BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
MS14-012 Microsoft Internet Explorer CMarkup Use-After-Free 16-04-2014
Xerox DocuShare - SQL Injection 15-04-2014
Unitrends Enterprise Backup 7.3.0 - Unauthenticated Root RCE 15-04-2014
NETGEAR N600 WIRELESS DUAL BAND WNDR3400 - Multiple Vulnerabilities 15-04-2014
Adobe Reader for Android 11.1.3 - Arbitrary JavaScript Execution 15-04-2014
eScan Web Management Console Command Injection 14-04-2014
Wordpress Twitget Plugin 3.3.1 - Multiple Vulnerabilities 14-04-2014
Wordpress Quick Page/Post Redirect Plugin 5.0.3 - Multiple Vulnerabilities 14-04-2014
PDF Album v1.7 iOS - File Include Web Vulnerability 14-04-2014
WhatsApp < v2.11.7 - Remote Crash 14-04-2014
WordPress Theme LineNity 1.20 - Local File Inclusion 14-04-2014
Sagem Fast 3304-V2 - Authentification Bypass 14-04-2014
Internet Explorer 10 & Adobe Flash Player (12.0.0.70, 12.0.0.77) - CMarkup Use-After-Free 14-04-2014
Microweber CMS 0.93 - CSRF Vulnerability 13-04-2014
CubeCart 5.2.8 - Session Fixation 13-04-2014
Apple Mac OS X Lion Kernel <= xnu-1699.32.7 except xnu-1699.24.8 NFS Mount - Privilege Escalation Exploit 11-04-2014
Sendy 1.1.9.1 - SQL Injection Vulnerability 11-04-2014
MS14-017 Microsoft Word RTF Object Confusion 10-04-2014
Orbit Open Ad Server 1.1.0 - SQL Injection 10-04-2014
Heartbleed OpenSSL Information Leak Exploit 10-04-2014
XCloner Standalone 3.5 - CSRF Vulnerability 10-04-2014
Sophos Web Protection Appliance Interface Authenticated Arbitrary Command Execution 10-04-2014
Vtiger Install Unauthenticated Remote Command Execution 10-04-2014
QuickCms 5.4 - Multiple Vulnerabilites 09-04-2014
csUpload Script Site - Authentication Bypass 09-04-2014
OpenSSL 1.0.1f TLS Heartbeat Extension - Memory Disclosure (Multiple SSL/TLS versions) 09-04-2014
MacOS X 10.9 Hard Link Memory Corruption 08-04-2014
Fritz!Box Webcm Unauthenticated Command Injection 08-04-2014
WinRAR Filename Spoofing 08-04-2014
OpenSSL TLS Heartbeat Extension - Memory Disclosure 08-04-2014