CVE-2025-64186 Evervault Go SDK: Incomplete PCR Validation in Enclave Attestation for non-Evervault hosted Enclaves

Evervault is a payment security solution. A vulnerability was identified in the evervault-go SDK’s attestation verification logic in versions of evervault-go prior to 1.3.2 that may allow incomplete documents to pass validation. This may cause the client to trust an enclave operator that does not...

CVE-2011-10017 Snort Report nmap.php/nbtscan.php RCE

Snort Report versions 1.3.2 contains a remote command execution vulnerability in the nmap.php and nbtscan.php scripts. These scripts fail to properly sanitize user input passed via the target GET parameter, allowing attackers to inject arbitrary shell commands. Exploitation requires no...

cycle-import-check 操作系统命令注入漏洞

cycle-import-check is a JS module cycle dependency checking tool by Theo Sun's personal developer. Versions of cycle-import-check prior to 1.3.2 suffer from an operating system command injection vulnerability that stems from incorrect user input cleanup and is susceptible to command injection via...