BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
CMS DESIGNED BY WDD xxS14-12-2017
Meinberg LANTIME Web Configuration Utility 6.16.008 - Arbitrary File Read13-12-2017
Resume Clone Script 2.0.5 - SQL Injection11-12-2017
PHP Multivendor Ecommerce 1.0 - 'sid' / 'searchcat' / 'chid1' SQL Injection11-12-2017
Abyss Web Server < 2.11.6 - Heap Memory Corruption01-12-2017
Artica Web Proxy 3.06 - Remote Code Execution01-12-2017
MistServer 2.12 - Cross-Site Scripting01-12-2017
macOS High Sierra - Root Privilege Escalation (Metasploit)30-11-2017
Jobs2Careers / Coroflot Clone - SQL Injection30-11-2017
Linux Kernel - 'The Huge Dirty Cow' Overwriting The Huge Zero Page30-11-2017
QEMU - NBD Server Long Export Name Stack Buffer Overflow29-11-2017
pfSense - Authenticated Group Member RCE (Metasploit)29-11-2017
Synology StorageManager 5.2 - Remote Root Command Execution28-11-2017
Android Gmail < 7.11.5.176568039 - Directory Traversal in Attachment Download28-11-2017
WordPress Plugin WooCommerce 2.0/3.0 - Directory Traversal28-11-2017
Microsoft Windows 10 Creators Update (version 1703) (x86) - 'WARBIRD' 'NtQuerySystemInformation ' Kernel Local Privilege Escalation27-11-2017
Microsoft Edge Chakra JIT - 'Inline::InlineCallApplyTarget_Shared' does not Return the return Instruction27-11-2017
Microsoft Edge Chakra JIT - 'BailOutOnTaggedValue' Bailouts Type Confusion27-11-2017
Exim 4.89 - 'BDAT' Denial of Service27-11-2017
Microsoft Edge Chakra JIT - Incorrect Function Declaration Scope27-11-2017
Microsoft Edge Chakra JIT - 'GlobOpt::OptTagChecks' Must Consider IsLoopPrePass Properly27-11-2017
Diving Log 6.0 - XML External Entity Injection27-11-2017
ZTE ZXDSL 831CII - Improper Access Restrictions27-11-2017
ALLPlayer 7.5 - Local Buffer Overflow (SEH Unicode)25-11-2017
Linux - 'mincore()' Uninitialized Kernel Heap Page Disclosure24-11-2017
WebKit - 'WebCore::SVGPatternElement::collectPatternAttributes' Out-of-Bounds Read22-11-2017
WebKit - 'WebCore::Style::TreeResolver::styleForElement' Use-After-Free22-11-2017
WebKit - 'WebCore::AXObjectCache::performDeferredCacheUpdate' Use-After-Free22-11-2017
WebKit - 'WebCore::RenderText::localCaretRect' Out-of-Bounds Read22-11-2017
WebKit - 'WebCore::SimpleLineLayout::RunResolver::runForPoint' Out-of-Bounds Read22-11-2017