Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
physical vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv3
CVE-2023-21489
Heap out-of-bounds write vulnerability in bootloader prior to SMR May-2023 Release 1 allows a physical malicious user to execute arbitrary code.
Samsung Android 11.0
Samsung Android 12.0
Samsung Android 13.0
4.3
CVSSv3
CVE-2022-27841
Improper exception handling in Samsung Pass prior to version 3.7.07.5 allows physical malicious user to view the screen that is previously running without authentication
Samsung Samsung Pass
6.8
CVSSv3
CVE-2022-25832
Improper authentication vulnerability in S Secure prior to SMR Apr-2022 Release 1 allows physical malicious users to use locked Myfiles app without authentication.
Google Android 11.0
Google Android 12.0
5.3
CVSSv3
CVE-2019-11626
routers/ajaxRouter.php in doorGets 7.0 has a web site physical path leakage vulnerability, as demonstrated by an ajax/index.php?uri=1234%5c request.
Doorgets Doorgets Cms 7.0
2.4
CVSSv3
CVE-2022-33706
Improper access control vulnerability in Samsung Gallery prior to version 13.1.05.8 allows physical malicious users to access the pictures using S Pen air gesture.
Samsung Samsung Gallery
6.8
CVSSv3
CVE-2020-13465
The security protection in Gigadevice GD32F103 devices allows physical malicious users to redirect the control flow and execute arbitrary code via the debug interface.
Gigadevice Gd32f103 Firmware -
6.8
CVSSv3
CVE-2020-13471
Apex Microelectronics APM32F103 devices allow physical malicious users to execute arbitrary code via a power glitch and a specific flash patch/breakpoint unit configuration.
Apexmic Apm32f103 Firmware -
6.8
CVSSv3
CVE-2023-42561
Heap out-of-bounds write vulnerability in bootloader prior to SMR Dec-2023 Release 1 allows a physical malicious user to execute arbitrary code.
Samsung Android 14.0
Samsung Android
NA
CVE-2002-1990
Resin 2.0.5 up to and including 2.1.2 allows remote malicious users to reveal physical path information via a URL request for the example Java class file HelloServlet.
Caucho Technology Resin 2.1.2
Caucho Technology Resin 2.0
Caucho Technology Resin 2.1.1
NA
CVE-2000-0753
The Microsoft Outlook mail client identifies the physical path of the sender's machine within a winmail.dat attachment to Rich Text Format (RTF) files.
Microsoft Outlook 97
Microsoft Outlook 98
Microsoft Outlook 2000
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »