>Baozeng Ding (丁保增) (<a href="https://twitter.com/sploving1">&#64;sploving1</a>)
of Pandora Lab, Ali Security</td>
<td>CVE-2018-5857, CVE-2018-9389</td>
</tr>
<tr>
<td>Daniel Kachakil of IOActive</td>
<td>CVE-2018-9375</td>
</tr>
<tr>
<td>derrek (<a href="https://twitter.com/derrekr6">&#64;derrekr6</a>)</td>
<td>CVE-2017-6290, CVE-2017-6292, CVE-2017-6294</td>
</tr>
<tr>
<td>Elphet and Gong Guang of Alpha Team, Qihoo 360 Technology Co. Ltd.</td>
<td>CVE-2018-9348</td>
</tr>
<tr>
<td>Hao Chen and Guang Gong of Alpha Team, Qihoo 360 Technology Co. Ltd.</td>
<td>CVE-2018-5899</td>
</tr>
<tr>
<td>Jianjun Dai (<a href="https://twitter.com/Jioun_dai">&#64;Jioun_dai</a>)
and Guang Gong
(<a href="https://twitter.com/oldfresher">&#64;oldfresher</a>) of Alpha Team,
Qihoo 360 Technology Co. Ltd</td>
<td>CVE-2018-9381, CVE-2018-9358,<br />
CVE-2018-9359, CVE-2018-9360,<br />
CVE-2018-9361, CVE-2018-9357,<br />
CVE-2018-9356</td>
</tr>
<tr>
<td>joe0x20&#64;gmail.com</td>
<td>CVE-2018-5898</td>
</tr>
<tr>
<td><a href="https://www.linkedin.com/in/jose-maria-ariel-martinez-juarez-7910a189/">
Jose Martinez</a></td>
<td>CVE-2018-5146</td>
</tr>
<tr>
<td>Julien Thomas (<a href="https://twitter.com/julien_thomas">&#64;Julien_Thomas</a>)
of <a href="http://protektoid.com/">Protektoid.com</a></td>
<td>CVE-2018-9374</td>
</tr>
<tr>
<td><a href="https://github.com/michalbednarski">Michał Bednarski</a></td>
<td>CVE-2018-9339</td>
</tr>
<tr>
<td>Mingjian Zhou (周明建)
(<a href="https://twitter.com/Mingjian_Zhou">&#64;Mingjian_Zhou</a>)
of C0RE Team</td>
<td>CVE-2018-9344</td>
</tr>
<tr>
<td>Niky1235 (<a href="https://twitter.com/jiych_guru">&#64;jiych_guru</a>)</td>
<td>CVE-2017-13230, CVE-2018-9347</td>
</tr>
<tr>
<td>Pengfei Ding (丁鹏飞), Chenfu Bao (包沉浮), and Lenx Wei (韦韬)<br />
of Baidu X-Lab (百度安全实验室)</td>
<td>CVE-2018-5832, CVE-2018-5896, CVE-2018-5897</td>
</tr>
<tr>
<td>Qing Dong of 360 Beaconlab</td>
<td>CVE-2018-9386</td>
</tr>
<tr>
<td>Scott Bauer (<a href="https://twitter.com/ScottyBauer1">&#64;ScottyBauer1</a>)</td>
<td>CVE-2018-9388, CVE-2018-9355,<br />
CVE-2018-9380</td>
</tr>
<tr>
<td><a href="https://github.com/stze">Stephan Zeisberg</a> of
<a href="https://srlabs.de/">Security Research Labs</a></td>
<td>CVE-2018-9350, CVE-2018-9352,<br />
CVE-2018-9353, CVE-2018-9341</td>
</tr>
<tr>
<td>Tencent Blade Team</td>
<td>CVE-2018-9345, CVE-2018-9346</td>
</tr>
<tr>
<td>Yonggang Guo (<a href="https://twitter.com/guoygang">&#64;guoygang</a>)
of IceSword Lab, Qihoo 360 Technology Co. Ltd.</td>
<td>CVE-2017-0564</td>
</tr>
<tr>
<td>Yuan-Tsung Lo of C0RE Team</td>
<td>CVE-2017-13079, CVE-2017-13081</td>
</tr>
<tr>
<td>华为移动安全实验室的钱育波</td>
<td>CVE-2018-9363</td>
</tr>
<tr>
<td>Zinuo Han of Chengdu Security Response Center,
Qihoo 360 Technology Co. Ltd.</td>
<td>CVE-2018-9340, CVE-2018-9338,<br />
CVE-2018-9378</td>
</tr>
</table>
<h4 id="may-2018">May</h4>
<table>
<col width="70%">
<col width="30%">
<tr>
<th>Researchers</th>
<th>CVEs</th>
</tr>
<tr>
<td>Corinna Vinschen</td>
<td>CVE-2018-5853</td>
</tr>
<tr>
<td>derrek (<a href="https://twitter.com/derrekr6">&#64;derrekr6</a>)</td>
<td>CVE-2017-6293, CVE-2018-6246</td>
</tr>
<tr>
<td>Gengjia Chen (<a href="https://twitter.com/chengjia4574">&#64;chengjia4574</a>) and
<a href="http://weibo.com/jfpan">pjf</a> of IceSword Lab, Qihoo 360 Technology Co. Ltd.</td>
<td>CVE-2017-18153</td>
</tr>
<tr>
<td><a href="mailto:[email protected]">Hanxiang Wen</a> and Mingjian Zhou (周明建)
(<a href="https://twitter.com/Mingjian_Zhou">&#64;Mingjian_Zhou</a>) of
<a href="http://c0reteam.org">C0RE</a> Team</td>
<td>CVE-2017-18154</td>
</tr>
<tr>
<td>Hongli Han (<a href="https://twitter.com/HexB1n">&#64;HexB1n</a>) and Mingjian Zhou (周明建)
(<a href="https://twitter.com/Mingjian_Zhou">&#64;Mingjian_Zhou</a>) of
<a href="http://c0reteam.org">C0RE Team</a></td>
<td>CVE-2018-6254</td>
</tr>
<tr>
<td>Joshua Steiner of Introne Apps</td>
<td>CVE-2017-13322</td>
</tr>
<tr>
<td><a href="https://github.com/michalbednarski">Michał Bednarski</a></td>
<td>CVE-2017-13310, CVE-2017-13311</td>
</tr>
<tr>
<td>Pengfei Ding (丁鹏飞), Chenfu Bao (包沉浮), and Lenx Wei (韦韬)
of Baidu X-Lab (百度安全实验室)</td>
<td>CVE-2017-15857, CVE-2018-5852</td>
</tr>
<tr>
<td><a href="http://weibo.com/ele7enxxh">Zinuo Han</a> of Chengdu Security Response Center,
Qihoo 360 Technology Co. Ltd</td>
<td>CVE-2017-13321, CVE-2017-13318, CVE-2017-13323, CVE-2017-13319, CVE-2017-13317</td>
</tr>
</table>
<h4 id="apr-2018">April</h4>
<table>
<col width="70%">
<col width="30%">
<tr>
<th>Researchers</th>
<th>CVEs</th>
</tr>
<tr>
<td>Billy Lau of Google</td>
<td>CVE-2017-13305</td>
</tr>
<tr>
<td><a href="http://weibo.com/csddl">Chong Wang</a> of Chengdu Security Response Center, Qihoo
360 Technology Co. Ltd</td>
<td>CVE-2017-13287</td>
</tr>
<tr>
<td><a href="http://weibo.com/csddl">Chong Wang</a> and
<a href="http://weibo.com/ele7enxxh">Zinuo Han</a> of Chengdu Security Response Center,
Qihoo 360 Technology Co. Ltd</td>
<td>CVE-2017-13289, CVE-2017-13286</td>
</tr>
<tr>
<td>Cusas @ Huawei L.O. Team</td>
<td>CVE-2017-13279</td>
</tr>
<tr>
<td>Daxing Guo of Tencent's Xuanwu Lab</td>
<td>CVE-2017-13292, CVE-2017-13303</td>
</tr>
<tr>
<td>Dinesh Venkatesan (<a href="https://twitter.com/malwareresearch">&#64;malwareresearch</a>)
of Symantec</td>
<td>CVE-2017-13295</td>
</tr>
<tr>
<td>Elphet and Gong Guang of Alpha Team, Qihoo 360 Technology Co. Ltd</td>
<td>CVE-2017-13276</td>
</tr>
<tr>
<td>En He (<a href="https://twitter.com/heeeeen4x">&#64;heeeeen4x</a>) and Bo Liu of
<a href="http://www.ms509.com">MS509Team</a></td>
<td>CVE-2017-13294</td>
</tr>
<tr>
<td>Eric Leong (<a href="https://twitter.com/ericwleong">&#64;ericwleong</a>)</td>
<td>CVE-2017-13301</td>
</tr>
<tr>
<td>Hao Chen and Guang Gong of Alpha Team, Qihoo 360 Technology Co. Ltd.</td>
<td>CVE-2018-3596</td>
</tr>
<tr>
<td>Haosheng Wang (<a href="https://twitter.com/gnehsoah">&#64;gnehsoah</a>)</td>
<td>CVE-2017-13280</td>
</tr>
<tr>
<td>Jean-Baptiste Cayrou (<a href="https://twitter.com/jbcayrou">&#64;jbcayrou</a>)</td>
<td>CVE-2017-13284</td>
</tr>
<tr>
<td>Jianjun Dai (<a href="https://twitter.com/Jioun_dai">&#64;Jioun_dai</a>) and
Guang Gong of Alpha Team, Qihoo 360 Technology Co. Ltd</td>
<td>CVE-2017-13291, CVE-2017-13283, CVE-2017-13282, CVE-2017-13281, CVE-2017-13267</td>
</tr>
<tr>
<td>Patrick Delvenne (<a href="https://twitter.com/wintzx">&#64;wintzx</a>) of Orange Labs</td>
<td>CVE-2018-3584</td>
</tr>
<tr>
<td>Pengfei Ding (丁鹏飞), Chenfu Bao (包沉浮), Lenx Wei (韦韬) of Baidu X-Lab (百度安全实验室)</td>
<td>CVE-2017-13306, CVE-2017-13290, CVE-2017-15837</td>
</tr>
<tr>
<td>Tencent Blade Team</td>
<td>CVE-2017-15853</td>
</tr>
<tr>
<td>Vasily Vasiliev</td>
<td>CVE-2017-13297</td>
</tr>
<tr>
<td>Weichao Sun of Alibaba Inc (<a href="https://twitter.com/sunblate">&#64;sunblate</a>)</td>
<td>CVE-2017-13277</td>
</tr>
<tr>
<td><a href="mailto:[email protected]">Yang Dai</a> and
<a href="http://weibo.com/panyu6325">Yu Pan</a> of Vulpecker Team, Qihoo 360 Technology Co. Ltd</td>
<td>CVE-2017-13304</td>
</tr>
<tr>
<td>Yonggang Guo (<a href="https://twitter.com/guoygang">&#64;guoygang</a>) of IceSword Lab,
Qihoo 360 Technology Co. Ltd</td>
<td>CVE-2017-8269, CVE-2017-13307, CVE-2018-5826</td>
</tr>
<tr>
<td>Zhongwen & Chao Dai @ Huawei L.O. Team</td>
<td>CVE-2017-13274</td>
</tr>
<tr>
<td><a href="http://weibo.com/ele7enxxh">Zinuo Han</a> of Chengdu Security Response Center,
Qihoo 360 Technology Co. Ltd</td>
<td>CVE-2017-13288, CVE-2017-13298, CVE-2017-13296, CVE-2017-13299,
CVE-2017-13275, CVE-2017-13285</td>
</tr>
</table>
<h4 id="mar-2018">March</h4>
<table>
<col width="70%">
<col width="30%">
<tr>
<th>Researchers</th>
<th>CVEs</th>
</tr>
<tr>
<td>Billy Lau of Google</td>
<td>CVE-2017-14879</td>
</tr>
<tr>
<td>Daniel Micay of Copperhead Security</td>
<td>CVE-2017-13265</td>
</tr>
<tr>
<td><a href="mailto:[email protected]">Dacheng Shao</a> and Mingjian
Zhou (周明建)</td>
<td>CVE-2017-6288</td>
</tr>
<tr>
<td>Elphet and Gong Guang of Alpha Team, Qihoo 360 Technology Co. Ltd.</td>
<td>CVE-2017-13254</td>
</tr>
<tr>
<td>Jake Corina of Shellphish Grill Team</td>
<td>CVE-2018-3560</td>
</tr>
<tr>
<td>Jianjun Dai (<a href="https://twitter.com/jioun_dai">&#64;Jioun_dai</a>) and
Guang Gong of Alpha Team, Qihoo 360 Technology Co. Ltd.</td>
<td>CVE-2017-13266, CVE-2017-13256, CVE-2017-13255</td>
</tr>
<tr>
<td>Julian Rauchberger</td>
<td>CVE-2017-13258</td>
</tr>
<tr>
<td>Hongli Han (<a href="https://twitter.com/hexb1n">&#64;hexb1n</a>),
<a href="mailto:[email protected]">Dacheng Shao</a>, and Mingjian Zhou
(周明建) (<a href="https://twitter.com/Mingjian_Zhou">&#64;Mingjian_Zhou</a>) of
<a href="http://c0reteam.org">C0RE Team</a></td>
<td>CVE-2017-6287</td>
</tr>
<tr>
<td>Hongli Han (<a href="https://twitter.com/HexB1n">&#64;HexB1n</a>) and
Mingjian Zhou (周明建)(<a
href="https://twitter.com/Mingjian_Zhou">&#64;Mingjian_Zhou</a>) of
<a href="http://c0reteam.org">C0RE Team</a></td>
<td>CVE-2017-6286, CVE-2017-6285,<br />
CVE-2017-6281</td>
</tr>
<tr>
<td>Pengfei Ding (丁鹏飞), Chenfu Bao (包沉浮), Lenx Wei (韦韬) of Baidu X-Lab
(百度安全实验室)</td>
<td>CVE-2017-13262, CVE-2017-13261, CVE-2017-13260, CVE-2017-11029,
CVE-2017-15814</td>
</tr>
<tr>
<td>Peter Pi of Tencent Security Platform Department</td>
<td>CVE-2017-13269</td>
</tr>
<tr>
<td>Sang Shin Jung of Deja vu Security</td>
<td>CVE-2017-13270</td>
</tr>
<tr>
<td>Tamir Zahavi-Brunner
(<a href="https://twitter.com/tamir_zb">&#64;tamir_zb</a>) of Zimperium zLabs Team</td>
<td>CVE-2017-13253</td>
</tr>
<tr>
<td>Vasily Vasiliev</td>
