BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
phpBB 3.2.3 - Remote Code Execution12-12-2019
Oracle Weblogic Server - Deserialization Remote Command Execution (Patch Bypass)25-10-2019
Zoho ManageEngine ServiceDesk Plus 9.3 - Cross-Site Scripting22-05-2019
AUO Solar Data Recorder < 1.3.0 - 'addr' Cross-Site Scripting22-05-2019
Zoho ManageEngine ServiceDesk Plus < 10.5 - Improper Access Restrictions22-05-2019
Horde Webmail 5.2.22 - Multiple Vulnerabilities22-05-2019
RarmaRadio 2.72.3 - 'Server' Denial of Service (PoC)22-05-2019
TapinRadio 2.11.6 - 'Address' Denial of Service (PoC)22-05-2019
BlueStacks 4.80.0.1060 - Denial of Service (PoC)22-05-2019
TapinRadio 2.11.6 - 'Uername' Denial of Service (PoC)22-05-2019
RarmaRadio 2.72.3 - 'Username' Denial of Service (PoC)22-05-2019
Carel pCOWeb < B1.2.1 - Credentials Disclosure22-05-2019
Carel pCOWeb < B1.2.1 - Cross-Site Scripting22-05-2019
macOS < 10.14.5 / iOS < 12.3 JavaScriptCore - Loop-Invariant Code Motion (LICM) in DFG JIT Leaves Stack Variable Uninitialized21-05-2019
macOS < 10.14.5 / iOS < 12.3 DFG JIT Compiler - 'HasIndexedProperty' Use-After-Free21-05-2019
Deluge 1.3.15 - 'Webseeds' Denial of Service (PoC)21-05-2019
WordPress Plugin WPGraphQL 0.2.3 - Multiple Vulnerabilities21-05-2019
Oracle CTI Web Service - 'EBS_ASSET_HISTORY_OPERATIONS' XML Entity Injection21-05-2019
macOS < 10.14.5 / iOS < 12.3 XNU - 'in6_pcbdetach' Stale Pointer Use-After-Free21-05-2019
Deluge 1.3.15 - 'URL' Denial of Service (PoC)21-05-2019
TP-LINK TL-WR840N v5 00000005 - Cross-Site Scripting21-05-2019
macOS < 10.14.5 / iOS < 12.3 JavaScriptCore - AIR Optimization Incorrectly Removes Assignment to Register21-05-2019
Brocade Network Advisor 14.4.1 - Unauthenticated Remote Code Execution21-05-2019
macOS < 10.14.5 / iOS < 12.3 XNU - Wild-read due to bad cast in stf_ioctl21-05-2019
Moodle Jmol Filter 6.1 - Directory Traversal / Cross-Site Scripting21-05-2019
Huawei eSpace 1.1.11.103 - DLL Hijacking20-05-2019
Huawei eSpace Meeting 1.1.11.103 - 'cenwpoll.dll' SEH Buffer Overflow (Unicode)20-05-2019
Huawei eSpace 1.1.11.103 - Image File Format Handling Buffer Overflow20-05-2019
docPrint Pro 8.0 - Denial of Service (PoC)20-05-2019
Encrypt PDF 2.3 - Denial of Service (PoC)20-05-2019