BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
VMware Workstation 15.1.0 - DLL Hijacking16-05-2019
WeChat for Android 7.0.4 - 'vcodec2_hls_filter' Denial of Service16-05-2019
Axessh 4.2 - 'Log file name' Denial of Service (PoC)16-05-2019
JetAudio jetCast Server 2.0 - 'Log Directory' Local SEH Alphanumeric Encoded Buffer Overflow16-05-2019
ZOC Terminal v7.23.4 - 'Shell' Denial of Service (PoC)16-05-2019
ZOC Terminal v7.23.4 - 'Private key file' Denial of Service (PoC)16-05-2019
SEL AcSELerator Architect 2.2.24 - CPU Exhaustion Denial of Service16-05-2019
ZOC Terminal 7.23.4 - 'Script' Denial of Service (PoC)16-05-2019
Legrand BTicino Driver Manager F454 1.0.51 - Cross-Site Request Forgery / Cross-Site Scripting15-05-2019
CommSy 8.6.5 - SQL injection15-05-2019
Tomabo MP4 Converter 3.25.22 - Denial of Service (PoC)15-05-2019
Microsoft Windows - 'Win32k' Local Privilege Escalation15-05-2019
Selfie Studio 2.17 - 'Resize Image' Denial of Service (PoC)14-05-2019
TwistedBrush Pro Studio 24.06 - '.srp' Denial of Service (PoC)14-05-2019
D-Link DWL-2600AP - Multiple OS Command Injection14-05-2019
TwistedBrush Pro Studio 24.06 - 'Resize Image' Denial of Service (PoC)14-05-2019
TwistedBrush Pro Studio 24.06 - 'Script Recorder' Denial of Service (PoC)14-05-2019
Schneider Electric U.Motion Builder 1.3.4 - 'track_import_export.php object_id' Unauthenticated Command Injection14-05-2019
PHP-Fusion 9.03.00 - 'Edit Profile' Remote Code Execution (Metasploit)14-05-2019
Sales ERP 8.1 - Multiple SQL Injection14-05-2019
PasteShr 1.6 - Multiple SQL Injection14-05-2019
DNSS 2.1.8 - Denial of Service (PoC)13-05-2019
XOOPS 2.5.9 - SQL Injection13-05-2019
SpotMSN 2.4.6 - Denial of Service (PoC)13-05-2019
SOCA Access Control System 180612 - SQL Injection13-05-2019
SOCA Access Control System 180612 - Cross-Site Request Forgery (Add Admin)13-05-2019
SOCA Access Control System 180612 - Information Disclosure13-05-2019
Google Chrome V8 - Turbofan JSCallReducer::ReduceArrayIndexOfIncludes Out-of-Bounds Read/Write13-05-2019
OpenProject 5.0.0 - 8.3.1 - SQL Injection13-05-2019
Linux/x86 - /sbin/iptables -F Shellcode (43 bytes)13-05-2019