BugSearch è un portale d'informazione sul mondo della sicurezza web e non che offre una serie di servizi utili a divulgare rapidamente ai propri utenti registrati gli avvisi di sicurezza scoperti nella rete, in modo tale da poter essere avvisati tempestivamente su bachi, falle di sistema, exploit e threats che affliggono le applicazioni e correggerle nel minor tempo possibile.

Novità: Invia Nuovo Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
Drupal < 8.6.9 - REST Module Remote Code Execution25-02-2019
Jenkins Plugin Script Security 1.49/Declarative 1.3.4/Groovy 2.60 - Remote Code Execution25-02-2019
News Website Script 2.0.5 - SQL Injection25-02-2019
Advance Gift Shop Pro Script 2.0.3 - SQL Injection25-02-2019
Xlight FTP Server 3.9.1 - Buffer Overflow (PoC)25-02-2019
PHP Ecommerce Script 2.0.6 - Cross-Site Scripting / SQL Injection25-02-2019
Drupal < 8.6.10 / < 8.5.11 - REST Module Remote Code Execution23-02-2019
WinRAR 5.61 - Path Traversal22-02-2019
Teracue ENC-400 - Command Injection / Missing Authentication22-02-2019
Micro Focus Filr 3.4.0.217 - Path Traversal / Local Privilege Escalation22-02-2019
Nuuo Central Management - Authenticated SQL Server SQL Injection (Metasploit)22-02-2019
WebKit JSC - reifyStaticProperty Needs to set the PropertyAttribute::CustomAccessor flag for CustomGetterSetter22-02-2019
Quest NetVault Backup Server < 11.4.5 - Process Manager Service SQL Injection / Remote Code Execution22-02-2019
MikroTik RouterOS < 6.43.12 (stable) / < 6.42.12 (long-term) - Firewall and NAT Bypass21-02-2019
ScreenStream 3.0.15 - Denial of Service21-02-2019
C4G Basic Laboratory Information System (BLIS) 3.4 - SQL Injection21-02-2019
Memu Play 6.0.7 - Privilege Escalation21-02-2019
Valentina Studio 9.0.5 Linux - 'Host' Buffer Overflow (PoC)21-02-2019
Virtual VCR Max .0a - '.vcr' Buffer Overflow (PoC)21-02-2019
RealTerm Serial Terminal 2.0.0.70 - 'Echo Port' Buffer Overflow (SEH)21-02-2019
AirDrop 2.0 - Denial of Service (DoS)21-02-2019
EI-Tube 3 - SQL Injection21-02-2019
Belkin Wemo UPnP - Remote Code Execution (Metasploit)20-02-2019
FTPShell Server 6.83 - 'Account name to ban' Denial of Service (PoC)20-02-2019
FaceTime - Texture Processing Memory Corruption20-02-2019
MatrixSSL < 4.0.2 - Stack Buffer Overflow Verifying x.509 Certificates20-02-2019
Android Kernel < 4.8 - ptrace seccomp Filter Bypass20-02-2019
HotelDruid 2.3 - Cross-Site Scripting20-02-2019
webERP 4.15 - 'ImportBankTransaction' Blind SQL Injection20-02-2019
WinRAR 5.61 - '.lng' Denial of Service20-02-2019