Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
physical vulnerabilities and exploits
(subscribe to this query)
5.3
CVSSv3
CVE-2018-0416
A vulnerability in the web-based interface of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote malicious user to view system information that under normal circumstances should be prohibited. The vulnerability is due to incomplete input and valid...
Cisco Wireless Lan Controller Software 8.9\\(1.52\\)
Cisco Wireless Lan Controller Software 8.5\\(130.0\\)
6.5
CVSSv3
CVE-2018-0284
A vulnerability in the local status page functionality of the Cisco Meraki MR, MS, MX, Z1, and Z3 product lines could allow an authenticated, remote malicious user to modify device configuration files. The vulnerability occurs when handling requests to the local status page. An e...
Cisco Meraki Mr 24 Firmware
Cisco Meraki Mr 25 Firmware
Cisco Meraki Ms 10 Firmware
Cisco Meraki Ms 9 Firmware
Cisco Meraki Mx 15 Firmware
Cisco Meraki Mx 14 Firmware
Cisco Meraki Mx 13 Firmware
9.8
CVSSv3
CVE-2016-6406
Cisco IronPort AsyncOS 9.1.2-023, 9.1.2-028, 9.1.2-036, 9.7.2-046, 9.7.2-047, 9.7.2-054, 10.0.0-124, and 10.0.0-125 on Email Security Appliance (ESA) devices, when Enrollment Client prior to 1.0.2-065 is installed, allows remote malicious users to obtain root access via a connect...
Cisco Email Security Appliance Firmware 9.1.2-036
Cisco Email Security Appliance Firmware 9.7.2-046
Cisco Email Security Appliance Firmware 10.0.0-124
Cisco Email Security Appliance Firmware 10.0.0-125
Cisco Email Security Appliance Firmware 9.1.2-023
Cisco Email Security Appliance Firmware 9.1.2-028
Cisco Email Security Appliance Firmware 9.7.2-047
Cisco Email Security Appliance Firmware 9.7.2-054
7.4
CVSSv3
CVE-2020-3577
A vulnerability in the ingress packet processing path of Cisco Firepower Threat Defense (FTD) Software for interfaces that are configured either as Inline Pair or in Passive mode could allow an unauthenticated, adjacent malicious user to cause a denial of service (DoS) condition....
Cisco Firepower Threat Defense
4.6
CVSSv3
CVE-2024-20827
Improper access control vulnerability in Samsung Gallery prior to version 14.5.04.4 allows physical malicious users to access the picture using physical keyboard on the lockscreen.
Samsung Gallery
6.8
CVSSv3
CVE-2020-7207
A local elevation of privilege using physical access security vulnerability was found in HPE Proliant Gen10 Servers using Intel Innovation Engine (IE). This attack requires a physical attack to the server motherboard. To mitigate this issue, ensure your server is always physicall...
Hp Apollo 2000 Firmware -
Hp Apollo 4200 Gen10 Firmware -
Hp Apollo 4500 Firmware -
Hp Proliant Xl230k Gen10 Firmware -
Hp Proliant Xl270d Gen10 Firmware -
Hp Proliant Bl460c Gen10 Firmware -
Hp Proliant Dl120 Gen10 Firmware -
Hp Proliant Dl160 Gen10 Firmware -
Hp Proliant Dl180 Gen10 Firmware -
Hp Proliant Dl360 Gen10 Firmware -
Hp Proliant Dl380 Gen10 Firmware -
Hp Proliant Dl560 Gen10 Firmware -
Hp Proliant Dl580 Gen10 Firmware -
Hp Proliant Ml110 Gen10 Firmware -
Hp Proliant Ml350 Gen10 Firmware -
Hp Synergy 480 Gen10 Firmware -
Hp Synergy 660 Gen10 Firmware -
Hp Proliant E910 Firmware -
Hp Proliant Xl170r Gen10 Firmware -
Hp Proliant Xl190r Gen10 Firmware -
Hp Proliant Xl450 Gen10 Firmware -
6.8
CVSSv3
CVE-2020-13468
Gigadevice GD32F130 devices allow physical malicious users to escalate their debug interface permissions via fault injection into inter-IC bonding wires (which have insufficient physical protection).
Gigadevice Gd32f130 Firmware -
NA
CVE-2000-0759
Jakarta Tomcat 3.1 under Apache reveals physical path information when a remote attacker requests a URL that does not exist, which generates an error message that includes the physical path.
Apache Tomcat 3.1
1 EDB exploit
5.2
CVSSv3
CVE-2023-47262
The startup process and device configurations of the Abbott ID NOW device, before v7.1, can be interrupted and/or modified via physical access to an internal serial port. Direct physical access is required to exploit.
Abbott Id Now Firmware
6.4
CVSSv3
CVE-2020-11230
Potential arbitrary memory corruption when the qseecom driver updates ion physical addresses in the buffer as it exposes a physical address to user land in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
Qualcomm Aqt1000 Firmware -
Qualcomm Fsm10055 Firmware -
Qualcomm Pm3003a Firmware -
Qualcomm Pm7150a Firmware -
Qualcomm Pm7150l Firmware -
Qualcomm Pm7250 Firmware -
Qualcomm Pm7250b Firmware -
Qualcomm Pm7350c Firmware -
Qualcomm Pm8004 Firmware -
Qualcomm Pm8008 Firmware -
Qualcomm Pm8009 Firmware -
Qualcomm Pm8150a Firmware -
Qualcomm Pm8150b Firmware -
Qualcomm Pm8150c Firmware -
Qualcomm Pm8150l Firmware -
Qualcomm Pm8250 Firmware -
Qualcomm Pm8350 Firmware -
Qualcomm Pm8350b Firmware -
Qualcomm Pm8350bh Firmware -
Qualcomm Pm8350bhs Firmware -
Qualcomm Pm8350c Firmware -
Qualcomm Pm855 Firmware -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48693
CVE-2024-30851
CVE-2024-34460
CVE-2024-2887
local
CVE-2024-27956
remote code execution
CVE-2024-34475
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »