Lucene search
K

165 matches found

CVE
CVE
added 2019/12/18 5:25 a.m.120 views

CVE-2019-10600

CVE-2019-10600 describes a use-after-scope issue where a local variable is passed as an argument to a netlink callback, causing invalid stack memory when the callback fires. Affected are Snapdragon families across many devices and SoCs (e.g., Snapdragon Auto/Consumer IOT/Industrial IOT, IoT, Mobi...

7.8CVSS7.6AI score0.0022EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/12/18 5:25 a.m.27 views

CVE-2019-10564

Possible OOB issue in EEPROM due to lack of check while accessing memory map array at the time of reading operation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music...

8.3AI score0.00189EPSS
Exploits0References1
CVE
CVE
added 2019/12/18 5:25 a.m.108 views

CVE-2019-10517

CVE-2019-10517 affects a broad set of Qualcomm Snapdragon components. The issue is that memory is freed twice when two concurrent threads execute in parallel, indicating a double-free in memory management. Root cause: concurrent threads triggering a premature or multiple deallocations in affected...

7.8CVSS7.7AI score0.00189EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/12/18 5:25 a.m.101 views

CVE-2019-10516

CVE-2019-10516 is described as multiple read overflows in MM during decoding of service accept/reject and MT detach, affecting a broad list of Qualcomm Snapdragon platforms (e.g., APQ8009, APQ8017, SDM4xx, SM8x, SXR1130, and other Snapdragon lines). Root cause: read overflow in MM when decoding s...

10CVSS9.2AI score0.00907EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/12/18 5:25 a.m.109 views

CVE-2019-10513

CVE-2019-10513 concerns a potential null pointer access when SPDM commands are executed in TrustZone on Qualcomm Snapdragon platforms (covering a wide range of Snapdragon/SoC variants). The vulnerability is locally exploitable and could impact memory availability, with no confidentiality/integrit...

5.5CVSS5.8AI score0.00185EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/12/18 5:25 a.m.110 views

CVE-2019-10480

CVE-2019-10480 describes an out-of-bounds write in the WMI firmware event handler caused by inadequate validation of data from WLAN firmware. Affected are Qualcomm/Snapdragon platforms (e.g., APQ8009, SDM- series, QCS/SC variants) across multiple product families (Auto, Consumer Electronics Conne...

7.8CVSS7.7AI score0.0022EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/12/18 5:25 a.m.29 views

CVE-2019-10480

Out of bound write can happen in WMI firmware event handler due to lack of validation of data received from WLAN firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice &...

7.8AI score0.0022EPSS
Exploits0References1
NVD
NVD
added 2019/12/12 9:15 a.m.30 views

CVE-2019-2288

Out of bound write in TZ while copying the secure dump structure on HLOS provided buffer as a part of memory dump in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired...

7.8CVSS7.9AI score0.00202EPSS
Exploits0References1
NVD
NVD
added 2019/12/12 9:15 a.m.21 views

CVE-2019-10592

Possible integer overflow while multiplying two integers of 32 bit in QDCM API of get display modes as there is no check on the maximum mode count in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...

7.8CVSS8.5AI score0.00189EPSS
Exploits0References1
Prion
Prion
added 2019/12/12 9:15 a.m.19 views

Race condition

Race condition between the camera functions due to lack of resource lock which will lead to memory corruption and UAF issue in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...

4.4CVSS8.7AI score0.00318EPSS
Exploits0References1
Prion
Prion
added 2019/12/12 9:15 a.m.26 views

Design/Logic Flaw

Snapshot of IB can lead to invalid address access due to missing check for size in the related function in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...

4.6CVSS7.7AI score0.00189EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/12/12 8:30 a.m.24 views

CVE-2019-10571

Snapshot of IB can lead to invalid address access due to missing check for size in the related function in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...

7.7AI score0.00189EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/12/12 8:30 a.m.28 views

CVE-2019-10592

Possible integer overflow while multiplying two integers of 32 bit in QDCM API of get display modes as there is no check on the maximum mode count in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...

8.5AI score0.00189EPSS
Exploits0References1
Cvelist
Cvelist
added 2019/12/12 8:30 a.m.34 views

CVE-2019-10555

Buffer overflow can occur due to usage of wrong datatype and missing length check before copying into buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music,...

8.2AI score0.00188EPSS
Exploits0References1
NVD
NVD
added 2019/11/21 3:15 p.m.23 views

CVE-2018-13916

Out-of-bounds memory access in Qurt kernel function when using the identifier to access Qurt kernel buffer to retrieve thread data. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,...

7.8CVSS7.7AI score0.00222EPSS
Exploits0References1
NVD
NVD
added 2019/11/21 3:15 p.m.27 views

CVE-2019-10490

Use after free issue in Xtra daemon shutdown due to static object instance getting freed from a multiple places in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music,...

5.5CVSS6AI score0.0017EPSS
Exploits0References1
Prion
Prion
added 2019/11/21 3:15 p.m.22 views

Memory corruption

Non Secure Kernel can cause Trustzone to do an arbitrary memory read which will result into DOS in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8017,...

2.1CVSS5.7AI score0.0017EPSS
Exploits0References1
Prion
Prion
added 2019/11/21 3:15 p.m.23 views

Information disclosure

Information disclosure due to lack of address range check done on the SysDBG buffers in SDI code. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and...

2.1CVSS5.7AI score0.0019EPSS
Exploits0References1
Prion
Prion
added 2019/11/21 3:15 p.m.23 views

Code injection

SNDCP module may access array out side its boundary when it receives malformed XID message. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053,...

7.5CVSS9.4AI score0.00711EPSS
Exploits0References1
Prion
Prion
added 2019/11/21 3:15 p.m.26 views

Design/Logic Flaw

While invoking the API to copy from fd or local buffer to the secure buffer, Parameters being populated are from non secure environment. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music...

7.2CVSS7.7AI score0.00202EPSS
Exploits0References1
Rows per page
Query Builder