3787 matches found
CVE-2020-11199
HLOS to access EL3 stack canary by just mapping imem region due to Improper access control and can lead to information exposure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice ...
CVE-2020-11190
CVE-2020-11190 describes a buffer over-read when parsing received SDP values caused by a missing NULL termination check in Qualcomm Snapdragon components. The vulnerability affects Qualcomm/Open-source SSDP handling in Snapdragon Auto, Compute, Connectivity, and related Snapdragon lines (includin...
CVE-2020-11189
CVE-2020-11189 is a buffer over-read vulnerability occurring while parsing SDP values due to a missing NULL termination check in Qualcomm Snapdragon components (Auto, Compute, Connectivity, Consumer IoT, Industrial IoT, IoT, Mobile, Voice & Music, Wearables). The issue is triggered by network con...
CVE-2020-11188
Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...
CVE-2020-11186
CVE-2020-11186 affects Qualcomm closed‑source components (Snapdragon Auto/Compute/Connectivity/Mobile). The issue arises from improper validation of input in the Qualcomm/ Snapdragon stack, causing the modem to enter a busy state in an infinite loop while parsing histogram dimension. Impact descr...
CVE-2020-11188
CVE-2020-11188 concerns a buffer over-read during parsing of received SDP values due to a missing NULL termination check in Qualcomm Snapdragon SDP handling across multiple Snapdragon families (Auto, Compute, Connectivity, etc.). The issue stems from the absence of proper NULL termination validat...
CVE-2020-11186
Modem will enter into busy mode in an infinite loop while parsing histogram dimension due to improper validation of input received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile...
Azure LoLBins: Protecting against the dual use of virtual machine extensions
Azure Defender for Resource Manager offers unique protection by automatically monitoring the resource management operations in your organization, whether theyre performed through the Azure portal, Azure REST APIs, Azure CLI, or other Azure programmatic clients. In this blog, we will look into the...
The vulnerability in the web console of the Prisma Cloud Compute security platform allows a hacker to bypass existing security restrictions.
The vulnerability of the web console of the Prisma Cloud Compute security platform is related to errors in verifying the cryptographic signature. Exploiting this vulnerability could allow a malicious actor to circumvent existing security restrictions remotely...
OSV-2021-449 UNKNOWN READ in std::pair<absl::lts_NUMBER_02_25::container_internal::raw_hash_set<absl::lts_NUM
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31393 Crash type: UNKNOWN READ Crash state: std::pair::Compute tensorflow::KernelAndDeviceOp::Run...
CVE-2021-20259
A flaw was found in the Foreman project. The Proxmox compute resource exposes the password through the API to an authenticated local attacker with viewhosts permission. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...
CVE-2020-11297
Denial of service in WLAN module due to improper check of subtypes in logic where excessive frames are dropped in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,...
CVE-2020-3664
Out of bound read access in hypervisor due to an invalid read access attempt by passing invalid addresses in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructu...
CVE-2020-11277
Possible race condition during async fastrpc session after sending RPC message due to the fastrpc ctx gets free during async session in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile...
CVE-2020-11253
Arbitrary memory write issue in video driver while setting the internal buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile...
CVE-2020-11281
Allowing RTT frames to be linked with non randomized MAC address by comparing the sequence numbers can lead to information disclosure. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,...
CVE-2020-11147
Use after free issue in audio modules while removing and freeing objects during list iteration due to incorrect usage of macro in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile...
CVE-2020-11198
Key material used for TZ diag buffer encryption and other data related to log buffer is not wiped securely due to improper usage of memset in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &...
CVE-2020-11163
Possible buffer overflow while updating ikev2 parameters due to lack of check of input validation for certain parameters received from the ePDG server in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile...
CVE-2020-11194
Possible out of bound access in TA while processing a command from NS side due to improper length check of response buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and...