BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
Joomla Component CCNewsLetter 2.1.9 - 'sbid' Parameter SQL Injection27-07-2017
AudioCoder 0.8.46 - Local Buffer Overflow (SEH)26-07-2017
Friends in War Make or Break 1.7 - SQL Injection26-07-2017
MediaCoder 0.8.48.5888 - Local Buffer Overflow (SEH)26-07-2017
Microsoft Windows - LNK Shortcut File Code Execution (Metasploit)26-07-2017
Friends in War Make or Break 1.7 - Cross-Site Request Forgery (Change Admin Password)26-07-2017
WebKit JSC - 'arrayProtoFuncSplice' Uninitialized Memory Reference25-07-2017
WebKit JSC - 'ArgumentsEliminationPhase::transform' Incorrect LoadVarargs Handling25-07-2017
Friends in War Make or Break 1.7 - Authentication Bypass25-07-2017
WebKit JSC - 'JSObject::putInlineSlow and JSValue::putToPrimitive' Universal Cross-Site Scripting25-07-2017
WebKit JSC - 'JSArray::appendMemcpy' Uninitialized Memory Copy25-07-2017
WebKit JSC - 'ObjectPatternNode::appendEntry' Stack Use-After-Free25-07-2017
WebKit JSC - 'DFG::ByteCodeParser::flush(InlineStackEntry* inlineStackEntry)' Incorrect Scope Register Handling25-07-2017
WebKit - 'WebCore::getCachedWrapper' Use-After-Free24-07-2017
Razer Synapse 2.20.15.1104 - rzpnk.sys ZwOpenProcess (Metasploit)24-07-2017
WebKit - 'WebCore::AccessibilityNodeObject::textUnderElement' Use-After-Free24-07-2017
WebKit - 'WebCore::InputType::element' Use-After-Free24-07-2017
PaulShop - SQL Injection / Cross-Site Scripting24-07-2017
REDDOXX Appliance Build 2032 / 2.0.625 - Arbitrary File Disclosure24-07-2017
VICIdial 2.9 RC 1 to 2.13 RC1 - user_authorization Unauthenticated Command Execution (Metasploit)24-07-2017
IPFire < 2.19 Update Core 110 - Remote Code Execution (Metasploit)24-07-2017
WebKit - 'WebCore::Node::nextSibling' Use-After-Free24-07-2017
WebKit - 'WebCore::RenderSearchField::addSearchResult' Heap Buffer Overflow24-07-2017
REDDOXX Appliance Build 2032 / 2.0.625 - Remote Command Execution24-07-2017
WebKit - 'WebCore::Node::getFlag' Use-After-Free24-07-2017
WebKit - 'WebCore::AccessibilityRenderObject::handleAriaExpandedChanged' Use-After-Free24-07-2017
WebKit - 'WebCore::RenderObject' with Accessibility Enabled Use-After-Free24-07-2017
Sophos Web Appliance 4.3.0.2 - 'trafficType' Remote Command Injection (Metasploit)18-07-2017
Barracuda Load Balancer Firmware <= 6.0.1.006 - Remote Command Injection (Metasploit)18-07-2017
Belkin NetCam F7D7601 - Multiple Vulnerabilities17-07-2017