BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
PHP Realestate Script Script 4.9.0 - SQL Injection 27-05-2016
Graphite2 - NameTable::getName Multiple Heap-Based Out-of-Bounds Reads 26-05-2016
Graphite2 - TtfUtil::CmapSubtable4NextCodepoint Heap-Based Overread 26-05-2016
Graphite2 - TtfUtil::CheckCmapSubtable12 Heap-Based Overread 26-05-2016
Graphite2 - GlyphCache::Loader Heap-Based Overreads 26-05-2016
Graphite2 - GlyphCache::GlyphCache Heap-Based Buffer Overflow 26-05-2016
HP Data Protector A.09.00 - Arbitrary Command Execution 26-05-2016
Micro Focus Rumba+ 9.4 - Multiple Stack Buffer Overflow Vulnerabilities 26-05-2016
EduSec 4.2.5 - SQL Injection 26-05-2016
Real Estate Portal 4.1 - Multiple Vulnerabilities 26-05-2016
PowerFolder Server 10.4.321 - Remote Code Execution 25-05-2016
Ubiquiti airOS Arbitrary File Upload 25-05-2016
Oracle ATS Arbitrary File Upload 25-05-2016
AfterLogic WebMail Pro ASP.NET 6.2.6 - Administrator Account Disclosure via XXE Injection 24-05-2016
Job Script by Scubez - Remote Code Execution 23-05-2016
Linux x86_64 Information Stealer Shellcode 23-05-2016
Operation Technology ETAP 14.1.0 - Multiple Stack Buffer Overrun Vulnerabilities 23-05-2016
Operation Technology ETAP 14.1.0 - Local Privilege Escalation 23-05-2016
XenAPI 1.4.1 for XenForo - Multiple SQL Injections 23-05-2016
VirIT Explorer Lite & Pro 8.1.68 - Local Privilege Escalation 19-05-2016
4digits 1.1.4 - Local Buffer Overflow 19-05-2016
SAP NetWeaver AS JAVA 7.1 - 7.5 - Information Disclosure 19-05-2016
SAP NetWeaver AS JAVA 7.1 - 7.5 - SQL Injection 19-05-2016
Apple Quicktime - MOV File Parsing Memory Corruption Vulnerability 19-05-2016
Magento < 2.0.6 - Unauthenticated Arbitrary Unserialize -> Arbitrary Write File 18-05-2016
Symantec/Norton Antivirus - ASPack Remote Heap/Pool Memory Corruption Vulnerability 17-05-2016
Windows - gdi32.dll Heap-Based Buffer Overflow in ExtEscape() Triggerable via EMR_EXTESCAPE EMF Record (MS16-055) 17-05-2016
Windows - gdi32.dll Multiple Issues in the EMF COMMENT_MULTIFORMATS Record Handling (MS16-055) 17-05-2016
Windows - gdi32.dll Multiple Issues in the EMF CREATECOLORSPACEW Record Handling (MS16-055) 17-05-2016
Adobe Flash - SetNative Use-After-Free 17-05-2016