affinity.com XSS vulnerability

Open Bug Bounty ID: OBB-186460 Description| Value ---|--- Affected Website:| affinity.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Shee...

Multi Gigabit Packet Capturing: PFQ

PFQ is a functional networking framework designed for the Linux operating system that allows efficient packets capture/transmission 10G and beyond, in-kernel functional processing and packets steering across sockets/end-points. PFQ is highly optimized for multi-core architecture, as well as for...

Casino Sues Cyber Security Company Over Failure to Stop Hackers

IT security firm Trustwave has been sued by a Las Vegas-based casino operator for conducting an allegedly "woefully inadequate" investigation following a network breach of the casino operator’s system. Affinity Gaming, an operator of 5 casinos in Nevada and 6 elsewhere in the United States, has...

Next Generation Snort IPS: Snort3

The Snort++ project has been hard at work for a while now and we have released the third alpha of the next generation Snort IPS Intrusion Prevention System. This file will show you what Snort++ has to offer and guide you through the steps from download to demo. If you are unfamiliar with Snort yo...

CVE-2014-7622

The Affinity Mobile ATM Locator aka com.collegemobile.affinity.locator application 1.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

Information disclosure

The Affinity Mobile ATM Locator aka com.collegemobile.affinity.locator application 1.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-7622

The Affinity Mobile ATM Locator aka com.collegemobile.affinity.locator application 1.5 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-7622

The CVE-2014-7622 issue affects the Affinity Mobile ATM Locator (com.collegemobile.affinity.locator) Android app, version 1.5. The vulnerability is that the application does not verify X.509 certificates from SSL servers, allowing man-in-the-middle attackers to spoof servers and obtain sensitive ...

Buffer overflow

Buffer overflow in the Python bindings for the xcvcpusetaffinity call in Xen 4.0.x, 4.1.x, and 4.2.x allows local administrators with permissions to configure VCPU affinity to cause a denial of service memory corruption and xend toolstack crash and possibly gain privileges via a crafted cpumap...

CVE-2013-2072

CVE-2013-2072 is a buffer overflow in the Python bindings for xc_vcpu_setaffinity in Xen 4.0.x–4.2.x. Local administrators with VCPU affinity configuration permissions could trigger memory corruption, toolstack crashes, and potentially privilege escalation via a crafted cpumap. Connected advisori...

CVE-2013-2072

Buffer overflow in the Python bindings for the xcvcpusetaffinity call in Xen 4.0.x, 4.1.x, and 4.2.x allows local administrators with permissions to configure VCPU affinity to cause a denial of service memory corruption and xend toolstack crash and possibly gain privileges via a crafted cpumap...

Linux Kernel 3.7.6 (RedHat x86/x64) - 'MSR' Driver Privilege Escalation

// PoC exploit for /dev/cpu//msr, 32bit userland on a 64bit host // can do whatever in the commented area, re-enable module support, etc // requires CONFIGX86MSR and just uid 0 // a small race exists between the time when the MSR is written to the first // time and when we issue our sysenter // w...

Fedora 18 : xen-4.2.2-5.fc18 (2013-8590)

xend toolstack doesn't check bounds for VCPU affinity XSA-56, CVE-2013-2072 xen-devel should require libuuid-devel, pygrub menu items can include too much text Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has...

Fedora 19 : xen-4.2.2-5.fc19 (2013-8513)

xend toolstack doesn't check bounds for VCPU affinity XSA-56, CVE-2013-2072 xen-devel should require libuuid-devel, pygrub menu items can include too much text Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has...

Affinity New Media SQL Injection

Exploit Title: Affinity New Media SQL Injection Vulnerability Google Dork: intext:"Website design by Affinity" inurl:asp?id= Date: 28.09.2011 Author: m3rciL3Ss Service Link:http://www.affinitynewmedia.com/ Version: Category: webapps === POC === »...

Affinity Health Warns 409K Customers of Breach

Affinity Health Plan, a New York managed care service, is notifying more than 400,000 current and former customers employees that their personal data might have been leaked through the loss of an unerased digital copier hard drive. Read the full article. Dark Reading...