CVE-2025-55383

Moss before v0.15 has a file upload vulnerability. The "upload" function configuration allows attackers to upload files of any extension to any location on the target server...

PT-2025-34230 · Moss · Moss

Name of the Vulnerable Software and Affected Versions: Moss versions prior to 0.15 Description: Moss before version 0.15 contains a file upload issue. The configuration of the upload function permits attackers to upload files with any extension to arbitrary locations on the target server...

Siemens EFI Boot Guard 输入验证错误漏洞

Siemens EFI Boot Guard is a simple UEFI boot loader from Siemens Germany. A code execution vulnerability exists in Siemens EFI Boot Guard versions prior to 0.15, which stems from insufficient input validation and cleanup, and can be exploited by an attacker to execute arbitrary code in privileged...

Eclipse OpenJ9 Competitive Conditions Issue Vulnerability

Eclipse OpenJ9 is a Java application engine from the Eclipse Foundation. The product is primarily used to run Java applications. A Competing Conditions Issue vulnerability exists in Eclipse OpenJ9 versions prior to 0.15. The vulnerability stems from improper handling of concurrent access when...

HTML-Scrubber module cross-site scripting vulnerability

HTML-Scrubber module is a Perl extension module that can clean up HTML. A cross-site scripting vulnerability exists in versions of HTML-Scrubber module prior to 0.15. This allows remote attackers to inject arbitrary web script or HTML via a crafted comment...

UBUNTU-CVE-2015-5667

Cross-site scripting XSS vulnerability in the HTML-Scrubber module before 0.15 for Perl, when the comment feature is enabled, allows remote attackers to inject arbitrary web script or HTML via a crafted comment...

DEBIAN-CVE-2012-2085

The execcommand function in common/helpers.py in Gajim before 0.15 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in an href attribute...