Samsung Find My Mobile: Bad Use of ECDH during Binding SmartTag, awarded a $2,500 bug bounty.

Samsung Find My Mobile: Device tracking via BLE advertisements, awarded a $400 bug bounty.

Samsung Find My Mobile: Device tracking via BLE advertisements and public keys, awarded a $800 bug bounty.

Samsung Find My Mobile: Unauthorized rebinding vulnerability in SmartTag, awarded a $2,500 bug bounty.

Samsung Find My Mobile: Weak Key of Encrypt-offline-location Function, awarded a $200 bug bounty.

Bluetooth MAC address (BD_ADDR) reuse CVE-2023-21307, awarded a $5,000 bug bounty.

BLE Identity Resolving Key (IRK) reuse CVE-2021-39673, awarded a $5,000 bug bounty.

BLESA on iOS Bluetooth Low Energy CVE-2020-9770

Exploiting Cross-Transport Key Derivation between Bluetooth BR/EDR and BLE CVE-2020-15802

Impersonation Attack in Bluetooth Mesh Provisioning CVE-2020-26560