BugSearch è un portale d'informazione sul mondo della sicurezza web e non che offre una serie di servizi utili a divulgare rapidamente ai propri utenti registrati gli avvisi di sicurezza scoperti nella rete, in modo tale da poter essere avvisati tempestivamente su bachi, falle di sistema, exploit e threats che affliggono le applicazioni e correggerle nel minor tempo possibile.

Novità: Invia Nuovo Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
NetSetMan 4.7.1 - Local Buffer Overflow (SEH Unicode)11-03-2019
Flexpaper PHP Publish Service 2.3.6 - Remote Code Execution11-03-2019
PRTG Network Monitor 18.2.38 - Authenticated Remote Code Execution11-03-2019
Linux Kernel 4.4 (Ubuntu 16.04) - 'snd_timer_user_ccallback()' Kernel Pointer Leak11-03-2019
OpenKM 6.3.2 < 6.3.7 - Remote Command Execution (Metasploit)11-03-2019
Linux/x86 - MMX-XOR Encoder / Decoder execve(/bin/sh) Shellcode (44 bytes)11-03-2019
Linux/x86 - INSERTION Encoder / Decoder execve(/bin/sh) Shellcode (88 bytes)08-03-2019
McAfee ePO 5.9.1 - Registered Executable Local Access Bypass08-03-2019
OrientDB 3.0.17 GA Community Edition - Cross-Site Request Forgery / Cross-Site Scripting08-03-2019
Sony Playstation 4 (PS4) < 6.20 - WebKit Code Execution (PoC)08-03-2019
DirectAdmin 1.55 - 'CMD_ACCOUNT_ADMIN' Cross-Site Request Forgery08-03-2019
QNAP TS-431 QTS < 4.2.2 - Remote Command Execution (Metasploit)07-03-2019
Kados R10 GreenBee - Multiple SQL Injection07-03-2019
Drupal < 8.5.11 / < 8.6.10 - RESTful Web Services unserialize() RCE (Metasploit)07-03-2019
Imperva SecureSphere 13.x - PWS Command Injection (Metasploit)07-03-2019
Anyburn 4.3 x86 - 'Copy disc to image file' Buffer Overflow - (UNICODE)(SEH)07-03-2019
FreeBSD - Intel SYSRET Privilege Escalation (Metasploit)07-03-2019
Linux < 4.20.14 - Virtual Address 0 is Mappable via Privileged write() to /proc/*/mem06-03-2019
Android - binder Use-After-Free via racy Initialization of ->allow_user_free06-03-2019
Android - getpidcon() Usage in Hardware binder ServiceManager Permits ACL Bypass06-03-2019
Linux/x86 - XOR Encoder / Decoder execve(/bin/sh) Shellcode (45 bytes)05-03-2019
OpenDocMan 1.3.4 - 'search.php where' SQL Injection05-03-2019
OOP CMS BLOG 1.0 - Multiple SQL Injection04-03-2019
WordPress Plugin Cerber Security, Antispam & Malware Scan 8.0 - Multiple Bypass Vulnerabilities04-03-2019
CMSsite 1.0 - Multiple Cross-Site Request Forgery04-03-2019
Bolt CMS 3.6.4 - Cross-Site Scripting04-03-2019
MarcomCentral FusionPro VDP Creator < 10.0 - Directory Traversal04-03-2019
Craft CMS 3.1.12 Pro - Cross-Site Scripting04-03-2019
Linux/x64 - Kill All Processes Shellcode (11 bytes)04-03-2019
Linux/x86 - NOT Encoder / Decoder - execve(/bin/sh) Shellcode (44 bytes)04-03-2019