Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
physical vulnerabilities and exploits
(subscribe to this query)
6.9
CVSSv3
CVE-2020-7323
Authentication Protection Bypass vulnerability in McAfee Endpoint Security (ENS) for Windows before 10.7.0 September 2020 Update allows physical local users to bypass the Windows lock screen via triggering certain detection events while the computer screen is locked and the McTra...
Mcafee Endpoint Security
8.8
CVSSv3
CVE-2020-12138
AMD ATI atillk64.sys 5.11.9.0 allows low-privileged users to interact directly with physical memory by calling one of several driver routines that map physical memory into the virtual address space of the calling process. This could enable low-privileged users to achieve NT AUTHO...
Amd Atillk64 5.11.9.0
NA
CVE-2009-4128
GNU GRand Unified Bootloader (GRUB) 2 1.97 only compares the submitted portion of a password with the actual password, which makes it easier for physically proximate malicious users to conduct brute force attacks and bypass authentication by submitting a password whose length is ...
Gnu Grub 2 1.97
4.2
CVSSv3
CVE-2021-39899
In all versions of GitLab CE/EE, an attacker with physical access to a user’s machine may brute force the user’s password via the change password function. There is a rate limit in place, but the attack may still be conducted by stealing the session id from the physic...
Gitlab Gitlab
7.8
CVSSv3
CVE-2023-21642
Memory corruption in HAB Memory management due to broad system privileges via physical address.
Qualcomm Qam8295p Firmware -
Qualcomm Qca6574au Firmware -
Qualcomm Qca6696 Firmware -
Qualcomm Sa6145p Firmware -
Qualcomm Sa6150p Firmware -
Qualcomm Sa6155p Firmware -
Qualcomm Sa8145p Firmware -
Qualcomm Sa8150p Firmware -
Qualcomm Sa8155p Firmware -
Qualcomm Sa8195p Firmware -
Qualcomm Sa8295p Firmware -
Qualcomm Sa8540p Firmware -
Qualcomm Sa9000p Firmware -
7.8
CVSSv3
CVE-2021-41285
Ballistix MOD Utility up to and including 2.0.2.5 is vulnerable to privilege escalation in the MODAPI.sys driver component. The vulnerability is triggered by sending a specific IOCTL request that allows low-privileged users to directly interact with physical memory via the MmMapI...
Micron Ballistix Memory Overview Display Utility
7.8
CVSSv3
CVE-2021-28685
AsIO2_64.sys and AsIO2_32.sys in ASUS GPUTweak II prior to 2.3.0.3 allow low-privileged users to interact directly with physical memory (by calling one of several driver routines that map physical memory into the virtual address space of the calling process) and to interact with ...
Asus Gputweak Ii
NA
CVE-2024-26795
In the Linux kernel, the following vulnerability has been resolved: riscv: Sparse-Memory/vmemmap out-of-bounds fix Offset vmemmap so that the first page of vmemmap will be mapped to the first page of physical memory in order to ensure that vmemmap’s bounds will be respected...
NA
CVE-2002-0092
CVS prior to 1.10.8 does not properly initialize a global variable, which allows remote malicious users to cause a denial of service (server crash) via the diff capability.
Cvs Cvs
9.8
CVSSv3
CVE-2002-0059
The decompression algorithm in zlib 1.1.3 and previous versions, as used in many different utilities and packages, causes inflateEnd to release certain memory more than once (a "double free"), which may allow local and remote malicious users to execute arbitrary code vi...
Zlib Zlib
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »