BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!

Last Advisories
WordPress Plugin WPHRM - SQL Injection29-10-2017
SmarterStats 11.3.6347 - Cross-Site Scripting27-10-2017
Unitrends UEB 9 - http api/storage Remote Root (Metasploit)23-10-2017
Kaltura <= 13.1.0 - Remote Code Execution23-10-2017
Linux Kernel 4.14.0-rc4+ - 'waitid()' Privilege Escalation22-10-2017
CometChat < 6.2.0 BETA 1 - Local File Inclusion22-10-2017
ArGoSoft Mini Mail Server - Denial of Service21-10-2017
Ayukov NFTP FTP Client <= 2.0 - Buffer Overflow21-10-2017
Mozilla Firefox < 55 - Denial of Service20-10-2017
Microsoft Game Definition File Editor 6.3.9600 - XML External Entity Injection19-10-2017
Linksys E Series - Multiple Vulnerabilities18-10-2017
Xen - Unbounded Recursion in Pagetable De-typing18-10-2017
Afian AB FileRun 2017.03.18 - Multiple Vulnerabilities18-10-2017
Check_MK 1.2.8p25 - Information Disclosure18-10-2017
OpenText Documentum Content Server - Arbitrary File Download17-10-2017
Career Portal 1.0 - SQL Injection17-10-2017
OpenText Documentum Content Server - Arbitrary File Download Privilege Escalation17-10-2017
Shadowsocks - Log File Command Execution17-10-2017
OpenText Documentum Content Server - dmr_content Privilege Escalation17-10-2017
Apple iOS 10.2 (14C92) - Remote Code Execution17-10-2017
Linux Kernel - 'AF_PACKET' Use-After-Free17-10-2017
Microsoft Windows - 'nt!NtQueryObject (ObjectNameInformation)' Kernel Pool Memory Disclosure17-10-2017
OpenText Documentum Content Server - Privilege Escalation17-10-2017
shadowsocks-libev 3.1.0 - Command Execution17-10-2017
Wordpress Plugin Car Park Booking - SQL Injection17-10-2017
Microsoft Edge Chakra - Accesses to Uninitialized Pointers in 'StackScriptFunction::BoxState::Box'17-10-2017
Microsoft Edge Chakra JIT - Incorrect GenerateBailOut Calling Patterns17-10-2017
Microsoft Windows 10 - WLDP/MSHTML CLSID UMCI Bypass17-10-2017
Apache Solr 7.0.1 - XML External Entity Expansion / Remote Code Execution17-10-2017
Microsoft Edge Chakra JIT - 'RegexHelper::StringReplace' Must Call the Callback Function with Updating ImplicitCallFlags17-10-2017