BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
NetMan 204 - Backdoor Account 27-09-2016
NetDrive 2.6.12 - Unquoted Service Path Privilege Escalation 26-09-2016
Joomla Component Event Booking 2.10.1 - SQL Injection 26-09-2016
Elantech-Smart Pad 11.9.0.0 - Unquoted Service Path Privilege Escalation 26-09-2016
Windows 10 10586 (32/64) / 8.1 Update 2 - NtLoadKeyEx User Hive Attachment Point Privilege Escalation (MS16-111) 26-09-2016
MSI NTIOLib.sys, WinIO.sys - Local Privilege Escalation 26-09-2016
Iperius Remote 1.7.0 - Unquoted Service Path Privilege Escalation 26-09-2016
Macro Expert 4.0 - Multiple Privilege Escalation 26-09-2016
Windows - RegLoadAppKey Hive Enumeration Privilege Escalation (MS16-111) 26-09-2016
Wise Care 365 4.27 / Wise Disk Cleaner 9.29 - Unquoted Service Path Privilege Escalation 23-09-2016
Zortam Mp3 Media Studio 21.15 - Insecure File Permissions Privilege Escalation 23-09-2016
Linux - SELinux W+X Protection Bypass via AIO 23-09-2016
Adobe Flash - Video Decompression Memory Corruption 23-09-2016
Adobe Flash - Crash When Freeing Memory After AVC decoding 23-09-2016
Microix Timesheet Module - SQL Injection 22-09-2016
Kerberos in Microsoft Windows - Security Feature Bypass (MS16-101) 22-09-2016
AnyDesk 2.5.0 - Unquoted Service Path Privilege Escalation 22-09-2016
JCraft/JSch Java Secure Channel 0.1.53 - Recursive sftp-get Directory Traversal 22-09-2016
Symantec rar Decomposer Engine (Multiple Products) - Out-of-Bounds Read / Out-of-Bounds Write 21-09-2016
Microsoft Office PowerPoint 2010 - Invalid Pointer Reference 21-09-2016
Kaltura 11.1.0-2 - Remote Code Execution (Metasploit) 21-09-2016
Dolphin 7.3.0 - Error-Based SQL Injection 20-09-2016
VegaDNS 0.13.2 - Remote Command Injection 20-09-2016
WordPress Plugin Order Export Import for WooCommerce - Order Information Disclosure 19-09-2016
EKG Gadu 1.9~pre+r2855-3+b1 - Local Buffer Overflow 19-09-2016
SolarWinds Kiwi Syslog Server 9.5.1 - Unquoted Service Path Privilege Escalation 19-09-2016
Docker Daemon - Privilege Escalation (Metasploit) 19-09-2016
Kajona 4.7 - Cross-Site Scripting / Directory Traversal 19-09-2016
MyBB 1.8.6 - SQL Injection 19-09-2016
MuM MapEdit 3.2.6.0 - Multiple Vulnerabilities 19-09-2016