CVE-2020-8284

A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions.

Publication date: Tue, 15 Dec 2020 02:15:00 +0000

Cyber News related to CVE-2020-8284

CVE-2021-40491 - The ftp client in GNU Inetutils before 2.2 does not validate addresses returned by PASV/LSPV responses to make sure they match the server address. This is similar to CVE-2020-8284 for curl. ...
1 year ago

CVE-2020-8284 - A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, ...
3 months ago

CVE-2015-8284 - SeaWell Networks Spectrum SDC 02.05.00 allows remote viewer users to perform administrative functions. ...
7 years ago

CVE-2016-8284 - Unspecified vulnerability in Oracle MySQL 5.6.31 and earlier and 5.7.13 and earlier allows local users to affect availability via vectors related to Server: Replication. ...
5 years ago

CVE-2017-8284 - ** DISPUTED ** The disas_insn function in target/i386/translate.c in QEMU before 2.9.0, when TCG mode without hardware acceleration is used, does not limit the instruction size, which allows local users to gain privileges by creating a modified basic ...
4 years ago

CVE-2018-8284 - A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka ".NET Framework Remote Code Injection Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework ...
2 years ago

CVE-2014-8284 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none ...
54 years ago Tenable.com

CVE-2020-1246 - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, ...
2 years ago

CVE-2020-1266 - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, ...
2 years ago

CVE-2020-1262 - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, ...
2 years ago

CVE-2020-1275 - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, ...
2 years ago

CVE-2020-1264 - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, ...
2 years ago

CVE-2020-1276 - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, ...
2 years ago

CVE-2020-1274 - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, ...
2 years ago

CVE-2020-1237 - An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1246, CVE-2020-1262, ...
2 years ago

CVE-2020-1307 - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, ...
2 years ago

CVE-2020-1273 - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, ...
2 years ago

CVE-2020-1316 - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, ...
2 years ago

CVE-2020-1269 - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0986, CVE-2020-1237, ...
2 years ago

CVE-2020-0986 - An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1237, CVE-2020-1246, ...
2 years ago

CVE-2020-0632 - An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0613, CVE-2020-0614, ...
2 years ago

CVE-2020-0626 - An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0613, CVE-2020-0614, ...
2 years ago

CVE-2020-0631 - An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0613, CVE-2020-0614, ...
2 years ago

CVE-2020-0629 - An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0613, CVE-2020-0614, ...
2 years ago

CVE-2020-0768 - A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0823, CVE-2020-0825, ...
2 years ago

Latest Cyber News

CVE-2024-37528 - 3 hours ago
CVE-2024-31897 - 3 hours ago
CVE-2024-38330 - 4 hours ago
CVE-2024-39723 - 5 hours ago
CVE-2024-5711 - 6 hours ago
CVE-2024-6539 - 7 hours ago
CVE-2024-6229 - 14 hours ago
CVE-2024-40614 - 15 hours ago
CVE-2024-40605 - 1 day ago
CVE-2024-40604 - 1 day ago
CVE-2024-40603 - 1 day ago
CVE-2024-40602 - 1 day ago
CVE-2024-40601 - 1 day ago
CVE-2024-40600 - 1 day ago
CVE-2024-40599 - 1 day ago
CVE-2024-40598 - 1 day ago
CVE-2024-40596 - 1 day ago
CVE-2024-40597 - 1 day ago
CVE-2024-6095 - 1 day ago
CVE-2024-37554 - 1 day ago

Cyber Trends (last 7 days)

Okta - 7 months ago
23andMe - 7 months ago
Kimsuky - 7 months ago
LogoFAIL - 7 months ago
Gh0st rat - 7 months ago

Trending Cyber News (last 7 days)

CVE-2024-5711 - 6 hours ago
CVE-2024-39723 - 5 hours ago
CVE-2024-38330 - 4 hours ago
CVE-2024-37528 - 3 hours ago
CVE-2024-31897 - 3 hours ago
CVE-2024-6539 - 7 hours ago
CVE-2024-6229 - 14 hours ago
CVE-2024-40614 - 15 hours ago
CVE-2024-40605 - 1 day ago
CVE-2024-40604 - 1 day ago
CVE-2024-40603 - 1 day ago
CVE-2024-40602 - 1 day ago
CVE-2024-40601 - 1 day ago
CVE-2024-40600 - 1 day ago
CVE-2024-40599 - 1 day ago
CVE-2024-40598 - 1 day ago
CVE-2024-40596 - 1 day ago
CVE-2024-40597 - 1 day ago
CVE-2024-6095 - 1 day ago
CVE-2024-37553 - 1 day ago