Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-23381PUBLISHED: 2021-04-18This affects all versions of package killing. If attacker-controlled user input is given, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization.
CVE-2021-23374PUBLISHED: 2021-04-18This affects all versions of package ps-visitor. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization.
CVE-2021-23375PUBLISHED: 2021-04-18This affects all versions of package psnode. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization.
CVE-2021-23376PUBLISHED: 2021-04-18This affects all versions of package ffmpegdotjs. If attacker-controlled user input is given to the trimvideo function, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization.
CVE-2021-23377PUBLISHED: 2021-04-18This affects all versions of package onion-oled-js. If attacker-controlled user input is given to the scroll function, it is possible for an attacker to execute arbitrary commands. This is due to use of the child_process exec function without input sanitization.
User Rank: Ninja
2/5/2018 | 7:18:27 PM
Your doctors and the device maker are responsible (in both senses of the word). It's also probable that your device can't be reprogrammed remotely. Interception and misuse of your device's sensor data is technically possible; but hard to imagine anyone wanting to. Contact your doctor, if you need more reasons not to worry about it. -- Wish you well.