Lucene search
+L

237 matches found

Cvelist
Cvelist
added 2020/09/08 9:31 a.m.33 views

CVE-2019-14119

u'While processing SMCInvoke asynchronous message header, message count is modified leading to a TOCTOU race condition and lead to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon...

7AI score0.00134EPSS
Exploits0References1
CVE
CVE
added 2020/09/08 9:31 a.m.57 views

CVE-2019-14119

CVE-2019-14119 describes a TOCTOU race condition in Snapdragon platforms (Auto, Compute, Connectivity, IoT, Mobile, etc.) triggered while processing the SMCInvoke asynchronous message header. The race modifies the message count and leads to memory corruption, affecting a broad set of Qualcomm/Sna...

7CVSS6.9AI score0.00134EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2020/09/08 9:31 a.m.118 views

CVE-2019-14117

CVE-2019-14117 affects Qualcomm/ Snapdragon drivers (e.g., Bitra, MDM9607, QCS405, Saipan, SC8180X, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130) where a page list update by a privileged user frees elements but does not delete them from the list, causing a use-after-free in the rmnet driver and...

7.8CVSS7.7AI score0.00203EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/09/08 9:31 a.m.37 views

CVE-2019-14089

u'Keymaster attestation key and device IDs provisioning which is a one time process is incorrectly allowed to be re-provisioned after a user data erase or a factory reset' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voi...

7.7AI score0.0016EPSS
Exploits0References1
CVE
CVE
added 2020/09/08 9:31 a.m.62 views

CVE-2019-14089

CVE-2019-14089 affects Qualcomm Snapdragon platforms (Kamorta, Nicobar, QCS404/610, Rennell, SA5x, SC7x, SDX55, SM6x/7x/8x, SXR2130) in multiple Snapdragon families. The vulnerability concerns Keymaster attestation key and device IDs provisioning, a one-time process that is incorrectly allowed to...

7.8CVSS7.6AI score0.0016EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/09/08 9:31 a.m.34 views

CVE-2019-14056

u'Possible integer overflow in API due to lack of check on large oid range count in cert extension field' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in...

7.9AI score0.00203EPSS
Exploits0References1
CVE
CVE
added 2020/09/08 9:31 a.m.68 views

CVE-2019-14065

CVE-2019-14065 is a vulnerability described as a pointer double free in HavenSvc caused by not resetting the freed pointer to NULL. It affects a wide range of Qualcomm-Snapdragon platforms (Snapdragon Auto, Compute, Consumer IoT, Industrial IoT, Mobile, Voice & Music, Wired Networking) across mul...

7.8CVSS7.7AI score0.00211EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2020/09/08 9:31 a.m.51 views

CVE-2019-14025

CVE-2019-14025 affects Snapdragon platforms (e.g., Snapdragon Auto/Compute/Consumer IOT/etc.) where, on a new session creation, an Object is returned that contains TZ addresses and is passed to HLOS as a handle to refer to that session. The underlying issue is that this can cause TZ to jump to an...

5.5CVSS5.6AI score0.00174EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/09/08 9:31 a.m.50 views

CVE-2019-13999

u'Lack of check for integer overflow for round up and addition operations result into memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial...

8.1AI score0.00203EPSS
Exploits0References1
CVE
CVE
added 2020/09/08 9:31 a.m.67 views

CVE-2019-13999

CVE-2019-13999 involves a lack of check for integer overflow during round-up and addition, causing memory corruption and potential information leakage on multiple Qualcomm/Snapdragon platforms. The vulnerability affects a wide range of Snapdragon products (Auto, Compute, Connectivity, Consumer El...

7.8CVSS8AI score0.00203EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/09/08 9:31 a.m.38 views

CVE-2019-10562

u'Improper authentication and signature verification of debug polices in secure boot loader will allow unverified debug policies to be loaded into secure memory and leads to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon...

7.8AI score0.00158EPSS
Exploits0References1
NVD
NVD
added 2020/07/30 12:15 p.m.23 views

CVE-2019-14130

Memory corruption can occurs in trusted application if offset size from HLOS is more than actual mapped buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130...

7.8CVSS8.1AI score0.00199EPSS
Exploits0References2
NVD
NVD
added 2020/07/30 12:15 p.m.25 views

CVE-2019-14100

Register write via debugfs is disabled by default to prevent register writing via debugfs. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9206, MDM9207C, MDM9607, Nicobar, QCS405, SA6155P, SC8180X, SDX5...

7.8CVSS7.7AI score0.00199EPSS
Exploits0References2
NVD
NVD
added 2020/07/30 12:15 p.m.24 views

CVE-2019-14123

Possible buffer overflow and over read possible due to missing bounds checks for fixed limits if we consider widevine HLOS client as non-trustable in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, Rennell, SC7180, SDX55,...

7.8CVSS7.9AI score0.00198EPSS
Exploits0References2
NVD
NVD
added 2020/07/30 12:15 p.m.26 views

CVE-2019-14124

Memory failure in content protection module due to not having pointer within the scope in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130...

7.8CVSS7.7AI score0.00199EPSS
Exploits0References2
Prion
Prion
added 2020/07/30 12:15 p.m.25 views

Design/Logic Flaw

Memory failure in content protection module due to not having pointer within the scope in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130...

4.6CVSS7.7AI score0.00199EPSS
Exploits0References2
Prion
Prion
added 2020/07/30 12:15 p.m.25 views

Memory corruption

Memory corruption can occurs in trusted application if offset size from HLOS is more than actual mapped buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130...

4.6CVSS8AI score0.00199EPSS
Exploits0References2
Prion
Prion
added 2020/07/30 12:15 p.m.17 views

Buffer overflow

Device misbehavior may be observed when incorrect offset, length or number of buffers is passed by user space in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8053, MDM9206, MDM9207C...

4.6CVSS8.3AI score0.00199EPSS
Exploits0References2
Prion
Prion
added 2020/07/30 12:15 p.m.26 views

Command injection

Out of bounds read can happen in diag event set mask command handler when user provided length in the command request is less than expected length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon...

3.6CVSS7.3AI score0.00186EPSS
Exploits0References2
Prion
Prion
added 2020/07/30 12:15 p.m.25 views

Design/Logic Flaw

When kernel thread unregistered listener, Use after free issue happened as the listener clients private data has been already freed in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in...

4.6CVSS7.9AI score0.00199EPSS
Exploits0References2
Rows per page
Query Builder