Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
physical vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-30903
HP-UX could be exploited locally to create a Denial of Service (DoS) when any physical interface is configured with IPv6/inet6.
Hp Hp-ux
NA
CVE-2023-30704
Improper Authorization vulnerability in Samsung Internet prior to version 22.0.0.35 allows physical attacker access downloaded files in Secret Mode without user authentication.
Samsung Internet
NA
CVE-2024-20871
Improper authorization vulnerability in Samsung Keyboard prior to version One UI 5.1.1 allows physical malicious users to partially bypass the factory reset protection.
NA
CVE-2023-32480
Dell BIOS contains an Improper Input Validation vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability to perform arbitrary code execution.
Dell Alienware M15 R7 Firmware
Dell G15 5510 Firmware
Dell G15 5520 Firmware
Dell Inspiron 14 5410 Firmware
Dell Inspiron 14 5418 Firmware
Dell Inspiron 15 5510 Firmware
Dell Inspiron 15 5518 Firmware
Dell Inspiron 16 7620 2-in-1 Firmware
Dell Inspiron 3520 Firmware
Dell Inspiron 5410 Firmware
Dell Inspiron 5420 Firmware
Dell Inspiron 5620 Firmware
Dell Inspiron 7420 Firmware
Dell Inspiron 7510 Firmware
Dell Inspiron 7610 Firmware
Dell Latitude 3320 Firmware
Dell Latitude 3420 Firmware
Dell Latitude 3430 Firmware
Dell Latitude 3520 Firmware
Dell Latitude 3530 Firmware
Dell Precision 5760 Firmware
Dell Precision 5770 Firmware
NA
CVE-2022-39873
Improper authorization vulnerability in Samsung Internet prior to version 18.0.4.14 allows physical malicious users to add bookmarks in secret mode without user authentication.
Samsung Internet
NA
CVE-2023-21438
Improper logic in HomeScreen prior to SMR Feb-2023 Release 1 allows physical malicious user to access App preview protected by Secure Folder.
Samsung Android 11.0
Samsung Android 12.0
668
VMScore
CVE-2014-1543
Multiple heap-based buffer overflows in the navigator.getGamepads function in the Gamepad API in Mozilla Firefox prior to 30.0 allow remote malicious users to execute arbitrary code by using non-contiguous axes with a (1) physical or (2) virtual Gamepad device.
Mozilla Firefox
187
VMScore
CVE-2022-1955
Session 1.13.0 allows an attacker with physical access to the victim's device to bypass the application's password/pin lock to access user data. This is possible due to lack of adequate security controls to prevent dynamic code manipulation.
Opft Session 1.13.0
409
VMScore
CVE-2019-10928
A vulnerability has been identified in SCALANCE SC-600 (V2.0). An authenticated attacker with access to port 22/tcp as well as physical access to an affected device may trigger the device to allow execution of arbitrary commands. The security vulnerability could be exploited by a...
Siemens Scalance Sc-600 Firmware 2.0
436
VMScore
CVE-2017-15596
An issue exists in Xen 4.4.x up to and including 4.9.x allowing ARM guest OS users to cause a denial of service (prevent physical CPU usage) because of lock mishandling upon detection of an add-to-physmap error.
Xen Xen 4.4.0
Xen Xen 4.4.1
Xen Xen 4.4.4
Xen Xen 4.5.0
Xen Xen 4.5.1
Xen Xen 4.5.2
Xen Xen 4.6.0
Xen Xen 4.7.0
Xen Xen 4.7.2
Xen Xen 4.7.3
Xen Xen 4.8.0
Xen Xen 4.9.0
Xen Xen 4.4.2
Xen Xen 4.5.5
Xen Xen 4.6.2
Xen Xen 4.6.3
Xen Xen 4.8.2
Xen Xen 4.4.3
Xen Xen 4.6.4
Xen Xen 4.6.5
Xen Xen 4.6.6
Xen Xen 4.7.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »