Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
physical vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2004-1038
A design error in the IEEE1394 specification allows attackers with physical access to a device to read and write to sensitive memory using a modified FireWire/IEEE 1394 client, thus bypassing intended restrictions that would normally require greater degrees of physical access to ...
Ieee Firewire Ieee 1394
6.8
CVSSv3
CVE-2018-17534
Teltonika RUT9XX routers with firmware prior to 00.04.233 provide a root terminal on a serial interface without proper access control. This allows attackers with physical access to execute arbitrary commands with root privileges.
Teltonika Rut900 Firmware
Teltonika Rut950 Firmware
Teltonika Rut955 Firmware
6.8
CVSSv3
CVE-2021-33150
Hardware allows activation of test or debug logic at runtime for some Intel(R) Trace Hub instances which may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
Intel Core I7-6700k -
Intel Atom C2750 -
Intel Xeon D-2141i -
Intel Xeon D-2177nt -
Intel Xeon D-2161i -
Intel Xeon D-2143it -
Intel Xeon D-2146nt -
Intel Xeon D-2145nt -
Intel Xeon D-2123it -
Intel Xeon D-2173it -
Intel Xeon D-2187nt -
Intel Xeon D-2142it -
Intel Xeon D-2163it -
Intel Xeon D-2183it -
Intel Xeon D-2166nt -
Intel Celeron J4005 -
Intel Celeron N4000 -
Intel Celeron J4105 -
Intel Celeron J3355 -
Intel Celeron J3455 -
Intel Celeron J3060 -
Intel Celeron J3160 -
1 Article
6.8
CVSSv3
CVE-2023-30560
The configuration from the PCU can be modified without authentication using physical connection to the PCU.
Bd Alaris 8015 Pcu Firmware
6.8
CVSSv3
CVE-2023-42554
Improper Authentication vulnerabiity in Samsung Pass prior to version 4.3.00.17 allows physical malicious users to bypass authentication.
Samsung Pass
NA
CVE-1999-0348
IIS ASP caching problem releases sensitive information when two virtual servers share the same physical directory.
Microsoft Internet Information Server 4.0
6.6
CVSSv3
CVE-2019-14716
Verifone VerixV Pinpad Payment Terminals with QT000530 have an undocumented physical access mode (aka VerixV shell.out).
Verifone Verix Os Qt000530
5.3
CVSSv3
CVE-2018-10219
baijiacms V3 has physical path leakage via an index.php?mod=mobile&name=member&do=index request.
Baijiacms Project Baijiacms 3.0
NA
CVE-2010-0414
gnome-screensaver prior to 2.28.2 allows physically proximate malicious users to bypass screen locking and access an unattended workstation by moving the mouse position to an external monitor and then disconnecting that monitor.
Gnome Screensaver 2.20.0
Gnome Screensaver 2.20
Gnome Screensaver 2.28.0
Gnome Screensaver 2.26.1
Gnome Screensaver 2.13
Gnome Screensaver
6.8
CVSSv3
CVE-2020-28096
FOSCAM FHD X1 1.14.2.4 devices allow attackers (with physical UART access) to login via the ipc.fos~ password.
Foscammall Foscam X1 Firmware 1.14.2.4
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »