BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
Zeta Components Mail 1.8.1 - Remote Code Execution16-11-2017
Microsoft Edge Chakra JIT - Type Confusion with switch Statements16-11-2017
Microsoft Edge Chakra: JIT - 'OP_Memset' Type Confusion16-11-2017
Microsoft Edge Chakra: JIT - 'Lowerer::LowerBoundCheck' Incorrect Integer Overflow Check16-11-2017
Vonage VDV23 - Cross-Site Scripting16-11-2017
Microsoft Edge - 'Object.setPrototypeOf' Memory Corruption16-11-2017
LanSweeper 6.0.100.75 - Cross-Site Scripting16-11-2017
TP-Link TL-WR740N - Cross-Site Scripting16-11-2017
VX Search 10.2.14 - 'Proxy' Buffer Overflow (SEH)16-11-2017
D-Link DIR605L - Denial of Service14-11-2017
PSFTPd Windows FTP Server 10.0.4 Build 729 - Log Injection / Use-After-Free14-11-2017
D-Link DIR-850L - Unauthenticated OS Command Execution (Metasploit)14-11-2017
Dup Scout Enterprise 10.0.18 - 'Login' Buffer Overflow14-11-2017
Ulterius Server < 1.9.5.0 - Directory Traversal13-11-2017
Kirby CMS < 2.5.7 - Cross-Site Scripting13-11-2017
IKARUS anti.virus 2.16.7 - 'ntguard_x64' Privilege Escalation13-11-2017
Web Viewer 1.0.0.193 (Samsung SRN-1670D) - Unrestricted File Upload13-11-2017
Symantec Endpoint Protection 12.1 - Tamper-Protection Bypass10-11-2017
pfSense 2.3.1_1 - Command Execution07-11-2017
ManageEngine Applications Manager 13 - SQL Injection07-11-2017
CMS Website by Webmonster.gr - SQL Injection07-11-2017
CMS Developed by Galcode - SQL Injection07-11-2017
Xlight FTP Server 3.8.8.5 - Buffer Overflow (PoC)07-11-2017
Linux Kernel 4.13 (Ubuntu 17.10) - 'waitid()' SMEP/SMAP Privilege Escalation06-11-2017
Oyabunstyle.de CMS SQL Injection06-11-2017
SMPlayer 17.11.0 - '.m3u' Buffer Overflow (PoC)05-11-2017
Avaya OfficeScan (IPO) < 10.1 - ActiveX Buffer Overflow05-11-2017
Avaya OfficeScan (IPO) < 10.1 - 'SoftConsole' Buffer Overflow (SEH)05-11-2017
WordPress Plugin Userpro < 4.9.17.1 - Authentication Bypass04-11-2017
Actiontec C1000A Modem - Backdoor Account04-11-2017