BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
Linux Kernel 2.6.22 < 3.9 - 'Dirty COW' 'PTRACE_POKEDATA' Race Condition Privilege Escalation 28-11-2016
NTP 4.2.8p3 - Denial of Service 28-11-2016
VX Search Enterprise 9.1.12 - Buffer Overflow 28-11-2016
Sync Breeze Enterprise 9.1.16 - Buffer Overflow 28-11-2016
Disk Sorter Enterprise 9.1.12 - Buffer Overflow 28-11-2016
Dup Scout Enterprise 9.1.14 - Buffer Overflow 28-11-2016
Disk Savvy Enterprise 9.1.14 - Buffer Overflow 28-11-2016
Disk Pulse Enterprise 9.1.16 - Buffer Overflow 28-11-2016
Tenda/Dlink/Tplink TD-W8961ND - 'DHCP' Cross-Site Scripting 28-11-2016
ChatNow 1.1 - SQL Injection Web Vulnerability28-11-2016
AOMEI Backupper Standard 3.5 - DLL Hijacking Vulnerability28-11-2016
Android - 'BadKernel' Remote Code Execution 28-11-2016
Core FTP LE 2.2 - 'SSH/SFTP' Remote Buffer Overflow (PoC) 27-11-2016
Linux/x86 - Egg-hunter Shellcode (25 bytes) 25-11-2016
GNU Wget < 1.18 - Access List Bypass / Race Condition 24-11-2016
Microsoft Windows Kernel win32k.sys - 'NtSetWindowLongPtr' Privilege Escalation (MS16-135) 24-11-2016
Remote Utilities Host 6.3 - Denial of Service 24-11-2016
Osticket 1.9.14 - 'X-Forwarded-For' Cross-Site Scripting 24-11-2016
Windows x64 - Download & Execute Shellcode (358 bytes) 23-11-2016
Linux Kernel 2.6.32-642 / 3.16.0-4 - 'inode' Integer Overflow (PoC) 23-11-2016
UCanCode - Multiple Vulnerabilities 23-11-2016
TP-LINK TDDP - Multiple Vulnerabilities 22-11-2016
Microsoft Internet Explorer 8 MSHTML - 'Ptls5::Ls&shy;Find&shy;Span&shy;Visual&shy;Boundaries' Memory Corruption 22-11-2016
SAP NetWeaver AS JAVA - 'BC-BMT-BPM-DSK' XML External Entity Injection 22-11-2016
Linux/x86-64 - /bin/sh -c reboot Shellcode (89 bytes) 22-11-2016
EasyPHP Devserver 16.1.1 - Cross-Site Request Forgery / Remote Command Execution 22-11-2016
Crestron AM-100 - Multiple Vulnerabilities 22-11-2016
Huawei UTPS - Unquoted Service Path Privilege Escalation 22-11-2016
NodCMS Installer - Multiples Cross Site Web Vulnerability22-11-2016
AppFusions Doxygen for Atlassian Confluence 1.3.2 - Cross-Site Scripting 22-11-2016