BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
Axessh 4.2 - 'Log file name' Local Stack-based Buffer Overflow24-05-2019
Apple Mac OS X - Feedback Assistant Race Condition (Metasploit)23-05-2019
NetAware 1.20 - 'Add Block' Denial of Service (PoC)23-05-2019
Visual Voicemail for iPhone - IMAP NAMESPACE Processing Use-After-Free23-05-2019
Shopware - createInstanceFromNamedArguments PHP Object Instantiation Remote Code Execution (Metasploit)23-05-2019
Microsoft Windows 10 (17763.379) - Install DLL23-05-2019
Linux/x64 - Execve(/bin/sh) Shellcode (23 bytes)23-05-2019
NetAware 1.20 - 'Share Name' Denial of Service (PoC)23-05-2019
Nagios XI 5.6.1 - SQL injection23-05-2019
Microsoft Windows 10 1809 - 'CmKeyBodyRemapToVirtualForEnum' Arbitrary Key Enumeration Privilege Escalation23-05-2019
Terminal Services Manager 3.2.1 - Denial of Service23-05-2019
Microsoft Windows - AppX Deployment Service Local Privilege Escalation (2)23-05-2019
AUO Solar Data Recorder < 1.3.0 - 'addr' Cross-Site Scripting22-05-2019
Carel pCOWeb < B1.2.1 - Cross-Site Scripting22-05-2019
Microsoft Windows (x84) - Task Scheduler' .job' Import Arbitrary Discretionary Access Control List Write / Local Privilege Escalation22-05-2019
BlueStacks 4.80.0.1060 - Denial of Service (PoC)22-05-2019
Carel pCOWeb < B1.2.1 - Credentials Disclosure22-05-2019
RarmaRadio 2.72.3 - 'Username' Denial of Service (PoC)22-05-2019
Zoho ManageEngine ServiceDesk Plus 9.3 - Cross-Site Scripting22-05-2019
Zoho ManageEngine ServiceDesk Plus < 10.5 - Improper Access Restrictions22-05-2019
RarmaRadio 2.72.3 - 'Server' Denial of Service (PoC)22-05-2019
Microsoft Windows (x84/x64) - 'Error Reporting' Discretionary Access Control List / Local Privilege Escalation22-05-2019
TapinRadio 2.11.6 - 'Uername' Denial of Service (PoC)22-05-2019
Horde Webmail 5.2.22 - Multiple Vulnerabilities22-05-2019
Microsoft Internet Explorer 11 - Sandbox Escape22-05-2019
TapinRadio 2.11.6 - 'Address' Denial of Service (PoC)22-05-2019
Deluge 1.3.15 - 'URL' Denial of Service (PoC)21-05-2019
macOS < 10.14.5 / iOS < 12.3 XNU - Wild-read due to bad cast in stf_ioctl21-05-2019
TP-LINK TL-WR840N v5 00000005 - Cross-Site Scripting21-05-2019
Oracle CTI Web Service - 'EBS_ASSET_HISTORY_OPERATIONS' XML Entity Injection21-05-2019