Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
physical vulnerabilities and exploits
(subscribe to this query)
187
VMScore
CVE-2022-30730
Improper authorization in Samsung Pass before 1.0.00.33 allows physical malicious users to acess account list without authentication.
Samsung Samsung Pass
641
VMScore
CVE-2009-4128
GNU GRand Unified Bootloader (GRUB) 2 1.97 only compares the submitted portion of a password with the actual password, which makes it easier for physically proximate malicious users to conduct brute force attacks and bypass authentication by submitting a password whose length is ...
Gnu Grub 2 1.97
409
VMScore
CVE-2019-14715
Verifone Pinpad Payment Terminals allow undocumented physical access to the system via an SBI bootloader memory write operation.
Verifone P400 Firmware -
Verifone P200 Firmware -
Verifone Vx 820 Firmware -
Verifone Vx 805 Firmware -
NA
CVE-2024-20865
Authentication bypass in bootloader prior to SMR May-2024 Release 1 allows physical malicious users to flash arbitrary images.
NA
CVE-2024-20866
Authentication bypass vulnerability in Setupwizard prior to SMR May-2024 Release 1 allows physical malicious users to skip activation step.
187
VMScore
CVE-2022-30740
Improper auto-fill algorithm in Samsung Internet prior to version 17.0.1.69 allows physical malicious users to guess stored credit card numbers.
Samsung Internet
NA
CVE-2023-30676
Improper access control vulnerability in Samsung Pass prior to version 4.2.03.1 allows physical malicious users to access data of Samsung Pass.
Samsung Pass
445
VMScore
CVE-2001-0917
Jakarta Tomcat 4.0.1 allows remote malicious users to reveal physical path information by requesting a long URL with a .JSP extension.
Apache Tomcat 4.0.1
409
VMScore
CVE-2017-20002
The Debian shadow package prior to 1:4.5-1 for Shadow incorrectly lists pts/0 and pts/1 as physical terminals in /etc/securetty. This allows local users to login as password-less users even if they are connected by non-physical means such as SSH (hence bypassing PAM's nullok...
Debian Shadow 4.4
Debian Debian Linux 9.0
NA
CVE-2023-42575
Improper Authentication vulnerability in Samsung Pass prior to version 4.3.00.17 allows physical malicious users to bypass authentication due to invalid flag setting.
Samsung Pass
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »