BugSearch è un portale d'informazione sul mondo della sicurezza web e non che offre una serie di servizi utili a divulgare rapidamente ai propri utenti registrati gli avvisi di sicurezza scoperti nella rete, in modo tale da poter essere avvisati tempestivamente su bachi, falle di sistema, exploit e threats che affliggono le applicazioni e correggerle nel minor tempo possibile.

Novità: Invia Nuovo Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
Wireshark - 'get_t61_string' Heap Out-of-Bounds Read08-01-2019
CF Image Hosting Script 1.6.5 - (Delete all Pictures) Privilege Escalation08-01-2019
KioWare Server Version 4.9.6 - Weak Folder Permissions Privilege Escalation07-01-2019
Huawei E5330 21.210.09.00.158 - Cross-Site Request Forgery (Send SMS)07-01-2019
Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 - Cross-Site Request Forgery07-01-2019
Foscam Video Management System 1.1.4.9 - 'Username' Denial of Service (PoC)07-01-2019
Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 - JS/HTML Code Injection07-01-2019
BlueAuditor 1.7.2.0 - 'Key' Denial of Service (PoC)07-01-2019
SpotFTP Password Recover 2.4.2 - 'Name' Denial of Service (PoC)07-01-2019
MyT Project Management 1.5.1 - 'Charge' SQL Injection07-01-2019
Wordpress Plugin UserPro < 4.9.21 - User Registration Privilege Escalation07-01-2019
phpMoAdmin MongoDB GUI 1.1.5 - Cross-Site Request Forgery / Cross-Site Scripting07-01-2019
Ajera Timesheets 9.10.16 - Deserialization of Untrusted Data07-01-2019
Roxy Fileman 1.4.5 - Unrestricted File Upload / Directory Traversal07-01-2019
MyBB OUGC Awards Plugin 1.8.3 - Persistent Cross-Site Scripting07-01-2019
Microsoft Edge 44.17763.1.0 - NULL Pointer Dereference07-01-2019
PLC Wireless Router GPN2.4P21-C-CN - Cross-Site Scripting07-01-2019
Embed Video Scripts - Persistent Cross-Site Scripting07-01-2019
LayerBB 1.1.1 - Persistent Cross-Site Scripting07-01-2019
All in One Video Downloader 1.2 - Authenticated SQL Injection07-01-2019
Mailcleaner - Authenticated Remote Code Execution (Metasploit)07-01-2019
Linux Kernel 4.15.x < 4.19.2 - 'map_write() CAP_SYS_ADMIN' Local Privilege Escalation (dbus Method)04-01-2019
Linux Kernel 4.15.x < 4.19.2 - 'map_write() CAP_SYS_ADMIN' Local Privilege Escalation (polkit Method)04-01-2019
Hashicorp Consul - Remote Command Execution via Services API (Metasploit)02-01-2019
Hashicorp Consul - Remote Command Execution via Rexec (Metasploit)02-01-2019
WebKit JSC - 'AbstractValue::set' Use-After-Free02-01-2019
WebKit JSC - 'JSArray::shiftCountWithArrayStorage' Out-of-Bounds Read/Write02-01-2019
EZ CD Audio Converter 8.0.7 - Denial of Service (PoC)02-01-2019
NetworkSleuth 3.0.0.0 - 'Key' Denial of Service (PoC)02-01-2019
Ayukov NFTP FTP Client 2.0 - Buffer Overflow02-01-2019