4758 matches found
CVE-2026-30904
Protection Mechanism Failure in Zoom Workplace for iOS before version 7.0.0 may allow an authenticated user to conduct a disclosure of information via physical access...
CVE-2026-6923
A side-channel attack, which requires a physical presence to the TPM, can lead to extraction of an Elliptic Curve Diffie-Hellman ECDH key...
CVE-2025-4386
Medtronic MyCareLink Patient Monitor has an internal serial interface, which allows an attacker with physical access to access a login prompt via a UART terminal....
CVE-2025-0040
Improper access control between the Joint Test Action Group JTAG and Advanced Extensible Interface AXI could allow an attacker with physical access to read or overwrite the contents of cross-chip debug XCD registers potentially resulting in loss of data integrity or confidentiality...
CVE-2026-40713
Dell ThinOS 10, versions prior to ThinOS10 260210.0765, contain an Improper Access control vulnerability. An unauthenticated attacker with physical access could potentially exploit this vulnerability, leading to Information exposure...
CVE-2026-8990
A user with physical access to a smartphone can bypass authentication mechanism of Kidsview mobile application and grant himself full access to the device owner's account by interacting with application's push notification. This issue was fixed in version 4.4.3...
EUVD-2026-34690
Inappropriate implementation in Enterprise in Google Chrome prior to 149.0.7827.53 allowed a local attacker to perform privilege escalation via physical access to the device. Chromium security severity: Low...
Linux Distros Unpatched Vulnerability : CVE-2026-11229
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Inappropriate implementation in Enterprise in Google Chrome prior to 149.0.7827.53 allowed a local attacker to perform privilege escalation via physical access ...
DEBIAN-CVE-2026-11229
Inappropriate implementation in Enterprise in Google Chrome prior to 149.0.7827.53 allowed a local attacker to perform privilege escalation via physical access to the device. Chromium security severity: Low...
CVE-2026-11229
Inappropriate implementation in Enterprise in Google Chrome prior to 149.0.7827.53 allowed a local attacker to perform privilege escalation via physical access to the device. Chromium security severity: Low...
CVE-2026-11229
CVE-2026-11229 affects Google Chrome (Enterprise) with versions older than 149.0.7827.53. The issue is caused by an inappropriate implementation in Chrome’s Enterprise handling that enables a local attacker with physical access to escalate privileges. The vulnerability is classified as low severi...
CVE-2026-11229
Inappropriate implementation in Enterprise in Google Chrome prior to 149.0.7827.53 allowed a local attacker to perform privilege escalation via physical access to the device. Chromium security severity: Low...
CVE-2026-11229
Inappropriate implementation in Enterprise in Google Chrome prior to 149.0.7827.53 allowed a local attacker to perform privilege escalation via physical access to the device. Chromium security severity: Low...
CVE-2026-11229
Inappropriate implementation in Enterprise in Google Chrome prior to 149.0.7827.53 allowed a local attacker to perform privilege escalation via physical access to the device. Chromium security severity: Low...
CVE-2026-36174
GNCC GP5 v7.1.76 was discovered to store sensitive wireless network information in plaintext during routine operations to the serial console. This issue allows physically-proximate attackers to obtain sensitive information, including network credentials, via monitoring the serial UART interface...
CVE-2026-36175
An issue in the U-Boot component of GNCC GP5 v7.1.76 allows physically-proximate attackers to bypass authentication and gain root access via interrupting the boot sequence and injecting a crafted string into the kernel boot arguments...
CVE-2026-36174
CVE-2026-36174 affects GNCC GP5 v7.1.76, where sensitive wireless network information is stored in plaintext during normal operation and exposed via the serial UART interface. This could allow physically proximate attackers with access to the device’s serial console to recover credentials. The de...
EUVD-2026-34278
An issue in the U-Boot component of GNCC GP5 v7.1.76 allows physically-proximate attackers to bypass authentication and gain root access via interrupting the boot sequence and injecting a crafted string into the kernel boot arguments...
CVE-2026-36176
GNCC GP5 v7.1.76 was discovered to store pre-signed Backblaze B2 upload URLs PUT requests in plaintext to the serial console. This allows physically-proximate attackers to extract these active tokens to perform unauthorized operations via monitoring the serial UART interface...
CVE-2026-36175
An issue in the U-Boot component of GNCC GP5 v7.1.76 allows physically-proximate attackers to bypass authentication and gain root access via interrupting the boot sequence and injecting a crafted string into the kernel boot arguments...