Android Security Acknowledgements

The Android Security Team would like to thank the following people and parties for helping to improve Android security. They have done this either by finding and responsibly reporting security vulnerabilities through the AOSP bug tracker Security bug report template or by committing code that has a positive impact on Android security, including code that qualifies for the Patch Rewards program.

2018

In 2018, the security acknowledgements are listed by month. In prior years, acknowledgements were listed together.

September

Researchers CVEs
Baozeng Ding (@sploving1), Chengming Yang, and Yang Song of Alibaba Mobile Security Group CVE-2018-9517
Chong Wang (weibo.com/csddl) of Chengdu Security Response Center, Qihoo 360 Technology Co. Ltd. CVE-2018-9480, CVE-2018-9481, CVE-2018-9482, CVE-2018-9485
Cusas of L.O. Team CVE-2018-9440, CVE-2018-9467
Daniel Kachakil, Senior Security Consultant, IOActive CVE-2018-9468
En He (@heeeeen4x) and Bo Liu of MS509Team (ms509.com) CVE-2018-9475
Hector Cuesta Garcia (@HectorCuesta) of Innotec System CVE-2018-9470
Hongli Han (@hexb1n) and Mingjian Zhou (周明建) (@Mingjian_Zhou) of C0RE Team CVE-2018-11261
Jann Horn of Google Project Zero CVE-2018-9488
Jianjun Dai (@jioun_dai) and Guang Gong (@oldfresher) of Alpha Team, Qihoo 360 Technology Co. Ltd. CVE-2018-9478, CVE-2018-9479
Jianqiang Zhao (@jianqiangzhao) and pjf (weibo.com/jfpan) of IceSword Lab, Qihoo 360 CVE-2018-9516
M3, Inc. CVE-2018-9469
Mingjian Zhou (周明建) (@Mingjian_Zhou) of C0RE Team CVE-2018-11816
Pengfei Ding (丁鹏飞) of Huawei Mobile Security Lab (华为移动安全实验室) CVE-2018-9519
Tamir Zahavi-Brunner (@tamir_zb) of Zimperium zLabs Team CVE-2018-9411
Zinuo Han (weibo.com/ele7enxxh) of Chengdu Security Response Center, Qihoo 360 Technology Co. Ltd. CVE-2018-9471, CVE-2018-9474, CVE-2018-9483, CVE-2018-9484, CVE-2018-9486

August

Researchers CVEs
Chao Dai @ L.O. Team CVE-2018-9437
Chong Wang of Chengdu Security Response Center, Qihoo 360 Technology Co. Ltd. CVE-2018-9436, CVE-2018-9448, CVE-2018-9454, CVE-2018-9455
Dinesh Venkatesan (@malwareresearch) of Symantec CVE-2017-13295
Dzmitry Lukyanenka CVE-2018-9459, CVE-2018-9461
En He (@heeeeen4x) and Bo Liu of MS509Team CVE-2017-13242, CVE-2018-9457
Francesco Pinci CVE-2018-9447
Jann Horn of Google Project Zero CVE-2018-9445
Joshua Steiner of Introne Apps CVE-2017-13322
Scott Bauer (@ScottyBauer1) CVE-2018-9441
Tencent Blade Team CVE-2017-18306, CVE-2017-18307
Tong Lin (segfault5514@gmail.com) and Mingjian Zhou (周明建) (@Mingjian_Zhou) of C0RE Team CVE-2018-9439
V.E.O (@VYSEa) of Mobile Security Research Team, Trend Micro CVE-2018-9444
Zinuo Han of Chengdu Security Response Center, Qihoo 360 Technology Co. Ltd. CVE-2018-9435, CVE-2018-9446, CVE-2018-9449, CVE-2018-9450, CVE-2018-9451, CVE-2018-9453

July

Researchers CVEs
Baozeng Ding (丁保增) (@sploving) of Pandora Lab, Ali Security CVE-2018-9422
Billy Lau of Android Security Research CVE-2018-9416
Cusas of L.O. Team CVE-2018-9412
En He (@heeeeen4x) and Bo Liu of MS509Team CVE-2018-9432, CVE-2018-9414
Guang Gong of Alpha Team, Qihoo 360 Technology Co. Ltd. CVE-2018-9433
Jann Horn of Google Project Zero CVE-2018-9434
Jianjun Dai (@Jioun_dai) and Guang Gong (@oldfresher) of Alpha Team, Qihoo 360 Technology Co. Ltd. CVE-2018-9418, CVE-2018-9419, CVE-2018-9413, CVE-2018-9365
Jianqiang Zhao (@jianqiangzhao) and pjf (weibo.com/jfpan) of IceSword Lab, Qihoo 360 CVE-2018-9417
Nathan Crandall (@natecray) of Tesla's Product Security Team CVE-2017-0606
niky1235 (jiych.guru@gmail.com, @jiych_guru) CVE-2018-9423
Pengfei Ding (丁鹏飞), Chenfu Bao (包沉浮), Lenx Wei (韦韬) of Baidu X-Lab (百度安全实验室) CVE-2017-15851
Scott Bauer (@ScottyBauer1) CVE-2018-9430
Tamir Zahavi-Brunner (@tamir_zb) of Zimperium zLabs Team CVE-2018-9411
Tencent Blade Team CVE-2018-9421, CVE-2018-9420
Yonggang Guo (@guoygang) of IceSword Lab, Qihoo 360 Technology Co. Ltd. CVE-2018-9415
Zinuo Han (weibo.com/ele7enxxh) of Chengdu Security Response Center, Qihoo 360 Technology Co. Ltd. CVE-2018-9410, CVE-2018-9424, CVE-2018-9431

June

Researchers CVEs
Baozeng Ding (丁保增) (@sploving1) of Pandora Lab, Ali Security CVE-2018-5857, CVE-2018-9389
Daniel Kachakil of IOActive CVE-2018-9375
derrek (@derrekr6) CVE-2017-6290, CVE-2017-6292, CVE-2017-6294
Elphet and Gong Guang of Alpha Team, Qihoo 360 Technology Co. Ltd. CVE-2018-9348
Hao Chen and Guang Gong of Alpha Team, Qihoo 360 Technology Co. Ltd. CVE-2018-5899
Jianjun Dai (@Jioun_dai) and Guang Gong (@oldfresher) of Alpha Team, Qihoo 360 Technology Co. Ltd CVE-2018-9381, CVE-2018-9358,
CVE-2018-9359, CVE-2018-9360,
CVE-2018-9361, CVE-2018-9357,
CVE-2018-9356
joe0x20@gmail.com CVE-2018-5898
Jose Martinez CVE-2018-5146
Julien Thomas (@Julien_Thomas) of Protektoid.com CVE-2018-9374
Michał Bednarski CVE-2018-9339
Mingjian Zhou (周明建) (@Mingjian_Zhou) of C0RE Team CVE-2018-9344
Niky1235 (@jiych_guru) CVE-2017-13230, CVE-2018-9347
Pengfei Ding (丁鹏飞), Chenfu Bao (包沉浮), and Lenx Wei (韦韬)
of Baidu X-Lab (百度安全实验室)
CVE-2018-5832, CVE-2018-5896, CVE-2018-5897
Qing Dong of 360 Beaconlab CVE-2018-9386
Scott Bauer (@ScottyBauer1) CVE-2018-9388, CVE-2018-9355,
CVE-2018-9380
Stephan Zeisberg of Security Research Labs CVE-2018-9350, CVE-2018-9352,
CVE-2018-9353, CVE-2018-9341
Tencent Blade Team CVE-2018-9345, CVE-2018-9346
Yonggang Guo (@guoygang) of IceSword Lab, Qihoo 360 Technology Co. Ltd. CVE-2017-0564
Yuan-Tsung Lo of C0RE Team CVE-2017-13079, CVE-2017-13081
华为移动安全实验室的钱育波 CVE-2018-9363
Zinuo Han of Chengdu Security Response Center, Qihoo 360 Technology Co. Ltd. CVE-2018-9340, CVE-2018-9338,
CVE-2018-9378

