BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
PerfexCRM 1.9.7 - Arbitrary File Upload15-01-2018
Domains & Hostings Manager PRO 3.0 - Authentication Bypass15-01-2018
ImgHosting 1.5 - Cross-Site Scripting15-01-2018
pfSense < 2.1.4 - 'status_rrd_graph_img.php' Command Injection15-01-2018
Linux/ARM - Reverse TCP (192.168.1.1:4444/TCP) Shell (/bin/sh) + Password (MyPasswd) + Null-Free Shellcode (156 bytes)15-01-2018
DarkComet (C2 Server) - File Upload15-01-2018
Linux/x86 - execve(/bin/sh) + Polymorphic Shellcode (26 bytes)14-01-2018
Linux/x86-64 - Execute /bin/sh Shellcode (24 bytes)13-01-2018
Linux/x86-64 - execve("/sbin/iptables", , NULL) Shellcode (43 bytes)13-01-2018
Linux/x86-64 - Add Map (127.1.1.1 google.lk) In /etc/hosts Shellcode (96 bytes)13-01-2018
Kentico CMS 11.0 - Buffer Overflow12-01-2018
PyroBatchFTP < 3.19 - Buffer Overflow12-01-2018
Taxi Booking Script 1.0 - Cross-site Scripting12-01-2018
Xnami 1.0 - Cross-Site Scripting12-01-2018
Microsoft Edge Chakra - 'AppendLeftOverItemsFromEndSegment' Out-of-Bounds Read11-01-2018
macOS - 'process_policy' Stack Leak Through Uninitialized Field11-01-2018
phpCollab 2.5.1 - Unauthenticated File Upload (Metasploit)11-01-2018
LabF nfsAxe 3.7 FTP Client - Stack Buffer Overflow (Metasploit)11-01-2018
Seagate Personal Cloud - Multiple Vulnerabilities11-01-2018
Microsoft Windows - NTFS Owner/Mandatory Label Privilege Bypass11-01-2018
Microsoft Windows SMB Server (v1 and v2) - Mount Point Arbitrary Device Open Privilege Escalation11-01-2018
Microsoft Windows - NtImpersonateAnonymousToken LPAC to Non-LPAC Privilege Escalation11-01-2018
Android - Hardware Service Manager Arbitrary Service Replacement due to getpidcon11-01-2018
Microsoft Windows - NtImpersonateAnonymousToken AC to Non-AC Privilege Escalation11-01-2018
Linux/ARM (Raspberry Pi) - Bind TCP /bin/sh Shell (0.0.0.0:4444/TCP) Null-Free Shellcode (112 bytes)11-01-2018
Transmission - RPC DNS Rebinding11-01-2018
ALLMediaServer 0.95 - Buffer Overflow11-01-2018
HPE iMC - dbman RestartDB Unauthenticated Remote Command Execution (Metasploit)10-01-2018
HPE iMC - dbman RestoreDBase Unauthenticated Remote Command Execution (Metasploit)10-01-2018
Multiple CPUs - Information Leak Using Speculative Execution10-01-2018