BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
Joomla! Component Saxum Numerology 3.0.4 - SQL Injection16-02-2018
PHIMS - Hospital Management Information System - 'Password' SQL Injection16-02-2018
PSNews Website 1.0.0 - 'Keywords' SQL Injection16-02-2018
Joomla! Component Saxum Picker 3.2.10 - SQL Injection16-02-2018
Pdfium - Pattern Shading Integer Overflows15-02-2018
Chrome V8 - 'Runtime_RegExpReplace' Integer Overflow15-02-2018
Microsoft Edge Chakra JIT - 'LdThis' Type Confusion15-02-2018
Microsoft Edge Chakra JIT - 'Array.prototype.reverse' Array Type Confusion15-02-2018
Microsoft Edge Chakra JIT - 'NewScObjectNoCtor' Array Type Confusion15-02-2018
Pdfium - Out-of-Bounds Read with Shading Pattern Backed by Pattern Colorspace15-02-2018
Microsoft Edge Chakra JIT - ImplicitCallFlags Checks Bypass15-02-2018
Microsoft Edge Chakra JIT - 'GlobOpt::OptTagChecks' Must Consider IsLoopPrePass Properly (2)15-02-2018
Microsoft Edge Chakra JIT - Array Type Confusion via InitProto Instructions15-02-2018
Microsoft Edge Chakra JIT - Memory Corruption15-02-2018
Dell EMC Isilon OneFS - Multiple Vulnerabilities14-02-2018
SOA School Management - 'access_login' SQL Injection14-02-2018
userSpice 4.3 - Cross-Site Scripting14-02-2018
GNU binutils 2.26.1 - Integer Overflow (POC)14-02-2018
Social Oauth Login PHP - Authentication Bypass14-02-2018
NAT32 2.2 Build 22284 - Remote Command Execution14-02-2018
NAT32 2.2 Build 22284 - Cross-Site Request Forgery14-02-2018
Advantech WebAccess 8.3.0 - Remote Code Execution13-02-2018
News Website Script 2.0.4 - 'search' SQL Injection13-02-2018
TypeSetter CMS 5.1 - Cross-Site Request Forgery13-02-2018
TypeSetter CMS 5.1 - 'Host' Header Injection13-02-2018
CloudMe Sync < 1.11.0 - Buffer Overflow13-02-2018
reserved by SOFTMAN Admin panel bypass12-02-2018
Developed by: EDCP login.asp bypass12-02-2018
Juju-run Agent - Privilege Escalation (Metasploit)12-02-2018
glibc - '$ORIGIN' Expansion Privilege Escalation (Metasploit)12-02-2018