BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
Spybot Search & Destroy 1.6.2 Security Center Service - Privilege Escalation 17-03-2015
Moodle 2.5.9/2.6.8/2.7.5/2.8.3 - Block Title Handler Cross-Site Scripting 17-03-2015
Metasploit Project < 4.11.1 Initial User Creation CSRF 17-03-2015
Adobe Flash Player PCRE Regex Vulnerability 17-03-2015
ElasticSearch Search Groovy Sandbox Bypass 16-03-2015
WordPress WPML - Multiple Vulnerabilities 16-03-2015
WordPress SEO by Yoast 1.7.3.3 - Blind SQL Injection 16-03-2015
IPass Control Pipe Remote Command Execution 16-03-2015
Shellcode - Linux/x86 - Reverse TCP Shell (72 bytes) 16-03-2015
Shellcode - linux/x86 - Obfuscated execve("/bin/sh") (40 bytes) 16-03-2015
Shellcode - linux/x86 - Obfuscated - map google.com to 127.1.1.1 (98 bytes) 16-03-2015
Shellcode - Linux/x86 - chmod 0777 /etc/shadow obfuscated (84 bytes) 16-03-2015
Intel Network Adapter Diagnostic Driver - IOCTL Handling Vulnerability 16-03-2015
Shellcode - linux/x86 - ROT13 encoded execve("/bin/sh") (68 bytes) 16-03-2015
Foxit Reader 7.0.6.1126 - Unquoted Service Path Elevation Of Privilege 16-03-2015
Brasero CD/DVD Burner 3.4.1 - 'm3u' Buffer Overflow Crash PoC 16-03-2015
Smart PHP Poll - Auth Bypass Vulnerability 16-03-2015
Shellcode - Linux/x86 - TCP Bind Shell (96 bytes) 16-03-2015
Adobe Flash Player ByteArray UncompressViaZlibVariant Use After Free 12-03-2015
Foxit Products GIF Conversion Memory Corruption (LZWMinimumCodeSize) 11-03-2015
Foxit Products GIF Conversion Memory Corruption (DataSubBlock) 11-03-2015
Microsoft Windows Text Services Memory Corruption (MS15-020) 11-03-2015
ElasticSearch Unauthenticated Remote Code Execution 11-03-2015
Codoforum 2.5.1 - Arbitrary File Download 10-03-2015
GeniXCMS 0.0.1 - Multiple Vulnerabilities 10-03-2015
Rowhammer: NaCl Sandbox Escape PoC 09-03-2015
Rowhammer: Linux Kernel Privilege Escalation PoC 09-03-2015
Instant v2.0 SQL Injection Vulnerability09-03-2015
WordPress Download Manager 2.7.2 - Privilege Escalation 06-03-2015
ProjectSend r561 - SQL Injection Vulnerability 06-03-2015