BugSearch è un portale d'informazione sul mondo della sicurezza web e non che offre una serie di servizi utili a divulgare rapidamente ai propri utenti registrati gli avvisi di sicurezza scoperti nella rete, in modo tale da poter essere avvisati tempestivamente su bachi, falle di sistema, exploit e threats che affliggono le applicazioni e correggerle nel minor tempo possibile.

Novità: Invia Nuovo Exploit

Register now to start receiving our security alerts of your favourite applications or try our new Android App which will keep you updated everywhere you are!


Last Advisories
Telesquare SKT LTE Router SDT-CS3B1 - Denial of Service27-12-2017
Sony Playstation 4 4.05 FW - Local Kernel Exploit27-12-2017
Trustwave SWG 11.8.0.27 - SSH Unauthorized Access26-12-2017
SilverStripe CMS 3.6.2 - CSV Excel Macro Injection26-12-2017
Biometric Shift Employee Management System 3.0 - Local File Disclosure26-12-2017
Sendroid < 6.5.0 - SQL Injection26-12-2017
Joomla! Component JEXTN FAQ Pro 4.0.0 - 'id' SQL Injection26-12-2017
Ubiquiti UniFi Video 3.7.3 - Local Privilege Escalation26-12-2017
GetGo Download Manager 5.3.0.2712 - Buffer Overflow26-12-2017
COMTREND ADSL Router CT-5367 - Remote Code Execution26-12-2017
Huawei Router HG532 - Arbitrary Command Execution25-12-2017
Iopsys Router - 'dhcp' Remote Code Execution23-12-2017
Vitek - Remote Command Execution / Information Disclosure (PoC)22-12-2017
Samsung Internet Browser - SOP Bypass (Metasploit)20-12-2017
BEIMS ContractorWeb 5.18.0.0 - SQL Injection20-12-2017
Ability Mail Server 3.3.2 - Cross-Site Scripting20-12-2017
Microsoft Windows Kernel - 'NtQueryVirtualMemory(MemoryMappedFilenameInformation)' Double-Write Ring-0 Address Leak20-12-2017
Trend Micro Smart Protection Server - Session Hijacking / Log File Disclosure / Remote Command Execution / Cron Job Injection / Local File Inclusion / Stored Cross-Site Scripting / Improper Access Control19-12-2017
Linux/x64 - Custom Encoded XOR + Polymorphic + execve(/bin/sh) Shellcode (Generator)19-12-2017
Ichano AtHome IP Cameras - Multiple Vulnerabilities19-12-2017
Joomla! Component NextGen Editor 2.1.0 - 'plname' SQL Injection19-12-2017
BrightSign Digital Signage - Multiple Vulnerablities19-12-2017
Microsoft Internet Explorer 11 - 'jscript!JSONStringifyObject' Use-After-Free19-12-2017
Microsoft Windows - 'jscript!NameTbl::GetValDef' Use-After-Free19-12-2017
Microsoft Windows - jscript.dll 'Array.sort' Heap Overflow19-12-2017
Intel Content Protection HECI Service - Type Confusion Privilege Escalation19-12-2017
Microsoft Windows - 'jscript!JsArraySlice' Uninitialized Variable19-12-2017
Microsoft Windows - 'jscript!RegExpComp::Compile' Heap Overflow Through IE or Local Network via WPAD19-12-2017
Tuleap 9.6 - Second-Order PHP Object Injection (Metasploit)19-12-2017
Jenkins - XStream Groovy classpath Deserialization (Metasploit)19-12-2017