BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
BaoFeng ActiveX OnBeforeVideoDownload() Remote BOF Exploit30-04-2009
Leap CMS 0.1.4 (searchterm) Blind SQL Injection Exploit30-04-2009
Leap CMS 0.1.4 (SQL-XSS-SU) Multiple Remote Vulnerabilities30-04-2009
Linux Kernel 2.6 UDEV < 141 Local Privilege Escalation Exploit30-04-2009
Google Chrome 1.0.154.53 (Null Pointer) Remote Crash Exploit30-04-2009
Mercury Audio Player 1.21 (.b4s) Local Stack Overflow Exploit30-04-2009
Multiple Vendor PF Null Pointer Dereference Vulnerability30-04-2009
Mercury Audio Player 1.21 (.pls) SEH Overwrite Exploit30-04-2009
eLitius 1.0 (banner-details.php id) SQL Injection Vulnerability29-04-2009
Baby Web Server 2.7.2.0 Arbitrary File Disclosure Exploit29-04-2009
ProjectCMS 1.0b (index.php sn) Remote SQL Injection Vulnerability29-04-2009
S-Cms 1.1 Stable (page) Local File Inclusion Vulnerability29-04-2009
Zubrag Smart File Download 1.3 Arbitrary File Download Vulnerability29-04-2009
mpegable Player 2.12 (YUV File) Local Stack Overflow PoC29-04-2009
Adobe Reader 8.1.4-9.1 GetAnnots() Remote Code Execution Exploit29-04-2009
Adobe 8.1.4-9.1 customDictionaryOpen() Code Execution Exploit29-04-2009
Symantec Fax Viewer Control 10 (DCCFAXVW.DLL) Remote BOF Exploit29-04-2009
Tiger DMS (Auth Bypass) Remote SQL Injection Vulnerability29-04-2009
webSPELL <= 4.2.0d Local File Disclosure Exploit (.c linux)28-04-2009
VisionLMS 1.0 (changePW.php) Remote Password Change Exploit28-04-2009
MIM: InfiniX 1.2.003 Multiple SQL Injection Vulnerabilities28-04-2009
Linux Kernel 2.6.x SCTP FWD Memory Corruption Remote Exploit28-04-2009
Autodesk IDrop ActiveX Remote Code Execution Exploit28-04-2009
Quick 'n Easy Web Server 3.3.5 Arbitrary File Disclosure Exploit28-04-2009
ABC Advertise 1.0 Admin Password Disclosure Vulnerability27-04-2009
Teraway LinkTracker 1.0 Insecure Cookie Handling Vulnerability27-04-2009
Teraway FileStream 1.0 Insecure Cookie Handling Vulnerability27-04-2009
Teraway LiveHelp 2.0 Insecure Cookie Handling Vulnerability27-04-2009
Teraway LinkTracker 1.0 Remote Password Change Exploit27-04-2009
Belkin Bulldog Plus HTTP Server Remote Buffer Overflow Exploit27-04-2009