Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
physical vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-0414
gnome-screensaver prior to 2.28.2 allows physically proximate malicious users to bypass screen locking and access an unattended workstation by moving the mouse position to an external monitor and then disconnecting that monitor.
Gnome Screensaver 2.20.0
Gnome Screensaver 2.20
Gnome Screensaver 2.28.0
Gnome Screensaver 2.26.1
Gnome Screensaver 2.13
Gnome Screensaver
NA
CVE-2024-20865
Authentication bypass in bootloader prior to SMR May-2024 Release 1 allows physical malicious users to flash arbitrary images.
6.8
CVSSv3
CVE-2019-14715
Verifone Pinpad Payment Terminals allow undocumented physical access to the system via an SBI bootloader memory write operation.
Verifone P400 Firmware -
Verifone P200 Firmware -
Verifone Vx 820 Firmware -
Verifone Vx 805 Firmware -
NA
CVE-2024-20866
Authentication bypass vulnerability in Setupwizard prior to SMR May-2024 Release 1 allows physical malicious users to skip activation step.
NA
CVE-2009-4128
GNU GRand Unified Bootloader (GRUB) 2 1.97 only compares the submitted portion of a password with the actual password, which makes it easier for physically proximate malicious users to conduct brute force attacks and bypass authentication by submitting a password whose length is ...
Gnu Grub 2 1.97
7.8
CVSSv3
CVE-2017-20002
The Debian shadow package prior to 1:4.5-1 for Shadow incorrectly lists pts/0 and pts/1 as physical terminals in /etc/securetty. This allows local users to login as password-less users even if they are connected by non-physical means such as SSH (hence bypassing PAM's nullok...
Debian Shadow 4.4
Debian Debian Linux 9.0
NA
CVE-2001-0917
Jakarta Tomcat 4.0.1 allows remote malicious users to reveal physical path information by requesting a long URL with a .JSP extension.
Apache Tomcat 4.0.1
4.6
CVSSv3
CVE-2023-30676
Improper access control vulnerability in Samsung Pass prior to version 4.2.03.1 allows physical malicious users to access data of Samsung Pass.
Samsung Pass
4.3
CVSSv3
CVE-2022-30740
Improper auto-fill algorithm in Samsung Internet prior to version 17.0.1.69 allows physical malicious users to guess stored credit card numbers.
Samsung Internet
4.6
CVSSv3
CVE-2022-46752
Dell BIOS contains an Improper Authorization vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability, leading to denial of service.
Dell Inspiron 14 Plus 7420 Firmware
Dell Inspiron 14 Plus 7620 Firmware
Dell Inspiron 3511 Firmware
Dell Inspiron 3520 Firmware
Dell Inspiron 5310 Firmware
Dell Inspiron 5320 Firmware
Dell Inspiron 5410 Firmware
Dell Inspiron 5420 Firmware
Dell Inspiron 5510 Firmware
Dell Inspiron 5620 Firmware
Dell Inspiron 7420 Firmware
Dell Inspiron 7510 Firmware
Dell Inspiron 7610 Firmware
Dell Inspiron 7620 Firmware
Dell Latitude 3140 Firmware
Dell Latitude 3320 Firmware
Dell Latitude 3330 Firmware
Dell Latitude 3420 Firmware
Dell Latitude 3430 Firmware
Dell Latitude 3520 Firmware
Dell Latitude 3530 Firmware
Dell Latitude 5330 Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-25525
CVE-2024-4652
CVE-2024-1438
CVE-2024-4671
CVE-2024-34351
arbitrary
CVE-2024-4650
SQL injection
overflow
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »