AppCheck Security Blog

FEATURED POST

Features Review: GoScript and Card Skimmers

read more
Filter by:
View all
Case Studies
Events
General
News
Product
Research
Security Alerts
Appcheck - icons

**CRITICAL RISK** CVE-2023-26359 Adobe Coldfusion 2018 / 2021 – Arbitrary Code Execution via Unsafe Deserialization of Untrusted Data

Adobe ColdFusion is a commercial rapid web-application development computing platform (The programming language used with that platform is also commonly called ColdFusion, though is more accurately known as CFML.) ColdFusion was originally designed to make it easier to connect simple HTML pages to a database. By version 2 (1996) it had become a full platform that included an IDE in addition to a full scripting language.
Read More
Appcheck - icons

Kill Chains: An Overview

In this blog post, we look in detail at the various stages that combine to form a complete kill chain, and how knowledge of the model can help to better inform an organisation’s efforts to secure its technical estate, systems and data against attacks and attempted compromise.
Read More
Appcheck - icons

CVE-2023-38831: RARLabs WinRAR < v6.23 – Arbitrary Code Execution via Exploit of Incorrectly-Resolved Name or Reference

WinRAR is a trialware file archiver utility for Windows, developed by win.rar GmbH. It can create and view archives in RAR or ZIP file formats, and unpack numerous archive file formats. To enable the user to test the integrity of archives, WinRAR embeds CRC32 or BLAKE2 checksums for each file in each archive. WinRAR supports creating encrypted, multi-part and self-extracting archives. WinRAR is a Windows-only program.
Read More
Appcheck - icons

CVE-2023-32315: Ignite RealTime Openfire XMPP Server < v4.7.5 – Unauthorised Access to Administrative Console via Path Traversal Vulnerability in Setup Environment

Openfire is an XMPP server licensed under the Open Source Apache License. Extensible Messaging and Presence Protocol (XMPP, originally named Jabber) is an open communication protocol designed for instant messaging (IM), presence information, and contact list maintenance. Based on XML (Extensible Markup Language), it enables the near-real-time exchange of structured data between two or more network entities.
Read More
Appcheck - icons

**CRITICAL RISK** CVE-2023-27532 Veeam (Multiple Products) – Total Compromise of Host via Unauthorised Access to Credentials in Configuration Database

Veeam Backup & Replication is a proprietary backup app developed by Veeam for virtual environments built on VMware vSphere, Nutanix AHV, and Microsoft Hyper-V hypervisors. The software provides backup, restore and replication functionality for virtual machines, physical servers and workstations as well as cloud-based workload. Veeam Backup & Replication is positioned as a part of the Veeam Availability Suite bundle.
Read More
Appcheck - icons

CVE-2023-38180: Microsoft .NET Core and Visual Studio – Denial of Service (DoS) Vulnerability in Kestrel Web Server

Microsoft Visual Studio is an integrated development environment (IDE) from Microsoft. It is used to develop computer programs including websites, web apps, web services and mobile apps. Visual Studio uses Microsoft software development platforms such as Windows API, Windows Forms, Windows Presentation Foundation, Windows Store and Microsoft Silverlight. It can produce both native code and managed code.
Read More
Services
Company
Resources
Keep in touch

AppCheck Ltd. is a company registered in England and Wales with company number 06888174

Get in touch

Start your free trial

Simply complete the form and we’ll send you all you need to activate AppCheck and undertake your FREE scan.
Your details
IP Addresses
URLs