Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
physical vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-20865
Authentication bypass in bootloader prior to SMR May-2024 Release 1 allows physical malicious users to flash arbitrary images.
6.8
CVSSv3
CVE-2019-14715
Verifone Pinpad Payment Terminals allow undocumented physical access to the system via an SBI bootloader memory write operation.
Verifone P400 Firmware -
Verifone P200 Firmware -
Verifone Vx 820 Firmware -
Verifone Vx 805 Firmware -
NA
CVE-2024-20866
Authentication bypass vulnerability in Setupwizard prior to SMR May-2024 Release 1 allows physical malicious users to skip activation step.
NA
CVE-2010-0414
gnome-screensaver prior to 2.28.2 allows physically proximate malicious users to bypass screen locking and access an unattended workstation by moving the mouse position to an external monitor and then disconnecting that monitor.
Gnome Screensaver 2.20.0
Gnome Screensaver 2.20
Gnome Screensaver 2.28.0
Gnome Screensaver 2.26.1
Gnome Screensaver 2.13
Gnome Screensaver
4.6
CVSSv3
CVE-2023-30676
Improper access control vulnerability in Samsung Pass prior to version 4.2.03.1 allows physical malicious users to access data of Samsung Pass.
Samsung Pass
4.3
CVSSv3
CVE-2022-30740
Improper auto-fill algorithm in Samsung Internet prior to version 17.0.1.69 allows physical malicious users to guess stored credit card numbers.
Samsung Internet
NA
CVE-2001-0917
Jakarta Tomcat 4.0.1 allows remote malicious users to reveal physical path information by requesting a long URL with a .JSP extension.
Apache Tomcat 4.0.1
7.8
CVSSv3
CVE-2017-20002
The Debian shadow package prior to 1:4.5-1 for Shadow incorrectly lists pts/0 and pts/1 as physical terminals in /etc/securetty. This allows local users to login as password-less users even if they are connected by non-physical means such as SSH (hence bypassing PAM's nullok...
Debian Shadow 4.4
Debian Debian Linux 9.0
2.4
CVSSv3
CVE-2022-36876
Improper authorization in UPI payment in Samsung Pass prior to version 4.0.04.10 allows physical malicious users to access account list without authentication.
Samsung Samsung Pass
3.3
CVSSv3
CVE-2019-0174
Logic condition in specific microprocessors may allow an authenticated user to potentially enable partial physical address information disclosure via local access.
Intel I9-9900x Firmware -
Intel I9-9920x Firmware -
Intel I9-9960x Firmware -
Intel I9-9980xe Firmware -
Intel I9-9940x Firmware -
Intel I9-7960x Firmware -
Intel I9-7980xe Firmware -
Intel I9-7940x Firmware -
Intel I9-7920x Firmware -
Intel I9-7900x Firmware -
Intel I7-7820x Firmware -
Intel I7-7800x Firmware -
Intel I5-4422e Firmware -
Intel I5-4410e Firmware -
Intel I5-4402ec Firmware -
Intel I5-4402e Firmware -
Intel I5-4400e Firmware -
Intel I5-4460t Firmware -
Intel I5-4460s Firmware -
Intel I5-4460 Firmware -
Intel I5-4440s Firmware -
Intel I5-4440 Firmware -
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »