DEBIAN-CVE-2022-24792

PJSIP is a free and open source multimedia communication library written in C. A denial-of-service vulnerability affects applications on a 32-bit systems that use PJSIP versions 2.12 and prior to play/read invalid WAV files. The vulnerability occurs when reading WAV file data chunks with length...

BeerHolderBot (>=0.3.1 <=0.3.8), a2kit (>=0.1.0 <=2.0.6) +682 more potentially affected by unknown CVE via json (>=0.10.3 <=0.9.1)

json CARGO version =0.10.3, =0.3.1, =0.1.0, =0.0.2, =0.0.1, =0.1.0, =7.0.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.9.0, =0.9.3 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2022-0081...

@adobe/parliament-ui-components (>=4.6.0 <=5.2.5), @apibrew/app (>=1.0.22 <=1.0.23) +44 more potentially affected by unknown CVE via swagger-ui-react (>=3.25.0 <=4.19.1)

swagger-ui-react NPM version =3.25.0, =4.6.0, =1.0.22, =1.0.12, =1.0.0, =1.0.22, =1.0.25, =0.0.0-nightly-2020972106, =0.1.1-alpha.19, =0.2.0-alpha.3, =1.0.1, =1.1.0, =0.0.1, =0.0.2, =2.0.0-table.6 and more Source cves: unknown CVE Source advisory: OSV:GHSA-QRMM-W75W-3WPX...

ApacheLogAnonymizer (>=0.1.0 <=0.1.1), Boa (>=0.4.0 <=0.11.0) +13716 more potentially affected by unknown CVE via ansi_term (>=0.10.2 <=0.9.0)

ansiterm CARGO version =0.10.2, =0.1.0, =0.4.0, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.0.2, =0.1.0, =0.1.2 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2021-0139...

@frostoven/alkalurops (>=1.28.2 <=1.28.5), @h5web/app (>=0.1.0-beta.1 <=4.2.0-beta.1) +14 more potentially affected by unknown CVE via d3-color (=3.0.1)

d3-color NPM version =3.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on d3-color and may be impacted: - @frostoven/alkalurops =1.28.2, =0.1.0-beta.1, =0.1.0-beta.0, =0.1.1, =1.0.1, =0.2.0, =0.1.6, =0.1.1, =0.2.0, =0.2.0, =0.0.2, =0.3.0, =0.1.0,...

3h1-ui (>=2.14.41 <=3.0.0-next.258), @abt-desk/apm (>=0.0.1 <=0.33.12) +1248 more potentially affected by unknown CVE via tinymce (>=4.5.1 <=5.5.1)

tinymce NPM version =4.5.1, =2.14.41, =0.0.1, =0.1.0, =0.1.2, =0.3.7, =0.1.7, =0.1.0, =0.0.1, =1.0.0, =0.2.0-0, =1.0.18-beta.8, =1.0.0, =1.2.3-beta.1, =0.1.1, =0.1.11 and more Source cves: unknown CVE Source advisory: OSV:GHSA-H96F-FC7C-9R55...

fabric8-analytics-lsp-server (=0.3.0), graphql-validated-types (>=2.7.0 <=2.11.0) +1 more potentially affected by unknown CVE via semver-regex (>=3.0.0 <=3.1.1)

semver-regex NPM version =3.0.0, =2.7.0, =1.2.0, =1.2.3 Source cves: unknown CVE Source advisory: SNYK:JS-SEMVERREGEX-1047770...

CVE-2020-25281

An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 software. Applications with sensitive security settings such as the package verifier application mishandle unknown-source installations. The LG ID is LVE-SMP-190002 September 2020...

CVE-2020-25281

An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 software. Applications with sensitive security settings such as the package verifier application mishandle unknown-source installations. The LG ID is LVE-SMP-190002 September 2020...

Code injection

An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 software. Applications with sensitive security settings such as the package verifier application mishandle unknown-source installations. The LG ID is LVE-SMP-190002 September 2020...

CVE-2020-25281

An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 software. Applications with sensitive security settings such as the package verifier application mishandle unknown-source installations. The LG ID is LVE-SMP-190002 September 2020...

CVE-2020-25281

The CVE-2020-25281 entry concerns LG mobile devices running Android 7.x–8.1 where apps with sensitive security settings (e.g., the package verifier) mishandle unknown-source installations. Affected component/function relates to the installation pipeline for unknown sources. Underlying impact stat...

@5minds/node-red-dashboard-2-processcube-dynamic-form (>=1.0.25-poc-for-using-dynamic-ui-from-app-sdk-4a73f4-m2ok3vom <=1.0.25-poc-for-using-dynamic-ui-from-app-sdk-d41e60-m2oo8xvq), @5minds/processcube_app_sdk (>=5.1.0-feature-1c1233-lsdsso3l <=8.6.2) +350 more potentially affected by unknown CVE via diagram-js (>=0.18.4 <=1.4.0)

diagram-js NPM version =0.18.4, =1.0.25-poc-for-using-dynamic-ui-from-app-sdk-4a73f4-m2ok3vom, =5.1.0-feature-1c1233-lsdsso3l, =1.2.0, =0.1.0-package-6ccc4e-lyitv9ph, =0.0.2, =1.0.0, =0.0.1, =0.0.1, =1.0.98, =0.0.25, =0.3.0, =1.0.0, =0.0.1-alpha.0, =0.3.0 - @bptlab/openbpt-modeler-bpmn =1.0.0 and...

@ist-group/skolid-client-components (>=0.7.0 <=0.10.2) potentially affected by unknown CVE via personnummer (=2.1.1)

personnummer NPM version =2.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on personnummer and may be impacted: - @ist-group/skolid-client-components =0.7.0, =0.10.2 Source cves: unknown CVE Source advisory: OSV:GHSA-VPGC-7H78-GX8F...

@ambers/helios (>=0.10.0 <=0.13.5), @cloudmosaic/quickstarts (>=1.0.0-rc.0 <=1.0.0-rc.1) +180 more potentially affected by unknown CVE via showdown (>=0.0.1 <=1.9.0)

showdown NPM version =0.0.1, =0.10.0, =1.0.0-rc.0, =1.0.0, =1.0.0-alpha.1, =2.0.0, =0.4.0, =1.6.3, =5.2.1, =0.0.11, =0.0.9, =0.0.2, =1.0.0, =1.0.1, =2.4.3 and more Source cves: unknown CVE Source advisory: OSV:GHSA-H6MQ-3CJ6-H738...

@draadnl/openstad-cms (>=0.12.2 <=0.12.3), apostrophe-personas (>=2.0.0 <=2.2.1) +3 more potentially affected by unknown CVE via apostrophe (>=0.5.393 <=2.227.12)

apostrophe NPM version =0.5.393, =0.12.2, =2.0.0, =0.5.0, =1.0.0, =1.0.2 Source cves: unknown CVE Source advisory: OSV:GHSA-PV6R-VCHH-CXG9...

@mlshv/modern-koa-docs (=3.0.2), app-state-inspector (>=0.1.0 <=0.1.2) +106 more potentially affected by unknown CVE via mithril (>=0.1.24 <=1.1.6)

mithril NPM version =0.1.24, =0.1.0, =0.0.4, =1.0.4-alpha.0, =1.0.4-alpha.0, =1.0.4-alpha.0, =1.0.4-alpha.0, =1.0.4-alpha.1, =1.0.4-alpha.0, =1.0.51, =1.0.0, =0.1.1, =0.6.0, =1.0.0-alpha.2, =1.0.0-alpha.2, =1.0.0-alpha.5 and more Source cves: unknown CVE Source advisory: OSV:GHSA-C3PX-V9C7-M734...

@adamvr/mongration (>=1.0.1 <=1.1.1), @aemcloud/aemcloud-cli (>=0.1.1 <=0.10.8) +2147 more potentially affected by unknown CVE via lodash.merge (>=2.2.1 <=4.6.0)

lodash.merge NPM version =2.2.1, =1.0.1, =0.1.1, =0.70.1, =1.0.1, =2.2.3, =1.3.5, =1.2.2, =0.1.0-18, =1.0.0, =0.0.9, =4.0.0, =1.0.0, =1.0.0-dev-152fa896b5f3eb24fb8b97a28b89f0a83ea5da0f, =1.0.0-dev-a5e815fb69787bead6cfece07fba686b91ed3d3a and more Source cves: unknown CVE Source advisory:...

@apok/admin (>=0.1.1-e <=0.1.1-i), @apok/admin-components-bulma (>=1.0.0 <=1.0.1-rc.12) +61 more potentially affected by unknown CVE via buefy (>=0.3.2 <=0.7.10)

buefy NPM version =0.3.2, =0.1.1-e, =1.0.0, =0.0.2, =0.1.47, =0.0.1, =0.1.0, =0.1.78, =1.0.0, =1.0.2 and more Source cves: unknown CVE Source advisory: OSV:GHSA-XWQW-RF2Q-XMHF...

Mysterious malware that re-installs itself infected over 45,000 Android Phones

Over the past few months, hundreds of Android users have been complaining online of a new piece of mysterious malware that hides on the infected devices and can reportedly reinstall itself even after users delete it, or factory reset their devices. Dubbed Xhelper , the malware has already infecte...