BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
Emacs - movemail Privilege Escalation (Metasploit)04-12-2018
Mozilla Firefox 63.0.1 - Denial of Service (PoC)03-12-2018
Apache Superset < 0.23 - Remote Code Execution03-12-2018
PHP Server Monitor 3.3.1 - Cross-Site Request Forgery03-12-2018
WordPress Plugin Advanced-Custom-Fields 5.7.7 - Cross-Site Scripting03-12-2018
Budabot 4.0 - Denial of Service (PoC)03-12-2018
PhpSpreadsheet < 1.5.0 - XML External Entity (XXE)30-11-2018
Linux Kernel 4.15.x < 4.19.2 - 'map_write() CAP_SYS_ADMIN' Local Privilege Escalation (cron Method)21-11-2018
Linux Kernel 4.15.x < 4.19.2 - 'map_write() CAP_SYS_ADMIN' Local Privilege Escalation (ldpreload Method)21-11-2018
Linux/x64 - Bind TCP (4444/TCP) Shell (/bin/sh) + Password (1234567) Shellcode (136 bytes)09-11-2018
Keybase keybase-redirector - '$PATH' Local Privilege Escalation22-10-2018
LibSSH 0.7.6 / 0.8.4 - Unauthorized Access20-10-2018
TeamCity < 9.0.2 - Disabled Registration Bypass28-03-2018
Xion 1.0.125 - '.m3u' Local SEH-Based Unicode Venetian Exploit05-03-2018
Dup Scout Enterprise 10.5.12 - 'Share Username' Local Buffer Overflow05-03-2018
TestLink Open Source Test Management < 1.9.16 - Remote Code Execution02-03-2018
uWSGI < 2.0.17 - Directory Traversal02-03-2018
DualDesk 20 - 'Proxy.exe' Denial of Service02-03-2018
SEGGER embOS/IP FTP Server 3.22 - Denial of Service02-03-2018
D-Link DIR-600M Wireless - Cross-Site Scripting02-03-2018
IrfanView 4.50 Email Plugin - Buffer Overflow (SEH Unicode)02-03-2018
IrfanView 4.44 Email Plugin - Buffer Overflow (SEH)02-03-2018
Apple iOS 11.2.5 / watchOS 4.2.2 / tvOS 11.2.5 - 'bluetoothd' Memory Corruption28-02-2018
Routers2 2.24 - Cross-Site Scripting28-02-2018
GetGo Download Manager 5.3.0.2712 - Buffer Overflow (SEH)27-02-2018
School Management Script 3.0.4 - Authentication Bypass27-02-2018
Joomla! Component K2 2.8.0 - Arbitrary File Download27-02-2018
Microsoft Windows Windows 8.1/2012 R2 - SMB Denial of Service27-02-2018
Schools Alert Management Script 2.0.2 - Authentication Bypass27-02-2018
MyBB My Arcade Plugin 1.3 - Cross-Site Scripting27-02-2018