BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
BulletProof FTP Server 2019.0.0.50 - 'SMTP Server' Denial of Service (PoC)19-02-2019
Jenkins - Remote Code Execution19-02-2019
Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2 - Path Traversal / Cross-Site Scripting19-02-2019
Valentina Studio 9.0.4 - 'Host' Denial of Service (PoC)19-02-2019
Ask Expert Script 3.0.5 - Cross Site Scripting / SQL Injection19-02-2019
Find a Place CMS Directory 1.5 - 'assets/external/data_2.php cate' SQL Injection19-02-2019
Zuz Music 2.1 - 'zuzconsole/___contact ' Persistent Cross-Site Scripting19-02-2019
MaxxAudio Drivers WavesSysSvc64.exe 1.6.2.0 - Local Privilege Escalation19-02-2019
Listing Hub CMS 1.0 - 'pages.php id' SQL Injection19-02-2019
NetSetMan 4.7.1 - 'Workgroup' Denial of Service (PoC)19-02-2019
XAMPP 5.6.8 - SQL Injection / Persistent Cross-Site Scripting19-02-2019
eDirectory - SQL Injection19-02-2019
Realterm Serial Terminal 2.0.0.70 - Local Buffer Overflow (SEH)18-02-2019
WordPress Plugin WooCommerce - GloBee (cryptocurrency) Payment Gateway 1.1.1 - Payment Bypass / Unauthorized Order Status Spoofing18-02-2019
Realterm Serial Terminal 2.0.0.70 - Denial of Service18-02-2019
Zoho ManageEngine ServiceDesk Plus (SDP) < 10.0 build 10012 - Arbitrary File Upload18-02-2019
M/Monit 3.7.2 - Privilege Escalation18-02-2019
Oracle Java Runtime Environment - Heap Out-of-Bounds Read During TTF Font Rendering in ExtractBitMap_blocClass18-02-2019
ArangoDB Community Edition 3.4.2-1 - Cross-Site Scripting18-02-2019
Apache CouchDB 2.3.0 - Cross-Site Scripting18-02-2019
Oracle Java Runtime Environment - Heap Out-of-Bounds Read During TTF Font Rendering in OpenTypeLayoutEngine::adjustGlyphPositions18-02-2019
Oracle Java Runtime Environment - Heap Out-of-Bounds Read During TTF Font Rendering in AlternateSubstitutionSubtable::process18-02-2019
CMSsite 1.0 - 'post' SQL Injection18-02-2019
Comodo Dome Firewall 2.7.0 - Cross-Site Scripting18-02-2019
NBMonitor 1.6.5.0 - 'Key' Denial of Service (PoC)18-02-2019
qdPM 9.1 - 'type' Cross-Site Scripting18-02-2019
macOS - Reverse (127.0.0.1:4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (103 bytes)18-02-2019
macOS - Bind (4444/TCP) Shell (/bin/sh) + IPv6 Shellcode (129 bytes)18-02-2019
mIRC < 7.55 - Remote Command Execution Using Argument Injection Through Custom URI Protocol Handlers18-02-2019
Oracle Java Runtime Environment - Heap Out-of-Bounds Read During OTF Font Rendering in glyph_CloseContour18-02-2019