star
Products
1- 7 CVEs
Recent CVEs
7| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-45182 | 0.00 | — | 0.01 | Nov 11, 2022 | Pi-Star_DV_Dash (for Pi-Star DV) before 5aa194d mishandles the module parameter. | |||
| CVE-2019-20468 | 0.00 | — | 0.01 | Feb 1, 2021 | An issue was discovered in SeTracker2 for TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. It has unnecessary permissions such as READ_EXTERNAL_STORAGE, WRITE_EXTERNAL_STORAGE, and READ_CONTACTS. | |||
| CVE-2019-20473 | 0.00 | — | 0.00 | Feb 1, 2021 | An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. Any SIM card used with the device cannot have a PIN configured. If a PIN is configured, the device simply produces a "Remove PIN and restart!" message, and cannot be used. This makes it easier for… | |||
| CVE-2019-20471 | 0.00 | — | 0.00 | Feb 1, 2021 | An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. When using the device at initial setup, a default password is used (123456) for administrative purposes. There is no prompt to change this password. Note that this password can be used in… | |||
| CVE-2019-20470 | 0.00 | — | 0.01 | Feb 1, 2021 | An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. It performs actions based on certain SMS commands. This can be used to set up a voice communication channel from the watch to any telephone number, initiated by sending a specific SMS and using the… | |||
| CVE-2007-4134 | 0.00 | — | 0.03 | Aug 30, 2007 | Directory traversal vulnerability in extract.c in star before 1.5a84 allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive. | |||
| CVE-2004-0850 | 0.00 | — | 0.00 | Dec 23, 2004 | Star before 1.5_alpha46 does not drop the effective user ID (euid) before calling external programs, which could allow local users to gain privileges by modifying the RSH environment variable to reference a malicious program. |
- CVE-2022-45182Nov 11, 2022risk 0.00cvss —epss 0.01
Pi-Star_DV_Dash (for Pi-Star DV) before 5aa194d mishandles the module parameter.
- CVE-2019-20468Feb 1, 2021risk 0.00cvss —epss 0.01
An issue was discovered in SeTracker2 for TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. It has unnecessary permissions such as READ_EXTERNAL_STORAGE, WRITE_EXTERNAL_STORAGE, and READ_CONTACTS.
- CVE-2019-20473Feb 1, 2021risk 0.00cvss —epss 0.00
An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. Any SIM card used with the device cannot have a PIN configured. If a PIN is configured, the device simply produces a "Remove PIN and restart!" message, and cannot be used. This makes it easier for…
- CVE-2019-20471Feb 1, 2021risk 0.00cvss —epss 0.00
An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. When using the device at initial setup, a default password is used (123456) for administrative purposes. There is no prompt to change this password. Note that this password can be used in…
- CVE-2019-20470Feb 1, 2021risk 0.00cvss —epss 0.01
An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. It performs actions based on certain SMS commands. This can be used to set up a voice communication channel from the watch to any telephone number, initiated by sending a specific SMS and using the…
- CVE-2007-4134Aug 30, 2007risk 0.00cvss —epss 0.03
Directory traversal vulnerability in extract.c in star before 1.5a84 allows user-assisted remote attackers to overwrite arbitrary files via certain //.. (slash slash dot dot) sequences in directory symlinks in a TAR archive.
- CVE-2004-0850Dec 23, 2004risk 0.00cvss —epss 0.00
Star before 1.5_alpha46 does not drop the effective user ID (euid) before calling external programs, which could allow local users to gain privileges by modifying the RSH environment variable to reference a malicious program.