Description
Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks.
Statistics
- 2 Posts
- 3 Interactions
Last activity: 23 hours ago
Fediverse
'In 2025, the number of vulnerabilities from 2024 and earlier added to the catalog grew to 94, a 34% increase from a year earlier.
'The oldest vulnerability added to the KEV catalog in 2025 was CVE-2007-0671, a Microsoft Office Excel Remote Code Execution vulnerability.
'The oldest vulnerability in the catalog remains one from 2002 – CVE-2002-0367, a privilege escalation vulnerability in the Windows NT and Windows 2000 smss.exe debugging subsystem that has been known to be used in ransomware attacks'.
https://cyble.com/blog/cisa-kev-2025-exploited-vulnerabilities-growth/
Overview
Description
A command injection vulnerability exists in the GL-iNet GL-AXT1800 router firmware v4.6.8. The vulnerability is present in the `plugins.install_package` RPC method, which fails to properly sanitize user input in package names. Authenticated attackers can exploit this to execute arbitrary commands with root privileges
Statistics
- 1 Post
- 2 Interactions
Last activity: 8 hours ago
Overview
Description
An issue in GL Inet GL.Inet AX1800 Version 4.6.4 & 4.6.8 are vulnerable. GL.Inet AX1800 Version 4.6.4 & 4.6.8 in the GL.iNet custom opkg wrapper script located at /usr/libexec/opkg-call. The script is executed with root privileges when triggered via the LuCI web interface or authenticated API calls to manage packages. The vulnerable code uses shell redirection to create a lock file in the world-writable /tmp directory.
Statistics
- 1 Post
- 2 Interactions
Last activity: 8 hours ago
Overview
Description
The LuCI web interface on Gl Inet GL.Inet AX1800 Version 4.6.4 & 4.6.8 are vulnerable. Fix available in version 4.8.2 GL.Inet AX1800 Version 4.6.4 & 4.6.8 lacks rate limiting or account lockout mechanisms on the authentication endpoint (`/cgi-bin/luci`). An unauthenticated attacker on the local network can perform unlimited password attempts against the admin interface.
Statistics
- 1 Post
- 2 Interactions
Last activity: 8 hours ago
Overview
Description
When doing multi-threaded LDAPS transfers (LDAP over TLS) with libcurl,
changing TLS options in one thread would inadvertently change them globally
and therefore possibly also affect other concurrently setup transfers.
Disabling certificate verification for a specific transfer could
unintentionally disable the feature for other threads as well.
Statistics
- 1 Post
- 3 Interactions
Last activity: 9 hours ago
Overview
Description
When doing SSH-based transfers using either SCP or SFTP, and asked to do
public key authentication, curl would wrongly still ask and authenticate using
a locally running SSH agent.
Statistics
- 1 Post
- 3 Interactions
Last activity: 9 hours ago
Overview
Description
When an OAuth2 bearer token is used for an HTTP(S) transfer, and that transfer
performs a cross-protocol redirect to a second URL that uses an IMAP, LDAP,
POP3 or SMTP scheme, curl might wrongly pass on the bearer token to the new
target host.
Statistics
- 1 Post
- 3 Interactions
Last activity: 9 hours ago
Overview
Description
When using `CURLOPT_PINNEDPUBLICKEY` option with libcurl or `--pinnedpubkey`
with the curl tool,curl should check the public key of the server certificate
to verify the peer.
This check was skipped in a certain condition that would then make curl allow
the connection without performing the proper check, thus not noticing a
possible impostor. To skip this check, the connection had to be done with QUIC
with ngtcp2 built to use GnuTLS and the user had to explicitly disable the
standard certificate verification.
Statistics
- 1 Post
- 3 Interactions
Last activity: 9 hours ago
Overview
Description
When doing TLS related transfers with reused easy or multi handles and
altering the `CURLSSLOPT_NO_PARTIALCHAIN` option, libcurl could accidentally
reuse a CA store cached in memory for which the partial chain option was
reversed. Contrary to the user's wishes and expectations. This could make
libcurl find and accept a trust chain that it otherwise would not.
Statistics
- 1 Post
- 3 Interactions
Last activity: 9 hours ago
Overview
Description
When doing SSH-based transfers using either SCP or SFTP, and setting the
known_hosts file, libcurl could still mistakenly accept connecting to hosts
*not present* in the specified file if they were added as recognized in the
libssh *global* known_hosts file.
Statistics
- 1 Post
- 3 Interactions
Last activity: 9 hours ago