BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
Joomla! Component Easydiscuss < 4.0.21 - Cross-Site Scripting10-01-2018
WordPress Plugin Social Media Widget by Acurax 3.2.5 - Cross-Site Request Forgery10-01-2018
WordPress Plugin WordPress Download Manager 2.9.60 - Cross-Site Request Forgery10-01-2018
WordPress Plugin Admin Menu Tree Page View 2.6.9 - Cross-Site Request Forgery / Privilege Escalation10-01-2018
WordPress Plugin CMS Tree Page View 1.4 - Cross-Site Request Forgery / Privilege Escalation10-01-2018
Parity Browser < 1.6.10 - Bypass Same Origin Policy10-01-2018
D-Link Routers 110/412/615/815 < 1.03 - 'service.cgi' Arbitrary Code Execution10-01-2018
WordPress Plugin Events Calendar - 'event_id' SQL Injection10-01-2018
DiskBoss Enterprise 8.8.16 - Buffer Overflow10-01-2018
Muviko 1.1 - SQL Injection10-01-2018
SAP NetWeaver J2EE Engine 7.40 - SQL Injection10-01-2018
Worpress Plugin Service Finder Booking < 3.2 - Local File Disclosure10-01-2018
Linux/x86 - execve /bin/dash Shellcode (30 bytes)10-01-2018
Synology Photostation 6.7.2-3429 - Remote Code Execution (Metasploit)10-01-2018
Jungo Windriver 12.5.1 - Privilege Escalation10-01-2018
Commvault Communications Service (cvd) - Command Injection (Metasploit)09-01-2018
Microsoft Windows - 'nt!NtQueryInformationProcess (information class 76, QueryProcessEnergyValues)' Kernel Stack Memory Disclosure09-01-2018
Microsoft Edge Chakra JIT - Escape Analysis Bug09-01-2018
Microsoft Edge Chakra JIT - Op_MaxInAnArray and Op_MinInAnArray can Explicitly call User-Defined JavaScript Functions09-01-2018
Microsoft Edge Chakra - 'asm.js' Out-of-Bounds Read09-01-2018
Microsoft Windows - 'nt!NtQuerySystemInformation (information class 138, QueryMemoryTopologyInformation)' Kernel Pool Memory Disclosure09-01-2018
Microsoft Edge Chakra JIT - BackwardPass::RemoveEmptyLoopAfterMemOp Does not Insert Branches09-01-2018
Synology Photostation < 6.7.2-3429 - Multiple Vulnerabilities08-01-2018
Microsoft Windows - Local XPS Print Spooler Sandbox Escape08-01-2018
Android - Inter-Process munmap due to Race Condition in ashmem08-01-2018
Vanilla < 2.1.5 - Cross-Site Request Forgery08-01-2018
FiberHome LM53Q1 - Multiple Vulnerabilities08-01-2018
WordPress Plugin LearnDash 2.5.3 - Arbitrary File Upload08-01-2018
SonicWall NSA 6600/5600/4600/3600/2600/250M - Multiple Vulnerabilities08-01-2018
BarcodeWiz ActiveX Control < 6.7 - Buffer Overflow08-01-2018