<td>CVE-2017-13249, CVE-2017-13248, CVE-2017-13264</td>
</tr>
<tr>
<td>Wish Wu (<a href=" https://twitter.com/wish_wu">&#64;wish_wu</a>
<a href="http://www.weibo.com/wishlinux">吴潍浠</a> 此彼) of Ant-financial Light-Year
Security Lab</td>
<td>CVE-2017-13259, CVE-2017-13272</td>
</tr>
<tr>
<td>Yaoguang Chen of Ant-financial Light-Year Security Lab (蚂蚁金服巴斯光年安全实验室)</td>
<td>CVE-2017-13257, CVE-2017-13268</td>
</tr>
<tr>
<td>Yonggang Guo (<a href="https://twitter.com/guoygang">&#64;guoygang</a>) of
IceSword Lab, Qihoo 360 Technology Co. Ltd.</td>
<td>CVE-2017-13271</td>
</tr>
<tr>
<td>ZhangBo of Tencent Security Platform Department</td>
<td>CVE-2017-18069</td>
</tr>
<tr>
<td><a href="http://weibo.com/ele7enxxh">Zinuo Han</a> from Chengdu Security
Response Center of Qihoo 360 Technology Co. Ltd.</td>
<td>CVE-2017-13252, CVE-2017-13251, CVE-2018-3561</td>
</tr>
</table>
<h4 id="feb-2018">February</h4>
<table>
<col width="70%">
<col width="30%">
<tr>
<th>Researchers</th>
<th>CVEs</th>
</tr>
<tr>
<td>Aaron Willey, autoprime (<a
href="https://twitter.com/utoprime?lang=en">&#64;utoprime</a>), and Tyler Montgomery
(<a href="https://twitter.com/tylerfixer">&#64;tylerfixer</a>) of Team Codefire</td>
<td>CVE-2017-13238</td>
</tr>
<tr>
<td>Cusas (华为公司的cusas)</td>
<td>CVE-2017-13235</td>
</tr>
<tr>
<td>Elphet and Gong Guang of
Alpha Team, Qihoo 360 Technology Co. Ltd.</td>
<td>CVE-2017-13229</td>
</tr>
<tr>
<td>En He (<a href="https://twitter.com/heeeeen4x">&#64;heeeeen4x</a>) and Bo Liu
of <a href="http://www.ms509.com">MS509Team</a></td>
<td>CVE-2017-13242</td>
</tr>
<tr>
<td>Gal Beniamini of Google</td>
<td>CVE-2017-13236</td>
</tr>
<tr>
<td>Hao Chen and Guang Gong of Alpha Team, Qihoo 360 Technology Co. Ltd.</td>
<td>CVE-2017-13245</td>
</tr>
<tr>
<td>Hongli Han (<a href="https://twitter.com/HexB1n">&#64;HexB1n</a>),
<a href="mailto:[email protected]">Dacheng Shao</a> and Mingjian Zhou
(<a href="https://twitter.com/Mingjian_Zhou">&#64;Mingjian_Zhou</a>) of
<a href="http://c0reteam.org">C0RE Team</a></td>
<td>CVE-2017-6258</td>
</tr>
<tr>
<td>Hongli Han (<a href="https://twitter.com/HexB1n">&#64;HexB1n</a>), Mingjian
Zhou (<a href="https://twitter.com/Mingjian_Zhou">&#64;Mingjian_Zhou</a>) of
<a href="http://c0reteam.org">C0RE Team</a></td>
<td>CVE-2017-17767, CVE-2017-6279</td>
</tr>
<tr>
<td>Mingjian Zhou (周明建) (<a
href="https://twitter.com/Mingjian_Zhou">&#64;Mingjian_Zhou</a>) of
<a href="http://c0reteam.org">C0RE Team</a></td>
<td>CVE-2017-13241, CVE-2017-13231</td>
</tr>
<tr>
<td>Nightwatch Cybersecurity Research</td>
<td>CVE-2017-13243</td>
</tr>
<tr>
<td><a href="mailto:[email protected]">Niky1235</a>
(<a href="https://twitter.com/jiych_guru">&#64;jiych_guru</a>)</td>
<td>CVE-2017-13230, CVE-2017-13234</td>
</tr>
<tr>
<td>Outware</td>
<td>CVE-2017-13239</td>
</tr>
<tr>
<td>Qidan He (<a href="https://twitter.com/flanker_hqd?lang=en">&#64;flanker_hqd</a>)
of PDD Security Team</td>
<td>CVE-2017-13246</td>
</tr>
<tr>
<td>Xiling Gong of Tencent Security Platform Department</td>
<td>CVE-2017-15852</td>
</tr>
<tr>
<td>Yonggang Guo (<a href="https://twitter.com/guoygang">&#64;guoygang</a>) of
IceSword Lab, Qihoo 360 Technology Co. Ltd.</td>
<td>CVE-2017-13273</td>
</tr>
<tr>
<td>ZhangBo of Tencent Security Platform Department</td>
<td>CVE-2015-9016</td>
</tr>
<tr>
<td><a href="http://weibo.com/ele7enxxh">Zinuo Han</a> from Chengdu Security
Response Center of Qihoo 360 Technology Co. Ltd.</td>
<td>CVE-2017-13232</td>
</tr>
</table>
<h4 id="january-2018">January</h4>
<table>
<col width="70%">
<col width="30%">
<tr>
<th>Researchers</th>
<th>CVEs</th>
</tr>
<tr>
<td><a href="mailto:[email protected]">Adong Zhang</a> (张阿东),
<a href="mailto:[email protected]">Chao Liu</a> (刘超), and
<a href="mailto:[email protected]">Jinguang Dong</a> (董金光)</td>
<td>CVE-2017-13215</td>
</tr>
<tr>
<td><a href="https://twitter.com/amarekano">Amar Menezes</a> of
<a href="https://labs.mwrinfosecurity.com/">MWR Labs</a></td>
<td>CVE-2017-13212</td>
</tr>
<tr>
<td>Andy Tyler (<a href="https://twitter.com/ticarpi">&#64;ticarpi</a>) of
<a href="http://www.e2e-assure.com ">e2e-assure</a></td>
<td>CVE-2017-0846</td>
</tr>
<tr>
<td>Baozeng Ding (<a href="https://twitter.com/sploving1">&#64;sploving</a>),
Chengming Yang, and Yang Song of Pandora Lab, Ali Security</td>
<td>CVE-2017-13222, CVE-2017-13220</td>
</tr>
<tr>
<td>Billy Lau of Google</td>
<td>CVE-2017-14879</td>
</tr>
<tr>
<td>Cameron Gutman</td>
<td>CVE-2017-13214</td>
</tr>
<tr>
<td><a href="mailto:[email protected]">Chi Zhang</a> and Mingjian Zhou
(<a href="https://twitter.com/Mingjian_Zhou">&#64;Mingjian_Zhou</a>) of
<a href="http://c0reteam.org">C0RE Team</a></td>
<td>CVE-2017-13178, CVE-2017-13179</td>
</tr>
<tr>
<td>Gal Beniamini of Google</td>
<td>CVE-2017-13209</td>
</tr>
<tr>
<td>Haosheng Wang (<a href="https://twitter.com/gnehsoah">&#64;gnehsoah</a>)</td>
<td>CVE-2017-13198</td>
</tr>
<tr>
<td>Hongli Han (<a href="https://twitter.com/HexB1n">&#64;HexB1n</a>) and
Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">&#64;Mingjian_Zhou</a>)
of <a href="http://c0reteam.org">C0RE Team</a></td>
<td>CVE-2017-13183, CVE-2017-13180</td>
</tr>
<tr>
<td>Hongli Han (<a href="https://twitter.com/HexB1n">&#64;HexB1n</a>),
<a href="mailto:[email protected]">Dacheng Shao</a>, and Mingjian Zhou
(<a href="https://twitter.com/Mingjian_Zhou">&#64;Mingjian_Zhou</a>) of
<a href="http://c0reteam.org">C0RE Team</a></td>
<td>CVE-2017-13194</td>
</tr>
<tr>
<td>Max Moroz of Google</td>
<td>CVE-2017-13224</td>
</tr>
<tr>
<td>Mingjian Zhou (周明建)
(<a href="https://twitter.com/Mingjian_Zhou">&#64;Mingjian_Zhou</a>) of
<a href="http://c0reteam.org">C0RE Team</a></td>
<td>CVE-2017-13184, CVE-2017-13201</td>
</tr>
<tr>
<td><a href="mailto:[email protected]">Niky1235</a>
(<a href="https://twitter.com/jiych_guru">&#64;jiych_guru</a>)</td>
<td>CVE-2017-0855, CVE-2017-13195, CVE-2017-13181</td>
</tr>
<tr>
<td><a href="http://github.com/tintinweb">tintinweb</a></td>
<td>CVE-2017-13208</td>
</tr>
<tr>
<td>Tongxin Li and Xinhui Han of Peking University;
Luyi Xing, Nan Zhang, Xueqiang Wang, and XiaoFeng Wang of Indiana University
Bloomington; Xiaolong Bai of Tsinghua University; and Kai Chen of IIE, Chinese
Academy of Sciences</td>
<td>CVE-2017-13176</td>
</tr>
<tr>
<td>V.E.O (<a href="https://twitter.com/vysea">&#64;VYSEa</a>) of
<a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile/">
Mobile Threat Response Team</a>, <a href="http://www.trendmicro.com">Trend Micro</a></td>
<td>CVE-2017-13196, CVE-2017-13186</td>
</tr>
<tr>
<td>Wolfu (付敬贵) of Tencent Security Platform Department</td>
<td>CVE-2017-13219, CVE-2017-13207</td>
</tr>
<tr>
<td>Xuan Xing of Google</td>
<td>CVE-2017-13217</td>
</tr>
<tr>
<td>Yangkang (<a href="https://twitter.com/dnpushme">&#64;dnpushme</a>) of Qihoo360 Qex Team</td>
<td>CVE-2017-13200</td>
</tr>
<tr>
<td>Yongke Wang (<a href="https://twitter.com/Rudykewang">&#64;Rudykewang</a>)
and Yuebin Sun of <a href="http://xlab.tencent.com">Tencent's Xuanwu Lab</a></td>
<td>CVE-2017-13202</td>
</tr>
<tr>
<td><a href="mailto:[email protected]">Yuan-Tsung Lo</a> of
<a href="http://c0reteam.org">C0RE Team</a></td>
<td>CVE-2017-13213, CVE-2017-13221</td>
</tr>
<tr>
<td><a href="http://weibo.com/panyu6325">Yu Pan</a> and
<a href="mailto:[email protected]">Yang Dai</a> of Vulpecker Team, Qihoo 360
Technology Co. Ltd.</td>
<td>CVE-2017-0869</td>
</tr>
<tr>
<td><a href="http://weibo.com/ele7enxxh">Zinuo Han</a> of Chengdu Security
Response Center, Qihoo 360 Technology Co. Ltd.</td>
<td>CVE-2017-13206, CVE-2017-13188, CVE-2017-13185</td>
</tr>
</table>
<h2 id="2017">2017</h2>
<table>
<col width="50%">
<col width="50%">
<tr>
<th>Researcher</th>
<th>CVEs</th>
</tr>
<tr>
<td>ADlab of Venustech</td>
<td>CVE-2017-0630</td>
</tr>
<tr>
<td>Alexander Potapenko of Google Dynamic Tools team</td>
<td>CVE-2017-0537</td>
</tr>
<tr>
<td>Alexandru Blanda</td>
<td>CVE-2017-0390</td>
</tr>
<tr>
<td>Amir Cohen of Ben Gurion University Cyber Lab</td>
<td>CVE-2017-0650</td>
</tr>
<tr>
<td>Ao Wang (<a href="https://twitter.com/ArayzSegment">&#64;ArayzSegment</a>) of
<a href="https://www.pwnzen.com/">Pangu Team</a></td>
<td>CVE-2017-0691, CVE-2017-0700</td>
</tr>
<tr>
<td>Aravind Machiry of Shellphish Grill Team, University of California, Santa
Barbara</td>
<td>CVE-2017-0865</td>
</tr>
<tr>
<td>Dr. Asaf Shabtai of Ben Gurion University Cyber Lab</td>
<td>CVE-2017-0650</td>
</tr>
<tr>
<td>Baozeng Ding (<a href="https://twitter.com/sploving1">&#64;sploving1</a>) of
Alibaba Mobile Security Group</td>
<td>CVE-2017-0463, CVE-2017-0506, CVE-2017-0711, CVE-2017-0741,
CVE-2017-0742, CVE-2017-0751, CVE-2017-0796, CVE-2017-0798, CVE-2017-0800,
CVE-2017-0827, CVE-2017-0843, CVE-2017-0864, CVE-2017-9703, CVE-2017-9708,
CVE-2017-11000, CVE-2017-11059, CVE-2017-13170</td>
</tr>
<tr>
<td>Ben Actis (<a href="https://twitter.com/ben_ra">&#64;Ben_RA</a>)</td>
<td>CVE-2016-8461</td>
</tr>
<tr>
<td>Ben Seri of <a href="https://armis.com/">Armis, Inc.</a></td>
<td>CVE-2017-0781, CVE-2017-0782, CVE-2017-0783, CVE-2017-0785</td>
</tr>
<tr>
<td>Billy Lau of Android Security</td>
<td>CVE-2017-0335, CVE-2017-0336, CVE-2017-0338, CVE-2017-0460,
CVE-2017-8263, CVE-2017-9682, CVE-2017-13162</td>
</tr>
<tr>
<td>Bo Liu of <a href="http://www.ms509.com/">MS509Team</a></td>
<td>CVE-2017-0490, CVE-2017-0601, CVE-2017-0639, CVE-2017-0645,
CVE-2017-0784, CVE-2017-11042</td>
</tr>
<tr>
<td>Chao Yang of Alibaba Mobile Security Group</td>
<td>CVE-2016-10280, CVE-2016-10281, CVE-2017-0565</td>
</tr>
<tr>
<td>Chenfu Bao (包沉浮) of Baidu X-Lab (百度安全实验室)</td>
