BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
IPSwitch MOVEit 8.1 < 9.4 - Cross-Site Scripting02-02-2018
Real Estate Custom Script - 'route' SQL Injection02-02-2018
Joomla! Component JMS Music 1.1.1 - SQL Injection02-02-2018
Fancy Clone Script - 'search_browse_product' SQL Injection02-02-2018
WebKit - 'WebCore::FrameView::clientToLayoutViewportPoint' Use-After-Free01-02-2018
BMC Server Automation RSCD Agent - NSH Remote Command Execution (Metasploit)01-02-2018
WebKit - 'detachWrapper' Use-After-Free01-02-2018
Geovision Inc. IP Camera & Video - Remote Command Execution01-02-2018
Geovision Inc. IP Camera/Video/Access Control - Multiple Remote Command Execution / Stack Overflow / Double Free / Unauthorized Access01-02-2018
Sync Breeze Enterprise 10.4.18 - Remote Buffer Overflow (SEH)01-02-2018
Hotspot Shield - Information Disclosure30-01-2018
BMC BladeLogic RSCD Agent 8.3.00.64 - Windows Users Disclosure30-01-2018
Joomla! Component Picture Calendar for Joomla 3.1.4 - Directory Traversal30-01-2018
Joomla! Component Visual Calendar 3.1.3 - 'id' SQL Injection30-01-2018
LabF nfsAxe 3.7 TFTP Client - Local Buffer Overflow30-01-2018
Joomla! Component CP Event Calendar 3.0.1 - 'id' SQL Injection30-01-2018
System Shield 5.0.0.136 - Privilege Escalation30-01-2018
HPE iMC 7.3 - RMI Java Deserialization30-01-2018
Advantech WebAccess < 8.3 - SQL Injection30-01-2018
Oracle WebLogic - wls-wsat Component Deserialization Remote Code Execution (Metasploit)29-01-2018
Arq 5.10 - Local root Privilege Escalation29-01-2018
Arq 5.10 - Local root Privilege Escalation (2)29-01-2018
macOS - 'sysctl_vfs_generic_conf' Stack Leak Through Struct Padding29-01-2018
iBall WRA150N - Multiple Vulnerabilities29-01-2018
systemd (systemd-tmpfiles) < 236 - 'fs.protected_hardlinks=0' Local Privilege Escalation29-01-2018
Artifex MuJS 1.0.2 - Integer Overflow28-01-2018
Artifex MuJS 1.0.2 - Denial of Service28-01-2018
Linux/ARM - Reverse TCP (192.168.1.1:4444/TCP) Shell (/bin/sh) Null Free Shellcode (80 bytes)28-01-2018
Buddy Zone 2.9.9 - SQL Injection28-01-2018
Trend Micro Threat Discovery Appliance 2.6.1062r1 - 'dlp_policy_upload.cgi' Remote Code Execution28-01-2018