3786 matches found
Command injection
Firmware is getting into loop of overwriting memory when scan command is given from host because of improper validation. in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ807...
Design/Logic Flaw
Position determination accuracy may be degraded due to wrongly decoded information in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9615,...
Null pointer dereference
Null pointer dereference during secure application termination using specific application ids. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &...
Design/Logic Flaw
IOMMU page fault while playing h265 video file leads to denial of service issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, QCS605, Qualcomm 215,...
Security feature bypass
Possibility of out-of-bound read if id received from SPI is not in range of FIFO in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, MSM8909W,...
CVE-2019-2346
Firmware is getting into loop of overwriting memory when scan command is given from host because of improper validation. in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ807...
CVE-2019-2346
CVE-2019-2346 affects Qualcomm Snapdragon family firmware (Snapdragon Compute, Snapdragon Consumer IoT, Industrial IoT, Mobile, Voice & Music, Wired Infrastructure/Networking) impacting IPQ8074, QCA8081, QCS404/QCS405/QCS605 and various SD/SDM platforms. Description: a memory overwrite loop trigg...
CVE-2019-2343
The CVE-2019-2343 entry concerns out-of-bounds reads and information disclosure in firmware due to insufficient checking of an embedded structure that can be sent from a kernel driver within Qualcomm Snapdragon firmware across numerous SoCs and platforms (Snapdragon Auto, Compute, Connectivity, C...
CVE-2019-2327
Possible buffer overflow can occur when playing clip with incorrect element size in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650,...
CVE-2019-2334
Null pointer dereferencing can happen when playing the clip with wrong block group id in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650...
CVE-2019-2298
CVE-2019-2298 describes a protection gap when accessing MD sessions info via a macro, which can cause a use-after-free in a wide range of Qualcomm Snapdragon platforms (e.g., Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, Mobile, Voice & Music, Wearables) and a long list of supported sil...
CVE-2019-2298
Protection is missing while accessing md sessions info via macro which can lead to use-after-free in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640,...
CVE-2019-2327
CVE-2019-2327 describes a possible buffer overflow when playing a clip with an incorrect element size affecting a wide range of Qualcomm Snapdragon platforms (Snapdragon Auto, Compute, Consumer IoT, Industrial IoT, IoT, Mobile, Voice & Music, Wearables, and related SDM/SD/ Snapdragon families). T...
CVE-2019-2281
CVE-2019-2281 describes an unauthenticated bitmap image loading vulnerability that can lead to execution of unverified code in Qualcomm Snapdragon platforms. The incident is triggered by loading a bitmap into memory, potentially enabling local code execution with high impact (confidentiality, int...
CVE-2019-2322
CVE-2019-2322 is a buffer overflow vulnerability in Qualcomm Snapdragon media playback paths affecting a wide range of Snapdragon SoCs and product lines (e.g., Snapdragon Auto/Compute/Connectivity, Snapdragon Mobile, Media frameworks). The issue occurs when playing a specific non-standard clip, e...
CVE-2019-2273
CVE-2019-2273: IOMMU page fault when playing H.265 video files causes denial of service on Qualcomm Snapdragon platforms (e.g., Snapdragon Auto/Compute/Connectivity/IoT, Mobile, Wearables) across listed SoCs (MSM8909W, QCS605, SD 210/212/205, SD 425/427/430/435/439/ SD 429, SD 450, SD 625/650/652...
CVE-2019-2238
Lack of check of data type can lead to subsequent loop-expression potentially go negative and the condition will still evaluate to true leading to buffer underflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial...
CVE-2019-2238
CVE-2019-2238 affects Qualcomm Snapdragon platforms (wide range of Snapdragon Auto/Compute/Connectivity/IOT/Industrial IOT and related SoCs) where a missing data-type check can cause a loop to evaluate true with a potentially negative index, leading to a buffer underflow. CVSS metrics in NVD indi...
CVE-2019-2236
Null pointer dereference during secure application termination using specific application ids. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &...
CVE-2018-13924
Lack of check to prevent the buffer length taking negative values can lead to stack overflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music,...