BugSearch è un portale d'informazione sul mondo della sicurezza web e non che offre una serie di servizi utili a divulgare rapidamente ai propri utenti registrati gli avvisi di sicurezza scoperti nella rete, in modo tale da poter essere avvisati tempestivamente su bachi, falle di sistema, exploit e threats che affliggono le applicazioni e correggerle nel minor tempo possibile.

Novità: Invia Nuovo Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
Domains & Hostings Manager PRO 3.0 - Authentication Bypass15-01-2018
ImgHosting 1.5 - Cross-Site Scripting15-01-2018
pfSense < 2.1.4 - 'status_rrd_graph_img.php' Command Injection15-01-2018
Linux/ARM - Reverse TCP (192.168.1.1:4444/TCP) Shell (/bin/sh) + Password (MyPasswd) + Null-Free Shellcode (156 bytes)15-01-2018
Linux/x86 - execve(/bin/sh) + Polymorphic Shellcode (26 bytes)14-01-2018
Linux/x86-64 - Add Map (127.1.1.1 google.lk) In /etc/hosts Shellcode (96 bytes)13-01-2018
Linux/x86-64 - execve("/sbin/iptables", , NULL) Shellcode (43 bytes)13-01-2018
Linux/x86-64 - Execute /bin/sh Shellcode (24 bytes)13-01-2018
PyroBatchFTP < 3.19 - Buffer Overflow12-01-2018
Kentico CMS 11.0 - Buffer Overflow12-01-2018
Taxi Booking Script 1.0 - Cross-site Scripting12-01-2018
Xnami 1.0 - Cross-Site Scripting12-01-2018
Microsoft Edge Chakra - 'AppendLeftOverItemsFromEndSegment' Out-of-Bounds Read11-01-2018
macOS - 'process_policy' Stack Leak Through Uninitialized Field11-01-2018
phpCollab 2.5.1 - Unauthenticated File Upload (Metasploit)11-01-2018
Seagate Personal Cloud - Multiple Vulnerabilities11-01-2018
LabF nfsAxe 3.7 FTP Client - Stack Buffer Overflow (Metasploit)11-01-2018
Microsoft Windows - NtImpersonateAnonymousToken LPAC to Non-LPAC Privilege Escalation11-01-2018
Microsoft Windows SMB Server (v1 and v2) - Mount Point Arbitrary Device Open Privilege Escalation11-01-2018
Microsoft Windows - NTFS Owner/Mandatory Label Privilege Bypass11-01-2018
Android - Hardware Service Manager Arbitrary Service Replacement due to getpidcon11-01-2018
Microsoft Windows - NtImpersonateAnonymousToken AC to Non-AC Privilege Escalation11-01-2018
Linux/ARM (Raspberry Pi) - Bind TCP /bin/sh Shell (0.0.0.0:4444/TCP) Null-Free Shellcode (112 bytes)11-01-2018
Transmission - RPC DNS Rebinding11-01-2018
ALLMediaServer 0.95 - Buffer Overflow11-01-2018
Microsoft Edge Chakra JIT - 'Lowerer::LowerSetConcatStrMultiItem' Missing Integer Overflow Check10-01-2018
Multiple CPUs - Information Leak Using Speculative Execution10-01-2018
HPE iMC - dbman RestartDB Unauthenticated Remote Command Execution (Metasploit)10-01-2018
HPE iMC - dbman RestoreDBase Unauthenticated Remote Command Execution (Metasploit)10-01-2018
Joomla! Component Easydiscuss < 4.0.21 - Cross-Site Scripting10-01-2018