BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
Linux/x86 - iptables -F Shellcode (43 bytes)04-03-2019
Splunk Enterprise 7.2.4 - Custom App Remote Command Execution (Persistent Backdoor / Custom Binary)04-03-2019
Google Chrome < M72 - Use-After-Free in RenderProcessHostImpl Binding for P2PSocketDispatcherHost01-03-2019
Google Chrome < M72 - FileWriterImpl Use-After-Free01-03-2019
Linux < 4.14.103 / < 4.19.25 - Out-of-Bounds Read and Write in SNMP NAT Module01-03-2019
tcpdump < 4.9.3 - Multiple Heap-Based Out-of-Bounds Reads01-03-2019
macOS XNU - Copy-on-Write Behavior Bypass via Mount of User-Owned Filesystem Image01-03-2019
Google Chrome < M72 - PaymentRequest Service Use-After-Free01-03-2019
Cisco WebEx Meetings < 33.6.6 / < 33.9.1 - Privilege Escalation01-03-2019
Google Chrome < M72 - RenderFrameHostImpl::CreateMediaStreamDispatcherHost Use-After-Free01-03-2019
WordPress Core 5.0 - Remote Code Execution01-03-2019
FTP Server 1.32 - Denial of Service28-02-2019
WebKitGTK 2.23.90 / WebKitGTK+ 2.22.6 - Denial of Service28-02-2019
Simple Online Hotel Reservation System - SQL Injection28-02-2019
Simple Online Hotel Reservation System - Cross-Site Request Forgery (Add Admin)28-02-2019
Feng Office 3.7.0.5 - Remote Command Execution (Metasploit)28-02-2019
Usermin 1.750 - Remote Command Execution (Metasploit)28-02-2019
TransMac 12.3 - Denial of Service (PoC)28-02-2019
Joomla! Component J2Store < 3.3.7 - SQL Injection28-02-2019
Simple Online Hotel Reservation System - Cross-Site Request Forgery (Delete Admin)28-02-2019
PHP 7.2 - 'imagecolormatch()' Out of Band Heap Write27-02-2019
Jenkins Plugin Script Security 1.49/Declarative 1.3.4/Groovy 2.60 - Remote Code Execution25-02-2019
zzzphp CMS 1.6.1 - Remote Code Execution25-02-2019
Advance Gift Shop Pro Script 2.0.3 - SQL Injection25-02-2019
Xlight FTP Server 3.9.1 - Buffer Overflow (PoC)25-02-2019
News Website Script 2.0.5 - SQL Injection25-02-2019
Drupal < 8.6.9 - REST Module Remote Code Execution25-02-2019
PHP Ecommerce Script 2.0.6 - Cross-Site Scripting / SQL Injection25-02-2019
Drupal < 8.6.10 / < 8.5.11 - REST Module Remote Code Execution23-02-2019
WinRAR 5.61 - Path Traversal22-02-2019