AppCheck Security Blog

FEATURED POST

Web Application Security Seminar July 2023

read more
Filter by:
View all
Case Studies
Events
General
News
Product
Research
Security Alerts
Appcheck - icons

**CRITICAL RISK** CVE-2023-21762 Fortinet FortiProxy and FortiOS – Unauthorised Remote Code Execution (RCE) via Out-of-Bounds Write (Memory Corruption) Vulnerability

Drupal is a free and open-source web content management system (CMS) written in PHP. Drupal provides an open-source back-end framework for blogs, but also for knowledge management and for business collaboration systems. The standard release of Drupal, known as Drupal core, contains basic features common to content-management systems, including user account registration and maintenance, menu management, RSS feeds, taxonomy, page layout customization, and system administration.
Read More
Appcheck - icons

**CRITICAL RISK** CVE-2023-4762 Google Chrome < v116.0.5845.179 – Arbitrary Code Execution (RCE) via Exploit of Type Confusion Vulnerability in V8 JavaScript Engine

Google Chrome is a web browser developed by Google. It was first released in 2008 for Microsoft Windows, built with free software components from Apple WebKit and Mozilla Firefox. Versions were later released for Linux, macOS, iOS, and also for Android, where it is the default browser. The browser is also the main component of ChromeOS, where it serves as the platform for web applications.
Read More
Appcheck - icons

How can I improve my vulnerability management programme?

In this blog post we don’t provide a list of “quick tips” for how to improve a vulnerability management programme, since these will vary from one organisation to another, based on how vulnerability management is currently performed. Instead, we lay out how to go about assessing your current programme, and where to look for guidance on how to take it to the next level based on what you find.
Read More
Appcheck - icons

5 Tips for Application Security Testing

Prioritising application security has become a significant focus for modern businesses, and staying informed about the evolving security landscape is crucial for organisations looking to effectively enhance their application security.
Read More
Appcheck - icons

**CRITICAL RISK** CVE-2023-29300 Adobe ColdFusion (2018, 2021, 2023) – Arbitrary Code Execution via Unsafe Deserialisation of Untrusted Data

Adobe ColdFusion is a commercial rapid web-application development computing platform (the programming language used with that platform is also commonly called ColdFusion, though is more accurately known as CFML.) ColdFusion includes an IDE in addition to a full scripting language. One of the distinguishing features of ColdFusion is its associated scripting language, ColdFusion Markup Language (CFML). CFML compares to the scripting components of ASP, JSP, and PHP in purpose and features, but its tag syntax more closely resembles HTML, while its script syntax resembles JavaScript. ColdFusion is often used synonymously with CFML, but there are additional CFML application servers besides ColdFusion, and ColdFusion supports programming languages other than CFML, such as server-side ActionScript and embedded scripts that can be written in a JavaScript-like language known as CFScript.
Read More
Appcheck - icons

**CRITICAL RISK** CVE-2023-49897 FXC AE1021 < v2.0.10 – OS Command Injection Vulnerability in Web Management UI NTP Configuration

FXC is a Chinese company who manufacture, sales and resale of network equipment and optical wavelength multiplexing equipment, remote maintenance service system. The AE1021/AE1021PE is an information outlet compatible, IEEE802.11b/g/n compliant high-performance wireless LAN router for hotels and residential units.
Read More
Services
Company
Resources
Keep in touch

AppCheck Ltd. is a company registered in England and Wales with company number 06888174

Get in touch

Start your free trial

Simply complete the form and we’ll send you all you need to activate AppCheck and undertake your FREE scan.
Your details
IP Addresses
URLs