BugSearch is an information portal focused on applications security, web oriented and not. We offer our services to disclose our registered users on security alerts found on the net, in order to warn them as soon as possible on bugs, system flaws, exploits and threats afflicting applications and possible patches.

New Feature: Post New Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
Microsoft Windows 10 1809 - LUAFV PostLuafvPostReadWrite SECTION_OBJECT_POINTERS Race Condition Privilege Escalation16-04-2019
AdminExpress 1.2.5 - 'Folder Path' Denial of Service (PoC)16-04-2019
RemoteMouse 3.008 - Arbitrary Remote Command Execution15-04-2019
Linux/x86 - MMX-PUNPCKLBW Encoder Shellcode (61 bytes)15-04-2019
CuteNews 2.1.2 - 'avatar' Remote Code Execution (Metasploit)15-04-2019
MailCarrier 2.51 - 'RCPT TO' Buffer Overflow15-04-2019
DirectAdmin 1.561 - Multiple Vulnerabilities15-04-2019
UltraVNC Launcher 1.2.2.4 - 'Path' Denial of Service (PoC)15-04-2019
Linux/x86 - Cat File Encode to base64 and post via curl to Webserver Shellcode (125 bytes)15-04-2019
MailCarrier 2.51 - POP3 'TOP' SEH Buffer Overflow15-04-2019
MailCarrier 2.51 - POP3 'USER' Buffer Overflow15-04-2019
UltraVNC Viewer 1.2.2.4 - 'VNC Server' Denial of Service (PoC)15-04-2019
Cisco RV130W Routers - Management Interface Remote Command Execution (Metasploit)15-04-2019
MailCarrier 2.51 - POP3 'LIST' SEH Buffer Overflow15-04-2019
Zimbra Collaboration - Autodiscover Servlet XXE and ProxyServlet SSRF (Metasploit)12-04-2019
Microsoft Windows - Contact File Format Arbitary Code Execution (Metasploit)12-04-2019
ATutor < 2.2.4 - 'file_manager' Remote Code Execution (Metasploit)12-04-2019
Linux/x86 - Add User to Passwd File Shellcode (149 bytes)12-04-2019
Microsoft Internet Explorer 11 - XML External Entity Injection12-04-2019
CyberArk EPM 10.2.1.603 - Security Restrictions Bypass12-04-2019
Dell KACE Systems Management Appliance (K1000) 6.4.120756 - Unauthenticated Remote Code Execution10-04-2019
FTPShell Server 6.83 - 'Account name to ban' Local Buffer10-04-2019
D-Link DI-524 V2.06RU - Multiple Cross-Site Scripting10-04-2019
FTPShell Server 6.83 - 'Virtual Path Mapping' Local Buffer10-04-2019
Microsoft Windows - AppX Deployment Service Privilege Escalation09-04-2019
Apache Axis 1.4 - Remote Code Execution09-04-2019
TP-LINK TL-WR940N / TL-WR941ND - Buffer Overflow09-04-2019
Linux/x64 - XANAX Decoder Shellcode (127 bytes)09-04-2019
Ashop Shopping Cart Software - 'bannedcustomers.php?blacklistitemid' SQL Injection09-04-2019
Linux/x64 - XANAX Encoder Shellcode (127 bytes)09-04-2019