BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!

Last Advisories
NodeJS Debugger - Command Injection (Metasploit)26-09-2017
Supervisor 3.0a1 - 3.3.2 - XML-RPC Authenticated Remote Code Execution (Metasploit)25-09-2017
Disk Pulse Enterprise 10.0.12 - GET Buffer Overflow (SEH)25-09-2017
FLIR Thermal Camera FC-S/PT - Command Injection25-09-2017
FLIR Thermal Camera F/FC/PT/D - Stream Disclosure25-09-2017
FLIR Thermal Camera F/FC/PT/D - SSH Backdoor25-09-2017
Linux/x86_64 - mkdir() 'evil' Shellcode (30 bytes)25-09-2017
FLIR Thermal Camera F/FC/PT/D - Information Disclosure25-09-2017
FLIR Systems FLIR Thermal Camera PT-Series (PT-334 200562) - Root Remote Code Execution25-09-2017
Oracle 9i XDB - HTTP PASS Buffer Overflow25-09-2017
DenyAll WAF < 6.3.0 - Remote Code Execution (Metasploit)23-09-2017
CyberLink LabelPrint < 2.5 - Buffer Overflow (SEH Unicode)23-09-2017
Multi Level Marketing - SQL Injection22-09-2017
Cash Back Comparison Script 1.0 - SQL Injection22-09-2017
Lending And Borrowing - 'pid' Parameter SQL Injection22-09-2017
Claydip Airbnb Clone 1.0 - Arbitrary File Upload22-09-2017
PHP Auction Ecommerce Script 1.6 - SQL Injection22-09-2017
Secure E-commerce Script 1.02 - 'sid' Parameter SQL Injection22-09-2017
Stock Photo Selling 1.0 - SQL Injection22-09-2017
Disk Pulse Enterprise 9.9.16 - GET Buffer Overflow (Metasploit)21-09-2017
Linux Kernel <= 4.13.1 - BlueTooth Buffer Overflow (PoC)21-09-2017
Microsoft Edge Chakra - Deferred Parsing Makes Wrong Scopes21-09-2017
Microsoft Edge Chakra - 'JavascriptFunction::ReparseAsmJsModule' Incorrectly Re-parses21-09-2017
Microsoft Edge - Chakra Incorrectly Parses Object Patterns21-09-2017
Microsoft Edge Chakra - 'Parser::ParseCatch' does not Handle 'eval'21-09-2017
PHPMyFAQ 2.9.8 - Cross-Site Scripting21-09-2017
HPE < 7.2 - Java Deserialization19-09-2017
Microsoft Edge 38.14393.1066.0 - Memory Corruption with Partial Page Loading19-09-2017
Microsoft Edge 38.14393.1066.0 - 'COptionsCollectionCacheItem::GetAt' Out-of-Bounds Read19-09-2017
Microsoft Windows Kernel win32k.sys TTF Font Processing - Out-of-Bounds Reads/Writes with Malformed 'fpgm' table (win32k!bGeneratePath)18-09-2017