BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!

Last Advisories
Liquid Studio 2.17 - Denial of Service (PoC)11-01-2019
Tree Studio 2.17 - Denial of Service (PoC)11-01-2019
Windows/x86 - Download With Tftp And Execute Shellcode (51-60 bytes)(msvcrt.system)(Generator)11-01-2019
Joomla! Component JoomProject - Information Disclosure11-01-2019
Code Blocks 17.12 - Local Buffer Overflow (SEH) (Unicode)11-01-2019
Selfie Studio 2.17 - Denial of Service (PoC)11-01-2019
Pixel Studio 2.17 - Denial of Service (PoC)11-01-2019
Paint Studio 2.17 - Denial of Service (PoC)11-01-2019
OpenSSH SCP Client - Write Arbitrary Files11-01-2019
eBrigade ERP 4.5 - SQL Injection10-01-2019
OpenSource ERP 6.3.1. - SQL Injection10-01-2019
Event Calendar 3.7.4 - 'id' SQL Injection10-01-2019
Event Locations 1.0.1 - 'id' SQL Injection10-01-2019
Shield CMS 2.2 - 'email' SQL Injection10-01-2019
MLMPro 1.0 - SQL Injection10-01-2019
Architectural 1.0 - 'email' SQL Injection10-01-2019
doitX 1.0 - 'search' SQL Injection10-01-2019
Matrix MLM Script 1.0 - Information Disclosure10-01-2019
RGui 3.5.0 - Local Buffer Overflow (SEH)(DEP Bypass)10-01-2019
eBrigade ERP 4.5 - Arbitrary File Download10-01-2019
PEAR Archive_Tar < 1.4.4 - PHP Object Injection10-01-2019
BlogEngine 3.3 - XML External Entity Injection09-01-2019
Microsoft Windows - DSSVC CheckFilePermission Arbitrary File Deletion09-01-2019
polkit - Temporary auth Hijacking via PID Reuse and Non-atomic Fork09-01-2019
Heatmiser Wifi Thermostat 1.7 - Cross-Site Request Forgery (Update Admin)09-01-2019
ZTE MF65 BD_HDV6MF65V1.0.0B05 - Cross-Site Scripting09-01-2019
Google Chrome V8 JavaScript Engine 71.0.3578.98 - Out-of-Memory. Denial of Service (PoC)09-01-2019
Linux/x86 - wget chmod execute over execve /bin/sh -c Shellcode (119 bytes)09-01-2019
Microsoft Office SharePoint Server 2016 - Denial of Service (Metasploit)09-01-2019
Dolibarr ERP-CRM 8.0.4 - 'rowid' SQL Injection08-01-2019