BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
WebKit - 'WebCore::Style::TreeResolver::styleForElement' Use-After-Free22-11-2017
WebKit - 'WebCore::FormSubmission::create' Use-After-Free22-11-2017
WebKit - 'WebCore::RenderText::localCaretRect' Out-of-Bounds Read22-11-2017
WebKit - 'WebCore::InputType::element' Use-After-Free22-11-2017
WebKit - 'WebCore::TreeScope::documentScope' Use-After-Free22-11-2017
WebKit - 'WebCore::PositionIterator::decrement' Use-After-Free22-11-2017
KMPlayer 4.2.2.4 - Denial of Service22-11-2017
Winamp Pro 5.66.Build.3512 - Denial of Service22-11-2017
Microsoft Windows 10 - 'nt!NtQueryDirectoryFile (luafv!LuafvCopyDirectoryEntry)' Pool Memory Disclosure21-11-2017
Microsoft Windows 10 - CiSetFileCache TOCTOU Security Feature Bypass20-11-2017
iOS < 11.1 / tvOS < 11.1 / watchOS < 4.1 - Denial of Service20-11-2017
Microsoft Office - OLE Remote Code Execution20-11-2017
Zeta Components Mail 1.8.1 - Remote Code Execution16-11-2017
Microsoft Edge Chakra JIT - Type Confusion with switch Statements16-11-2017
Microsoft Edge Chakra: JIT - 'OP_Memset' Type Confusion16-11-2017
Microsoft Edge Chakra: JIT - 'Lowerer::LowerBoundCheck' Incorrect Integer Overflow Check16-11-2017
Vonage VDV23 - Cross-Site Scripting16-11-2017
Microsoft Edge - 'Object.setPrototypeOf' Memory Corruption16-11-2017
LanSweeper 6.0.100.75 - Cross-Site Scripting16-11-2017
TP-Link TL-WR740N - Cross-Site Scripting16-11-2017
VX Search 10.2.14 - 'Proxy' Buffer Overflow (SEH)16-11-2017
Asterisk 13.17.2 - Memory Corruption15-11-2017
D-Link DIR605L - Denial of Service14-11-2017
D-Link DIR-850L - Unauthenticated OS Command Execution (Metasploit)14-11-2017
PSFTPd Windows FTP Server 10.0.4 Build 729 - Log Injection / Use-After-Free14-11-2017
Dup Scout Enterprise 10.0.18 - 'Login' Buffer Overflow14-11-2017
Ulterius Server < 1.9.5.0 - Directory Traversal13-11-2017
Kirby CMS < 2.5.7 - Cross-Site Scripting13-11-2017
IKARUS anti.virus 2.16.7 - 'ntguard_x64' Privilege Escalation13-11-2017
Web Viewer 1.0.0.193 (Samsung SRN-1670D) - Unrestricted File Upload13-11-2017