May

Researchers CVEs
Corinna Vinschen CVE-2018-5853
derrek (@derrekr6) CVE-2017-6293, CVE-2018-6246
Gengjia Chen (@chengjia4574) and pjf of IceSword Lab, Qihoo 360 Technology Co. Ltd. CVE-2017-18153
Hanxiang Wen and Mingjian Zhou (周明建) (@Mingjian_Zhou) of C0RE Team CVE-2017-18154
Hongli Han (@HexB1n) and Mingjian Zhou (周明建) (@Mingjian_Zhou) of C0RE Team CVE-2018-6254
Joshua Steiner of Introne Apps CVE-2017-13322
Michał Bednarski CVE-2017-13310, CVE-2017-13311
Pengfei Ding (丁鹏飞), Chenfu Bao (包沉浮), and Lenx Wei (韦韬) of Baidu X-Lab (百度安全实验室) CVE-2017-15857, CVE-2018-5852
Zinuo Han of Chengdu Security Response Center, Qihoo 360 Technology Co. Ltd CVE-2017-13321, CVE-2017-13318, CVE-2017-13323, CVE-2017-13319, CVE-2017-13317

April

Researchers CVEs
Billy Lau of Google CVE-2017-13305
Chong Wang of Chengdu Security Response Center, Qihoo 360 Technology Co. Ltd CVE-2017-13287
Chong Wang and Zinuo Han of Chengdu Security Response Center, Qihoo 360 Technology Co. Ltd CVE-2017-13289, CVE-2017-13286
Cusas @ Huawei L.O. Team CVE-2017-13279
Daxing Guo of Tencent's Xuanwu Lab CVE-2017-13292, CVE-2017-13303
Dinesh Venkatesan (@malwareresearch) of Symantec CVE-2017-13295
Elphet and Gong Guang of Alpha Team, Qihoo 360 Technology Co. Ltd CVE-2017-13276
En He (@heeeeen4x) and Bo Liu of MS509Team CVE-2017-13294
Eric Leong (@ericwleong) CVE-2017-13301
Hao Chen and Guang Gong of Alpha Team, Qihoo 360 Technology Co. Ltd. CVE-2018-3596
Haosheng Wang (@gnehsoah) CVE-2017-13280
Jean-Baptiste Cayrou (@jbcayrou) CVE-2017-13284
Jianjun Dai (@Jioun_dai) and Guang Gong of Alpha Team, Qihoo 360 Technology Co. Ltd CVE-2017-13291, CVE-2017-13283, CVE-2017-13282, CVE-2017-13281, CVE-2017-13267
Patrick Delvenne (@wintzx) of Orange Labs CVE-2018-3584
Pengfei Ding (丁鹏飞), Chenfu Bao (包沉浮), Lenx Wei (韦韬) of Baidu X-Lab (百度安全实验室) CVE-2017-13306, CVE-2017-13290, CVE-2017-15837
Tencent Blade Team CVE-2017-15853
Vasily Vasiliev CVE-2017-13297
Weichao Sun of Alibaba Inc (@sunblate) CVE-2017-13277
Yang Dai and Yu Pan of Vulpecker Team, Qihoo 360 Technology Co. Ltd CVE-2017-13304
Yonggang Guo (@guoygang) of IceSword Lab, Qihoo 360 Technology Co. Ltd CVE-2017-8269, CVE-2017-13307, CVE-2018-5826
Zhongwen & Chao Dai @ Huawei L.O. Team CVE-2017-13274
Zinuo Han of Chengdu Security Response Center, Qihoo 360 Technology Co. Ltd CVE-2017-13288, CVE-2017-13298, CVE-2017-13296, CVE-2017-13299, CVE-2017-13275, CVE-2017-13285

March

Researchers CVEs
Billy Lau of Google CVE-2017-14879
Daniel Micay of Copperhead Security CVE-2017-13265
Dacheng Shao and Mingjian Zhou (周明建) CVE-2017-6288
Elphet and Gong Guang of Alpha Team, Qihoo 360 Technology Co. Ltd. CVE-2017-13254
Jake Corina of Shellphish Grill Team CVE-2018-3560
Jianjun Dai (@Jioun_dai) and Guang Gong of Alpha Team, Qihoo 360 Technology Co. Ltd. CVE-2017-13266, CVE-2017-13256, CVE-2017-13255
Julian Rauchberger CVE-2017-13258
Hongli Han (@hexb1n), Dacheng Shao, and Mingjian Zhou (周明建) (@Mingjian_Zhou) of C0RE Team CVE-2017-6287
Hongli Han (@HexB1n) and Mingjian Zhou (周明建)(@Mingjian_Zhou) of C0RE Team CVE-2017-6286, CVE-2017-6285,
CVE-2017-6281
Pengfei Ding (丁鹏飞), Chenfu Bao (包沉浮), Lenx Wei (韦韬) of Baidu X-Lab (百度安全实验室) CVE-2017-13262, CVE-2017-13261, CVE-2017-13260, CVE-2017-11029, CVE-2017-15814
Peter Pi of Tencent Security Platform Department CVE-2017-13269
Tamir Zahavi-Brunner (@tamir_zb) of Zimperium zLabs Team CVE-2017-13253
Vasily Vasiliev CVE-2017-13249, CVE-2017-13248, CVE-2017-13264
Wish Wu (@wish_wu 吴潍浠 此彼) of Ant-financial Light-Year Security Lab CVE-2017-13259, CVE-2017-13272
Yaoguang Chen of Ant-financial Light-Year Security Lab (蚂蚁金服巴斯光年安全实验室) CVE-2017-13257, CVE-2017-13268
Yonggang Guo (@guoygang) of IceSword Lab, Qihoo 360 Technology Co. Ltd. CVE-2017-13271
ZhangBo of Tencent Security Platform Department CVE-2017-18069
Zinuo Han from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd. CVE-2017-13252, CVE-2017-13251, CVE-2018-3561

February

Researchers CVEs
Aaron Willey, autoprime (@utoprime), and Tyler Montgomery (@tylerfixer) of Team Codefire CVE-2017-13238
Cusas (华为公司的cusas) CVE-2017-13235
Elphet and Gong Guang of Alpha Team, Qihoo 360 Technology Co. Ltd. CVE-2017-13229
En He (@heeeeen4x) and Bo Liu of MS509Team CVE-2017-13242
Gal Beniamini of Google CVE-2017-13236
Hao Chen and Guang Gong of Alpha Team, Qihoo 360 Technology Co. Ltd. CVE-2017-13245
Hongli Han (@HexB1n), Dacheng Shao and Mingjian Zhou (@Mingjian_Zhou) of C0RE Team CVE-2017-6258
Hongli Han (@HexB1n), Mingjian Zhou (@Mingjian_Zhou) of C0RE Team CVE-2017-17767, CVE-2017-6279
Mingjian Zhou (周明建) (@Mingjian_Zhou) of C0RE Team CVE-2017-13241, CVE-2017-13231
Nightwatch Cybersecurity Research CVE-2017-13243
Niky1235 (@jiych_guru) CVE-2017-13230, CVE-2017-13234
Outware CVE-2017-13239
Qidan He (@flanker_hqd) of PDD Security Team CVE-2017-13246
Xiling Gong of Tencent Security Platform Department CVE-2017-15852
Yonggang Guo (@guoygang) of IceSword Lab, Qihoo 360 Technology Co. Ltd. CVE-2017-13273
ZhangBo of Tencent Security Platform Department CVE-2015-9016
Zinuo Han from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd. CVE-2017-13232

January

Researchers CVEs
Adong Zhang (张阿东), Chao Liu (刘超), and Jinguang Dong (董金光) CVE-2017-13215
Amar Menezes of MWR Labs CVE-2017-13212
Andy Tyler (@ticarpi) of e2e-assure CVE-2017-0846
Baozeng Ding (@sploving), Chengming Yang, and Yang Song of Pandora Lab, Ali Security CVE-2017-13222, CVE-2017-13220
Billy Lau of Google CVE-2017-14879
Cameron Gutman CVE-2017-13214
Chi Zhang and Mingjian Zhou (@Mingjian_Zhou) of C0RE Team CVE-2017-13178, CVE-2017-13179
Gal Beniamini of Google CVE-2017-13209
Haosheng Wang (@gnehsoah) CVE-2017-13198
Hongli Han (@HexB1n) and Mingjian Zhou (@Mingjian_Zhou) of C0RE Team CVE-2017-13183, CVE-2017-13180
Hongli Han (@HexB1n), Dacheng Shao, and Mingjian Zhou (@Mingjian_Zhou) of C0RE Team CVE-2017-13194
Max Moroz of Google CVE-2017-13224
Mingjian Zhou (周明建) (@Mingjian_Zhou) of C0RE Team CVE-2017-13184, CVE-2017-13201
Niky1235 (@jiych_guru) CVE-2017-0855, CVE-2017-13195, CVE-2017-13181
tintinweb CVE-2017-13208
Tongxin Li and Xinhui Han of Peking University; Luyi Xing, Nan Zhang, Xueqiang Wang, and XiaoFeng Wang of Indiana University Bloomington; Xiaolong Bai of Tsinghua University; and Kai Chen of IIE, Chinese Academy of Sciences CVE-2017-13176
V.E.O (@VYSEa) of Mobile Threat Response Team, Trend Micro CVE-2017-13196, CVE-2017-13186
Wolfu (付敬贵) of Tencent Security Platform Department CVE-2017-13219, CVE-2017-13207
Xuan Xing of Google CVE-2017-13217
Yangkang (@dnpushme) of Qihoo360 Qex Team CVE-2017-13200
Yongke Wang (@Rudykewang) and Yuebin Sun of Tencent's Xuanwu Lab CVE-2017-13202
Yuan-Tsung Lo of C0RE Team CVE-2017-13213, CVE-2017-13221
Yu Pan and Yang Dai of Vulpecker Team, Qihoo 360 Technology Co. Ltd. CVE-2017-0869
Zinuo Han of Chengdu Security Response Center, Qihoo 360 Technology Co. Ltd. CVE-2017-13206, CVE-2017-13188, CVE-2017-13185

2017

Researcher CVEs
ADlab of Venustech CVE-2017-0630
Alexander Potapenko of Google Dynamic Tools team CVE-2017-0537
Alexandru Blanda CVE-2017-0390
Amir Cohen of Ben Gurion University Cyber Lab CVE-2017-0650
Ao Wang (@ArayzSegment) of Pangu Team CVE-2017-0691, CVE-2017-0700
Aravind Machiry of Shellphish Grill Team, University of California, Santa Barbara CVE-2017-0865
Dr. Asaf Shabtai of Ben Gurion University Cyber Lab CVE-2017-0650
Baozeng Ding (@sploving1) of Alibaba Mobile Security Group CVE-2017-0463, CVE-2017-0506, CVE-2017-0711, CVE-2017-0741, CVE-2017-0742, CVE-2017-0751, CVE-2017-0796, CVE-2017-0798, CVE-2017-0800, CVE-2017-0827, CVE-2017-0843, CVE-2017-0864, CVE-2017-9703, CVE-2017-9708, CVE-2017-11000, CVE-2017-11059, CVE-2017-13170
Ben Actis (@Ben_RA) CVE-2016-8461
Ben Seri of Armis, Inc. CVE-2017-0781, CVE-2017-0782, CVE-2017-0783, CVE-2017-0785
Billy Lau of Android Security CVE-2017-0335, CVE-2017-0336, CVE-2017-0338, CVE-2017-0460, CVE-2017-8263, CVE-2017-9682, CVE-2017-13162
Bo Liu of MS509Team CVE-2017-0490, CVE-2017-0601, CVE-2017-0639, CVE-2017-0645, CVE-2017-0784, CVE-2017-11042
Chao Yang of Alibaba Mobile Security Group CVE-2016-10280, CVE-2016-10281, CVE-2017-0565
Chenfu Bao (包沉浮) of Baidu X-Lab (百度安全实验室) CVE-2016-8417, CVE-2016-10236, CVE-2017-0728, CVE-2017-0738, CVE-2017-0766, CVE-2017-0794, CVE-2017-9681, CVE-2017-9684, CVE-2017-9693, CVE-2017-9694, CVE-2017-9696, CVE-2017-9702, CVE-2017-9715, CVE-2017-9717, CVE-2017-9720, CVE-2017-11001, CVE-2017-10999, CVE-2017-11057, CVE-2017-11060, CVE-2017-11061, CVE-2017-11064, CVE-2017-11089, CVE-2017-11090
Chengming Yang of Alibaba Mobile Security Group CVE-2016-10280, CVE-2016-10281, CVE-2017-0463, CVE-2017-0506, CVE-2017-0565, CVE-2017-0711, CVE-2017-0741, CVE-2017-0742, CVE-2017-0751, CVE-2017-0796, CVE-2017-0798, CVE-2017-0800, CVE-2017-0827, CVE-2017-0843, CVE-2017-0864, CVE-2017-9708, CVE-2017-11000, CVE-2017-11059, CVE-2017-13170
Chenxiong Qian of Georgia Tech CVE-2017-0860
Chi Zhang of C0RE Team CVE-2017-0666, CVE-2017-0681, CVE-2017-0684, CVE-2017-0765, CVE-2017-0836, CVE-2017-0857, CVE-2017-0880, CVE-2017-13166
Chiachih Wu (@chiachih_wu) of C0RE Team CVE-2016-8425, CVE-2016-8426, CVE-2016-8430, CVE-2016-8431, CVE-2016-8432, CVE-2016-8449, CVE-2016-8435, CVE-2016-8480, CVE-2016-8481, CVE-2016-8482, CVE-2017-0383, CVE-2017-0384, CVE-2017-0385, CVE-2017-0398, CVE-2017-0400, CVE-2017-0401, CVE-2017-0402, CVE-2017-0428, CVE-2017-0429, CVE-2017-0435, CVE-2017-0436, CVE-2017-0444, CVE-2017-0448
Chong Wang of Chengdu Security Response Center, Qihoo 360 Technology Co. Ltd. CVE-2017-0758
Cong Zheng (@shellcong) of Palo Alto Networks CVE-2017-0752
Constantinos Patsakis of University of Piraeus CVE-2017-0807
Cusas (华为公司的cusas) CVE-2017-0870
Dacheng Shao of C0RE Team CVE-2017-0483, CVE-2017-0739, CVE-2017-0769, CVE-2017-0801
Daniel Dakhno CVE-2017-0420
Daniel Micay of Copperhead Security CVE-2017-0397, CVE-2017-0405, CVE-2017-0410, CVE-2017-0826, CVE-2017-13160
Daxing Guo (@freener0) of Xuanwu Lab, Tencent CVE-2017-0386, CVE-2017-0553, CVE-2017-0585, CVE-2017-0706
derrek (@derrekr6) CVE-2016-8413, CVE-2016-8477, CVE-2017-0392, CVE-2017-0521, CVE-2017-0531, CVE-2017-0576, CVE-2017-8260
Di Shen (@returnsme) of KeenLab (@keen_lab), Tencent CVE-2016-8412, CVE-2016-8427, CVE-2016-8444, CVE-2016-10287, CVE-2017-0334, CVE-2017-0403, CVE-2017-0427, CVE-2017-0456, CVE-2017-0457, CVE-2017-0525, CVE-2017-8265
donfos (Aravind Machiry) of Shellphish Grill Team, UC Santa Barbara CVE-2016-5349, CVE-2016-8448, CVE-2016-8470, CVE-2016-8471, CVE-2016-8472
Dzmitry Lukyanenka CVE-2017-0414, CVE-2017-0703, CVE-2017-0808, CVE-2017-13157, CVE-2017-13158, CVE-2017-13159
Ecular Xu (徐健) of Trend Micro CVE-2017-0599, CVE-2017-0635, CVE-2017-0641, CVE-2017-0643, CVE-2017-0859
Efthimios Alepis of University of Piraeus CVE-2017-0807
Elphet of Alpha Team, Qihoo 360 Technology Co. Ltd. CVE-2017-0692, CVE-2017-0694, CVE-2017-0771, CVE-2017-0774, CVE-2017-0775
En He (@heeeeen4x) of MS509Team CVE-2017-0394, CVE-2017-0490, CVE-2017-0601, CVE-2017-0639, CVE-2017-0645, CVE-2017-0784, CVE-2017-11042
Eric Lafortune of GuardSquare CVE-2017-13156
Ethan Yonker of Team Win Recovery Project CVE-2017-0493
Fang Chen of Sony Mobile Communications Inc. CVE-2017-0481
Frank Liberato of Chrome CVE-2017-0409
Gal Beniamini of Project Zero CVE-2017-0411, CVE-2017-0412, CVE-2017-0561, CVE-2017-0569 CVE-2017-0570, CVE-2017-0571, CVE-2017-0572
Gengjia Chen (@chengjia4574) of IceSword Lab, Qihoo 360 Technology Co. Ltd. CVE-2016-8464, CVE-2016-10285, CVE-2016-10288, CVE-2016-10290, CVE-2016-10294, CVE-2016-10295, CVE-2016-10296, CVE-2017-0329, CVE-2017-0332, CVE-2017-0432, CVE-2017-0434, CVE-2017-0446, CVE-2017-0447, CVE-2017-0500, CVE-2017-0501, CVE-2017-0502, CVE-2017-0503, CVE-2017-0509, CVE-2017-0524, CVE-2017-0529, CVE-2017-0536, CVE-2017-0566, CVE-2017-0573, CVE-2017-0581, CVE-2017-0616, CVE-2017-0617, CVE-2017-0624, CVE-2017-0649, CVE-2017-0744, CVE-2017-6426, CVE-2017-8243, CVE-2017-8244, CVE-2017-8266, CVE-2017-8270, CVE-2017-9691, CVE-2017-10997
Godzheng (郑文选 @VirtualSeekers) of Tencent PC Manager CVE-2017-0602, CVE-2017-0646
Google WebM Team CVE-2017-0393
Gregory Vishnepolsky of Armis, Inc. CVE-2017-0781, CVE-2017-0782, CVE-2017-0783, CVE-2017-0785
Guang Gong (龚广) (@oldfresher) of Alpha Team, Qihoo 360 Technology Co. Ltd. CVE-2016-8415, CVE-2016-8419, CVE-2016-8420, CVE-2016-8421, CVE-2016-8454, CVE-2016-8455, CVE-2016-8456, CVE-2016-8457, CVE-2016-8465, CVE-2016-8476, CVE-2016-10283, CVE-2017-0387, CVE-2017-0415, CVE-2017-0437, CVE-2017-0438, CVE-2017-0439, CVE-2017-0441, CVE-2017-0442, CVE-2017-0443, CVE-2017-0453, CVE-2017-0454, CVE-2017-0461, CVE-2017-0464, CVE-2017-0547, CVE-2017-0567, CVE-2017-0574, CVE-2017-0575, CVE-2017-0577, CVE-2017-0580, CVE-2017-0584, CVE-2017-0692, CVE-2017-0694, CVE-2017-0727, CVE-2017-0748, CVE-2017-0771, CVE-2017-0774, CVE-2017-0775, CVE-2017-0786, CVE-2017-0787, CVE-2017-0788, CVE-2017-0789, CVE-2017-0790, CVE-2017-0791, CVE-2017-0792, CVE-2017-0825, CVE-2017-6424, CVE-2017-14904
Guangdong Bai of Singapore Institute of Technology (SIT) CVE-2017-0496
Güliz Seray Tuncay of the University of Illinois at Urbana-Champaign CVE-2017-0593
Guo Haoran of King Team CVE-2017-13172
Hanxiang Wen of C0RE Team CVE-2017-0400, CVE-2017-0418, CVE-2017-0479, CVE-2017-0480, CVE-2017-0665, CVE-2017-0681, CVE-2017-0737, CVE-2017-14904
Hao Chen of Alpha Team, Qihoo 360 Technology Co. Ltd. CVE-2016-8415, CVE-2016-8419, CVE-2016-8420, CVE-2016-8421, CVE-2016-8454, CVE-2016-8455, CVE-2016-8456, CVE-2016-8457, CVE-2016-8465, CVE-2016-8476, CVE-2016-10283, CVE-2017-0437, CVE-2017-0438, CVE-2017-0439, CVE-2017-0441, CVE-2017-0442, CVE-2017-0443, CVE-2017-0453, CVE-2017-0454, CVE-2017-0461, CVE-2017-0464, CVE-2017-0567, CVE-2017-0574, CVE-2017-0575, CVE-2017-0577, CVE-2017-0580, CVE-2017-0584, CVE-2017-0748, CVE-2017-0786, CVE-2017-0787, CVE-2017-0788, CVE-2017-0789, CVE-2017-0790, CVE-2017-0791, CVE-2017-0792, CVE-2017-0825, CVE-2017-6424
Hao Qin of Security Research Lab, Cheetah Mobile CVE-2017-11056
Hiroki Yamamoto of Sony Mobile Communications Inc. CVE-2017-0481
Hongli Han (@HexB1n) of C0RE Team CVE-2017-0384, CVE-2017-0385, CVE-2017-0731, CVE-2017-0739, CVE-2017-13154, CVE-2017-6276
hujianfei of Qihoo360 Qex Team CVE-2017-0753
Ian Foster (@lanrat) CVE-2017-0554
Jack Tang of Trend Micro Inc. CVE-2017-0579, CVE-2017-9706
Jake Corina of Shellphish Grill Team CVE-2017-0636, CVE-2017-0802
Jason Gu of Trend Micro CVE-2017-0780
Jeff Sharkey of Google CVE-2017-0421, CVE-2017-0423
Jeff Trim CVE-2017-0422
Jeremy Huang (@bittorrent3389) of King Team CVE-2017-13172
Jianjun Dai (@Jioun_dai) of Qihoo 360 Skyeye Labs CVE-2017-0478, CVE-2017-0541, CVE-2017-0559
Jianqiang Zhao (@jianqiangzhao) of IceSword Lab, Qihoo 360 CVE-2016-5346, CVE-2016-8416, CVE-2016-8475, CVE-2016-8478, CVE-2017-0445, CVE-2017-0458, CVE-2017-0459, CVE-2017-0518, CVE-2017-0519, CVE-2017-0533, CVE-2017-0534, CVE-2017-0862, CVE-2017-6425, CVE-2017-8233, CVE-2017-8261, CVE-2017-8268, CVE-2017-9718, CVE-2017-1000380
Joey Brand of Census Consulting Inc. CVE-2017-0698
Jon Sawyer (@jcase) CVE-2016-8461, CVE-2016-8462
Jose Martinez CVE-2017-0841
Juhu Nie of Xiaomi Inc. CVE-2016-10276
Jun Cheng of Alibaba Inc. CVE-2017-0404
Justin Paupore of Google CVE-2017-0831
Kevin Deus of Google CVE-2017-11052, CVE-2017-11054, CVE-2017-11055, CVE-2017-11062
Lenx Wei (韦韬) of Baidu X-Lab (百度安全实验室) CVE-2016-8417, CVE-2016-10236, CVE-2017-0728, CVE-2017-0738, CVE-2017-0766, CVE-2017-0794 CVE-2017-9681, CVE-2017-9684, CVE-2017-9693, CVE-2017-9694, CVE-2017-9696, CVE-2017-9702, CVE-2017-9715, CVE-2017-9717, CVE-2017-9720, CVE-2017-10999, CVE-2017-11001, CVE-2017-11057, CVE-2017-11060, CVE-2017-11061, CVE-2017-11064, CVE-2017-11089, CVE-2017-11090
Liyadong of Qex Team, Qihoo 360 CVE-2017-0647
Lorenzo Nicolodi CVE-2017-13165
Lubo Zhang of C0RE Team CVE-2016-8479, CVE-2017-0564, CVE-2017-7368
ma.la of LINE Corporation CVE-2016-5552
Makoto Onuki of Google CVE-2017-0491
Marco Bartoli (@wsxarcher) CVE-2017-0712
Mark Salyzyn of Google CVE-2017-0558
Max Spector of Google CVE-2017-0416
Michael Goberman of IBM Security X-Force CVE-2016-8467
Michal Bednarski CVE-2017-0598, CVE-2017-0806, CVE-2017-0871
Mike Anderson (@manderbot) of Tesla Motors Product Security Team CVE-2017-0327, CVE-2017-0328
Mingjian Zhou (@Mingjian_Zhou) of C0RE Team CVE-2017-0383, CVE-2017-0417, CVE-2017-0418, CVE-2017-0425, CVE-2017-0450, CVE-2017-0479, CVE-2017-0480, CVE-2017-0483, CVE-2017-0665, CVE-2017-0666, CVE-2017-0681, CVE-2017-0684, CVE-2017-0731, CVE-2017-0737, CVE-2017-0739, CVE-2017-0765, CVE-2017-0768, CVE-2017-0769, CVE-2017-0779, CVE-2017-0801, CVE-2017-0812, CVE-2017-0815, CVE-2017-0816, CVE-2017-0836, CVE-2017-0837, CVE-2017-0840, CVE-2017-0857, CVE-2017-8080, CVE-2017-6276, CVE-2017-13152, CVE-2017-13154, CVE-2017-13166, CVE-2017-13169, CVE-2017-14904
Monk Avel CVE-2017-0396, CVE-2017-0399
Nan Li of Xiaomi Inc. CVE-2016-10276
Nathan Crandall (@natecray) CVE-2017-0535
Nathan Crandall (@natecray) of Tesla Motors Product Security Team CVE-2017-0306, CVE-2017-0327, CVE-2017-0328, CVE-2017-0331, CVE-2017-0606, CVE-2017-8242, CVE-2017-9679
Nick Stephens of Shellphish Grill Team CVE-2017-0636, CVE-2017-0802
Nikolay Elenkov of LINE Corporation CVE-2016-5552
Niky1235 (@jiych_guru) CVE-2017-0603, CVE-2017-0670, CVE-2017-0697, CVE-2017-0726, CVE-2017-0818
Ning You of Alibaba Mobile Security Group CVE-2016-10280, CVE-2016-10281, CVE-2017-0463, CVE-2017-0565
Nitay Artenstein of Exodus Intelligence CVE-2017-9417
Omer Shwartz of Ben Gurion University Cyber Lab CVE-2017-0650
Peide Zhang of Vulpecker Team, Qihoo 360 Technology Co. Ltd. CVE-2017-0618, CVE-2017-0625
Peng Xiao of Alibaba Mobile Security Group CVE-2016-10280, CVE-2016-10281, CVE-2017-0463, CVE-2017-0506, CVE-2017-0565, CVE-2017-0842
Pengfei Ding (丁鹏飞) of Baidu X-Lab (百度安全实验室) CVE-2016-8417, CVE-2016-10236, CVE-2017-0728, CVE-2017-0738, CVE-2017-0766, CVE-2017-0794, CVE-2017-9681, CVE-2017-9684, CVE-2017-9693, CVE-2017-9694, CVE-2017-9696, CVE-2017-9702, CVE-2017-9715, CVE-2017-9717, CVE-2017-9720, CVE-2017-11001, CVE-2017-10999, CVE-2017-11057, CVE-2017-11060, CVE-2017-11061, CVE-2017-11064, CVE-2017-11089, CVE-2017-11090
Peter Pi of Tencent Security Platform Department CVE-2017-11046, CVE-2017-11091
Peter Pi (@heisecode) of Trend Micro CVE-2016-8424, CVE-2016-8428, CVE-2016-8429, CVE-2016-8460, CVE-2016-8469, CVE-2016-8473, CVE-2016-8474
pjf of IceSword Lab, Qihoo 360 Technology Co. Ltd. CVE-2016-5346, CVE-2016-8416, CVE-2016-8464, CVE-2016-8475, CVE-2016-8478, CVE-2016-10285, CVE-2016-10288, CVE-2016-10290, CVE-2016-10294, CVE-2016-10295, CVE-2016-10296, CVE-2017-0329, CVE-2017-0332, CVE-2017-0432, CVE-2017-0434, CVE-2017-0445, CVE-2017-0446, CVE-2017-0447, CVE-2017-0458, CVE-2017-0459, CVE-2017-0500, CVE-2017-0501, CVE-2017-0502, CVE-2017-0503, CVE-2017-0509, CVE-2017-0518, CVE-2017-0519, CVE-2017-0524, CVE-2017-0529, CVE-2017-0533, CVE-2017-0534, CVE-2017-0536, CVE-2017-0566, CVE-2017-0573, CVE-2017-0581, CVE-2017-0616, CVE-2017-0617, CVE-2017-0624, CVE-2017-0649, CVE-2017-0744, CVE-2017-0862, CVE-2017-6425, CVE-2017-6426, CVE-2017-8233, CVE-2017-8243, CVE-2017-8244, CVE-2017-8261, CVE-2017-8266, CVE-2017-8268, CVE-2017-8270, CVE-2017-9691, CVE-2017-9718, CVE-2017-10997, CVE-2017-1000380
Qidan He (何淇丹) (@flanker_hqd) of KeenLab, Tencent (腾讯科恩实验室) CVE-2017-0325, CVE-2017-0337, CVE-2017-0382, CVE-2017-0427, CVE-2017-0476, CVE-2017-0544, CVE-2017-0861, CVE-2017-0866, CVE-2017-13167, CVE-2017-13324, CVE-2017-15868
Qing Zhang of Qihoo 360 CVE-2017-0496
Qiwu Huang of Xiaomi Inc. CVE-2016-10276
Quhe of Ant-financial Light-Year Security Lab (蚂蚁金服巴斯光年安全实验室) CVE-2017-0522
Roee Hay (@roeehay) of Aleph Research, HCL Technologies CVE-2016-10277, CVE-2017-0563, CVE-2017-0582, CVE-2017-0648, CVE-2017-0829, CVE-2017-13174
Roee Hay of IBM Security X-Force Research CVE-2016-8467, CVE-2017-0510
Sagi Kedmi of IBM Security X-Force Research CVE-2017-0433, CVE-2017-0510
Sahara of Secure Communications in DarkMatter CVE-2017-0528
salls (@chris_salls) of Shellphish Grill Team, UC Santa Barbara CVE-2017-0505, CVE-2017-13168
Scott Bauer (@ScottyBauer1) CVE-2016-10274, CVE-2017-0339, CVE-2017-0405, CVE-2017-0504, CVE-2017-0516, CVE-2017-0521, CVE-2017-0562, CVE-2017-0576, CVE-2017-0705, CVE-2017-0740, CVE-2017-8259, CVE-2017-8260, CVE-2017-9680, CVE-2017-11053, CVE-2017-13160
Sean Beaupre (@firewaterdevs) CVE-2016-8461, CVE-2016-8462, CVE-2017-0455
Seven Shen (@lingtongshen) of Trend Micro Mobile Threat Research Team CVE-2016-8418, CVE-2016-8466, CVE-2016-10231, CVE-2017-0449, CVE-2017-0452, CVE-2017-0578, CVE-2017-0586, CVE-2017-0724, CVE-2017-0772, CVE-2017-0780, CVE-2017-6247, CVE-2017-6248, CVE-2017-6249, CVE-2017-7369
Shinichi Matsumoto of Fujitsu CVE-2017-0498
Simon Chung of Georgia Tech CVE-2017-0860
Stéphane Marques of ByteRev CVE-2017-0489
Stephen Morrow CVE-2017-0389
Svetoslav Ganov of Google CVE-2017-0492
Tim Becker CVE-2017-0546
Timothy Becker of CSS Inc. CVE-2017-0667, CVE-2017-0732, CVE-2017-0805
Tong Lin of C0RE Team CVE-2016-8425, CVE-2016-8426, CVE-2016-8449, CVE-2016-8479, CVE-2016-8481, CVE-2016-10291, CVE-2017-0333, CVE-2017-0428, CVE-2017-0435, CVE-2017-0436, CVE-2017-10661
Uma Sankar Pradhan (@umasankar_iitd) CVE-2017-0560
Valerio Costamagna (@vaio_co) CVE-2017-0712
Vasily Vasiliev CVE-2017-0589, CVE-2017-0637, CVE-2017-0638, CVE-2017-0642, CVE-2017-0675, CVE-2017-0676, CVE-2017-0682, CVE-2017-0683, CVE-2017-0696, CVE-2017-0699, CVE-2017-0701, CVE-2017-0702, CVE-2017-0716, CVE-2017-0757
V.E.O (@VYSEa) of Mobile Threat Research Team, Trend Micro CVE-2017-0381, CVE-2017-0424, CVE-2017-0466, CVE-2017-0467, CVE-2017-0468, CVE-2017-0469, CVE-2017-0470, CVE-2017-0471, CVE-2017-0472, CVE-2017-0473, CVE-2017-0482, CVE-2017-0484, CVE-2017-0485, CVE-2017-0486, CVE-2017-0487, CVE-2017-0494, CVE-2017-0495, CVE-2017-0538, CVE-2017-0539, CVE-2017-0540, CVE-2017-0555, CVE-2017-0556, CVE-2017-0557, CVE-2017-0587, CVE-2017-0590, CVE-2017-0600, CVE-2017-0640, CVE-2017-0674, CVE-2017-0677, CVE-2017-0679, CVE-2017-0680, CVE-2017-0685, CVE-2017-0686, CVE-2017-0689, CVE-2017-0693, CVE-2017-0695, CVE-2017-0713, CVE-2017-0715, CVE-2017-0750, CVE-2017-10662, CVE-2017-10663
wanchouchou of Ant-financial Light-Year Security Lab (蚂蚁金服巴斯光年安全实验室) CVE-2017-0522
Weichao Sun (@sunblate) of Alibaba Inc. CVE-2017-0391, CVE-2017-0407, CVE-2017-0549, CVE-2017-0759
Wenjun Hu of Palo Alto Networks CVE-2017-0752
Wenke Lee of Georgia Tech CVE-2017-0860
Wenke Dou of C0RE Team CVE-2017-0384, CVE-2017-0385, CVE-2017-0398, CVE-2017-0400, CVE-2017-0401, CVE-2017-0402, CVE-2017-0417, CVE-2017-0418, CVE-2017-0450, CVE-2017-0483, CVE-2017-0768, CVE-2017-0779, CVE-2017-0812, CVE-2017-0815, CVE-2017-0816
