BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!

Last Advisories
Microsoft Edge Chakra JIT - 'NewScObjectNoCtor' Array Type Confusion15-02-2018
Pdfium - Pattern Shading Integer Overflows15-02-2018
Chrome V8 - 'Runtime_RegExpReplace' Integer Overflow15-02-2018
Pdfium - Out-of-Bounds Read with Shading Pattern Backed by Pattern Colorspace15-02-2018
Microsoft Edge Chakra JIT - Memory Corruption15-02-2018
Microsoft Edge Chakra JIT - Array Type Confusion via InitProto Instructions15-02-2018
Microsoft Edge Chakra JIT - ImplicitCallFlags Checks Bypass15-02-2018
Microsoft Edge Chakra JIT - 'GlobOpt::OptTagChecks' Must Consider IsLoopPrePass Properly (2)15-02-2018
Dell EMC Isilon OneFS - Multiple Vulnerabilities14-02-2018
userSpice 4.3 - Cross-Site Scripting14-02-2018
SOA School Management - 'access_login' SQL Injection14-02-2018
GNU binutils 2.26.1 - Integer Overflow (POC)14-02-2018
Social Oauth Login PHP - Authentication Bypass14-02-2018
NAT32 2.2 Build 22284 - Cross-Site Request Forgery14-02-2018
NAT32 2.2 Build 22284 - Remote Command Execution14-02-2018
News Website Script 2.0.4 - 'search' SQL Injection13-02-2018
Advantech WebAccess 8.3.0 - Remote Code Execution13-02-2018
TypeSetter CMS 5.1 - Cross-Site Request Forgery13-02-2018
TypeSetter CMS 5.1 - 'Host' Header Injection13-02-2018
CloudMe Sync < 1.11.0 - Buffer Overflow13-02-2018
reserved by SOFTMAN Admin panel bypass12-02-2018
Developed by: EDCP login.asp bypass12-02-2018
glibc - '$ORIGIN' Expansion Privilege Escalation (Metasploit)12-02-2018
Juju-run Agent - Privilege Escalation (Metasploit)12-02-2018
glibc - LD_AUDIT Arbitrary DSO Load Privilege Escalation (Metasploit)12-02-2018
LogicalDOC Enterprise 7.7.4 - Root Remote Code Execution12-02-2018
web design by weio Admin panel bypass12-02-2018
LogicalDOC Enterprise 7.7.4 - User Enumeration12-02-2018
LogicalDOC Enterprise 7.7.4 - Directory Traversal12-02-2018
Paypal Clone Script 1.0.9 - 'id' / 'acctype' SQL Injection11-02-2018