3 matches found
EUVD-2026-40957
A vulnerability in allegroai/clearml versions up to and including 1.16.5 allows for relative path traversal when extracting .zip archives using the ZipFile.extractall method in StorageManager.extracttocache. This issue arises due to the lack of path traversal validation, enabling an attacker to...
CVE-2026-36340
An issue in Krayin CRM v.2.1.5 and fixed in v.2.1.6 allows a remote attacker to execute arbitrary code via the compose email function...
[SECURITY] new version of zope released
Package: zope Vulnerability type: remote unprivileged access Debian-specific: no On versions of Zope prior to 2.2beta1 it was possible for a user with the ability to edit DTML can gain unauthorized access to extra roles during a request. Debian 2.1 slink did not include zope, and is not vulnerabl...