CVE-2025-68072

Missing Authorization vulnerability in Merv Barrett Easy Property Listings easy-property-listings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Property Listings: from n/a through = 3.5.20...

CVE-2025-68072

Missing Authorization vulnerability in Merv Barrett Easy Property Listings easy-property-listings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Property Listings: from n/a through = 3.5.20...

CVE-2025-68072 WordPress Easy Property Listings plugin <= 3.5.20 - Broken Access Control vulnerability

Missing Authorization vulnerability in Merv Barrett Easy Property Listings easy-property-listings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Property Listings: from n/a through = 3.5.20...

CVE-2025-68072

Missing Authorization vulnerability in Merv Barrett Easy Property Listings easy-property-listings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Property Listings: from n/a through = 3.5.17...

CVE-2025-68072

CVE-2025-68072 affects Easy Property Listings (WordPress plugin) with versions up to 3.5.17. The issue is Missing Authorization due to incorrectly configured access control, enabling unauthorized access to certain functions. CVSS 3.1 base score 6.5 (Network, Low confidentiality/Integrity impact, ...

WordPress Easy Property Listings plugin <= 3.5.19 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by daroo in WordPress Plugin Easy Property Listings versions = 3.5.19...

PT-2026-4075

Name of the Vulnerable Software and Affected Versions Easy Property Listings versions through 3.5.17 Description The software contains a missing authorization issue related to incorrectly configured access control security levels. This allows for potential exploitation of the system...

WordPress Easy Property Listings plugin <= 3.5.20 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by daroo in WordPress Plugin Easy Property Listings versions = 3.5.20...

Linux Distros Unpatched Vulnerability : CVE-2021-20281

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was possible for some users without permission to view other users' full names to do so via the online users block in moodle before 3.10.2, 3.9.5, 3.8.8,...

Linux Distros Unpatched Vulnerability : CVE-2021-20279

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ID number user profile field required additional sanitizing to prevent a stored XSS risk in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17. CVE-2021-20279 Note...

CVE-2024-23832

Mastodon is a free, open-source social network server based on ActivityPub Mastodon allows configuration of LDAP for authentication. Due to insufficient origin validation in all Mastodon, attackers can impersonate and take over any remote account. Every Mastodon version prior to 3.5.17 is...

Mastodon < 3.5.17 Authentication Bypass

According to its self-reported version number, the version of Mastodon running on the remote host is prior to 3.5.17 or 4.0.x prior to 4.0.13 or 4.1.x prior to 4.1.13 or 4.2.x prior to 4.2.5. Therefore, it may be affected by a remote user impersonation and takeover. Note that the scanner has not...

Mastodon Security Vulnerability

Mastodon is an open source social networking server based on ActivityPub. A security vulnerability exists in Mastodon versions prior to 3.5.17, 4.0.13, 4.1.13, and 4.2.5, which stems from the fact that ActivityPub Mastodon allows LDAP to be configured for authentication, but the authentication is...

AZL-31490 CVE-2023-43789 affecting package libXpm for versions less than 3.5.17-1

A vulnerability was found in libXpm where a vulnerability exists due to a boundary condition, a local user can trigger an out-of-bounds read error and read contents of memory on the system...

AZL-31489 CVE-2023-43788 affecting package libXpm for versions less than 3.5.17-1

A vulnerability was found in libXpm due to a boundary condition within the XpmCreateXpmImageFromBuffer function. This flaw allows a local attacker to trigger an out-of-bounds read error and read the contents of memory on the system...

SUSE CVE-2016-4053

Squid 3.x before 3.5.17 and 4.x before 4.0.9 allow remote attackers to obtain sensitive stack layout information via crafted Edge Side Includes ESI responses, related to incorrect use of assert and compiler optimization...

SUSE CVE-2016-4054

Buffer overflow in Squid 3.x before 3.5.17 and 4.x before 4.0.9 allows remote attackers to execute arbitrary code via crafted Edge Side Includes ESI responses...

AZL-13248 CVE-2022-4883 affecting package libXpm for versions less than 3.5.17-1

A flaw was found in libXpm. When processing files with .Z or .gz extensions, the library calls external programs to compress and uncompress files, relying on the PATH environment variable to find these programs, which could allow a malicious user to execute other programs by manipulating the PATH...

AZL-13230 CVE-2022-44617 affecting package libXpm for versions less than 3.5.17-1

A flaw was found in libXpm. When processing a file with width of 0 and a very large height, some parser functions will be called repeatedly and can lead to an infinite loop, resulting in a Denial of Service in the application linked to the library...

CVE-2019-9011

In Pilz PMC programming tool 3.x before 3.5.17 based on CODESYS Development System, an attacker can identify valid usernames...