CVE-2025-15653

Dräger Zeus Infinity Empowered Zeus IE and Zeus RS C500 anesthesia workstations contain a local security vulnerability that allows unauthorized individuals with physical access to compromise software integrity via USB interface manipulation. Attackers can exploit the unprotected USB interfaces to...

CVE-2026-36738

CVE-2026-36738 affects the U-SPEED AC1200 Gigabit Wi‑Fi Router (Model: T18-21K, V1.0). The UART interface is exposed with no authentication/authorization, allowing a physically present attacker to access device functionality unrestrictedly. Documents do not specify affected firmware versions, exp...

CVE-2026-32606

IncusOS is an immutable OS image dedicated to running Incus. Prior to 202603142010, the default configuration of systemd-cryptenroll as used by IncusOS through mkosi allows for an attacker with physical access to the machine to access the encrypted data without requiring any interaction by the...

Apple iOS和Apple iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of the American company Apple. Apple iOS is an operating system developed for mobile devices. Apple iPadOS is an operating system for iPad tablets. Both Apple iOS and Apple iPadOS have security vulnerabilities, which stem from improper management of user...

Beetel 777VR1 Access Control Vulnerability

Beetel 777VR1 is a router produced by the Beetel company. Versions of Beetel 777VR1 starting from 01.00.09/01.00.0955 and earlier have a vulnerability related to access control. This vulnerability stems from the lack of authentication in the UART interface, which may allow physical device attacks...

CVE-2025-64734

Missing Release of Resource after Effective Lifetime CWE-772 in the T21 Reader allows an attacker with physical access to the Reader to perform a denial-of-service attack against that specific reader, preventing cardholders from badging for entry. This issue affects Command Centre Server: 9.30...

Apple iOS和Apple iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of Apple Inc.Apple iOS is an operating system developed for mobile devices.Apple iPadOS is an operating system for iPad tablets.The vulnerabilities exist in Apple iOS versions prior to 26.1 and Apple iPadOS versions prior to 26.1, which could result from an...

EUVD-2020-5206

Malware in sbrugna...

EUVD-2018-9664

Malware in sbrugna...

EUVD-2012-0677

Malware in sbrugna...

EUVD-2018-20908

Malware in sbrugna...

EUVD-2022-33494

Malicious code in bioql PyPI...

EUVD-2024-19192

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-39899

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In all versions of GitLab CE/EE, an attacker with physical access to a user's machine may brute force the user's password via the change password function. Ther...

CVE-2025-3705 OS Command Injection via USB Config Load

A physical attacker with no privileges can gain full control of the affected device due to improper neutralization of special elements used in an OS Command 'OS Command Injection' when loading a config file from a USB drive...

CVE-2022-30124

An improper authentication vulnerability exists in Rocket.Chat Mobile App 4.14.1.22788 that allowed an attacker with physical access to a mobile device to bypass local authentication PIN code...

CVE-2021-3453

Some Lenovo Notebook, ThinkPad, and Lenovo Desktop systems have BIOS modules unprotected by Intel Boot Guard that could allow an attacker with physical access the ability to write to the SPI flash storage...

CVE-2020-12621

The Teamwire application 5.3.0 for Android allows physically proximate attackers to exploit a flaw related to the pass-code component...

UBUNTU-CVE-2025-4382

A flaw was found in systems utilizing LUKS-encrypted disks with GRUB configured for TPM-based auto-decryption. When GRUB is set to automatically decrypt disks using keys stored in the TPM, it reads the decryption key into system memory. If an attacker with physical access can corrupt the underlyi...

CVE-2025-27606

CVE-2025-27606 – Element Android PIN autologout bypass . Element Android (Android Matrix Client) up to version 1.6.32 can fail to log out after a user-entered PIN is wrong beyond the configured limit, enabling a local attacker with physical access to guess the PIN. The issue is fixed in version 1...