BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
TheHive Project Cortex < 1.15.2 - Server-Side Request Forgery10-05-2019
PHPRunner 10.1 - Denial of Service (PoC)10-05-2019
ASPRunner.NET 10.1 - Denial of Service (PoC)10-05-2019
SpotIM 2.2 - Denial of Service (PoC)10-05-2019
SpotPaltalk 1.1.5 - Denial of Service (PoC)10-05-2019
RICOH SP 4520DN Printer - HTML Injection10-05-2019
RICOH SP 4510DN Printer - HTML Injection10-05-2019
jetCast Server 2.0 - Denial of Service (PoC)10-05-2019
dotCMS 5.1.1 - HTML Injection10-05-2019
CyberArk Enterprise Password Vault 10.7 - XML External Entity Injection10-05-2019
Zoho ManageEngine ADSelfService Plus 5.7 < 5702 build - Cross-Site Scripting09-05-2019
Lyric Video Creator 2.1 - '.mp3' Denial of Service (PoC)09-05-2019
Lyric Maker 2.0.1.0 - Denial of Service (PoC)09-05-2019
Convert Video jetAudio 8.1.7 - Denial of Service (PoC)09-05-2019
PostgreSQL 9.3 - COPY FROM PROGRAM Command Execution (Metasploit)08-05-2019
Oracle Weblogic Server - 'AsyncResponseService' Deserialization Remote Code Execution (Metasploit)08-05-2019
Lotus Domino 8.5.3 - 'EXAMINE' Stack Buffer Overflow DEP/ASLR Bypass (NSA's EMPHASISMINE)08-05-2019
jetAudio 8.1.7.20702 Basic - 'Enter URL' Denial of Service (PoC)08-05-2019
Google Chrome 72.0.3626.119 - 'FileReader' Use-After-Free (Metasploit)08-05-2019
Linux/x86 - execve /bin/sh Shellcode (20 bytes)08-05-2019
NetNumber Titan ENUM/DNS/NP 7.9.1 - Path Traversal / Authorization Bypass08-05-2019
MiniFtp - 'parseconf_load_setting' Buffer Overflow08-05-2019
Easy Chat Server 3.1 - 'message' Denial of Service (PoC)07-05-2019
Prinect Archive System 2015 Release 2.6 - Cross-Site Scripting07-05-2019
Admin Express 1.2.5.485 - 'Folder Path' Local SEH Alphanumeric Encoded Buffer Overflow07-05-2019
Linux/x86 - Multiple keys XOR Encoder / Decoder execve(/bin/sh) Shellcode (59 bytes)06-05-2019
iOS 12.1.3 - 'cfprefsd' Memory Corruption06-05-2019
PHPads 2.0 - 'click.php3?bannerID' SQL Injection06-05-2019
NSClient++ 0.5.2.35 - Privilege Escalation06-05-2019
microASP (Portal+) CMS - 'pagina.phtml?explode_tree' SQL Injection06-05-2019