Wenlin Yang (@wenlin_yang) of Alpha Team, Qihoo 360 Technology Co. Ltd. CVE-2017-0577, CVE-2017-0580
Wish Wu (@wish_wu) (吴潍浠 此彼) of Ant-financial Light-Year Security Lab CVE-2017-0408, CVE-2017-0477, CVE-2017-11063, CVE-2017-11092
Wolfu (付敬贵) of Tencent Security Platform Department CVE-2017-0863, CVE-2017-11050, CVE-2017-11051, CVE-2017-11067, CVE-2017-11073, CVE-2017-11093
Xiangqian Zhang of Alibaba Mobile Security Group CVE-2017-0796, CVE-2017-0827
Xiao Zhang of Palo Alto Networks CVE-2017-0752
Xiaodong Wang of C0RE Team CVE-2017-0429, CVE-2017-0448
Xiling Gong of Tencent Security Platform Department CVE-2017-0597, CVE-2017-0708, CVE-2017-8236, CVE-2017-9690
Xingyuan Lin of 360 Marvel Team CVE-2017-0627, CVE-2017-13163
Xuxian Jiang of C0RE Team CVE-2016-8425, CVE-2016-8426, CVE-2016-8430, CVE-2016-8431, CVE-2016-8432, CVE-2016-8449, CVE-2016-8435, CVE-2016-8479, CVE-2016-8480, CVE-2016-8481, CVE-2016-8482, CVE-2016-10291, CVE-2017-0326, CVE-2017-0333, CVE-2017-0383, CVE-2017-0384, CVE-2017-0385, CVE-2017-0398, CVE-2017-0400, CVE-2017-0401, CVE-2017-0402, CVE-2017-0417, CVE-2017-0418, CVE-2017-0425, CVE-2017-0428, CVE-2017-0429, CVE-2017-0435, CVE-2017-0436, CVE-2017-0444, CVE-2017-0448, CVE-2017-0450, CVE-2017-0479, CVE-2017-0480, CVE-2017-0483, CVE-2017-0526, CVE-2017-0527, CVE-2017-0651, CVE-2017-0665, CVE-2017-0666, CVE-2017-0681, CVE-2017-0684, CVE-2017-0709, CVE-2017-0731, CVE-2017-0737, CVE-2017-0739, CVE-2017-0765, CVE-2017-0768, CVE-2017-0769, CVE-2017-0779, CVE-2017-0801, CVE-2017-7368, CVE-2017-8264, CVE-2017-10661
XTN CVE-2017-13165
Yan Zhou of Eagleye team, SCC, Huawei CVE-2017-9678
Yanfeng Wang of C0RE Team CVE-2016-8430, CVE-2016-8482
Yang Cheng of Xiaomi Inc. CVE-2016-10276
Yang Dai of Vulpecker Team, Qihoo 360 Technology Co. Ltd CVE-2017-0795, CVE-2017-0799, CVE-2017-0804, CVE-2017-0803, CVE-2017-6262, CVE-2017-6263, CVE-2017-6280
Yang Song of Alibaba Mobile Security Group CVE-2016-10280, CVE-2016-10281, CVE-2017-0463, CVE-2017-0506, CVE-2017-0565, CVE-2017-0711, CVE-2017-0741, CVE-2017-0742, CVE-2017-0751, CVE-2017-0796, CVE-2017-0798, CVE-2017-0800, CVE-2017-0827, CVE-2017-0842, CVE-2017-0843, CVE-2017-0864, CVE-2017-11000, CVE-2017-11059, CVE-2017-9703, CVE-2017-9708, CVE-2017-13170
Yanick Fratantonio (UC Santa Barbara, Shellphish Grill Team, EURECOM) CVE-2017-0860
Yangkang (@dnpushme) of Qex Team, Qihoo 360 CVE-2017-0647, CVE-2017-0690, CVE-2017-0753
Yao Jun of C0RE Team CVE-2016-8431, CVE-2016-8432, CVE-2016-8435, CVE-2016-8480
Yaoguang Chen of Ant-financial Light-Year Security Lab (蚂蚁金服巴斯光年安全实验室) CVE-2017-13171
Yong Wang (王勇) (@ThomasKing2014) of Alibaba Inc. CVE-2017-0404, CVE-2017-0588, CVE-2017-0842, CVE-2017-13164, CVE-2017-9708, CVE-2017-13170
Yonggang Guo (@guoygang) of IceSword Lab, Qihoo 360 Technology Co. Ltd. CVE-2016-10289, CVE-2017-0465, CVE-2017-0564, CVE-2017-0746, CVE-2017-0749, CVE-2017-7370, CVE-2017-8267, CVE-2017-8269, CVE-2017-8271, CVE-2017-8272, CVE-2017-11048, CVE-2017-12146
Yongke Wang of Tencent's Xuanwu Lab CVE-2017-0729, CVE-2017-0767, CVE-2017-0839, CVE-2017-0848
Dr. Yossi Oren of Ben Gurion University Cyber Lab CVE-2017-0650
Yu Pan of Vulpecker Team, Qihoo 360 Technology Co. Ltd CVE-2016-10282, CVE-2017-0517, CVE-2017-0532, CVE-2017-0615, CVE-2017-0618, CVE-2017-0625, CVE-2017-0795, CVE-2017-0799, CVE-2017-0804, CVE-2017-0803, CVE-2017-6262, CVE-2017-6263, CVE-2017-6280
Yuan-Tsung Lo of C0RE Team CVE-2016-8425, CVE-2016-8426, CVE-2016-8430, CVE-2016-8431, CVE-2016-8432, CVE-2016-8435, CVE-2016-8449, CVE-2016-8479, CVE-2016-8480, CVE-2016-8481, CVE-2016-8482, CVE-2016-10291, CVE-2017-0326, CVE-2017-0333, CVE-2017-0428, CVE-2017-0429, CVE-2017-0435, CVE-2017-0436, CVE-2017-0444, CVE-2017-0448, CVE-2017-0526, CVE-2017-0527, CVE-2017-6264, CVE-2017-6274, CVE-2017-6275, CVE-2017-0651, CVE-2017-0709, CVE-2017-0824, CVE-2017-7368, CVE-2017-8264, CVE-2017-10661, CVE-2017-14903
Yuebin Sun of Tencent's Xuanwu Lab CVE-2017-0767, CVE-2017-0839, CVE-2017-0848
Yuqi Lu (@nikos233) of C0RE Team CVE-2017-0383, CVE-2017-0401, CVE-2017-0417, CVE-2017-0425, CVE-2017-0483
Yuxiang Li (@Xbalien29) of Tencent Security Platform Department CVE-2017-0395, CVE-2017-0669, CVE-2017-0704
Zach Riggle (@ebeip90) of the Android Security Team CVE-2017-0710
Zhanpeng Zhao (行之) (@0xr0ot) of Security Research Lab, Cheetah Mobile CVE-2016-8451
Zhe Jin (金哲) of Chengdu Security Response Center, Qihoo 360 Technology Co. Ltd. CVE-2017-0758, CVE-2017-0760
Zhen Zhou (@henices) of NSFocus CVE-2017-0406
Zhi Xu of Palo Alto Networks CVE-2017-0752
Zhixin Li of NSFocus CVE-2017-0406
Zinuo Han from Chengdu Security Response Center of Qihoo 360 Technology Co. Ltd. CVE-2017-0475, CVE-2017-0497, CVE-2017-0548, CVE-2017-0678, CVE-2017-0691, CVE-2017-0700, CVE-2017-0714, CVE-2017-0718, CVE-2017-0719, CVE-2017-0720, CVE-2017-0722, CVE-2017-0725, CVE-2017-0745, CVE-2017-0760, CVE-2017-0761, CVE-2017-0764, CVE-2017-0776, CVE-2017-0777, CVE-2017-0778, CVE-2017-0813, CVE-2017-0814, CVE-2017-0820, CVE-2017-0823, CVE-2017-0850, CVE-2017-0858, CVE-2017-0879
Zubin Mithra of Google CVE-2017-0462, CVE-2017-8241

Additional contributions

We would also like to acknowledge the contributions of the following individuals to Android security:

2016

Abhishek Arya of Google Chrome Security Team

Adam Donenfeld et al. of Check Point Software Technologies Ltd.

Adam Powell of Google

Alex Chapman of Context Information Security

Altaf Shaik of Security in Telecommunications

Andre Teixeira Rizzo

Andrea Biondo

Andrei Kapishnikov of Google

Andy Tyler (@ticarpi) of e2e-assure

Anestis Bechtsoudis (@anestisb) of CENSUS S.A.

Ao Wang (@ArayzSegment) of PKAV, Silence Information Technology

Askyshang of Security Platform Department, Tencent

Baozeng Ding of Alibaba Mobile Security Group

Ben Hawkes of Google Project Zero

Billy Lau of Android Security

Brad Ebinger of Google Telecom Team

Broadgate Team

Chad Brubaker of Android Security

Chao Yang of Alibaba Mobile Security Group

Chenfu Bao (包沉浮) of Baidu X-Lab

Chengming Yang of Alibaba Mobile Security Group

Chi Zhang of C0RE Team

Chiachih Wu (@chiachih_wu) of C0RE Team from Qihoo 360

Christian Seel

Christopher Tate of Google

Constantinos Patsakis of University of Piraeus

Cory Pruce of Carnegie Mellon University

Cristiano Giuffrida of Vrije Universiteit Amsterdam

Daniel Micay of Copperhead Security

David Benjamin of Google

David Riley of the Google Pixel C Team

Dawei Peng (Vinc3nt4H) of Alibaba Mobile Security Team

Di Shen (@returnsme) of KeenLab (@keen_lab), Tencent

Dianne Hackborn of Google

Dmitry Vyukov of Google Dynamic Tools team

Dominik Schürmann of Institute for Operating Systems and Computer Networks, TU Braunschweig

Dongdong She of UC Riverside

Dongkwan Kim (dkay@kaist.ac.kr) of System Security Lab, KAIST

dosomder

dragonltx of Alibaba mobile security team

DS

Dzmitry Lukyanenka (www.linkedin.com/in/dzima)

Ecular Xu (徐健) of Trend Micro

Efthimios Alepis of University of Piraeus

En He (@heeeeen4x) of MS509Team

Gal Beniamini (@laginimaineb, http://bits-please.blogspot.com)

Gengjia Chen (@chengjia4574) of Lab 0x031E, Qihoo 360 Technology Co. Ltd

Gengming Liu (刘耕铭) (@dmxcsnsbh) of KeenLab, Tencent

George Piskas of École polytechnique fédérale de Lausanne

Giovanni Vigna of University of California, Santa Barbara

Greg Kaiser of Google Android Team

Guang Gong (龚广) (@oldfresher) of Qihoo 360 Technology Co. Ltd.

Hang Zhang of UC Riverside

Hanxiang Wen of C0RE Team

Hao Chen of Vulpecker Team, Qihoo 360 Technology Co. Ltd.

Hao Qin of Security Research Lab, Cheetah Mobile

Herbert Bos of Vrije Universiteit Amsterdam

Hongil Kim (hongilk@kaist.ac.kr) of System Security Lab, KAIST

Imre Rad of Search-Lab Ltd.

Iwo Banas

Jake Valletta of Mandiant, a FireEye company

James Forshaw of Google Project Zero

Jann Horn (https://thejh.net)

Jason Rogena

Jeremy C. Joslin of Google

jfang of KEEN lab, Tencent (@K33nTeam)

Jianqiang Zhao (@jianqiangzhao) of IceSword Lab, Qihoo 360

Joshua Drake (@jduck)

Jouni Malinen PGP id EFC895FA

Kai Lu (@K3vinLuSec) of Fortinet's FortiGuard Labs

Kandala Shivaram reddy

Kaveh Razavi of Vrije Universiteit Amsterdam

Kenny Root of Google

Lee Campbell of Google

Lubo Zhang of C0RE Team

Maciej Szawłowski of the Google Security Team

Madhu Priya Murugan of CISPA, Saarland University

Makoto Onuki of Google

Marco Grassi (@marcograss) of KeenLab (@keen_lab), Tencent

Marco Nelissen of Google

Mark Brand of Google Project Zero

Mark Renouf of Google

Martin Barbella of Google Chrome Security Team

Martina Lindorfer of University of California, Santa Barbara

Max Spector of Google

MengLuo Gou (@idhyt3r) of Bottle Tech

Michał Bednarski ( github.com/michalbednarski)

Mike Maarse

Min Chong of Android Security

Mingjian Zhou (@Mingjian_Zhou) of C0RE Team, Qihoo 360

Miriam Gershenson of Google

Nancy Wang of Vertu Corporation LTD

Nasim Zamir

Nathan Crandall (@natecray) of Tesla Motors Product Security Team

Nico Golde (@iamnion) of Qualcomm Product Security Initiative

Nightwatch Cybersecurity Research (@nightwatchcyber)

Ning You of Alibaba Mobile Security Group

Oleksiy Vyalov of Google

Oliver Chang of Google Chrome Security Team

Paul Stone of Context Information Security

Peng Xiao of Alibaba Mobile Security Group

Pengfei Ding (丁鹏飞) of Baidu X-Lab

Peter Pi (@heisecode) of Trend Micro

pjf of IceSword Lab, Qihoo 360

Quan Nguyen of Google Information Security Engineer Team

Qianwei Hu (rayxcp@gmail.com) of WooYun TangLab

Qidan He (@Flanker_hqd) of KeenLab (@keen_lab), Tencent

Richard Shupak

Ricky Wai of Google

Robin Lee of Google

Roee Hay, IBM Security X-Force Researcher

Roeland Krak

Romain Trouvé of MWR Labs

Ronald L. Loor Vargas (@loor_rlv) of TEAM Lv51

Sagi Kedmi, IBM Security X-Force Researcher

Samuel Tan of Google

Santos Cordon of Google Telecom Team

Scott Bauer (@ScottyBauer1)

Sen Nie (@nforest_) of KEEN lab, Tencent (@K33nTeam)

Sergey Bobrov (@Black2Fan) of Kaspersky Lab

Seven Shen (@lingtongshen) of Trend Micro (www.trendmicro.com)

Sharvil Nanavati of Google

Shinjo Park (@ad_ili_rai) of Security in Telecommunications

Stuart Henderson

Su Mon Kywe of Singapore Management University

Tao (Lenx) Wei (韦韬) of Baidu X-Lab

Thom Does

Tieyan Li of Huawei

Tim Strazzere (@timstrazz) of SentinelOne / RedNaga

Tom Craig of Google X

Tom Rootjunky

Tong Lin of C0RE Team

Tongxin Li of Peking University

trotmaster (@trotmaster99)

Vasily Vasilev

Victor Chang of Google

Victor van der Veen of Vrije Universiteit Amsterdam

Vignesh Venkatasubramanian of Google

Vishwath Mohan of Android Security

Wei Wei (@Danny__Wei) of Xuanwu LAB, Tencent

Weichao Sun (@sunblate) of Alibaba Inc

Wen Niu (@NWMonster) of KeenLab (@keen_lab), Tencent

Wenke Dou of C0RE Team

Wenlin Yang of Alpha Team, Qihoo 360 Technology Co. Ltd.

William Roberts ( william.c.roberts@intel.com)

Wish Wu (@wish_wu) (吴潍浠) of Mobile Threat Response Team, Trend Micro Inc.

Xiaodong Wang of C0RE Team

Xiaofeng Wang of Indiana University Bloomington

Xiling Gong of Tencent Security Platform Department

Xingyu He (何星宇) (@Spid3r_) of Alibaba Inc

Xinhui Han of Peking University

Xuxian Jiang of C0RE Team, Qihoo 360

Yabin Cui from Android Bionic Team

Yacong Gu of TCA Lab, Institute of Software, Chinese Academy of Sciences

Yakov Shafranovich of Nightwatch Cybersecurity

Yang Dong of Alibaba Mobile Security Group

Yang Song of Alibaba Mobile Security Group

Yanick Fratantonio of University of California, Santa Barbara

Yao Jun of C0RE Team

Yeonjoon Lee of Indiana University Bloomington

Yi Zhang of Alibaba Mobile Security Group

Yingjiu Li of Singapore Management University

Yong Shi of Eagleye team, SCC, Huawei

Yong Wang (王勇) (@ThomasKing2014) of Alibaba Inc.

Yongke Wang (@Rudykewang) of Xuanwu LAB, Tencent

Yongzheng Wu of Huawei

Yuan-Tsung Lo (computernik@gmail.com) of C0RE Team

Yulong Zhang of Baidu X-Lab

Yuru Shao of University of Michigan Ann Arbor

Yuxiang Li (@Xbalien29) of Tencent Security Platform Department

Zach Riggle (@ebeip90) of the Android Security Team

Zhanpeng Zhao (行之) (@0xr0ot) of Security Research Lab, Cheetah Mobile

Zhe Jin (金哲) of Chengdu Security Response Center, Qihoo 360 Technology Co. Ltd.

Zhiyun Qian of UC Riverside

Zinuo Han of PKAV, Silence Information Technology

Zubin Mithra of Google

2015

Abhishek Arya, Google Chrome Security Team

Alex Copot

Alex Eubanks

Alexandru Blanda

Arne Swinnen (www.arneswinnen.net)

Artem Chaykin

Ben Hawkes

Brennan Lautner

Chiachih Wu of C0RE Team from Qihoo 360

Darmstadt (siegfried.rasthofer@gmail.com)

Daniel Micay (daniel.micay@copperhead.co) at Copperhead Security

Dongkwan Kim of System Security Lab, KAIST (dkay@kaist.ac.kr)

dragonltx of Alibaba Mobile Security Team

Gal Beniamini ( http://bits-please.blogspot.com)

Guang Gong (龚广) (@oldfresher, higongguang@gmail.com) of Qihoo 360 Technology Co.Ltd

Hongil Kim of System Security Lab, KAIST (hongilk@kaist.ac.kr)

Ian Beer of Google Project Zero

Iván Arce (@4Dgifts) of Programa STIC at Fundación Dr. Manuel Sadosky, Buenos Aires Argentina

Jack Tang of Trend Micro (@jacktang310)

jgor of The University of Texas at Austin (@indiecom)

Joaquín Rinaudo (@xeroxnir) of Programa STIC at Fundación Dr. Manuel Sadosky, Buenos Aires Argentina

Jordan Gruskovnjak of Exodus Intelligence (@jgrusko)

Joshua Drake of Zimperium

Lei Wu of C0RE Team from Qihoo 360

Marco Grassi (@marcograss) of KeenTeam (@K33nTeam)

Mark Carter (@hanpingchinese) of EmberMitre Ltd

Martin Barbella, Google Chrome Security Team

Michael Peck of The MITRE Corporation (mpeck@mitre.org)

Michał Bednarski ( https://github.com/michalbednarski)

Michael Roland of JR-Center u'smile at University of Applied Scienses, Upper Austria/Hagenberg

Natalie Silvanovich of Google Project Zero

Oliver Chang, Google Chrome Security Team

Peter Pi of Trend Micro

Ping Li of Qihoo 360 Technology Co. Ltd

Qidan He (@flanker_hqd) from KeenTeam (@K33nTeam, http://k33nteam.org/)

Roee Hay and Or Peles

Seven Shen of Trend Micro

Siegfried Rasthofer of Secure Software Engineering Group, EC SPRIDE Technische Universität

Stephan Huber of Testlab Mobile Security, F raunhofer SIT (Stephan.Huber@sit.fraunhofer.de)

Steven Vittitoe of Google Project Zero

Tony Beltramelli (@Tbeltramelli) of tonybeltramelli.com

Tzu-Yin (Nina) Tai

Wangtao(neobyte) of Baidu X-Team

Wen Xu (@antlr7) from KeenTeam (@K33nTeam, http://k33nteam.org/)

William Roberts ( william.c.roberts@intel.com)

Wish Wu of Trend Micro Inc. (@wish_wu)

Xuxian Jiang of C0RE Team from Qihoo 360

Yajin Zhou of C0RE Team from Qihoo 360

2014

Aaron Mangel of Banno (amangel@gmail.com)

Alex Park (@saintlinu)

Alexandru Gheorghita

Andrey Labunets of Facebook

Ange Albertini (@angealbertini)

Axelle Apvrille of Fortinet, FortiGuards Labs

Dan Amodio of Aspect Security (@DanAmodio)

David Murdoch

Henry Hoggard of MWR Labs (@HenryHoggard)

Imre Rad of Search-Lab Ltd.

Jann Horn Green Droid Patch Symbol

Jeff Forristal of Bluebox Security

Joseph Redfern of MWR Labs
(@JosephRedfern)

Kunal Patel of Samsung KNOX Security Team (kunal.patel1@samsung.com)

Luander Michel Ribeiro (@luanderock)

Luyi Xing of Indiana University Bloomington (xingluyi@gmail.com)

Marc Blanchou (@marcblanchou)

Mathew Solnik (@msolnik)

Michał Bednarski

Raimondas Sasnauskas of University of Utah

Robert Craig of Trusted Systems Research Group, US National Security Agency Patch Symbol

Samsung Mobile

Scotty Bauer of University of Utah (sbauer@eng.utah.edu)

Sebastian Brenza

Siegfried Rasthofer of Secure Software Engineering Group, EC SPRIDE Technische Universität Darmstadt (siegfried.rasthofer@gmail.com)

Sony Mobile

Stephan Huber of Testlab Mobile Security, Fraunhofer SIT (Stephan.Huber@sit.fraunhofer.de)

Stephen Smalley of Trusted Systems Research Group, US National Security Agency Patch Symbol

Steven Arzt of Secure Software Engineering Group, EC SPRIDE Technische Universität Darmstadt (Steven.Arzt@ec-spride.de)

Subodh Iyengar of Facebook

Tongxin Li of Peking University (litongxin1991@gmail.com)

Tony Trummer of The Men in the Middle
(@SecBro1)

Tushar Dalvi (@tushardalvi)

Valera Neronov

Wang Tao of Baidu X-Team (wintao@gmail.com)

Wang Yu of Baidu X-Team (@xi4oyu)

Will Shackleton of Facebook

William Roberts (bill.c.roberts@gmail.com) Patch Symbol

Xiaofeng Wang of Indiana University Bloomington (xw7@indiana.edu)

Xiaoyong Zhou of Indiana University Bloomington
(@xzhou, zhou.xiaoyong@gmail.com)

Xinhui Han of Peking University (hanxinhui@pku.edu.cn)

Yeonjoon Lee of Indiana University Bloomington (luc2yj@gmail.com)

Yu-Cheng Lin 林禹成 (@AndroBugs)

Zhang Dong Hui of Baidu X-Team (shineastdh)

2013

Ivaylo Marinkov of eCommera (ivo@tsarstva.bg)

Jon Sawyer of Applied Cybersecurity LLC (jon@cunninglogic.com)

Joshua J. Drake of Accuvant LABS (@jduck) Patch Rewards Symbol

Kan Yuan

Lucas Yang (amadoh4ck) of RaonSecurity (amadoh4ck@gmail.com)

Luyi Xing of Indiana University Bloomington (xingluyi@gmail.com)

Mike Ryan of iSEC Partners
(@mpeg4codec, mikeryan@isecpartners.com )

Muhammad Naveed of University of Illinois at Urbana-Champaign
(naveed2@illinois.edu)

Qualcomm Product Security Initiative

Roee Hay (@roeehay, roeehay@gmail.com)

Robert Craig of Trusted Systems Research Group, US National Security Agency Patch Symbol

Ruben Santamarta of IOActive (@reversemode)

Stephen Smalley of Trusted Systems Research Group, US National Security Agency Patch Symbol

William Roberts (bill.c.roberts@gmail.com) Patch Symbol

Xiaorui Pan of Indiana University Bloomington (eagle200467@gmail.com)

XiaoFeng Wang of Indiana University Bloomington (xw7@indiana.edu)

2012

David Weinstein (@insitusec) of viaForensics

Jann Horn

Ravishankar Borgaonkari (@raviborgaonkar) of TU Berlin

Robert Craig of Trusted Systems Research Group, US National Security Agency Patch Symbol

Roee Hay (@roeehay, roeehay@gmail.com)

Stephen Smalley of Trusted Systems Research Group, US National Security Agency Patch Symbol

William Roberts (bill.c.roberts@gmail.com) Patch Symbol

2011

Collin Mulliner of MUlliNER.ORG (@collinrm)

2009

Charlie Miller (@0xcharlie)

Collin Mulliner of MUlliNER.ORG (@collinrm)