BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
Hotel Booking Script 3.4 - Cross-Site Request Forgery (Change Admin Password)19-12-2018
PassFab RAR 9.3.2 - Buffer Overflow (SEH)19-12-2018
Linux Kernel 4.4 - 'rtnetlink' Stack Memory Disclosure19-12-2018
Linux/x64 - Disable ASLR Security Shellcode (93 Bytes)19-12-2018
Nsauditor 3.0.28.0 - Local SEH Buffer Overflow18-12-2018
AnyBurn 4.3 - Local Buffer Overflow Denial of Service18-12-2018
Exel Password Recovery 8.2.0.0 - Local Buffer Overflow Denial of Service18-12-2018
MegaPing - Local Buffer Overflow Denial of Service18-12-2018
MiniShare 1.4.1 - Remote Buffer Overflow HEAD and POST Method18-12-2018
Microsoft Windows - 'jscript!JsArrayFunctionHeapSort' Out-of-Bounds Write18-12-2018
SDL Web Content Manager 8.5.0 - XML External Entity Injection18-12-2018
Google Chrome 70 - SQLite Magellan Crash (PoC)15-12-2018
phpMyAdmin 4.8.4 - 'AllowArbitraryServer' Arbitrary File Read15-12-2018
Double Your Bitcoin Script Automatic - Authentication Bypass14-12-2018
Facebook And Google Reviews System For Businesses 1.1 - SQL Injection14-12-2018
UltraISO 9.7.1.3519 - 'Output FileName' Denial of Service (PoC)14-12-2018
Facebook And Google Reviews System For Businesses 1.1 - Remote Code Execution14-12-2018
Fortify Software Security Center (SSC) 17.10/17.20/18.10 - Information Disclosure14-12-2018
Angry IP Scanner 3.5.3 - Denial of Service (PoC)14-12-2018
Facebook And Google Reviews System For Businesses - Cross-Site Request Forgery (Change Admin Password)14-12-2018
Fortify Software Security Center (SSC) 17.10/17.20/18.10 - Information Disclosure (2)14-12-2018
Huawei Router HG532e - Command Execution14-12-2018
Zortam MP3 Media Studio 24.15 - Local Buffer Overflow (SEH)14-12-2018
Responsive FileManager 9.13.4 - Multiple Vulnerabilities14-12-2018
Cisco RV110W - Password Disclosure / Command Execution14-12-2018
Safari - Proxy Object Type Confusion (Metasploit)14-12-2018
CyberLink LabelPrint 2.5 - Stack Buffer Overflow (Metasploit)13-12-2018
WebKit JIT - Int32/Double Arrays can have Proxy Objects in the Prototype Chains13-12-2018
Linux - 'userfaultfd' Bypasses tmpfs File Permissions13-12-2018
ThinkPHP 5.0.23/5.1.31 - Remote Code Execution11-12-2018