Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
physical vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2002-0092
CVS prior to 1.10.8 does not properly initialize a global variable, which allows remote malicious users to cause a denial of service (server crash) via the diff capability.
Cvs Cvs
NA
CVE-2023-47262
The startup process and device configurations of the Abbott ID NOW device, before v7.1, can be interrupted and/or modified via physical access to an internal serial port. Direct physical access is required to exploit.
Abbott Id Now Firmware
392
VMScore
CVE-2020-11230
Potential arbitrary memory corruption when the qseecom driver updates ion physical addresses in the buffer as it exposes a physical address to user land in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
Qualcomm Aqt1000 Firmware -
Qualcomm Fsm10055 Firmware -
Qualcomm Pm3003a Firmware -
Qualcomm Pm7150a Firmware -
Qualcomm Pm7150l Firmware -
Qualcomm Pm7250 Firmware -
Qualcomm Pm7250b Firmware -
Qualcomm Pm7350c Firmware -
Qualcomm Pm8004 Firmware -
Qualcomm Pm8008 Firmware -
Qualcomm Pm8009 Firmware -
Qualcomm Pm8150a Firmware -
Qualcomm Pm8150b Firmware -
Qualcomm Pm8150c Firmware -
Qualcomm Pm8150l Firmware -
Qualcomm Pm8250 Firmware -
Qualcomm Pm8350 Firmware -
Qualcomm Pm8350b Firmware -
Qualcomm Pm8350bh Firmware -
Qualcomm Pm8350bhs Firmware -
Qualcomm Pm8350c Firmware -
Qualcomm Pm855 Firmware -
NA
CVE-2023-6260
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Brivo ACS100, ACS300 allows OS Command Injection, Bypassing Physical Security.This issue affects ACS100 (Network Adjacent Access), ACS300 (Physical Access): from ...
668
VMScore
CVE-1999-1397
Index Server 2.0 on IIS 4.0 stores physical path information in the ContentIndex\Catalogs subkey of the AllowedPaths registry key, whose permissions allows local and remote users to obtain the physical paths of directories that are being indexed.
Microsoft Index Server 2.0
187
VMScore
CVE-2022-0005
Sensitive information accessible by physical probing of JTAG interface for some Intel(R) Processors with SGX may allow an unprivileged user to potentially enable information disclosure via physical access.
Intel Celeron G5205u Firmware -
Intel Celeron G5305u Firmware -
Intel Celeron G5900 Firmware -
Intel Celeron G5900t Firmware -
Intel Celeron G5905 Firmware -
Intel Celeron G5905t Firmware -
Intel Celeron G5920 Firmware -
Intel Celeron G5925 Firmware -
Intel Celeron N5095 Firmware -
Intel Celeron N5100 Firmware -
Intel Celeron N5105 Firmware -
Intel Core I3-10100 Firmware -
Intel Core I3-10100e Firmware -
Intel Core I3-10100f Firmware -
Intel Core I3-10100t Firmware -
Intel Core I3-10100te Firmware -
Intel Core I3-10100y Firmware -
Intel Core I3-10105 Firmware -
Intel Core I3-10105f Firmware -
Intel Core I3-10105t Firmware -
Intel Core I3-10110u Firmware -
Intel Core I3-10110y Firmware -
641
VMScore
CVE-2022-25213
Improper physical access control and use of hard-coded credentials in /etc/passwd permits an attacker with physical access to obtain a root shell via an unprotected UART port on the device. The same port exposes an unauthenticated Das U-Boot BIOS shell.
Phicomm K2 Firmware
Phicomm K3 Firmware
Phicomm K3c Firmware
Phicomm K2g Firmware
Phicomm K2p Firmware
614
VMScore
CVE-2021-38394
An attacker with physical access to the device can extract the binary that checks for the hardware key and reverse engineer it, which could be used to create a physical duplicate of a valid hardware key. The hardware key allows access to special settings when inserted.
Bostonscientific Zoom Latitude Pogrammer/recorder/monitor 3120 Firmware
409
VMScore
CVE-2019-3621
Authentication protection bypass vulnerability in McAfee Data Loss Prevention (DLPe) for Windows 11.x before 11.3.0 allows physical local user to bypass the Windows lock screen via DLPe processes being killed just prior to the screen being locked or when the screen is locked. The...
Mcafee Data Loss Prevention Endpoint
1 Github repository
169
VMScore
CVE-2021-39899
In all versions of GitLab CE/EE, an attacker with physical access to a user’s machine may brute force the user’s password via the change password function. There is a rate limit in place, but the attack may still be conducted by stealing the session id from the physic...
Gitlab Gitlab
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-0044
client side
CVE-2021-47601
deserialization
CVE-2024-34994
encryption
CVE-2021-47609
CVE-2024-37079
CVE-2024-38608
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »