Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
physical vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2002-1990
Resin 2.0.5 up to and including 2.1.2 allows remote malicious users to reveal physical path information via a URL request for the example Java class file HelloServlet.
Caucho Technology Resin 2.1.2
Caucho Technology Resin 2.0
Caucho Technology Resin 2.1.1
2.1
CVSSv2
CVE-2022-33706
Improper access control vulnerability in Samsung Gallery prior to version 13.1.05.8 allows physical malicious users to access the pictures using S Pen air gesture.
Samsung Samsung Gallery
2.1
CVSSv2
CVE-2019-4351
IBM Maximo Anywhere 7.6.4.0 applications could disclose sensitive information to a user with physical access to the device. IBM X-Force ID: 161493.
Ibm Maximo Anywhere 7.6.4.0
5
CVSSv2
CVE-2019-11626
routers/ajaxRouter.php in doorGets 7.0 has a web site physical path leakage vulnerability, as demonstrated by an ajax/index.php?uri=1234%5c request.
Doorgets Doorgets Cms 7.0
2.1
CVSSv2
CVE-2020-13469
The flash memory readout protection in Gigadevice GD32VF103 devices allows physical malicious users to extract firmware via the debug interface by utilizing the CPU.
Gigadevice Gd32vf103 Firmware -
7.2
CVSSv2
CVE-2020-13471
Apex Microelectronics APM32F103 devices allow physical malicious users to execute arbitrary code via a power glitch and a specific flash patch/breakpoint unit configuration.
Apexmic Apm32f103 Firmware -
2.1
CVSSv2
CVE-2016-0823
The pagemap_open function in fs/proc/task_mmu.c in the Linux kernel prior to 3.19.3, as used in Android 6.0.1 prior to 2016-03-01, allows local users to obtain sensitive physical-address information by reading a pagemap file, aka Android internal bug 25739721.
Google Android 6.0.1
Linux Linux Kernel
7.2
CVSSv2
CVE-2020-11178
Trusted APPS to overwrite the CPZ memory of another use-case as TZ only checks the physical address not overlapping with its memory and its RoT memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon M...
Qualcomm Aqt1000 Firmware -
Qualcomm Ar8031 Firmware -
Qualcomm Ar8035 Firmware -
Qualcomm Csra6620 Firmware -
Qualcomm Csra6640 Firmware -
Qualcomm Csrb31024 Firmware -
Qualcomm Fsm10055 Firmware -
Qualcomm Fsm10056 Firmware -
Qualcomm Mdm9205 Firmware -
Qualcomm Pm3003a Firmware -
Qualcomm Pm4125 Firmware -
Qualcomm Pm456 Firmware -
Qualcomm Pm6125 Firmware -
Qualcomm Pm6150 Firmware -
Qualcomm Pm6150a Firmware -
Qualcomm Pm6150l Firmware -
Qualcomm Pm6250 Firmware -
Qualcomm Pm6350 Firmware -
Qualcomm Pm640a Firmware -
Qualcomm Pm640l Firmware -
Qualcomm Pm640p Firmware -
Qualcomm Pm660 Firmware -
NA
CVE-2023-5078
A vulnerability was reported in some ThinkPad BIOS that could allow a physical or local attacker with elevated privileges to tamper with BIOS firmware.
Lenovo Thinkpad X13 Gen 3 Firmware -
Lenovo Thinkpad S2 Yoga Gen 7 Firmware
Lenovo Thinkpad S2 Yoga Gen 6 Firmware -
Lenovo Thinkpad S2 Gen 8 Firmware -
Lenovo Thinkpad P14s Gen 3 Firmware -
Lenovo Thinkpad P16s Gen 1 Firmware -
Lenovo Thinkpad T14 Gen 3 Firmware -
Lenovo Thinkpad T14s Gen 3 Firmware -
Lenovo Thinkpad T16 Gen 1 Firmware -
Lenovo Thinkpad L14 Gen 3 Firmware
Lenovo Thinkpad L14 Gen 4 Firmware
Lenovo Thinkpad L15 Gen 3 Firmware
Lenovo Thinkpad L15 Gen 4 Firmware
Lenovo Thinkpad L13 Yoga Gen 4 Firmware -
Lenovo Thinkpad L13 Yoga Gen 3 Firmware
Lenovo Thinkpad L13 Yoga Gen 2 Firmware -
Lenovo Thinkpad L13 Gen 4 Firmware -
Lenovo Thinkpad L13 Gen 3 Firmware
Lenovo Thinkpad L13 Gen 2 Firmware -
Lenovo Thinkpad S2 Yoga Gen 8 Firmware -
NA
CVE-2024-20855
Improper access control vulnerability in multitasking framework prior to SMR May-2024 Release 1 allows physical malicious users to access unlocked screen for a while.
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »