CVE-2020-15568

TerraMaster TOS before 4.1.29 has Invalid Parameter Checking that leads to code injection as root. This is a dynamic class method invocation vulnerability in include/exportUser.php, in which an attacker can trigger a call to the exec method with for example OS commands in the opt parameter...

Denial Of Service (DoS)

aimhubio/aim is vulnerable to Denial Of Service DoS. The vulnerability is due to the remote tracking server being configured to point at itself while using the class method Repo.frompath, which allows an attacker to cause the server to endlessly connect to itself and become unable to respond to...

Malicious code in active-support_alias_class_method (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

TerraMaster TOS Dynamic Class Method Invocation Vulnerability

TerraMaster TOS is a Linux-based operating system developed for TerraMaster Cloud Storage NAS servers. A dynamic class method call vulnerability exists in include/exportUser.php in TerraMaster TOS versions prior to 4.1.29. The vulnerability stems from invalid parameter checking. An attacker can...

Code injection

TerraMaster TOS before 4.1.29 has Invalid Parameter Checking that leads to code injection as root. This is a dynamic class method invocation vulnerability in include/exportUser.php, in which an attacker can trigger a call to the exec method with for example OS commands in the opt parameter...

CVE-2020-15568

TerraMaster TOS before 4.1.29 has Invalid Parameter Checking that leads to code injection as root. This is a dynamic class method invocation vulnerability in include/exportUser.php, in which an attacker can trigger a call to the exec method with for example OS commands in the opt parameter...

CVE-2020-15568

TerraMaster TOS before 4.1.29 has Invalid Parameter Checking that leads to code injection as root. This is a dynamic class method invocation vulnerability in include/exportUser.php, in which an attacker can trigger a call to the exec method with for example OS commands in the opt parameter. Recen...

Terramaster TOS 操作系统命令注入漏洞

TerraMaster TOS is a Linux-based operating system developed for TerraMaster Cloud Storage NAS servers. A dynamic class method call vulnerability exists in include/exportUser.php in TerraMaster TOS versions prior to 4.1.29. The vulnerability stems from invalid parameter checking. An attacker can...

shopify-scripts: Crash: A call to Symbol.new leads to a crash when inspecting the resulting object

Calling Symbol.new leads to a when inspect is called on that method probably even more methods. From my point of view the root cause is related to 185794 the underlying boxing model. Trying the same with Ruby 2.3 will lead to a NoMethodError: undefined method 'new' for Symbol:Class, which is...

The vulnerability of the implementation of the getClass method in the CookieInterceptor class of the Apache Struts software framework allows a hacker to execute arbitrary code.

The vulnerability of the CookieInterceptor class implementation in the Apache Struts software platform is related to deficiencies in access control when processing the cookiesName value with a placeholder. Exploiting this vulnerability could allow an attacker to execute arbitrary code by sending ...