AppCheck Security Blog

FEATURED POST

WordPress + Microsoft Office 365 / Azure AD | LOGIN Persistent Cross-Site Scripting (CVE-2021-43409)

read more
Filter by:
View all
Case Studies
Events
General
News
Product
Research
Security Alerts
Appcheck - icons

**CRITICAL RISK** CVE-2023-28229 Microsoft Windows (Multiple Editions)- Unauthorised Escalation of Privilege to Superuser (‘SYSTEM’) Context via Race Condition in CNG Key Isolation Service

Microsoft Windows is a group of several proprietary graphical operating system families developed and marketed by Microsoft. Each family caters to a certain sector of the computing industry. As of September 2022, the most recent version of Windows is Windows 11 for consumer PCs and tablets, Windows 11 Enterprise for corporations, and Windows Server 2022 for servers.
Read More
Appcheck - icons

**CRITICAL RISK** CVE-2023-42793 JetBrains Teamcity Server < v2023.05.4 – Unauthorised Remote Execution of Arbitrary Code following Authentication Bypass

TeamCity is a build management and continuous integration server from JetBrains. It aims to to provide support for flexible workflows, collaboration and development practices within DevOps-centric teams. It exists in both self-hosted and cloud-based editions.
Read More
Appcheck - icons

**CRITICAL RISK** CVE-2023-28434 MinIO Vulnerability – Unauthorised Insertion of Arbitrary Objects into Buckets due to Improper Privilege Management in Console API

MinIO is a High-Performance Object Storage released under GNU Affero General Public License v3.0. It is API compatible with the Amazon S3 cloud storage service. It can handle unstructured data such as photos, videos, log files, backups, and container images with a current maximum supported object size of 50TB.
Read More
Appcheck - icons

**CRITICAL RISK** CVE-2023-4863 LibWebP – Heap-Based Buffer Overflow Vulnerability

WebP is a modern image format that provides superior lossless and lossy compression for images on the web.
Read More
Appcheck - icons

NoSQL Security and Why It is Important for Businesses

In this blog post, we look at NoSQL security and why it’s important. NoSQL databases are database systems that store data in alternative formats other than conventional relational tables. The databases gained traction due to a notable reduction in storage expenses.
Read More
Appcheck - icons

Cross-site leaks

In this blog post, we look at cross-site leaks. “XSS” and “SQLi” are household names within web application security – vulnerabilities that will be known by name, if not in exact detail of implementation, by almost everyone working within the IT sector. “Cross-Site Leaks” … isn’t. But Google web security researcher Krzysztof Kotowicz recently predicted that it’s only a matter of time until this little-known vulnerability may soon make it into the industry-standard OWASP Top 10 list.
Read More

Get in touch

Start your free trial

Simply complete the form and we’ll send you all you need to activate AppCheck and undertake your FREE scan.
Your details
IP Addresses
URLs