CVE-2017-2397

An issue was discovered in certain Apple products. iOS before 10.3 is affected. The issue involves the "Accounts" component. It allows physically proximate attackers to discover an Apple ID by reading an iCloud authentication prompt on the lock screen...

CVE-2015-6643

CVE-2015-6643 affects Android Setup Wizard in 5.x (before 5.1.1 LMY49F) and 6.0 (before 2016-01-01). The issue allows a physically proximate attacker to modify device settings or bypass reset protection via the Setup Wizard, indicating an elevation of privilege. Root cause is tied to the Setup Wi...

CVE-2009-4996

The CVE-2009-4996 entry concerns Xfce4-session 4.5.91 in XFCE, where the screen is not locked when the suspend or hibernate button is pressed. This could enable physical access by nearby attackers to an unattended laptop via a resume action; it is described as related to CVE-2010-2532, with debat...

Race condition

Race condition in Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch allows physically proximate attackers to bypass intended passcode requirements, and pair a locked device with a computer and access arbitrary data, via vectors involving the initial boot...

CVE-2010-0285

gnome-screensaver 2.14.3, 2.22.2, 2.27.x, 2.28.0, and 2.28.3, when the X configuration enables the extend screen option, allows physically proximate attackers to bypass screen locking, access an unattended workstation, and view half of the GNOME desktop by attaching an external monitor...

CVE-2010-0221

Kingston DataTraveler BlackBox DTBB, DataTraveler Secure Privacy Edition DTSP, and DataTraveler Elite Privacy Edition DTEP USB flash drives validate passwords with a program running on the host computer rather than the device hardware, which allows physically proximate attackers to access the...

CVE-2010-0221

Kingston DataTraveler BlackBox DTBB, DataTraveler Secure Privacy Edition DTSP, and DataTraveler Elite Privacy Edition DTEP USB flash drives validate passwords with a program running on the host computer rather than the device hardware, which allows physically proximate attackers to access the...

Design/Logic Flaw

The screensharing feature in the Admin application in Apple Xsan before 2.2 places a cleartext username and password in a URL within an error dialog, which allows physically proximate attackers to obtain credentials by reading this dialog...

Mandriva Linux Security Advisory : opensc (MDVSA-2009:089)

OpenSC before 0.11.7 allows physically proximate attackers to bypass intended PIN requirements and read private data objects via a 1 low level APDU command or 2 debugging tool, as demonstrated by reading the 4601 or 4701 file with the opensc-explorer or opensc-tool program. The updated packages f...

CVE-2009-0656

CVE-2009-0656 affects Asus SmartLogon 1.0.0005. The vulnerability allows physically proximate attackers to bypass security functions by presenting an image whose viewpoint matches the posture of a stored user image. This is a local attack with complete confidentiality, integrity, and availability...