NVD List
Id | Name | Description | Reject | CVSS Version | CVSS Score | Severity | Pub Date | Modified Date | Actions |
---|---|---|---|---|---|---|---|---|---|
86118 | CVE-2017-8897 | Invision Power Services (IPS) Community Suite 4.1.19.2 and earlier has pre-auth reflected XSS in the IPS UTF8 Converter v1.1.18: admin/convertutf8/index.php?controller= is the attack vector. This UTF8 Converter vulnerability can easily be used to make a malicious announcement affecting any Invision Power Board user who views the announcement. | 2 | 4.3 | Medium | 2017-05-27 | 2017-05-18 | View | |
86119 | CVE-2017-8898 | Invision Power Services (IPS) Community Suite 4.1.19.2 and earlier has stored XSS in the Announcements, allowing privilege escalation from an Invision Power Board moderator to an admin. An attack uses the announce_content parameter in an index.php?/modcp/announcements/&action=create request. This is related to the <> Source option. | 2 | 7.5 | High | 2017-05-27 | 2017-05-16 | View | |
86120 | CVE-2017-8899 | Invision Power Services (IPS) Community Suite 4.1.19.2 and earlier has a composite of Stored XSS and Information Disclosure issues in the attachments feature found in User CP. This can be triggered by any Invision Power Board user and can be used to gain access to moderator/admin accounts. The primary cause is the ability to upload an SVG document with a crafted attribute such an onload; however, full path disclosure is required for exploitation. | 2 | 6.8 | Medium | 2017-05-27 | 2017-05-16 | View | |
86121 | CVE-2017-8900 | LightDM through 1.22.0, when systemd is used in Ubuntu 16.10 and 17.x, allows physically proximate attackers to bypass intended AppArmor restrictions and visit the home directories of arbitrary users by establishing a guest session. | 2 | 2.1 | Low | 2017-05-27 | 2017-05-26 | View | |
86125 | CVE-2017-8906 | An integer underflow vulnerability exists in pixel-a.asm, the x86 assembly code for planeClipAndMax() in MulticoreWare x265 through 2.4, as used by the x265_encoder_encode dependency in libbpg and other products. A small picture can cause an integer underflow, which leads to a Denial of Service in the process of encoding. | 2 | 4.3 | Medium | 2017-05-27 | 2017-05-20 | View |
Page 16029 of 17672, showing 5 records out of 88360 total, starting on record 80141, ending on 80145