OpenVAS - The World's Most Advanced Open Source Vulnerability Scanner and Manager

The Open Vulnerability Assessment System OpenVAS is a framework of several services and tools. The core of this SSL-secured service-oriented architecture is the OpenVAS Scanner. The scanner very efficiently executes the actual Network Vulnerability Tests NVTs which are served with daily updates v...

foreman-proxy SSL verification issue

Foreman Security reports: The smart proxy when running in an SSL-secured mode permits incoming API calls to any endpoint without requiring, or performing any verification of an SSL client certificate. This permits any client with access to the API to make requests and perform actions permitting...

Debian DSA-1986-1 : moodle - several vulnerabilities

Several vulnerabilities have been discovered in Moodle, an online course management system. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-4297 Multiple cross-site request forgery CSRF vulnerabilities have been discovered. - CVE-2009-4298 It has be...

Debian: Security Advisory (DSA-1986-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

citibankXSS.txt

------=Part8324496004.1123943920825 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Hi Full-Disclosure, I'm here to report an XSS vulnerability in one of Citibank's websites. I actually found this at a log in screen, but it's on...