Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
physical vulnerabilities and exploits
(subscribe to this query)
2.4
CVSSv3
CVE-2022-36857
Improper Authorization vulnerability in Photo Editor prior to SMR Sep-2022 Release 1 allows physical malicious users to read internal application data.
Google Android 11.0
Samsung Photo Editor
6.8
CVSSv3
CVE-2023-42575
Improper Authentication vulnerability in Samsung Pass prior to version 4.3.00.17 allows physical malicious users to bypass authentication due to invalid flag setting.
Samsung Pass
4.6
CVSSv3
CVE-2022-46752
Dell BIOS contains an Improper Authorization vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability, leading to denial of service.
Dell Inspiron 14 Plus 7420 Firmware
Dell Inspiron 14 Plus 7620 Firmware
Dell Inspiron 3511 Firmware
Dell Inspiron 3520 Firmware
Dell Inspiron 5310 Firmware
Dell Inspiron 5320 Firmware
Dell Inspiron 5410 Firmware
Dell Inspiron 5420 Firmware
Dell Inspiron 5510 Firmware
Dell Inspiron 5620 Firmware
Dell Inspiron 7420 Firmware
Dell Inspiron 7510 Firmware
Dell Inspiron 7610 Firmware
Dell Inspiron 7620 Firmware
Dell Latitude 3140 Firmware
Dell Latitude 3320 Firmware
Dell Latitude 3330 Firmware
Dell Latitude 3420 Firmware
Dell Latitude 3430 Firmware
Dell Latitude 3520 Firmware
Dell Latitude 3530 Firmware
Dell Latitude 5330 Firmware
5.3
CVSSv3
CVE-2021-25809
UCMS 1.5.0 exists to contain a physical path leakage via an error message returned by the adminchannelscache() function in top.php.
Ucms Project Ucms 1.5.0
2.4
CVSSv3
CVE-2022-36876
Improper authorization in UPI payment in Samsung Pass prior to version 4.0.04.10 allows physical malicious users to access account list without authentication.
Samsung Samsung Pass
5.9
CVSSv3
CVE-2019-12904
In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. (The C implementation is used on platforms where an assembly-language implementation is unavailable.) NOTE: the ven...
Gnupg Libgcrypt 1.8.4
Opensuse Leap 15.0
NA
CVE-1999-0334
In Solaris 2.2 and 2.3, when fsck fails on startup, it allows a local user with physical access to obtain root access.
Sun Solaris
Sun Sunos 5.0
2.4
CVSSv3
CVE-2023-21438
Improper logic in HomeScreen prior to SMR Feb-2023 Release 1 allows physical malicious user to access App preview protected by Secure Folder.
Samsung Android 11.0
Samsung Android 12.0
4.6
CVSSv3
CVE-2022-24001
Information disclosure vulnerability in Edge Panel prior to Android S(12) allows physical malicious users to access screenshot in clipboard via Edge Panel.
Google Android 12.0
4.6
CVSSv3
CVE-2023-30704
Improper Authorization vulnerability in Samsung Internet prior to version 22.0.0.35 allows physical attacker access downloaded files in Secret Mode without user authentication.
Samsung Internet
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »