Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
physical vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv3
CVE-2020-13463
The flash memory readout protection in Apex Microelectronics APM32F103 devices allows physical malicious users to extract firmware via the debug interface and exception handling.
Apexmic Apm32f103 Firmware -
4.6
CVSSv3
CVE-2020-13469
The flash memory readout protection in Gigadevice GD32VF103 devices allows physical malicious users to extract firmware via the debug interface by utilizing the CPU.
Gigadevice Gd32vf103 Firmware -
4.6
CVSSv3
CVE-2023-28064
Dell BIOS contains an Out-of-bounds Write vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability, leading to denial of service.
Dell Alienware M15 R6 Firmware
Dell Alienware M15 R7 Firmware
Dell Chengming 3900 Firmware
Dell Chengming 3901 Firmware
Dell G15 5510 Firmware
Dell G15 5511 Firmware
Dell G15 5520 Firmware
Dell Inspiron 14 5418 Firmware
Dell Inspiron 14 5410 Firmware
Dell Inspiron 14 Plus 7420 Firmware
Dell Inspiron 15 3511 Firmware
Dell Inspiron 15 5510 Firmware
Dell Inspiron 15 5518 Firmware
Dell Inspiron 16 7620 2-in-1 Firmware
Dell Inspiron 16 Plus 7620 Firmware
Dell Inspiron 3511 Firmware
Dell Inspiron 3520 Firmware
Dell Inspiron 3891 Firmware
Dell Inspiron 3910 Firmware
Dell Inspiron 5310 Firmware
Dell Inspiron 5320 Firmware
Dell Inspiron 5410 Firmware
4.6
CVSSv3
CVE-2024-20828
Improper authorization verification vulnerability in Samsung Internet prior to version 24.0 allows physical malicious users to access files downloaded in SecretMode without proper authentication.
Samsung Internet
NA
CVE-2002-1990
Resin 2.0.5 up to and including 2.1.2 allows remote malicious users to reveal physical path information via a URL request for the example Java class file HelloServlet.
Caucho Technology Resin 2.1.2
Caucho Technology Resin 2.0
Caucho Technology Resin 2.1.1
NA
CVE-2000-0753
The Microsoft Outlook mail client identifies the physical path of the sender's machine within a winmail.dat attachment to Rich Text Format (RTF) files.
Microsoft Outlook 97
Microsoft Outlook 98
Microsoft Outlook 2000
4.6
CVSSv3
CVE-2019-4351
IBM Maximo Anywhere 7.6.4.0 applications could disclose sensitive information to a user with physical access to the device. IBM X-Force ID: 161493.
Ibm Maximo Anywhere 7.6.4.0
6.8
CVSSv3
CVE-2020-24514
Improper authentication in some Intel(R) RealSense(TM) IDs may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
Intel Realsense Id F450 Firmware -
Intel Realsense Id F455 Firmware -
6.8
CVSSv3
CVE-2020-22007
OS Command Injection vulnerability in OKER G955V1 v1.03.02.20161128, allows physical malicious users to interrupt the boot sequence and execute arbitrary commands with root privileges.
Okerthai G955v1 Firmware 1.03.02.20161128
6.8
CVSSv3
CVE-2023-42561
Heap out-of-bounds write vulnerability in bootloader prior to SMR Dec-2023 Release 1 allows a physical malicious user to execute arbitrary code.
Samsung Android 14.0
Samsung Android
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »