BugSearch è un portale d'informazione sul mondo della sicurezza web e non che offre una serie di servizi utili a divulgare rapidamente ai propri utenti registrati gli avvisi di sicurezza scoperti nella rete, in modo tale da poter essere avvisati tempestivamente su bachi, falle di sistema, exploit e threats che affliggono le applicazioni e correggerle nel minor tempo possibile.

Novità: Invia Nuovo Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2 - Path Traversal / Cross-Site Scripting19-02-2019
Find a Place CMS Directory 1.5 - 'assets/external/data_2.php cate' SQL Injection19-02-2019
Zuz Music 2.1 - 'zuzconsole/___contact ' Persistent Cross-Site Scripting19-02-2019
Valentina Studio 9.0.4 - 'Host' Denial of Service (PoC)19-02-2019
Realterm Serial Terminal 2.0.0.70 - Denial of Service18-02-2019
Realterm Serial Terminal 2.0.0.70 - Local Buffer Overflow (SEH)18-02-2019
Zoho ManageEngine ServiceDesk Plus (SDP) < 10.0 build 10012 - Arbitrary File Upload18-02-2019
WordPress Plugin WooCommerce - GloBee (cryptocurrency) Payment Gateway 1.1.1 - Payment Bypass / Unauthorized Order Status Spoofing18-02-2019
Webiness Inventory 2.3 - 'ProductModel' Arbitrary File Upload18-02-2019
macOS - Bind (4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (123 bytes)18-02-2019
CMSsite 1.0 - 'post' SQL Injection18-02-2019
Oracle Java Runtime Environment - Heap Out-of-Bounds Read During TTF Font Rendering in OpenTypeLayoutEngine::adjustGlyphPositions18-02-2019
Oracle Java Runtime Environment - Heap Out-of-Bounds Read During TTF Font Rendering in ExtractBitMap_blocClass18-02-2019
Apache CouchDB 2.3.0 - Cross-Site Scripting18-02-2019
qdPM 9.1 - 'search' Cross-Site Scripting18-02-2019
Oracle Java Runtime Environment - Heap Out-of-Bounds Read During OTF Font Rendering in glyph_CloseContour18-02-2019
macOS - Bind (4444/TCP) Shell (/bin/sh) + IPv6 Shellcode (129 bytes)18-02-2019
macOS - execve(/bin/sh) + Null-Free Shellcode (31 bytes)18-02-2019
ArangoDB Community Edition 3.4.2-1 - Cross-Site Scripting18-02-2019
qdPM 9.1 - 'type' Cross-Site Scripting18-02-2019
M/Monit 3.7.2 - Privilege Escalation18-02-2019
mIRC < 7.55 - Remote Command Execution Using Argument Injection Through Custom URI Protocol Handlers18-02-2019
macOS - Reverse (127.0.0.1:4444/TCP) Shell (/bin/sh) + Null-Free Shellcode (103 bytes)18-02-2019
macOS - Reverse (::1:4444/TCP) Shell (/bin/sh) +IPv6 Shellcode (119 bytes)18-02-2019
NBMonitor 1.6.5.0 - 'Key' Denial of Service (PoC)18-02-2019
Oracle Java Runtime Environment - Heap Out-of-Bounds Read During TTF Font Rendering in AlternateSubstitutionSubtable::process18-02-2019
Master IP CAM 01 3.3.4.2103 - Remote Command Execution18-02-2019
Comodo Dome Firewall 2.7.0 - Cross-Site Scripting18-02-2019
MISP 2.4.97 - SQL Command Execution via Command Injection in STIX Module18-02-2019
Navicat for Oracle 12.1.15 - "Password" Denial of Service (PoC)15-02-2019