BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
Qmail SMTP - Bash Environment Variable Injection (Metasploit)02-10-2017
OpenText Document Sciences xPression 4.5SP1 Patch 13 - 'jobRunId' SQL Injection02-10-2017
Dnsmasq < 2.78 - 2-byte Heap-Based Overflow02-10-2017
UCOPIA Wireless Appliance < 5.1 (Captive Portal) - Unauthenticated Root Remote Code Execution02-10-2017
UCOPIA Wireless Appliance < 5.1.8 - Privilege Escalation02-10-2017
phpCollab 2.5.1 - SQL Injection02-10-2017
UCOPIA Wireless Appliance < 5.1.8 - Restricted Shell Escape02-10-2017
phpCollab 2.5.1 - Arbitrary File Upload02-10-2017
NPM-V (Network Power Manager) 2.4.1 - Password Reset02-10-2017
Linux Kernel < 4.14.rc3 - Local Denial of Service02-10-2017
Sync Breeze Enterprise 10.0.28 - Buffer Overflow30-09-2017
Microsoft Excel - OLE Arbitrary Code Execution30-09-2017
ConverTo Video Downloader & Converter 1.4.1 - Arbitrary File Download29-09-2017
FileRun <= 2017.09.18 - SQL Injection29-09-2017
Trend Micro OfficeScan 11.0/XG (12.0) - Memory Corruption29-09-2017
Real Estate MLM plan script 1.0 - 'srch' Parameter SQL Injection28-09-2017
PHP Multi Vendor Script 1.02 - 'sid' Parameter SQL Injection28-09-2017
Roteador Wireless Intelbras WRN150 - Autentication Bypass28-09-2017
Microsoft Office Groove - 'Workspace Shortcut' Arbitrary Code Execution28-09-2017
DiskBoss Enterprise 8.4.16 - 'Import Command' Buffer Overflow28-09-2017
Easy Blog PHP Script 1.3a - 'id' Parameter SQL Injection28-09-2017
DiskBoss Enterprise 8.4.16 - Local Buffer Overflow (PoC)28-09-2017
Cisco Prime Collaboration Provisioning < 12.1 - Authentication Bypass / Remote Code Execution27-09-2017
LAquis SCADA 4.1.0.2385 - Directory Traversal (Metasploit)27-09-2017
NETGEAR ReadyNAS Surveillance 1.4.3-16 - Remote Command Execution27-09-2017
NodeJS Debugger - Command Injection (Metasploit)26-09-2017
Supervisor 3.0a1 - 3.3.2 - XML-RPC Authenticated Remote Code Execution (Metasploit)25-09-2017
Disk Pulse Enterprise 10.0.12 - GET Buffer Overflow (SEH)25-09-2017
FLIR Thermal Camera F/FC/PT/D - SSH Backdoor25-09-2017
FLIR Thermal Camera F/FC/PT/D - Stream Disclosure25-09-2017