Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
physical vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2010-0414
gnome-screensaver prior to 2.28.2 allows physically proximate malicious users to bypass screen locking and access an unattended workstation by moving the mouse position to an external monitor and then disconnecting that monitor.
Gnome Screensaver 2.20.0
Gnome Screensaver 2.20
Gnome Screensaver 2.28.0
Gnome Screensaver 2.26.1
Gnome Screensaver 2.13
Gnome Screensaver
4.6
CVSSv2
CVE-2019-14715
Verifone Pinpad Payment Terminals allow undocumented physical access to the system via an SBI bootloader memory write operation.
Verifone P400 Firmware -
Verifone P200 Firmware -
Verifone Vx 820 Firmware -
Verifone Vx 805 Firmware -
7.2
CVSSv2
CVE-2009-4128
GNU GRand Unified Bootloader (GRUB) 2 1.97 only compares the submitted portion of a password with the actual password, which makes it easier for physically proximate malicious users to conduct brute force attacks and bypass authentication by submitting a password whose length is ...
Gnu Grub 2 1.97
5
CVSSv2
CVE-2001-0917
Jakarta Tomcat 4.0.1 allows remote malicious users to reveal physical path information by requesting a long URL with a .JSP extension.
Apache Tomcat 4.0.1
2.1
CVSSv2
CVE-2022-30740
Improper auto-fill algorithm in Samsung Internet prior to version 17.0.1.69 allows physical malicious users to guess stored credit card numbers.
Samsung Internet
NA
CVE-2023-30676
Improper access control vulnerability in Samsung Pass prior to version 4.2.03.1 allows physical malicious users to access data of Samsung Pass.
Samsung Pass
4.6
CVSSv2
CVE-2017-20002
The Debian shadow package prior to 1:4.5-1 for Shadow incorrectly lists pts/0 and pts/1 as physical terminals in /etc/securetty. This allows local users to login as password-less users even if they are connected by non-physical means such as SSH (hence bypassing PAM's nullok...
Debian Shadow 4.4
Debian Debian Linux 9.0
NA
CVE-2022-46752
Dell BIOS contains an Improper Authorization vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability, leading to denial of service.
Dell Inspiron 14 Plus 7420 Firmware
Dell Inspiron 14 Plus 7620 Firmware
Dell Inspiron 3511 Firmware
Dell Inspiron 3520 Firmware
Dell Inspiron 5310 Firmware
Dell Inspiron 5320 Firmware
Dell Inspiron 5410 Firmware
Dell Inspiron 5420 Firmware
Dell Inspiron 5510 Firmware
Dell Inspiron 5620 Firmware
Dell Inspiron 7420 Firmware
Dell Inspiron 7510 Firmware
Dell Inspiron 7610 Firmware
Dell Inspiron 7620 Firmware
Dell Latitude 3140 Firmware
Dell Latitude 3320 Firmware
Dell Latitude 3330 Firmware
Dell Latitude 3420 Firmware
Dell Latitude 3430 Firmware
Dell Latitude 3520 Firmware
Dell Latitude 3530 Firmware
Dell Latitude 5330 Firmware
NA
CVE-2022-36876
Improper authorization in UPI payment in Samsung Pass prior to version 4.0.04.10 allows physical malicious users to access account list without authentication.
Samsung Samsung Pass
NA
CVE-2023-42576
Improper Authentication vulnerability in Samsung Pass prior to version 4.3.00.17 allows physical malicious users to bypass authentication due to invalid exception handler.
Samsung Pass
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
administrator privileges
CVE-2024-1579
hardcoded
CVE-2023-20198
CVE-2024-33587
CVE-2024-33449
CVE-2024-4308
HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »