BugSearch è un portale d'informazione sul mondo della sicurezza web e non che offre una serie di servizi utili a divulgare rapidamente ai propri utenti registrati gli avvisi di sicurezza scoperti nella rete, in modo tale da poter essere avvisati tempestivamente su bachi, falle di sistema, exploit e threats che affliggono le applicazioni e correggerle nel minor tempo possibile.

Novità: Invia Nuovo Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
phpBB 3.2.3 - Remote Code Execution12-12-2019
Oracle Weblogic Server - Deserialization Remote Command Execution (Patch Bypass)25-10-2019
Cisco Catalyst 3850 Series Device Manager - Cross-Site Request Forgery01-08-2019
Ultimate Loan Manager 2.0 - Cross-Site Scripting01-08-2019
WebIncorp ERP - SQL injection01-08-2019
Oracle Hyperion Planning 11.1.2.3 - XML External Entity31-07-2019
macOS / iOS JavaScriptCore - JSValue Use-After-Free in ValueProfiles30-07-2019
macOS / iOS NSKeyedUnarchiver - Use-After-Free of ObjC Objects when Unarchiving OITSUIntDictionary Instances30-07-2019
iMessage - NSArray Deserialization can Invoke Subclass that does not Retain References30-07-2019
iMessage - NSKeyedUnarchiver Deserialization Allows file Backed NSData Objects30-07-2019
macOS / iOS JavaScriptCore - Loop-Invariant Code Motion (LICM) Leaves Object Property Access Unguarded30-07-2019
Redis 4.x / 5.x - Unauthenticated Code Execution (Metasploit)30-07-2019
iMessage - Memory Corruption when Decoding NSKnownKeysDictionary130-07-2019
Amcrest Cameras 2.520.AC00.18.R - Unauthenticated Audio Streaming30-07-2019
GigToDo 1.3 - Cross-Site Scripting29-07-2019
Schneider Electric Pelco Endura NET55XX Encoder - Authentication Bypass (Metasploit)29-07-2019
WordPress Plugin Simple Membership 3.8.4 - Cross-Site Request Forgery29-07-2019
WordPress Theme Real Estate 2.8.9 - Cross-Site Scripting29-07-2019
WordPress Plugin Database Backup < 5.2 - Remote Code Execution (Metasploit)29-07-2019
pdfresurrect 0.15 - Buffer Overflow26-07-2019
Ahsay Backup 7.x - 8.1.1.50 - Authenticated Arbitrary File Upload / Remote Code Execution26-07-2019
Ahsay Backup 7.x - 8.1.1.50 - Authenticated Arbitrary File Upload / Remote Code Execution (Metasploit)26-07-2019
Ahsay Backup 7.x - 8.1.1.50 - XML External Entity Injection26-07-2019
Moodle Filepicker 3.5.2 - Server Side Request Forgery26-07-2019
Microsoft Windows 7 build 7601 (x86) - Local Privilege Escalation26-07-2019
WebKit - Universal Cross-Site Scripting due to Synchronous Page Loads25-07-2019
Ovidentia 8.4.3 - SQL Injection25-07-2019
Ovidentia 8.4.3 - Cross-Site Scripting25-07-2019
Apple iMessage - DigitalTouch tap Message Processing Out-of-Bounds Read24-07-2019
Trend Micro Deep Discovery Inspector IDS - Security Bypass24-07-2019