AppCheck Security Blog

FEATURED POST

Web Application Security Seminar – Manchester 25th March

read more
Filter by:
View all
Case Studies
Events
General
News
Product
Research
Security Alerts
Appcheck - icons

**CRITICAL RISK** CVE-2023-4863 LibWebP – Heap-Based Buffer Overflow Vulnerability

WebP is a modern image format that provides superior lossless and lossy compression for images on the web.
Read More
Appcheck - icons

NoSQL Security and Why It is Important for Businesses

In this blog post, we look at NoSQL security and why it’s important. NoSQL databases are database systems that store data in alternative formats other than conventional relational tables. The databases gained traction due to a notable reduction in storage expenses.
Read More
Appcheck - icons

Cross-site leaks

In this blog post, we look at cross-site leaks. “XSS” and “SQLi” are household names within web application security – vulnerabilities that will be known by name, if not in exact detail of implementation, by almost everyone working within the IT sector. “Cross-Site Leaks” … isn’t. But Google web security researcher Krzysztof Kotowicz recently predicted that it’s only a matter of time until this little-known vulnerability may soon make it into the industry-standard OWASP Top 10 list.
Read More
Appcheck - icons

**CRITICAL RISK** CVE-2023-26369 Being Actively Exploited: Adobe Acrobat (Multiple Versions) – Unauthorised Execution of Arbitrary Code via Out-of-Bounds Write

Adobe Acrobat is a family of application software and Web services developed by Adobe Inc. to view, create, manipulate, print and manage Portable Document Format (PDF) files. The family comprises Acrobat Reader (formerly Reader), Acrobat (formerly Exchange) and Acrobat.com. The basic Acrobat Reader, available for several desktop and mobile platforms, is freeware; it supports viewing, printing, scaling or resizing and annotating of PDF files. It is currently available for Windows, macOS, iOS, and Android users only.
Read More
Appcheck - icons

**CRITICAL RISK** CVE-2023-20269 Being Actively Exploited: Brute Force of Authentication Mechanism via Exploit of Improper Control of Interaction Frequency

A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations or an authenticated, remote attacker to establish a clientless SSL VPN session with an unauthorized user.
Read More
Appcheck - icons

CVE-2023-36761: Microsoft Word (Multiple Versions) – Disclosure of Sensitive NTLM Hashes to Unauthorised Actors via Preview Pane

Microsoft Word is a word processor developed by Microsoft. It was first released on October 25, 1983, under the name Multi-Tool Word for Xenix systems. Commercial versions of Word are licensed as a standalone product or as a component of Microsoft 365 suite of software, which can be purchased either with a perpetual license or as part of a Microsoft 365 subscription, respectively.
Read More
Services
Company
Resources
Keep in touch

AppCheck Ltd. is a company registered in England and Wales with company number 06888174

Get in touch

Start your free trial

Simply complete the form and we’ll send you all you need to activate AppCheck and undertake your FREE scan.
Your details
IP Addresses
URLs