BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!

Last Advisories
Remote Process Explorer - Denial of Service SEH Overwrite (PoC)01-02-2019
SureMDM < 2018-11 Patch - Local / Remote File Inclusion01-02-2019
Linux/x86 - Read /etc/passwd Shellcode (58 Bytes) (3)01-02-2019
LanHelper 1.74 - Denial of Service (PoC)31-01-2019
FlexHEX 2.46 - Denial of Service SEH Overwrite (PoC)31-01-2019
ASPRunner Professional 6.0.766 - Denial of Service (PoC)31-01-2019
macOS XNU - Copy-on-Write Behaviour Bypass via Partial-Page Truncation of File31-01-2019
macOS < 10.14.3 / iOS < 12.1.3 - Sandbox Escapes due to Type Confusions and Memory Safety Issues in iohideventsystem31-01-2019
UltraISO - 'Output FileName' Local Buffer Overflow (SEH)31-01-2019
R 3.5.0 - Local Buffer Overflow (SEH)31-01-2019
macOS < 10.14.3 / iOS < 12.1.3 - Arbitrary mach Port Name Deallocation in XPC Services due to Invalid mach Message Parsing in _xpc_serializer_unpack31-01-2019
macOS < 10.14.3 / iOS < 12.1.3 XNU - 'vm_map_copy' Optimization which Requires Atomicity isn't Atomic31-01-2019
Anyburn 4.3 - 'Convert image to file format' Denial of Service31-01-2019
AMAC Address Change 5.4 - Denial of Service (PoC)31-01-2019
Advanced Host Monitor 11.90 Beta - 'Registration number' Denial of Service (PoC)31-01-2019
macOS < 10.14.3 / iOS < 12.1.3 - Kernel Heap Overflow in PF_KEY due to Lack of Bounds Checking when Retrieving Statistics31-01-2019
10-Strike Network Inventory Explorer 8.54 - Local Buffer Overflow (SEH) (DEP Bypass)30-01-2019
Rukovoditel Project Management CRM 2.4.1 - 'lists_id' SQL Injection30-01-2019
Windows/x86 - 'msiexec.exe' Download and Execute Shellcode (95 bytes)30-01-2019
Necrosoft DIG 0.4 - Denial of Service SEH Overwrite (PoC)30-01-2019
iOS/macOS 10.13.6 - 'if_ports_used_update_wakeuuid()' 16-byte Uninitialized Kernel Stack Disclosure30-01-2019
IP-Tools 2.50 - Denial of Service SEH Overwrite (PoC)30-01-2019
Advanced File Manager 3.4.1 - Denial of Service (PoC)30-01-2019
HTML5 Video Player 1.2.5 - Local Buffer Overflow (Non SEH)29-01-2019
Linux/x86 - execve(/bin/sh) + RShift-1 Encoded Shellcode (29 bytes)29-01-2019
PDF Signer 3.0 - Server-Side Template Injection leading to Remote Command Execution (via Cross-Site Request Forgery Cookie)29-01-2019
MiniUPnPd 2.1 - Out-of-Bounds Read29-01-2019
Check Point ZoneAlarm - Local Privilege Escalation17-01-2019
Microsoft Windows CONTACT - Remote Code Execution17-01-2019
Oracle Reports Developer Component - Cross-site Scripting17-01-2019