aij (>=1.0.14 <=1.2.10), aiotube (>=1.2.0 <=1.2.2) +357 more potentially affected by unknown CVE via youtube-dl (>=2015.9.22 <=2021.6.6)

youtube-dl PYPI version =2015.9.22, =1.0.14, =1.2.0, =0.0.1, =1.3.0, =0.1.0, =0.0.4, =0.0.1b1, =2.1.2, =0.4.6, =1.0.3, =0.0.2, =0.0.3 and more Source cves: unknown CVE Source advisory: SNYK:PYTHON-YOUTUBEDL-10116724...

youtube-dl vulnerable to file system modification and RCE through improper file-extension sanitization

Description This advisory follows the security advisory GHSA-79w7-vh3h-8g4j published by the yt-dlp/yt-dlp project to aid remediation of the issue in the ytdl-org/youtube-dl project. Vulnerability youtube-dl does not limit the extensions of downloaded files, which could lead to arbitrary filename...

Fedora 41 : crosswords-puzzle-sets-xword-dl (2025-90f88da466)

The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-90f88da466 advisory. Update to 0.4.8; Fixes: RHBZ2237964, RHBZ2282129 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that...

Ruby 1.9 dl - Module DL.dlopen Arbitrary Library Access

source: https://www.securityfocus.com/bid/30644/info Ruby is prone to multiple vulnerabilities that can be leveraged to bypass security restrictions or cause a denial of service: - Multiple security-bypass vulnerabilities occur because of errors in the 'safe level' restriction implementation...