<td>CVE-2016-8417, CVE-2016-10236, CVE-2017-0728, CVE-2017-0738,
CVE-2017-0766, CVE-2017-0794, CVE-2017-9681, CVE-2017-9684, CVE-2017-9693,
CVE-2017-9694, CVE-2017-9696, CVE-2017-9702, CVE-2017-9715, CVE-2017-9717,
CVE-2017-9720, CVE-2017-11001, CVE-2017-10999, CVE-2017-11057,
CVE-2017-11060, CVE-2017-11061, CVE-2017-11064, CVE-2017-11089, CVE-2017-11090</td>
</tr>
<tr>
<td>Chengming Yang of Alibaba Mobile Security Group</td>
<td>CVE-2016-10280, CVE-2016-10281, CVE-2017-0463, CVE-2017-0506,
CVE-2017-0565, CVE-2017-0711, CVE-2017-0741, CVE-2017-0742, CVE-2017-0751,
CVE-2017-0796, CVE-2017-0798, CVE-2017-0800, CVE-2017-0827, CVE-2017-0843,
CVE-2017-0864, CVE-2017-9708, CVE-2017-11000, CVE-2017-11059, CVE-2017-13170</td>
</tr>
<tr>
<td>Chenxiong Qian of Georgia Tech</td>
<td>CVE-2017-0860</td>
</tr>
<tr>
<td><a href="mailto:[email protected]">Chi Zhang</a> of
<a href="https://c0reteam.org/">C0RE Team</a></td>
<td>CVE-2017-0666, CVE-2017-0681, CVE-2017-0684, CVE-2017-0765,
CVE-2017-0836, CVE-2017-0857, CVE-2017-0880, CVE-2017-13166</td>
</tr>
<tr>
<td>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">&#64;chiachih_wu</a>)
of <a href="http://c0reteam.org/">C0RE Team</a></td>
<td>CVE-2016-8425, CVE-2016-8426, CVE-2016-8430, CVE-2016-8431,
CVE-2016-8432, CVE-2016-8449, CVE-2016-8435, CVE-2016-8480, CVE-2016-8481,
CVE-2016-8482, CVE-2017-0383, CVE-2017-0384, CVE-2017-0385, CVE-2017-0398,
CVE-2017-0400, CVE-2017-0401, CVE-2017-0402, CVE-2017-0428, CVE-2017-0429,
CVE-2017-0435, CVE-2017-0436, CVE-2017-0444, CVE-2017-0448</td>
</tr>
<tr>
<td><a href="http://weibo.com/csddl">Chong Wang</a> of Chengdu Security
Response Center, Qihoo 360 Technology Co. Ltd.</td>
<td>CVE-2017-0758</td>
</tr>
<tr>
<td>Cong Zheng (<a href="https://twitter.com/shellcong">&#64;shellcong</a>) of
Palo Alto Networks</td>
<td>CVE-2017-0752</td>
</tr>
<tr>
<td>Constantinos Patsakis of University of Piraeus</td>
<td>CVE-2017-0807</td>
</tr>
<tr>
<td>Cusas (华为公司的cusas)</td>
<td>CVE-2017-0870</td>
</tr>
<tr>
<td><a href="mailto:[email protected]">Dacheng Shao</a> of
<a href="http://c0reteam.org/">C0RE Team</a></td>
<td>CVE-2017-0483, CVE-2017-0739, CVE-2017-0769, CVE-2017-0801</td>
</tr>
<tr>
<td>Daniel Dakhno</td>
<td>CVE-2017-0420</td>
</tr>
<tr>
<td>Daniel Micay of Copperhead Security</td>
<td>CVE-2017-0397, CVE-2017-0405, CVE-2017-0410, CVE-2017-0826, CVE-2017-13160</td>
</tr>
<tr>
<td>Daxing Guo (<a href="https://twitter.com/freener0">&#64;freener0</a>) of
Xuanwu Lab, Tencent</td>
<td>CVE-2017-0386, CVE-2017-0553, CVE-2017-0585, CVE-2017-0706</td>
</tr>
<tr>
<td><a href="mailto:[email protected]">derrek</a>
(<a href="https://twitter.com/derrekr6">&#64;derrekr6</a>)</td>
<td>CVE-2016-8413, CVE-2016-8477, CVE-2017-0392, CVE-2017-0521,
CVE-2017-0531, CVE-2017-0576, CVE-2017-8260</td>
</tr>
<tr>
<td>Di Shen (<a href="https://twitter.com/returnsme">&#64;returnsme</a>) of
KeenLab (<a href="https://twitter.com/keen_lab">&#64;keen_lab</a>), Tencent</td>
<td>CVE-2016-8412, CVE-2016-8427, CVE-2016-8444, CVE-2016-10287,
CVE-2017-0334, CVE-2017-0403, CVE-2017-0427, CVE-2017-0456, CVE-2017-0457,
CVE-2017-0525, CVE-2017-8265</td>
</tr>
<tr>
<td>donfos (Aravind Machiry) of Shellphish Grill Team, UC Santa Barbara</td>
<td>CVE-2016-5349, CVE-2016-8448, CVE-2016-8470, CVE-2016-8471, CVE-2016-8472</td>
</tr>
<tr>
<td><a href="http://www.linkedin.com/in/dzima">Dzmitry Lukyanenka</a></td>
<td>CVE-2017-0414, CVE-2017-0703, CVE-2017-0808, CVE-2017-13157,
CVE-2017-13158, CVE-2017-13159</td>
</tr>
<tr>
<td>Ecular Xu (徐健) of Trend Micro</td>
<td>CVE-2017-0599, CVE-2017-0635, CVE-2017-0641, CVE-2017-0643, CVE-2017-0859</td>
</tr>
<tr>
<td>Efthimios Alepis of University of Piraeus</td>
<td>CVE-2017-0807</td>
</tr>
<tr>
<td>Elphet of Alpha Team, Qihoo 360 Technology Co. Ltd.</td>
<td>CVE-2017-0692, CVE-2017-0694, CVE-2017-0771, CVE-2017-0774, CVE-2017-0775</td>
</tr>
<tr>
<td>En He (<a href="http://twitter.com/heeeeen4x">&#64;heeeeen4x</a>) of
<a href="http://www.ms509.com/">MS509Team</a></td>
<td>CVE-2017-0394, CVE-2017-0490, CVE-2017-0601, CVE-2017-0639,
CVE-2017-0645, CVE-2017-0784, CVE-2017-11042</td>
</tr>
<tr>
<td>Eric Lafortune of
<a href="https://www.guardsquare.com/en">GuardSquare</a></td>
<td>CVE-2017-13156</td>
</tr>
<tr>
<td>Ethan Yonker of <a href="https://twrp.me/">Team Win Recovery Project</a></td>
<td>CVE-2017-0493</td>
</tr>
<tr>
<td>Fang Chen of Sony Mobile Communications Inc.</td>
<td>CVE-2017-0481</td>
</tr>
<tr>
<td>Frank Liberato of Chrome</td>
<td>CVE-2017-0409</td>
</tr>
<tr>
<td>Gal Beniamini of Project Zero</td>
<td>CVE-2017-0411, CVE-2017-0412, CVE-2017-0561, CVE-2017-0569
CVE-2017-0570, CVE-2017-0571, CVE-2017-0572</td>
</tr>
<tr>
<td>Gengjia Chen
(<a href="https://twitter.com/chengjia4574">&#64;chengjia4574</a>) of IceSword Lab,
Qihoo 360 Technology Co. Ltd.</td>
<td>CVE-2016-8464, CVE-2016-10285, CVE-2016-10288, CVE-2016-10290,
CVE-2016-10294, CVE-2016-10295, CVE-2016-10296, CVE-2017-0329, CVE-2017-0332,
CVE-2017-0432, CVE-2017-0434, CVE-2017-0446, CVE-2017-0447, CVE-2017-0500,
CVE-2017-0501, CVE-2017-0502, CVE-2017-0503, CVE-2017-0509, CVE-2017-0524,
CVE-2017-0529, CVE-2017-0536, CVE-2017-0566, CVE-2017-0573, CVE-2017-0581,
CVE-2017-0616, CVE-2017-0617, CVE-2017-0624, CVE-2017-0649, CVE-2017-0744,
CVE-2017-6426, CVE-2017-8243, CVE-2017-8244, CVE-2017-8266, CVE-2017-8270,
CVE-2017-9691, CVE-2017-10997</td>
</tr>
<tr>
<td>Godzheng (郑文选 <a
href="https://twitter.com/virtualseekers">&#64;VirtualSeekers</a>) of Tencent PC
Manager</td>
<td>CVE-2017-0602, CVE-2017-0646</td>
</tr>
<tr>
<td>Google WebM Team</td>
<td>CVE-2017-0393</td>
</tr>
<tr>
<td>Gregory Vishnepolsky of <a href="https://armis.com/">Armis, Inc.</a></td>
<td>CVE-2017-0781, CVE-2017-0782, CVE-2017-0783, CVE-2017-0785</td>
</tr>
<tr>
<td>Guang Gong (龚广) (<a href="http://twitter.com/oldfresher">&#64;oldfresher</a>)
of Alpha Team, <a href="http://www.360.com/">Qihoo 360 Technology Co. Ltd.</a></td>
<td>CVE-2016-8415, CVE-2016-8419, CVE-2016-8420, CVE-2016-8421,
CVE-2016-8454, CVE-2016-8455, CVE-2016-8456, CVE-2016-8457, CVE-2016-8465,
CVE-2016-8476, CVE-2016-10283, CVE-2017-0387, CVE-2017-0415, CVE-2017-0437,
CVE-2017-0438, CVE-2017-0439, CVE-2017-0441, CVE-2017-0442, CVE-2017-0443,
CVE-2017-0453, CVE-2017-0454, CVE-2017-0461, CVE-2017-0464, CVE-2017-0547,
CVE-2017-0567, CVE-2017-0574, CVE-2017-0575, CVE-2017-0577, CVE-2017-0580,
CVE-2017-0584, CVE-2017-0692, CVE-2017-0694, CVE-2017-0727, CVE-2017-0748,
CVE-2017-0771, CVE-2017-0774, CVE-2017-0775, CVE-2017-0786, CVE-2017-0787,
CVE-2017-0788, CVE-2017-0789, CVE-2017-0790, CVE-2017-0791, CVE-2017-0792,
CVE-2017-0825, CVE-2017-6424, CVE-2017-14904</td>
</tr>
<tr>
<td>Guangdong Bai of Singapore Institute of Technology (SIT)</td>
<td>CVE-2017-0496</td>
</tr>
<tr>
<td>
<a href="https://www.linkedin.com/in/g%C3%BCliz-seray-tuncay-952a1b9/">Güliz Seray
Tuncay</a> of the <a href="http://tuncay2.web.engr.illinois.edu/">University of
Illinois at Urbana-Champaign</a></td>
<td>CVE-2017-0593</td>
</tr>
<tr>
<td>Guo Haoran of King Team</td>
<td>CVE-2017-13172</td>
</tr>
<tr>
<td><a href="mailto:[email protected]">Hanxiang Wen</a> of
<a href="http://c0reteam.org/">C0RE Team</a></td>
<td>CVE-2017-0400, CVE-2017-0418, CVE-2017-0479, CVE-2017-0480,
CVE-2017-0665, CVE-2017-0681, CVE-2017-0737, CVE-2017-14904</td>
</tr>
<tr>
<td>Hao Chen of Alpha Team, Qihoo 360 Technology Co. Ltd.</td>
<td>CVE-2016-8415, CVE-2016-8419, CVE-2016-8420, CVE-2016-8421,
CVE-2016-8454, CVE-2016-8455, CVE-2016-8456, CVE-2016-8457, CVE-2016-8465,
CVE-2016-8476, CVE-2016-10283, CVE-2017-0437, CVE-2017-0438, CVE-2017-0439,
CVE-2017-0441, CVE-2017-0442, CVE-2017-0443, CVE-2017-0453, CVE-2017-0454,
CVE-2017-0461, CVE-2017-0464, CVE-2017-0567, CVE-2017-0574, CVE-2017-0575,
CVE-2017-0577, CVE-2017-0580, CVE-2017-0584, CVE-2017-0748, CVE-2017-0786,
CVE-2017-0787, CVE-2017-0788, CVE-2017-0789, CVE-2017-0790, CVE-2017-0791,
CVE-2017-0792, CVE-2017-0825, CVE-2017-6424</td>
</tr>
<tr>
<td>Hao Qin of Security Research Lab, Cheetah Mobile</td>
<td>CVE-2017-11056</td>
</tr>
<tr>
<td>Hiroki Yamamoto of Sony Mobile Communications Inc.</td>
<td>CVE-2017-0481</td>
</tr>
<tr>
<td><a href="mailto:[email protected]">Hongli Han</a>
(<a href="https://twitter.com/HexB1n">&#64;HexB1n</a>) of
<a href="http://c0reteam.org/">C0RE Team</a></td>
<td>CVE-2017-0384, CVE-2017-0385, CVE-2017-0731, CVE-2017-0739,
CVE-2017-13154, CVE-2017-6276</td>
</tr>
<tr>
<td>hujianfei of Qihoo360 Qex Team</td>
<td>CVE-2017-0753</td>
</tr>
<tr>
<td>Ian Foster (<a href="https://twitter.com/lanrat">&#64;lanrat</a>)</td>
<td>CVE-2017-0554</td>
</tr>
<tr>
<td>Jack Tang of Trend Micro Inc.</td>
<td>CVE-2017-0579, CVE-2017-9706</td>
</tr>
<tr>
<td>Jake Corina of Shellphish Grill Team</td>
<td>CVE-2017-0636, CVE-2017-0802</td>
</tr>
<tr>
<td>Jason Gu of Trend Micro</td>
<td>CVE-2017-0780</td>
</tr>
<tr>
<td>Jeff Sharkey of Google</td>
<td>CVE-2017-0421, CVE-2017-0423</td>
</tr>
<tr>
<td>Jeff Trim</td>
<td>CVE-2017-0422</td>
</tr>
<tr>
<td>Jeremy Huang
(<a href="https://twitter.com/bittorrent3389">&#64;bittorrent3389</a>)
of King Team</td>
<td>CVE-2017-13172</td>
</tr>
<tr>
<td>Jianjun Dai (<a href="https://twitter.com/Jioun_dai">&#64;Jioun_dai</a>) of
<a href="https://skyeye.360safe.com/">Qihoo 360 Skyeye Labs</a></td>
<td>CVE-2017-0478, CVE-2017-0541, CVE-2017-0559</td>
</tr>
<tr>
<td>Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao">&#64;jianqiangzhao</a>)
of IceSword Lab, Qihoo 360</td>
<td>CVE-2016-5346, CVE-2016-8416, CVE-2016-8475, CVE-2016-8478,
CVE-2017-0445, CVE-2017-0458, CVE-2017-0459, CVE-2017-0518, CVE-2017-0519,
CVE-2017-0533, CVE-2017-0534, CVE-2017-0862, CVE-2017-6425, CVE-2017-8233,
CVE-2017-8261, CVE-2017-8268, CVE-2017-9718, CVE-2017-1000380</td>
</tr>
<tr>
<td>Joey Brand of Census Consulting Inc.</td>
<td>CVE-2017-0698</td>
</tr>
<tr>
<td>Jon Sawyer (<a href="http://twitter.com/jcase">&#64;jcase</a>)</td>
<td>CVE-2016-8461, CVE-2016-8462</td>
</tr>
<tr>
<td><a href="https://www.linkedin.com/in/jose-maria-ariel-martinez-juarez-7910a189/">
Jose Martinez</a></td>
<td>CVE-2017-0841</td>
</tr>
<tr>
<td>Juhu Nie of Xiaomi Inc.</td>
<td>CVE-2016-10276</td>
</tr>
<tr>
<td>Jun Cheng of Alibaba Inc.</td>
<td>CVE-2017-0404</td>
</tr>
<tr>
<td>Justin Paupore of Google</td>
<td>CVE-2017-0831</td>
</tr>
<tr>
<td>Kevin Deus of Google</td>
<td>CVE-2017-11052, CVE-2017-11054, CVE-2017-11055, CVE-2017-11062</td>
</tr>
<tr>
<td>Lenx Wei (韦韬) of Baidu X-Lab (百度安全实验室)</td>
<td>CVE-2016-8417, CVE-2016-10236, CVE-2017-0728, CVE-2017-0738,
CVE-2017-0766, CVE-2017-0794 CVE-2017-9681, CVE-2017-9684, CVE-2017-9693,
CVE-2017-9694, CVE-2017-9696, CVE-2017-9702, CVE-2017-9715, CVE-2017-9717,
CVE-2017-9720, CVE-2017-10999, CVE-2017-11001, CVE-2017-11057,
CVE-2017-11060, CVE-2017-11061, CVE-2017-11064, CVE-2017-11089, CVE-2017-11090</td>
</tr>
<tr>
<td>Liyadong of Qex Team, Qihoo 360</td>
<td>CVE-2017-0647</td>
</tr>
<tr>
<td><a href="https://microlab.red/">Lorenzo Nicolodi</a></td>
<td>CVE-2017-13165</td>
</tr>
<tr>
<td><a href="mailto:[email protected]">Lubo Zhang</a> of
<a href="http://c0reteam.org/">C0RE Team</a></td>
<td>CVE-2016-8479, CVE-2017-0564, CVE-2017-7368</td>
</tr>
<tr>
<td>ma.la of LINE Corporation</td>
<td>CVE-2016-5552</td>
</tr>
<tr>
<td>Makoto Onuki of Google</td>
<td>CVE-2017-0491</td>
</tr>
<tr>
<td>Marco Bartoli (<a href="https://twitter.com/wsxarcher">&#64;wsxarcher</a>)</td>
<td>CVE-2017-0712</td>
</tr>
<tr>
<td><a href="mailto:[email protected]">Mark Salyzyn</a> of Google</td>
<td>CVE-2017-0558</td>
</tr>
<tr>
<td>Max Spector of Google</td>
<td>CVE-2017-0416</td>
</tr>
<tr>
<td>Michael Goberman of IBM Security X-Force</td>
<td>CVE-2016-8467</td>
</tr>
<tr>
<td><a href="https://github.com/michalbednarski">Michal Bednarski</a></td>
<td>CVE-2017-0598, CVE-2017-0806, CVE-2017-0871</td>
</tr>
<tr>
<td>Mike Anderson (<a href="https://twitter.com/manderbot">&#64;manderbot</a>) of
Tesla Motors Product Security Team</td>
<td>CVE-2017-0327, CVE-2017-0328</td>
</tr>
<tr>
<td>Mingjian Zhou (<a
href="https://twitter.com/Mingjian_Zhou">&#64;Mingjian_Zhou</a>) of
<a href="http://c0reteam.org/">C0RE Team</a></td>
<td>CVE-2017-0383, CVE-2017-0417, CVE-2017-0418, CVE-2017-0425,
CVE-2017-0450, CVE-2017-0479, CVE-2017-0480, CVE-2017-0483, CVE-2017-0665,
CVE-2017-0666, CVE-2017-0681, CVE-2017-0684, CVE-2017-0731, CVE-2017-0737,
CVE-2017-0739, CVE-2017-0765, CVE-2017-0768, CVE-2017-0769, CVE-2017-0779,
CVE-2017-0801, CVE-2017-0812, CVE-2017-0815, CVE-2017-0816, CVE-2017-0836,
CVE-2017-0837, CVE-2017-0840, CVE-2017-0857, CVE-2017-8080, CVE-2017-6276,
CVE-2017-13152, CVE-2017-13154, CVE-2017-13166, CVE-2017-13169, CVE-2017-14904</td>
</tr>
<tr>
<td>Monk Avel</td>
<td>CVE-2017-0396, CVE-2017-0399</td>
</tr>
<tr>
<td>Nan Li of Xiaomi Inc.</td>
<td>CVE-2016-10276</td>
</tr>
<tr>
<td>Nathan Crandall (<a href="https://twitter.com/natecray">&#64;natecray</a>)</td>
<td>CVE-2017-0535</td>
</tr>
<tr>
<td>Nathan Crandall (<a href="https://twitter.com/natecray">&#64;natecray</a>) of
Tesla Motors Product Security Team</td>
<td>CVE-2017-0306, CVE-2017-0327, CVE-2017-0328, CVE-2017-0331,
CVE-2017-0606, CVE-2017-8242, CVE-2017-9679</td>
</tr>
<tr>
<td>Nick Stephens of Shellphish Grill Team</td>
<td>CVE-2017-0636, CVE-2017-0802</td>
</tr>
<tr>
<td>Nikolay Elenkov of LINE Corporation</td>
<td>CVE-2016-5552</td>
</tr>
<tr>
<td><a href="mailto:[email protected]">Niky1235</a>
(<a href="https://twitter.com/jiych_guru">&#64;jiych_guru</a>)</td>
<td>CVE-2017-0603, CVE-2017-0670, CVE-2017-0697, CVE-2017-0726, CVE-2017-0818</td>
</tr>
<tr>
<td>Ning You of Alibaba Mobile Security Group</td>
<td>CVE-2016-10280, CVE-2016-10281, CVE-2017-0463, CVE-2017-0565</td>
</tr>
<tr>
<td>Nitay Artenstein of Exodus Intelligence</td>
<td>CVE-2017-9417</td>
</tr>
<tr>
<td>Omer Shwartz of Ben Gurion University Cyber Lab</td>
<td>CVE-2017-0650</td>
</tr>
<tr>
<td>Peide Zhang of Vulpecker Team, Qihoo 360 Technology Co. Ltd.</td>
<td>CVE-2017-0618, CVE-2017-0625</td>
</tr>
<tr>
<td>Peng Xiao of Alibaba Mobile Security Group</td>
<td>CVE-2016-10280, CVE-2016-10281, CVE-2017-0463, CVE-2017-0506,
CVE-2017-0565, CVE-2017-0842</td>
</tr>
<tr>
<td>Pengfei Ding (丁鹏飞) of Baidu X-Lab (百度安全实验室)</td>
<td>CVE-2016-8417, CVE-2016-10236, CVE-2017-0728, CVE-2017-0738,
CVE-2017-0766, CVE-2017-0794, CVE-2017-9681, CVE-2017-9684, CVE-2017-9693,
CVE-2017-9694, CVE-2017-9696, CVE-2017-9702, CVE-2017-9715, CVE-2017-9717,
CVE-2017-9720, CVE-2017-11001, CVE-2017-10999, CVE-2017-11057,
CVE-2017-11060, CVE-2017-11061, CVE-2017-11064, CVE-2017-11089, CVE-2017-11090</td>
</tr>
<tr>
<td>Peter Pi of Tencent Security Platform Department</td>
<td>CVE-2017-11046, CVE-2017-11091</td>
</tr>
<tr>
<td>Peter Pi (<a href="https://twitter.com/heisecode">&#64;heisecode</a>) of
Trend Micro</td>
<td>CVE-2016-8424, CVE-2016-8428, CVE-2016-8429, CVE-2016-8460,
CVE-2016-8469, CVE-2016-8473, CVE-2016-8474</td>
</tr>
<tr>
<td><a href="http://weibo.com/jfpan">pjf</a> of IceSword Lab, Qihoo 360
Technology Co. Ltd.</td>
<td>CVE-2016-5346, CVE-2016-8416, CVE-2016-8464, CVE-2016-8475,
CVE-2016-8478, CVE-2016-10285, CVE-2016-10288, CVE-2016-10290, CVE-2016-10294,
CVE-2016-10295, CVE-2016-10296, CVE-2017-0329, CVE-2017-0332, CVE-2017-0432,
CVE-2017-0434, CVE-2017-0445, CVE-2017-0446, CVE-2017-0447, CVE-2017-0458,
CVE-2017-0459, CVE-2017-0500, CVE-2017-0501, CVE-2017-0502, CVE-2017-0503,
CVE-2017-0509, CVE-2017-0518, CVE-2017-0519, CVE-2017-0524, CVE-2017-0529,
CVE-2017-0533, CVE-2017-0534, CVE-2017-0536, CVE-2017-0566, CVE-2017-0573,
CVE-2017-0581, CVE-2017-0616, CVE-2017-0617, CVE-2017-0624, CVE-2017-0649,
CVE-2017-0744, CVE-2017-0862, CVE-2017-6425, CVE-2017-6426, CVE-2017-8233,
CVE-2017-8243, CVE-2017-8244, CVE-2017-8261, CVE-2017-8266, CVE-2017-8268,
CVE-2017-8270, CVE-2017-9691, CVE-2017-9718, CVE-2017-10997, CVE-2017-1000380</td>
</tr>
<tr>
<td>Qidan He (何淇丹) (<a href="https://twitter.com/flanker_hqd">&#64;flanker_hqd</a>)
of KeenLab, Tencent (腾讯科恩实验室)</td>
<td>CVE-2017-0325, CVE-2017-0337, CVE-2017-0382, CVE-2017-0427,
CVE-2017-0476, CVE-2017-0544, CVE-2017-0861, CVE-2017-0866, CVE-2017-13167,
CVE-2017-13324, CVE-2017-15868</td>
</tr>
<tr>
<td>Qing Zhang of Qihoo 360</td>
<td>CVE-2017-0496</td>
</tr>
<tr>
<td>Qiwu Huang of Xiaomi Inc.</td>
<td>CVE-2016-10276</td>
</tr>
<tr>
<td>Quhe of Ant-financial Light-Year Security Lab (蚂蚁金服巴斯光年安全实验室)</td>
<td>CVE-2017-0522</td>
</tr>
<tr>
<td>Roee Hay (<a href="https://twitter.com/roeehay">&#64;roeehay</a>) of Aleph
Research, HCL Technologies</td>
<td>CVE-2016-10277, CVE-2017-0563, CVE-2017-0582, CVE-2017-0648, CVE-2017-0829,
CVE-2017-13174</td>
</tr>
<tr>
<td>Roee Hay of IBM Security X-Force Research</td>
<td>CVE-2016-8467, CVE-2017-0510</td>
</tr>
<tr>
<td>Sagi Kedmi of IBM Security X-Force Research</td>
<td>CVE-2017-0433, CVE-2017-0510</td>
</tr>
<tr>
<td><a href="mailto:[email protected]">Sahara</a> of Secure
Communications in DarkMatter</td>
<td>CVE-2017-0528</td>
</tr>
<tr>
<td>salls (<a href="https://twitter.com/chris_salls">&#64;chris_salls</a>) of
Shellphish Grill Team, UC Santa Barbara</td>
<td>CVE-2017-0505, CVE-2017-13168</td>
</tr>
<tr>
<td><a href="mailto:[email protected]">Scott Bauer</a>
(<a href="https://twitter.com/ScottyBauer1">&#64;ScottyBauer1</a>)</td>
<td>CVE-2016-10274, CVE-2017-0339, CVE-2017-0405, CVE-2017-0504,
CVE-2017-0516, CVE-2017-0521, CVE-2017-0562, CVE-2017-0576, CVE-2017-0705, CVE-2017-0740,
CVE-2017-8259, CVE-2017-8260, CVE-2017-9680, CVE-2017-11053, CVE-2017-13160</td>
</tr>
<tr>
<td>Sean Beaupre (<a href="https://twitter.com/firewaterdevs">&#64;firewaterdevs</a>)</td>
<td>CVE-2016-8461, CVE-2016-8462, CVE-2017-0455</td>
</tr>
<tr>
<td>Seven Shen (<a href="https://twitter.com/lingtongshen">&#64;lingtongshen</a>)
of Trend Micro Mobile Threat Research Team</td>
<td>CVE-2016-8418, CVE-2016-8466, CVE-2016-10231, CVE-2017-0449,
CVE-2017-0452, CVE-2017-0578, CVE-2017-0586, CVE-2017-0724, CVE-2017-0772,
CVE-2017-0780, CVE-2017-6247, CVE-2017-6248, CVE-2017-6249, CVE-2017-7369</td>
</tr>
<tr>
<td>Shinichi Matsumoto of Fujitsu</td>
<td>CVE-2017-0498</td>
</tr>
<tr>
<td>Simon Chung of Georgia Tech</td>
<td>CVE-2017-0860</td>
</tr>
<tr>
<td><a href="mailto:[email protected]">Stéphane Marques</a> of
<a href="http://www.byterev.com/">ByteRev</a></td>
<td>CVE-2017-0489</td>
</tr>
<tr>
<td>Stephen Morrow</td>
<td>CVE-2017-0389</td>
</tr>
<tr>
<td>Svetoslav Ganov of Google</td>
<td>CVE-2017-0492</td>
</tr>
<tr>
<td>Tim Becker</td>
<td>CVE-2017-0546</td>
</tr>
<tr>
<td>Timothy Becker of CSS Inc.</td>
<td>CVE-2017-0667, CVE-2017-0732, CVE-2017-0805</td>
</tr>
<tr>
<td><a href="mailto:[email protected]">Tong Lin</a> of
<a href="http://c0reteam.org/">C0RE Team</a></td>
<td>CVE-2016-8425, CVE-2016-8426, CVE-2016-8449, CVE-2016-8479,
CVE-2016-8481, CVE-2016-10291, CVE-2017-0333, CVE-2017-0428, CVE-2017-0435,
CVE-2017-0436, CVE-2017-10661</td>
</tr>
<tr>
<td>Uma Sankar Pradhan
(<a href="https://twitter.com/umasankar_iitd">&#64;umasankar_iitd</a>)</td>
<td>CVE-2017-0560</td>
</tr>
<tr>
<td>Valerio Costamagna (<a href="https://twitter.com/vaio_co">&#64;vaio_co</a>)</td>
