CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2020/09/08 10:15 a.m.•11 views

CVE-2020-3644

u'Information disclosure issue occurs as in current logic Secure Touch session is released without terminating display session' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music,...

5.5CVSS5.6AI score0.00212EPSS

NVD•added 2020/09/08 10:15 a.m.•17 views

CVE-2020-3666

u'Out of bounds memory access during memory copy while processing Host command' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdrago...

7.8CVSS7.8AI score0.00212EPSS

NVD•added 2020/09/08 10:15 a.m.•14 views

CVE-2020-3621

u'Lack of check to ensure that the TX read index & RX write index that are read from shared memory are less than the FIFO size results into memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics...

5.5CVSS5.7AI score0.0022EPSS

NVD•added 2020/09/08 10:15 a.m.•17 views

CVE-2020-11120

u'Calling thread may free the data buffer pointer that was passed to the callback and later when event loop executes the callback, data buffer may not be valid and will lead to use after free scenario' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT,...

7.8CVSS7.9AI score0.0019EPSS

NVD•added 2020/09/08 10:15 a.m.•16 views

CVE-2019-14117

u'Whenever the page list is updated via privileged user, the previous list elements are freed but are not deleted from the list which results in a use after free causing an unhandled page fault exception in rmnet driver' in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdrago...

7.8CVSS7.8AI score0.00203EPSS

NVD•added 2020/09/08 10:15 a.m.•20 views

CVE-2019-14065

u'Pointer double free in HavenSvc due to not setting the pointer to NULL after freeing it' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8098,...

7.8CVSS7.8AI score0.00211EPSS

NVD•added 2020/09/08 10:15 a.m.•16 views

CVE-2019-14089

u'Keymaster attestation key and device IDs provisioning which is a one time process is incorrectly allowed to be re-provisioned after a user data erase or a factory reset' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voi...

7.8CVSS7.7AI score0.0016EPSS

NVD•added 2020/09/08 10:15 a.m.•25 views

CVE-2019-10562

u'Improper authentication and signature verification of debug polices in secure boot loader will allow unverified debug policies to be loaded into secure memory and leads to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon...

7.8CVSS7.8AI score0.00158EPSS

Prion•added 2020/09/08 10:15 a.m.•15 views

Out-of-bounds

u'Possible out of bound array write in rxdco cal utility due to lack of array bound check' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MSM8998, QCS605, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SXR1130...

4.6CVSS7.7AI score0.0019EPSS

4.6CVSS7.7AI score0.00213EPSS

Improper access control

u'XBL SEC clears only ZI region when loading Qualcomm-signed segments can lead to improper access issue' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in APQ8098, Kamorta, MSM8998, QCS404, QCS605, SDA66...

Prion•added 2020/09/08 10:15 a.m.•15 views

Code injection

u'Resizing the usage table header before passing all the checks leads to the function exiting with a usage table in invalid state when a HLOS adversary calls the function with wrong input' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and...

7.2CVSS7.7AI score0.00204EPSS

10CVSS9.5AI score0.01052EPSS

Buffer overflow

u'Buffer overflow while parsing PMF enabled MCBC frames due to frame length being lesser than what is expected while parsing' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdrag...

7.2CVSS7.6AI score0.0016EPSS

Design/Logic Flaw

9.3CVSS8AI score0.00562EPSS

Race condition

u'Error in UE due to race condition in EPCO handling' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, MDM9205, MDM9206, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, SDM450, SM8150...

CVE•added 2020/09/08 9:31 a.m.•224 views

CVE-2020-3702

CVE-2020-3702 affects the Linux kernel (ath9k wireless driver) and can lead to information disclosure via specially crafted WLAN traffic. Multiple connected sources confirm the flaw in the Atheros IEEE 802.11n chipsets driver and its potential for information leakage. Debian LTS advisories (DSA-4...

6.5CVSS6.9AI score0.00343EPSS

Exploits0References5Affected Software1

Debian CVE•added 2020/09/08 9:31 a.m.•45 views

CVE-2020-3702

u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivit...

6.5CVSS6.6AI score0.00343EPSS

Exploits0

Cvelist•added 2020/09/08 9:31 a.m.•21 views

CVE-2020-3666

7.8AI score0.00212EPSS