<td>CVE-2017-0712</td>
</tr>
<tr>
<td>Vasily Vasiliev</td>
<td>CVE-2017-0589, CVE-2017-0637, CVE-2017-0638, CVE-2017-0642,
CVE-2017-0675, CVE-2017-0676, CVE-2017-0682, CVE-2017-0683, CVE-2017-0696,
CVE-2017-0699, CVE-2017-0701, CVE-2017-0702, CVE-2017-0716, CVE-2017-0757</td>
</tr>
<tr>
<td>V.E.O (<a href="https://twitter.com/vysea">&#64;VYSEa</a>) of Mobile Threat
Research Team, <a href="http://www.trendmicro.com/">Trend Micro</a></td>
<td>CVE-2017-0381, CVE-2017-0424, CVE-2017-0466, CVE-2017-0467,
CVE-2017-0468, CVE-2017-0469, CVE-2017-0470, CVE-2017-0471, CVE-2017-0472,
CVE-2017-0473, CVE-2017-0482, CVE-2017-0484, CVE-2017-0485, CVE-2017-0486,
CVE-2017-0487, CVE-2017-0494, CVE-2017-0495, CVE-2017-0538, CVE-2017-0539,
CVE-2017-0540, CVE-2017-0555, CVE-2017-0556, CVE-2017-0557, CVE-2017-0587,
CVE-2017-0590, CVE-2017-0600, CVE-2017-0640, CVE-2017-0674, CVE-2017-0677,
CVE-2017-0679, CVE-2017-0680, CVE-2017-0685, CVE-2017-0686, CVE-2017-0689,
CVE-2017-0693, CVE-2017-0695, CVE-2017-0713, CVE-2017-0715, CVE-2017-0750,
CVE-2017-10662, CVE-2017-10663</td>
</tr>
<tr>
<td>wanchouchou of Ant-financial Light-Year Security Lab (蚂蚁金服巴斯光年安全实验室)</td>
<td>CVE-2017-0522</td>
</tr>
<tr>
<td>Weichao Sun (<a href="https://twitter.com/sunblate">&#64;sunblate</a>) of
Alibaba Inc.</td>
<td>CVE-2017-0391, CVE-2017-0407, CVE-2017-0549, CVE-2017-0759</td>
</tr>
<tr>
<td>Wenjun Hu of Palo Alto Networks</td>
<td>CVE-2017-0752</td>
</tr>
<tr>
<td>Wenke Lee of Georgia Tech</td>
<td>CVE-2017-0860</td>
</tr>
<tr>
<td><a href="mailto:[email protected]">Wenke Dou</a> of
<a href="http://c0reteam.org/">C0RE Team</a></td>
<td>CVE-2017-0384, CVE-2017-0385, CVE-2017-0398, CVE-2017-0400,
CVE-2017-0401, CVE-2017-0402, CVE-2017-0417, CVE-2017-0418, CVE-2017-0450,
CVE-2017-0483, CVE-2017-0768, CVE-2017-0779, CVE-2017-0812, CVE-2017-0815,
CVE-2017-0816</td>
</tr>
<tr>
<td>Wenlin Yang (<a href="https://twitter.com/wenlin_yang">&#64;wenlin_yang</a>)
of Alpha Team, Qihoo 360 Technology Co. Ltd.</td>
<td>CVE-2017-0577, CVE-2017-0580</td>
</tr>
<tr>
<td>Wish Wu (<a href="https://twitter.com/wish_wu">&#64;wish_wu</a>)
(<a href="http://www.weibo.com/wishlinux">吴潍浠</a> 此彼)
of Ant-financial Light-Year Security Lab</td>
<td>CVE-2017-0408, CVE-2017-0477, CVE-2017-11063, CVE-2017-11092</td>
</tr>
<tr>
<td>Wolfu (付敬贵) of Tencent Security Platform Department</td>
<td>CVE-2017-0863, CVE-2017-11050, CVE-2017-11051, CVE-2017-11067,
CVE-2017-11073, CVE-2017-11093</td>
</tr>
<tr>
<td>Xiangqian Zhang of Alibaba Mobile Security Group</td>
<td>CVE-2017-0796, CVE-2017-0827</td>
</tr>
<tr>
<td>Xiao Zhang of Palo Alto Networks</td>
<td>CVE-2017-0752</td>
</tr>
<tr>
<td><a href="mailto:[email protected]">Xiaodong Wang</a> of
<a href="http://c0reteam.org/">C0RE Team</a></td>
<td>CVE-2017-0429, CVE-2017-0448</td>
</tr>
<tr>
<td>Xiling Gong of Tencent Security Platform Department</td>
<td>CVE-2017-0597, CVE-2017-0708, CVE-2017-8236, CVE-2017-9690</td>
</tr>
<tr>
<td>Xingyuan Lin of 360 Marvel Team</td>
<td>CVE-2017-0627, CVE-2017-13163</td>
</tr>
<tr>
<td>Xuxian Jiang of <a href="http://c0reteam.org/">C0RE Team</a></td>
<td>CVE-2016-8425, CVE-2016-8426, CVE-2016-8430, CVE-2016-8431,
CVE-2016-8432, CVE-2016-8449, CVE-2016-8435, CVE-2016-8479, CVE-2016-8480,
CVE-2016-8481, CVE-2016-8482, CVE-2016-10291, CVE-2017-0326, CVE-2017-0333,
CVE-2017-0383, CVE-2017-0384, CVE-2017-0385, CVE-2017-0398, CVE-2017-0400,
CVE-2017-0401, CVE-2017-0402, CVE-2017-0417, CVE-2017-0418, CVE-2017-0425,
CVE-2017-0428, CVE-2017-0429, CVE-2017-0435, CVE-2017-0436, CVE-2017-0444,
CVE-2017-0448, CVE-2017-0450, CVE-2017-0479, CVE-2017-0480, CVE-2017-0483,
CVE-2017-0526, CVE-2017-0527, CVE-2017-0651, CVE-2017-0665, CVE-2017-0666,
CVE-2017-0681, CVE-2017-0684, CVE-2017-0709, CVE-2017-0731, CVE-2017-0737,
CVE-2017-0739, CVE-2017-0765, CVE-2017-0768, CVE-2017-0769, CVE-2017-0779,
CVE-2017-0801, CVE-2017-7368, CVE-2017-8264, CVE-2017-10661</td>
</tr>
<tr>
<td><a href="https://xtn-lab.com/">XTN</a></td>
<td>CVE-2017-13165</td>
</tr>
<tr>
<td>Yan Zhou of Eagleye team, SCC, Huawei</td>
<td>CVE-2017-9678</td>
</tr>
<tr>
<td><a href="mailto:[email protected]">Yanfeng Wang</a> of
<a href="http://c0reteam.org/">C0RE Team</a></td>
<td>CVE-2016-8430, CVE-2016-8482</td>
</tr>
<tr>
<td>Yang Cheng of Xiaomi Inc.</td>
<td>CVE-2016-10276</td>
</tr>
<tr>
<td><a href="mailto:[email protected]">Yang Dai</a> of Vulpecker Team,
Qihoo 360 Technology Co. Ltd</td>
<td>CVE-2017-0795, CVE-2017-0799, CVE-2017-0804, CVE-2017-0803,
CVE-2017-6262, CVE-2017-6263, CVE-2017-6280</td>
</tr>
<tr>
<td>Yang Song of Alibaba Mobile Security Group</td>
<td>CVE-2016-10280, CVE-2016-10281, CVE-2017-0463, CVE-2017-0506,
CVE-2017-0565, CVE-2017-0711, CVE-2017-0741, CVE-2017-0742, CVE-2017-0751,
CVE-2017-0796, CVE-2017-0798, CVE-2017-0800, CVE-2017-0827, CVE-2017-0842,
CVE-2017-0843, CVE-2017-0864, CVE-2017-11000, CVE-2017-11059, CVE-2017-9703,
CVE-2017-9708, CVE-2017-13170</td>
</tr>
<tr>
<td>Yanick Fratantonio (UC Santa Barbara, Shellphish Grill Team, EURECOM)</td>
<td>CVE-2017-0860</td>
</tr>
<tr>
<td>Yangkang (<a href="https://twitter.com/dnpushme">&#64;dnpushme</a>) of Qex
Team, Qihoo 360</td>
<td>CVE-2017-0647, CVE-2017-0690, CVE-2017-0753</td>
</tr>
<tr>
<td><a href="mailto:[email protected]">Yao Jun</a> of
<a href="http://c0reteam.org/">C0RE Team</a></td>
<td>CVE-2016-8431, CVE-2016-8432, CVE-2016-8435, CVE-2016-8480</td>
</tr>
<tr>
<td>Yaoguang Chen of Ant-financial Light-Year Security Lab (蚂蚁金服巴斯光年安全实验室)</td>
<td>CVE-2017-13171</td>
</tr>
<tr>
<td>Yong Wang (王勇) (<a
href="https://twitter.com/ThomasKing2014">&#64;ThomasKing2014</a>) of Alibaba Inc.</td>
<td>CVE-2017-0404, CVE-2017-0588, CVE-2017-0842, CVE-2017-13164, CVE-2017-9708,
CVE-2017-13170 </td>
</tr>
<tr>
<td>Yonggang Guo (<a href="https://twitter.com/guoygang">&#64;guoygang</a>) of
IceSword Lab, Qihoo 360 Technology Co. Ltd.</td>
<td>CVE-2016-10289, CVE-2017-0465, CVE-2017-0564, CVE-2017-0746,
CVE-2017-0749, CVE-2017-7370, CVE-2017-8267, CVE-2017-8269, CVE-2017-8271,
CVE-2017-8272, CVE-2017-11048, CVE-2017-12146</td>
</tr>
<tr>
<td>Yongke Wang of <a href="http://xlab.tencent.com/">Tencent's Xuanwu
Lab</a></td>
<td>CVE-2017-0729, CVE-2017-0767, CVE-2017-0839, CVE-2017-0848</td>
</tr>
<tr>
<td>Dr. Yossi Oren of Ben Gurion University Cyber Lab</td>
<td>CVE-2017-0650</td>
</tr>
<tr>
<td>Yu Pan of Vulpecker Team, Qihoo 360 Technology Co. Ltd</td>
<td>CVE-2016-10282, CVE-2017-0517, CVE-2017-0532, CVE-2017-0615,
CVE-2017-0618, CVE-2017-0625, CVE-2017-0795, CVE-2017-0799, CVE-2017-0804,
CVE-2017-0803, CVE-2017-6262, CVE-2017-6263, CVE-2017-6280</td>
</tr>
<tr>
<td><a href="mailto:[email protected]">Yuan-Tsung Lo</a> of <a
href="http://c0reteam.org/">C0RE Team</a></td>
<td>CVE-2016-8425, CVE-2016-8426, CVE-2016-8430, CVE-2016-8431,
CVE-2016-8432, CVE-2016-8435, CVE-2016-8449, CVE-2016-8479, CVE-2016-8480,
CVE-2016-8481, CVE-2016-8482, CVE-2016-10291, CVE-2017-0326, CVE-2017-0333,
CVE-2017-0428, CVE-2017-0429, CVE-2017-0435, CVE-2017-0436, CVE-2017-0444,
CVE-2017-0448, CVE-2017-0526, CVE-2017-0527, CVE-2017-6264, CVE-2017-6274,
CVE-2017-6275, CVE-2017-0651, CVE-2017-0709, CVE-2017-0824, CVE-2017-7368,
CVE-2017-8264, CVE-2017-10661, CVE-2017-14903</td>
</tr>
<tr>
<td>Yuebin Sun of <a href="http://xlab.tencent.com/">Tencent's Xuanwu Lab</a></td>
<td>CVE-2017-0767, CVE-2017-0839, CVE-2017-0848</td>
</tr>
<tr>
<td>Yuqi Lu (<a href="https://twitter.com/nikos233__">&#64;nikos233</a>) of <a
href="http://c0reteam.org/">C0RE Team</a></td>
<td>CVE-2017-0383, CVE-2017-0401, CVE-2017-0417, CVE-2017-0425, CVE-2017-0483</td>
</tr>
<tr>
<td>Yuxiang Li (<a href="https://twitter.com/xbalien29">&#64;Xbalien29</a>) of
Tencent Security Platform Department</td>
<td>CVE-2017-0395, CVE-2017-0669, CVE-2017-0704</td>
</tr>
<tr>
<td>Zach Riggle (<a href="https://twitter.com/ebeip90">&#64;ebeip90</a>) of the
Android Security Team</td>
<td>CVE-2017-0710</td>
</tr>
<tr>
<td>Zhanpeng Zhao (行之) (<a href="https://twitter.com/0xr0ot">&#64;0xr0ot</a>) of
Security Research Lab, <a href="http://www.cmcm.com/">Cheetah Mobile</a></td>
<td>CVE-2016-8451</td>
</tr>
<tr>
<td>Zhe Jin (金哲) of Chengdu Security Response Center, Qihoo 360 Technology
Co. Ltd.</td>
<td>CVE-2017-0758, CVE-2017-0760</td>
</tr>
<tr>
<td><a href="mailto:[email protected]">Zhen Zhou</a>
(<a href="https://twitter.com/henices">&#64;henices</a>) of
<a href="http://www.nsfocus.com/">NSFocus</a></td>
<td>CVE-2017-0406</td>
</tr>
<tr>
<td>Zhi Xu of Palo Alto Networks</td>
<td>CVE-2017-0752</td>
</tr>
<tr>
<td><a href="mailto:[email protected]">Zhixin Li</a> of <a
href="http://www.nsfocus.com/">NSFocus</a></td>
<td>CVE-2017-0406</td>
</tr>
<tr>
<td><a href="https://weibo.com/ele7enxxh">Zinuo Han</a> from Chengdu Security
Response Center of Qihoo 360 Technology Co. Ltd.</td>
<td>CVE-2017-0475, CVE-2017-0497, CVE-2017-0548, CVE-2017-0678,
CVE-2017-0691, CVE-2017-0700, CVE-2017-0714, CVE-2017-0718, CVE-2017-0719,
CVE-2017-0720, CVE-2017-0722, CVE-2017-0725, CVE-2017-0745, CVE-2017-0760,
CVE-2017-0761, CVE-2017-0764, CVE-2017-0776, CVE-2017-0777, CVE-2017-0778,
CVE-2017-0813, CVE-2017-0814, CVE-2017-0820, CVE-2017-0823, CVE-2017-0850,
CVE-2017-0858, CVE-2017-0879</td>
</tr>
<tr>
<td>Zubin Mithra of Google</td>
<td>CVE-2017-0462, CVE-2017-8241</td>
</tr>
</table>
<h4 id="2017-additional-contributions">Additional contributions</h4>
<p>We would also like to acknowledge the contributions of the following
individuals to Android security:</p>
<ul>
<li>William Roberts
(<a href="mailto:[email protected]">[email protected]</a>)</li>
</ul>
<h2 id="2016">2016</h2>
<div style="LINE-HEIGHT:25px;">
<p>Abhishek Arya of Google Chrome Security Team</p>
<p>Adam Donenfeld et al. of Check Point Software Technologies Ltd.</p>
<p>Adam Powell of Google</p>
<p>Alex Chapman of Context Information Security</p>
<p>Altaf Shaik of <a
href="http://www.isti.tu-berlin.de/security_in_telecommunications">Security in
Telecommunications</a></p>
<p>Andre Teixeira Rizzo</p>
<p>Andrea Biondo</p>
<p>Andrei Kapishnikov of Google</p>
<p>Andy Tyler (<a href="https://twitter.com/ticarpi">&#64;ticarpi</a>) of
<a href="https://www.e2e-assure.com">e2e-assure</a></p>
<p>Anestis Bechtsoudis (<a href="https://twitter.com/anestisb">&#64;anestisb</a>) of CENSUS S.A.</p>
<p>Ao Wang (<a href="https://twitter.com/ArayzSegment">&#64;ArayzSegment</a>) of
<a href="http://www.pkav.net">PKAV</a>, Silence Information Technology</p>
<p>Askyshang of Security Platform Department, Tencent</p>
<p>Baozeng Ding of Alibaba Mobile Security Group</p>
<p>Ben Hawkes of Google Project Zero</p>
<p>Billy Lau of Android Security</p>
<p>Brad Ebinger of Google Telecom Team</p>
<p>Broadgate Team</p>
<p>Chad Brubaker of Android Security</p>
<p>Chao Yang of Alibaba Mobile Security Group</p>
<p>Chenfu Bao (包沉浮) of Baidu X-Lab</p>
<p>Chengming Yang of Alibaba Mobile Security Group</p>
<p><a href="mailto:[email protected]">Chi Zhang</a> of <a
href="http://c0reteam.org">C0RE Team</a></p>
<p>Chiachih Wu (<a href="https://twitter.com/chiachih_wu">&#64;chiachih_wu</a>) of
<a href="http://c0reteam.org">C0RE Team</a> from <a href="http://www.360safe.com/">Qihoo 360</a></p>
<p>Christian Seel</p>
<p>Christopher Tate of Google</p>
<p><a href="mailto:[email protected]">Constantinos Patsakis</a> of University
of Piraeus</p>
<p>Cory Pruce of Carnegie Mellon University</p>
<p>Cristiano Giuffrida of Vrije Universiteit Amsterdam</p>
<p>Daniel Micay of Copperhead Security</p>
<p>David Benjamin of Google</p>
<p>David Riley of the Google Pixel C Team</p>
<p>Dawei Peng (<a href="http://weibo.com/u/5622360291">Vinc3nt4H</a>) of
<a href="http://jaq.alibaba.com">Alibaba Mobile Security Team</a></p>
<p>Di Shen (<a href="https://twitter.com/returnsme">&#64;returnsme</a>) of KeenLab
(<a href="https://twitter.com/keen_lab">&#64;keen_lab</a>), Tencent</p>
<p>Dianne Hackborn of Google</p>
<p>Dmitry Vyukov of Google Dynamic Tools team</p>
<p>Dominik Schürmann of <a href="https://www.ibr.cs.tu-bs.de">Institute for
Operating Systems and Computer Networks</a>, TU Braunschweig</p>
<p><a href="mailto:[email protected]">Dongdong She</a> of UC Riverside</p>
<p>Dongkwan Kim (<a href="mailto:[email protected]">[email protected]</a>)
of System Security Lab, KAIST</p>
<p>dosomder</p>
<p>dragonltx of Alibaba mobile security team</p>
<p>DS</p>
<p>Dzmitry Lukyanenka (<a href="http://www.linkedin.com/in/dzima">www.linkedin.com/in/dzima</a>)</p>
<p>Ecular Xu (徐健) of Trend Micro</p>
<p><a href="mailto:[email protected]">Efthimios Alepis</a> of University of Piraeus</p>
<p>En He (<a href="https://twitter.com/heeeeen4x">&#64;heeeeen4x</a>) of <a
href="http://www.ms509.com">MS509Team</a></p>
<p>Gal Beniamini (<a href="https://twitter.com/@laginimaineb">&#64;laginimaineb</a>,
<a href="http://bits-please.blogspot.com/">http://bits-please.blogspot.com</a>)</p>
<p>Gengjia Chen (<a href="https://twitter.com/@chengjia4574">&#64;chengjia4574</a>)
of Lab 0x031E, Qihoo 360 Technology Co. Ltd</p>
<p>Gengming Liu (刘耕铭) (<a href="http://twitter.com/dmxcsnsbh">&#64;dmxcsnsbh</a>)
of KeenLab, Tencent</p>
<p><a href="mailto:[email protected]">George Piskas</a> of
<a href="https://www.epfl.ch">École polytechnique fédérale de Lausanne</a></p>
<p>Giovanni Vigna of University of California, Santa Barbara</p>
<p>Greg Kaiser of Google Android Team</p>
<p>Guang Gong (龚广) (<a href="https://twitter.com/oldfresher">&#64;oldfresher</a>)
of <a href="http://www.360.com/">Qihoo 360 Technology Co. Ltd.</a></p>
<p><a href="mailto:[email protected]">Hang Zhang</a> of UC Riverside</p>
<p><a href="mailto:[email protected]">Hanxiang Wen</a> of <a
href="http://c0reteam.org">C0RE Team</a></p>
<p>Hao Chen of Vulpecker Team, Qihoo 360 Technology Co. Ltd.</p>
<p>Hao Qin of Security Research Lab, <a href="http://www.cmcm.com">Cheetah Mobile</a></p>
<p>Herbert Bos of Vrije Universiteit Amsterdam</p>
<p>Hongil Kim (<a href="mailto:[email protected]">[email protected]</a>)
of System Security Lab, KAIST</p>
<p>Imre Rad of <a href="http://www.search-lab.hu/">Search-Lab Ltd.</a></p>
<p><a href="http://www.iwobanas.com">Iwo Banas</a></p>
<p>Jake Valletta of Mandiant, a FireEye company</p>
<p>James Forshaw of Google Project Zero</p>
<p>Jann Horn (<a href="https://thejh.net/">https://thejh.net</a>)</p>
<p><a href="http://keybase.io/jasonrogena">Jason Rogena</a></p>
<p>Jeremy C. Joslin of Google</p>
<p>jfang of KEEN lab, Tencent (<a href="https://twitter.com/k33nteam">&#64;K33nTeam</a>)</p>
<p>Jianqiang Zhao (<a href="https://twitter.com/jianqiangzhao">&#64;jianqiangzhao</a>)
of IceSword Lab, Qihoo 360</p>
<p>Joshua Drake (<a href="https://twitter.com/jduck">&#64;jduck</a>)</p>
<p>Jouni Malinen PGP id EFC895FA</p>
<p>Kai Lu (<a href="https://twitter.com/K3vinLuSec">&#64;K3vinLuSec</a>) of
Fortinet's FortiGuard Labs</p>
<p>Kandala Shivaram reddy</p>
<p>Kaveh Razavi of Vrije Universiteit Amsterdam</p>
<p>Kenny Root of Google</p>
<p>Lee Campbell of Google</p>
<p><a href="mailto:[email protected]">Lubo Zhang</a> of <a
href="http://c0reteam.org">C0RE Team</a></p>
<p>Maciej Szawłowski of the Google Security Team</p>
<p>Madhu Priya Murugan of CISPA, Saarland University</p>
<p>Makoto Onuki of Google</p>
<p>Marco Grassi (<a href="https://twitter.com/marcograss">&#64;marcograss</a>) of KeenLab
(<a href="https://twitter.com/keen_lab">&#64;keen_lab</a>), Tencent</p>
<p>Marco Nelissen of Google</p>
<p>Mark Brand of Google Project Zero</p>
<p>Mark Renouf of Google</p>
<p>Martin Barbella of Google Chrome Security Team</p>
<p>Martina Lindorfer of University of California, Santa Barbara</p>
<p>Max Spector of Google</p>
<p>MengLuo Gou (<a href="https://twitter.com/idhyt3r">&#64;idhyt3r</a>) of Bottle Tech</p>
<p>Michał Bednarski (<a href="https://github.com/michalbednarski">
github.com/michalbednarski</a>)</p>
<p>Mike Maarse</p>
<p>Min Chong of Android Security</p>
<p>Mingjian Zhou (<a href="https://twitter.com/Mingjian_Zhou">&#64;Mingjian_Zhou</a>)
of <a href="http://c0reteam.org">C0RE Team</a>, <a href="http://www.360safe.com/">Qihoo 360</a></p>
<p>Miriam Gershenson of Google</p>
<p>Nancy Wang of Vertu Corporation LTD</p>
<p><a href="mailto:[email protected]">Nasim Zamir</a></p>
<p>Nathan Crandall (<a href="https://twitter.com/natecray">&#64;natecray</a>) of
Tesla Motors Product Security Team</p>
<p>Nico Golde (<a href="https://twitter.com/iamnion">&#64;iamnion</a>) of
Qualcomm Product Security Initiative</p>
<p>Nightwatch Cybersecurity Research
(<a href="https://twitter.com/nightwatchcyber">&#64;nightwatchcyber</a>)</p>
<p>Ning You of Alibaba Mobile Security Group</p>
<p>Oleksiy Vyalov of Google</p>
<p>Oliver Chang of Google Chrome Security Team</p>
<p>Paul Stone of Context Information Security</p>
<p>Peng Xiao of Alibaba Mobile Security Group</p>
<p>Pengfei Ding (丁鹏飞) of Baidu X-Lab</p>
<p>Peter Pi (<a href="https://twitter.com/heisecode">&#64;heisecode</a>) of Trend Micro</p>
<p><a href="http://weibo.com/jfpan">pjf</a> of IceSword Lab, Qihoo 360</p>
<p>Quan Nguyen of Google Information Security Engineer Team</p>
<p>Qianwei Hu (<a href="mailto:[email protected]">[email protected]</a>) of
<a href="http://www.wooyun.org/">WooYun TangLab</a></p>
<p>Qidan He (<a href="https://twitter.com/@Flanker_hqd">&#64;Flanker_hqd</a>) of
KeenLab (<a href="https://twitter.com/keen_lab">&#64;keen_lab</a>), Tencent</p>
<p>Richard Shupak</p>
<p>Ricky Wai of Google</p>
<p>Robin Lee of Google</p>
<p>Roee Hay, IBM Security X-Force Researcher</p>
<p>Roeland Krak</p>
<p>Romain Trouvé of
<a href="https://labs.mwrinfosecurity.com/">MWR Labs</a></p>
<p>Ronald L. Loor Vargas (<a href="https://twitter.com/loor_rlv">&#64;loor_rlv</a>)
of TEAM Lv51</p>
<p>Sagi Kedmi, IBM Security X-Force Researcher</p>
<p>Samuel Tan of Google</p>
<p>Santos Cordon of Google Telecom Team</p>
<p><a href="mailto:[email protected]">Scott Bauer</a>
(<a href="https://twitter.com/ScottyBauer1">&#64;ScottyBauer1</a>)</p>
<p>Sen Nie (<a href="https://twitter.com/@nforest_">&#64;nforest_</a>) of KEEN lab,
Tencent (<a href="https://twitter.com/k33nteam">&#64;K33nTeam</a>)</p>
<p>Sergey Bobrov (<a href="http://twitter.com/Black2Fan">&#64;Black2Fan</a>) of
Kaspersky Lab</p>
<p>Seven Shen (<a href="https://twitter.com/@lingtongshen">&#64;lingtongshen</a>)
of Trend Micro (<a href="http://www.trendmicro.com">www.trendmicro.com</a>)</p>
<p>Sharvil Nanavati of Google</p>
<p>Shinjo Park (<a href="https://twitter.com/ad_ili_rai">&#64;ad_ili_rai</a>) of
<a href="http://www.isti.tu-berlin.de/security_in_telecommunications">
Security in Telecommunications</a></p>
<p>Stuart Henderson</p>
<p>Su Mon Kywe of Singapore Management University</p>
<p>Tao (Lenx) Wei (韦韬) of Baidu X-Lab</p>
<p>Thom Does</p>
<p>Tieyan Li of Huawei</p>
<p>Tim Strazzere (<a href="https://twitter.com/timstrazz">&#64;timstrazz</a>) of
SentinelOne / RedNaga</p>
<p>Tom Craig of Google X</p>
<p>Tom Rootjunky</p>
<p><a href="mailto:[email protected]">Tong Lin</a> of
<a href="http://c0reteam.org">C0RE Team</a></p>
<p><a href="mailto:[email protected]">Tongxin Li</a> of Peking University</p>
<p>trotmaster (<a href="https://twitter.com/trotmaster99">&#64;trotmaster99</a>)</p>
<p>Vasily Vasilev</p>
<p>Victor Chang of Google</p>
<p>Victor van der Veen of Vrije Universiteit Amsterdam</p>
<p>Vignesh Venkatasubramanian of Google</p>
<p>Vishwath Mohan of Android Security</p>
<p>Wei Wei (<a href="https://twitter.com/Danny__Wei">&#64;Danny__Wei</a>) of Xuanwu LAB, Tencent</p>
<p>Weichao Sun (<a href="https://twitter.com/sunblate">&#64;sunblate</a>) of Alibaba Inc</p>
<p>Wen Niu (<a href="https://twitter.com/NWMonster">&#64;NWMonster</a>) of KeenLab
(<a href="https://twitter.com/keen_lab">&#64;keen_lab</a>), Tencent</p>
<p><a href="mailto:[email protected]">Wenke Dou</a> of <a href="http://c0reteam.org">
C0RE Team</a></p>
<p>Wenlin Yang of Alpha Team, Qihoo 360 Technology Co. Ltd.</p>
<p>William Roberts (<a href="mailto:[email protected]">
[email protected]</a>)</p>
<p>Wish Wu (<a href="https://twitter.com/wish_wu">&#64;wish_wu</a>)
(<a href="http://weibo.com/wishlinux">吴潍浠</a>) of
<a href="http://blog.trendmicro.com/trendlabs-security-intelligence/category/mobile/">
Mobile Threat Response Team</a>, <a href="http://www.trendmicro.com">Trend Micro Inc.</a></p>
<p><a href="mailto:[email protected]">Xiaodong Wang</a> of
<a href="http://c0reteam.org">C0RE Team</a></p>
<p><a href="mailto:[email protected]">Xiaofeng Wang</a> of Indiana University Bloomington</p>
<p>Xiling Gong of Tencent Security Platform Department</p>
<p>Xingyu He (何星宇) (<a href="https://twitter.com/Spid3r_">&#64;Spid3r_</a>)
of <a href="http://www.alibaba.com/">Alibaba Inc</a></p>
<p><a href="mailto:[email protected]">Xinhui Han</a> of Peking University</p>
<p>Xuxian Jiang of <a href="http://c0reteam.org">C0RE Team</a>,
<a href="http://www.360safe.com/">Qihoo 360</a></p>
<p>Yabin Cui from Android Bionic Team</p>
<p>Yacong Gu of TCA Lab, Institute of Software, Chinese Academy of Sciences</p>
<p>Yakov Shafranovich of
<a href="https://wwws.nightwatchcybersecurity.com">Nightwatch Cybersecurity</a></p>
<p>Yang Dong of Alibaba Mobile Security Group</p>
<p>Yang Song of Alibaba Mobile Security Group</p>
<p>Yanick Fratantonio of University of California, Santa Barbara</p>
<p><a href="mailto:[email protected]">Yao Jun</a> of
<a href="http://c0reteam.org">C0RE Team</a></p>
<p><a href="mailto:[email protected]">Yeonjoon Lee</a> of Indiana University Bloomington</p>
<p>Yi Zhang of Alibaba Mobile Security Group</p>
<p>Yingjiu Li of Singapore Management University</p>
<p>Yong Shi of Eagleye team, SCC, Huawei</p>
<p>Yong Wang (王勇) (<a href="https://twitter.com/ThomasKing2014">&#64;ThomasKing2014</a>)
of Alibaba Inc.</p>
<p>Yongke Wang (<a href="https://twitter.com/Rudykewang">&#64;Rudykewang</a>) of
Xuanwu LAB, Tencent</p>
<p>Yongzheng Wu of Huawei</p>
<p>Yuan-Tsung Lo (<a href="mailto:[email protected]">[email protected]</a>)
of <a href="http://c0reteam.org">C0RE Team</a></p>
<p>Yulong Zhang of Baidu X-Lab</p>
<p><a href="http://yurushao.info">Yuru Shao</a> of University of Michigan Ann Arbor</p>
<p>Yuxiang Li (<a href="https://twitter.com/xbalien29">&#64;Xbalien29</a>) of
Tencent Security Platform Department</p>
<p>Zach Riggle (<a href="https://twitter.com/@ebeip90">&#64;ebeip90</a>) of the
Android Security Team</p>
<p>Zhanpeng Zhao (行之) (<a href="https://twitter.com/0xr0ot">&#64;0xr0ot</a>) of
Security Research Lab, <a href="http://www.cmcm.com">Cheetah Mobile</a></p>
<p>Zhe Jin (金哲) of Chengdu Security Response Center, Qihoo 360 Technology Co.
Ltd.</p>
<p><a href="mailto:[email protected]">Zhiyun Qian</a> of UC Riverside</p>
<p><a href="http://weibo.com/ele7enxxh">Zinuo Han</a> of
<a href="http://www.pkav.net">PKAV</a>, Silence Information Technology</p>
<p>Zubin Mithra of Google</p>
</div>
<h2 id="2015">2015</h2>
<div style="LINE-HEIGHT:25px;">
<p>Abhishek Arya, Google Chrome Security Team</p>
<p>Alex Copot</p>
<p>Alex Eubanks</p>
<p>Alexandru Blanda</p>
<p>Arne Swinnen (<a href="https://www.arneswinnen.net/">www.arneswinnen.net</a>)</p>
<p>Artem Chaykin</p>
<p>Ben Hawkes</p>
<p>Brennan Lautner</p>
<p>Chiachih Wu of C0RE Team from Qihoo 360</p>
<p>Darmstadt ([email protected])</p>
<p>Daniel Micay ([email protected]) at Copperhead Security</p>
<p>Dongkwan Kim of System Security Lab, KAIST ([email protected])</p>
<p>dragonltx of Alibaba Mobile Security Team</p>
<p>Gal Beniamini (<a href="http://bits-please.blogspot.com/">
http://bits-please.blogspot.com</a>)</p>
<p>Guang Gong (龚广) (<a href="https://twitter.com/oldfresher">&#64;oldfresher</a>,
[email protected]) of <a href="http://www.360.cn/">Qihoo 360 Technology Co.Ltd</a></p>
<p>Hongil Kim of System Security Lab, KAIST ([email protected])</p>
<p>Ian Beer of Google Project Zero</p>
<p>Iván Arce (@4Dgifts) of Programa STIC at Fundación Dr. Manuel Sadosky, Buenos
Aires Argentina</p>
<p>Jack Tang of Trend Micro (@jacktang310)</p>
<p>jgor of <a href="http://security.utexas.edu/">The University of Texas at Austin</a> (<a href="https://twitter.com/indiecom">&#64;indiecom</a>)</p>
<p>Joaquín Rinaudo (@xeroxnir) of Programa STIC at Fundación Dr. Manuel Sadosky,
Buenos Aires Argentina</p>
<p>Jordan Gruskovnjak of Exodus Intelligence (@jgrusko)</p>
<p>Joshua Drake of Zimperium</p>
<p>Lei Wu of C0RE Team from Qihoo 360</p>
<p>Marco Grassi (<a href="https://twitter.com/marcograss">&#64;marcograss</a>) of
<a href="http://k33nteam.org/">KeenTeam</a>
(<a href="https://twitter.com/k33nteam">&#64;K33nTeam</a>)</p>
<p>Mark Carter (<a href="https://twitter.com/hanpingchinese">&#64;hanpingchinese</a>)
of EmberMitre Ltd</p>
<p>Martin Barbella, Google Chrome Security Team</p>
<p>Michael Peck of <a href="https://www.mitre.org/">The MITRE Corporation</a> ([email protected])</p>
<p>Michał Bednarski (<a href="https://github.com/michalbednarski">
https://github.com/michalbednarski</a>)</p>
<p>Michael Roland of JR-Center u'smile at University of Applied Scienses, Upper
Austria/Hagenberg</p>
<p>Natalie Silvanovich of Google Project Zero</p>
<p>Oliver Chang, Google Chrome Security Team</p>
<p>Peter Pi of Trend Micro</p>
<p>Ping Li of Qihoo 360 Technology Co. Ltd</p>
<p>Qidan He (@flanker_hqd) from KeenTeam (@K33nTeam, <a href="http://k33nteam.org/">
http://k33nteam.org/</a>)</p>
<p>Roee Hay and Or Peles</p>
<p>Seven Shen of Trend Micro</p>
<p>Siegfried Rasthofer of <a href="https://blogs.uni-paderborn.de/sse/">
Secure Software Engineering Group</a>, EC SPRIDE Technische Universität</p>
<p>Stephan Huber of Testlab Mobile Security, <a href="https://www.sit.fraunhofer.de/">F
raunhofer SIT</a> ([email protected])</p>
<p>Steven Vittitoe of Google Project Zero</p>
<p>Tony Beltramelli (<a
href="https://twitter.com/Tbeltramelli">&#64;Tbeltramelli</a>) of <a
href="http://tonybeltramelli.com/">tonybeltramelli.com</a></p>
<p>Tzu-Yin (Nina) Tai</p>
<p>Wangtao(neobyte) of Baidu X-Team</p>
<p>Wen Xu (@antlr7) from KeenTeam (@K33nTeam, <a href="http://k33nteam.org/">
http://k33nteam.org/</a>)</p>
<p>William Roberts (<a href="mailto:[email protected]">
[email protected]</a>)</p>
<p>Wish Wu of Trend Micro Inc. (@wish_wu)</p>
<p>Xuxian Jiang of C0RE Team from Qihoo 360</p>
<p>Yajin Zhou of C0RE Team from Qihoo 360</p>
</div>
<h2 id="2014">2014</h2>
<div style="LINE-HEIGHT:25px;">
<p>Aaron Mangel of <a href="https://banno.com/">Banno</a> (<a
href="mailto:[email protected]">[email protected]</a>)</p>
<p>Alex Park (<a href="https://twitter.com/saintlinu">&#64;saintlinu</a>)</p>
<p>Alexandru Gheorghita</p>
<p><a href="https://twitter.com/isciurus">Andrey Labunets</a>
of <a href="https://www.facebook.com">Facebook</a></p>
<p><a href="http://www.corkami.com">Ange Albertini</a> (<a
href="https://twitter.com/angealbertini">&#64;angealbertini</a>)</p>
<p>Axelle Apvrille of Fortinet, FortiGuards Labs</p>
<p><a href="http://www.linkedin.com/in/danamodio">Dan Amodio</a> of
<a href="https://www.aspectsecurity.com/">Aspect Security</a>
(<a href="https://twitter.com/DanAmodio">&#64;DanAmodio</a>)</p>
<p><a href="http://davidmurdoch.com">David Murdoch</a></p>
<p>Henry Hoggard of <a href="https://labs.mwrinfosecurity.com/">MWR Labs</a> (<a
href="https://twitter.com/henryhoggard">&#64;HenryHoggard</a>)</p>
<p>Imre Rad of <a href="http://www.search-lab.hu/">Search-Lab Ltd.</a></p>
<p><a href="http://thejh.net/">Jann Horn</a>
<a href="https://android-review.googlesource.com/#/c/98197/">
<img style="vertical-align:middle;" src="../images/tiny-robot.png"
alt="Green Droid Patch Symbol"
title="This person contributed code that improved Android security">
</a></p>
<p>Jeff Forristal of <a href="http://www.bluebox.com/">Bluebox Security</a></p>
<p><a href="http://blog.redfern.me/">Joseph Redfern</a> of <a
href="https://labs.mwrinfosecurity.com/">MWR Labs</a> <br>(<a
href="https://twitter.com/JosephRedfern">&#64;JosephRedfern</a>)</p>
<p>Kunal Patel of <a href="https://www.samsungknox.com/">Samsung KNOX Security Team</a> (<a href="mailto:[email protected]">[email protected]</a>)</p>
<p><a href="http://www.linkedin.com/in/luander">Luander Michel Ribeiro</a> (<a
href="https://twitter.com/luanderock">&#64;luanderock</a>)</p>
<p><a href="http://homes.soic.indiana.edu/luyixing">Luyi Xing</a> of Indiana
University Bloomington (<a
href="mailto:[email protected]">[email protected]</a>)</p>
<p>Marc Blanchou (<a href="https://twitter.com/marcblanchou">&#64;marcblanchou</a>)</p>
<p>Mathew Solnik (<a href="https://twitter.com/msolnik">&#64;msolnik</a>)</p>
<p><a href="https://github.com/michalbednarski">Michał Bednarski</a></p>
<p><a href="http://www.cs.utah.edu/~rsas/">Raimondas Sasnauskas</a> of University of Utah</p>
<p>Robert Craig of <a href="https://www.nsa.gov/research/ia_research/">
Trusted Systems Research Group</a>, US National Security Agency
<a href="https://android-review.googlesource.com/#/q/owner:%22Robert+Craig+%253Crpcraig%2540tycho.ncsc.mil%253E%22+status:merged">
<img style="vertical-align:middle" src="../images/tiny-robot.png" alt="Patch Symbol"
title="This person contributed code that improved Android security"></a></p>
<p><a href="http://www.samsung.com">Samsung Mobile</a></p>
<p>Scotty Bauer of University of Utah
(<a href="mailto:[email protected]">[email protected]</a>)</p>
<p>Sebastian Brenza</p>
<p>Siegfried Rasthofer of <a href="https://blogs.uni-paderborn.de/sse/">Secure Software
Engineering Group</a>, EC SPRIDE Technische Universität Darmstadt (<a
href="mailto:[email protected]">[email protected]</a>)</p>
<p><a href="http://www.sonymobile.com">Sony Mobile</a></p>
<p>Stephan Huber of Testlab Mobile Security, <a
href="https://www.sit.fraunhofer.de/">Fraunhofer SIT</a> (<a
href="mailto:[email protected]">[email protected]</a>)
</p>
<p>Stephen Smalley of <a href="https://www.nsa.gov/research/ia_research/">
Trusted Systems Research Group</a>, US National Security Agency
<a href=
"https://android-review.googlesource.com/#/q/owner:%22Stephen+Smalley+%253Csds%2540tycho.nsa.gov%253E%22+status:merged">
<img style="vertical-align:middle" src="../images/tiny-robot.png"
alt="Patch Symbol" title="This person contributed code that improved Android security"></a></p>
<p>Steven Arzt of <a href="http://sseblog.ec-spride.de/">Secure Software
Engineering Group</a>, EC SPRIDE Technische Universität Darmstadt (<a
href="mailto:[email protected]">[email protected]</a>)</p>
<p><a href="http://www.subodh.io">Subodh Iyengar</a> of
<a href="https://www.facebook.com">Facebook</a></p>
<p>Tongxin Li of Peking University (<a
href="mailto:[email protected]">[email protected]</a>)</p>
<p><a href="http://www.linkedin.com/in/tonytrummer/">Tony Trummer</a> of <a
href="http://www.themeninthemiddle.com">The Men in the Middle</a> <br>(<a
href="https://twitter.com/SecBro1">&#64;SecBro1</a>)</p>
<p><a href="https://www.linkedin.com/in/tdalvi">Tushar Dalvi</a> (<a
href="https://twitter.com/tushardalvi">&#64;tushardalvi</a>)</p>
<p><a href="https://plus.google.com/u/0/109528607786970714118">Valera
Neronov</a></p>
<p>Wang Tao of <a href="http://xteam.baidu.com">Baidu X-Team</a>
(<a href="mailto:[email protected]">[email protected]</a>)</p>
<p>Wang Yu of <a href="http://xteam.baidu.com">Baidu X-Team</a>
(<a href="https://twitter.com/xi4oyu">&#64;xi4oyu</a>)</p>
<p><a href="http://www.shackleton.io/">Will Shackleton</a> of
<a href="https://www.facebook.com">Facebook</a></p>
<p><a href="http://www.linkedin.com/in/billcroberts">
William Roberts</a> (<a href="mailto:[email protected]">[email protected]</a>)
<a href=
"https://android-review.googlesource.com/#/q/owner:bill.c.roberts%2540gmail.com+status:merged">
<img style="vertical-align:middle" src="../images/tiny-robot.png"
alt="Patch Symbol" title="This person contributed code that improved Android security"></a></p>
<p><a href="http://www.informatics.indiana.edu/xw7/">Xiaofeng Wang</a> of
Indiana University Bloomington (<a href="mailto:[email protected]">[email protected]</a>)</p>
<p>Xiaoyong Zhou of <a href="http://www.cs.indiana.edu/~zhou/">
Indiana University Bloomington</a> <br>
(<a href="https://twitter.com/xzhou">&#64;xzhou</a>,
<a href="mailto:[email protected]">[email protected]</a>)</p>
<p>Xinhui Han of Peking University
(<a href="mailto:[email protected]">[email protected]</a>)</p>
<p>Yeonjoon Lee of Indiana University Bloomington
(<a href="mailto:[email protected]">[email protected]</a>)</p>
<p><a href="http://www.androbugs.com">Yu-Cheng Lin 林禹成</a>
(<a href="https://twitter.com/AndroBugs">&#64;AndroBugs</a>)</p>
<p>Zhang Dong Hui of <a href="http://xteam.baidu.com">Baidu X-Team</a>
(<a href="http://weibo.com/shineastdh">shineastdh</a>)</p>
</div>
<h2 id="2013">2013</h2>
<div style="LINE-HEIGHT:25px;">
<p><a href="https://tsarstva.bg/sh/">Ivaylo Marinkov</a>
of <a href="http://www.ecommera.com/">eCommera</a>
(<a href="mailto:[email protected]">[email protected]</a>)</p>
<p>Jon Sawyer of <a href="http://appliedcybersecurity.com/">Applied Cybersecurity LLC
</a> (<a href="mailto:[email protected]">[email protected]</a>)</p>
<p>Joshua J. Drake of <a href="http://www.accuvant.com/">Accuvant LABS
</a> (<a href="https://twitter.com/jduck">&#64;jduck</a>)
<a href="https://android-review.googlesource.com/#/q/change:72228+OR+change:72229">
<img style="vertical-align:middle" src="../images/patchreward.png"
alt="Patch Rewards Symbol" title="This person qualified for the Patch Rewards program!"></a></p>
<p>Kan Yuan</p>
<p>Lucas Yang (amadoh4ck) of
<a href="http://raonsecurity.com/">RaonSecurity</a>
(<a href="mailto:[email protected]">[email protected]</a>)</p>
<p><a href="http://homes.soic.indiana.edu/luyixing">Luyi Xing</a> of Indiana
University Bloomington (<a
href="mailto:[email protected]">[email protected]</a>)</p>
<p><a href="https://lacklustre.net/">Mike Ryan</a> of
<a href="https://isecpartners.com/">iSEC Partners</a>
<br>(<a href="https://twitter.com/mpeg4codec">&#64;mpeg4codec</a>,
<a href="mailto:[email protected]">[email protected]
</a>)</p>
<p><a href="http://cryptoonline.com/">Muhammad Naveed</a>
of <a href="http://illinois.edu/">University of Illinois
at Urbana-Champaign</a>
<br>(<a href="mailto:[email protected]">[email protected]</a>)</p>
<p>Qualcomm Product Security Initiative</p>
<p><a href="https://securityresear.ch/">Roee Hay</a>
(<a href="https://twitter.com/roeehay">&#64;roeehay</a>,
<a href="mailto:[email protected]">[email protected]</a>)</p>
<p>Robert Craig of <a href="https://www.nsa.gov/research/ia_research/">
Trusted Systems Research Group</a>, US National Security Agency
<a href="https://android-review.googlesource.com/#/q/owner:%22Robert+Craig+%253Crpcraig%2540tycho.ncsc.mil%253E%22+status:merged">
<img style="vertical-align:middle" src="../images/tiny-robot.png" alt="Patch Symbol"
title="This person contributed code that improved Android security"></a></p>
<p>Ruben Santamarta of IOActive
(<a href="https://twitter.com/reversemode">&#64;reversemode</a>)</p>
<p>Stephen Smalley of <a href="https://www.nsa.gov/research/ia_research/">
Trusted Systems Research Group</a>, US National Security Agency
<a href=
"https://android-review.googlesource.com/#/q/owner:%22Stephen+Smalley+%253Csds%2540tycho.nsa.gov%253E%22+status:merged">
<img style="vertical-align:middle" src="../images/tiny-robot.png"
alt="Patch Symbol" title="This person contributed code that improved Android security"></a></p>
<p><a href="http://www.linkedin.com/in/billcroberts">
William Roberts</a> (<a href="mailto:[email protected]">[email protected]</a>)
<a href=
"https://android-review.googlesource.com/#/q/owner:bill.c.roberts%2540gmail.com+status:merged">
<img style="vertical-align:middle" src="../images/tiny-robot.png"
alt="Patch Symbol" title="This person contributed code that improved Android security"></a></p>
<p>Xiaorui Pan of Indiana University Bloomington
(<a href="mailto:[email protected]">[email protected]</a>)</p>
<p>XiaoFeng Wang of Indiana University Bloomington
(<a href="mailto:[email protected]">[email protected]</a>)</p>
</div>
<h2 id="2012">2012</h2>
<div style="LINE-HEIGHT:25px;">
<p>David Weinstein (<a href="https://twitter.com/insitusec">&#64;insitusec</a>)
of <a href="https://viaforensics.com/">viaForensics</a></p>
<p><a href="http://thejh.net/">Jann Horn</a></p>
<p>Ravishankar Borgaonkari (<a href="https://twitter.com/raviborgaonkar">&#64;raviborgaonkar</a>)
of TU Berlin</p>
<p>Robert Craig of <a href="https://www.nsa.gov/research/ia_research/">
Trusted Systems Research Group</a>, US National Security Agency
<a href="https://android-review.googlesource.com/#/q/owner:%22Robert+Craig+%253Crpcraig%2540tycho.ncsc.mil%253E%22+status:merged">
<img style="vertical-align:middle" src="../images/tiny-robot.png" alt="Patch Symbol"
title="This person contributed code that improved Android security"></a></p>
<p><a href="https://securityresear.ch/">Roee Hay</a>
(<a href="https://twitter.com/roeehay">&#64;roeehay</a>,
<a href="mailto:[email protected]">[email protected]</a>)</p>
<p>Stephen Smalley of <a href="https://www.nsa.gov/research/ia_research/">
Trusted Systems Research Group</a>, US National Security Agency
<a href=
"https://android-review.googlesource.com/#/q/owner:%22Stephen+Smalley+%253Csds%2540tycho.nsa.gov%253E%22+status:merged">
<img style="vertical-align:middle" src="../images/tiny-robot.png"
alt="Patch Symbol" title="This person contributed code that improved Android security"></a></p>
<p><a href="http://www.linkedin.com/in/billcroberts">
William Roberts</a> (<a href="mailto:[email protected]">[email protected]</a>)
<a href=
"https://android-review.googlesource.com/#/q/owner:bill.c.roberts%2540gmail.com+status:merged">
<img style="vertical-align:middle" src="../images/tiny-robot.png"
alt="Patch Symbol" title="This person contributed code that improved Android security"></a></p>
</div>
<h2 id="2011">2011</h2>
<div style="LINE-HEIGHT:25px;">
<p>Collin Mulliner of <a href="http://www.mulliner.org/collin/academic">MUlliNER.ORG</a> (<a href="https://twitter.com/collinrm">&#64;collinrm</a>)</p>
</div>
<h2 id="2009">2009</h2>
<div style="LINE-HEIGHT:25px;">
<p>Charlie Miller (<a href="https://twitter.com/0xcharlie">&#64;0xcharlie</a>)</p>
<p>Collin Mulliner of <a href="http://www.mulliner.org/collin/academic">MUlliNER.ORG</a> (<a href="https://twitter.com/collinrm">&#64;collinrm</a>)</p>
</div>
</body>
</html>