Lucene search
K

80 matches found

prion
prion
added 2020/04/16 11:15 a.m.21 views

Integer overflow

While handling the vendor command there is an integer truncation issue that could yield a buffer overflow due to int data type copied to u8 data type in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8096AU,...

4.6CVSS8.2AI score0.00189EPSS
Exploits0References1
cvelist
cvelist
added 2020/04/16 10:46 a.m.24 views

CVE-2019-10624

While handling the vendor command there is an integer truncation issue that could yield a buffer overflow due to int data type copied to u8 data type in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8096AU,...

8.3AI score0.00189EPSS
Exploits0References1
osv
osv
added 2020/03/24 6:15 p.m.5 views

CVE-2019-20539

An issue was discovered on Samsung mobile devices with N7.x, O8.x, and P9.0 Broadcom chipsets software. An out-of-bounds Read in the Wi-Fi vendor command leads to an information leak. The Samsung ID is SVE-2019-14869 November 2019...

5.3CVSS6AI score0.0034EPSS
Exploits0References1
prion
prion
added 2019/11/06 5:15 p.m.19 views

Integer overflow

While processing vendor command which contains corrupted channel count, an integer overflow occurs and finally will lead to heap overflow. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &...

7.5CVSS9.6AI score0.00707EPSS
Exploits0References1
cvelist
cvelist
added 2019/09/30 3:40 p.m.28 views

CVE-2019-10506

While processing QCANL80211VENDORSUBCMDAVOIDFREQUENCY vendor command, driver does not validate the data obtained from the user space which could be invalid and thus leads to an undesired behaviour in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdrago...

8.3AI score0.00192EPSS
Exploits0References1
nvd
nvd
added 2019/06/14 5:29 p.m.25 views

CVE-2018-11934

Possible out of bounds write due to improper input validation while processing DOACS vendor command in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607,...

7.8CVSS7.9AI score0.00198EPSS
Exploits0References1
osv
osv
added 2018/11/06 5:29 p.m.2 views

CVE-2018-9450

In avrcprocvendorcommand of avrcapi.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0...

8.8CVSS6.3AI score0.02739EPSS
Exploits0References2
prion
prion
added 2018/09/18 6:29 p.m.21 views

Buffer overflow

In all android releases Android for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, while processing SETPASSPOINTLIST vendor command HDD does not make sure that the realm string that gets passed by upper-layer is NULL terminated. This may lead to buffer overflow as strlen is...

4.6CVSS7.7AI score0.00202EPSS
Exploits0References3
bdu_fstec
bdu_fstec
added 2018/06/07 12:0 a.m.7 views

The vulnerability of the avrc_pars_vendor_cmd function in the Android operating system allows a hacker to execute arbitrary code within the context of a privileged process.

The vulnerability of the avrcparsvendorcmd function avrcparstg.cc in the Android operating system arises from the execution of an operation outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS6.4AI score0.0188EPSS
Exploits0References3Affected Software1
osv
osv
added 2018/04/04 5:29 p.m.5 views

CVE-2017-13266

In avrcparsvendorcmd of avrcparstg.cc, there is a possible stack corruption due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0,...

9.8CVSS6.3AI score0.0188EPSS
Exploits0References2
osv
osv
added 2018/04/04 4:29 p.m.7 views

CVE-2017-13267

In avrcparsvendorcmd of avrcparstg.cc, there is a possible stack corruption due to a missing bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7.0...

9.8CVSS5.9AI score0.0165EPSS
Exploits0References1
cnvd
cnvd
added 2017/12/06 12:0 a.m.5 views

Google Android Qualcomm Wireless networking information disclosure vulnerability

Android on Google Pixel and Nexus is a Linux-based open source operating system for the Google Pixel and Nexus smartphones developed by Google Inc. and the Open Handset Alliance OHA.Qualcomm Wireless networking is one of the wireless networking components used by Qualcomm. Networking is a Qualcom...

5.3CVSS6.5AI score0.0034EPSS
Exploits0References1
nvd
nvd
added 2017/12/05 5:29 p.m.19 views

CVE-2017-14905

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted cfg80211 vendor command, a buffer over-read can occur...

5.3CVSS5.1AI score0.0034EPSS
Exploits0References1
cvelist
cvelist
added 2017/12/05 5:0 p.m.20 views

CVE-2017-14899

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing the QCANL80211VENDORSUBCMDSETTXPOWERSCALEDECRDB vendor command, in which attribute QCAWLANVENDORATTRTXPOWERSCALEDECRDB contains fewer than 1 byte, a buffer overrun occu...

7.4AI score0.00138EPSS
Exploits0References1
cnvd
cnvd
added 2017/11/20 12:0 a.m.4 views

Android Qualcomm Camera elevation of privilege vulnerability

Android on Google Pixel and Nexus is a Linux-based open source operating system for the Google Pixel and Nexus smartphones developed by Google and the Open Handset Alliance OHA.Qualcomm Camera is a camera program developed by Qualcomm. Qualcomm Camera is a camera program developed by Qualcomm...

7.8CVSS7.3AI score0.00105EPSS
Exploits0References1
prion
prion
added 2017/11/16 10:29 p.m.27 views

Stack overflow

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when processing a specially crafted QCANL80211VENDORSUBCMDENCRYPTIONTEST cfg80211 vendor command a stack-based buffer overflow can occur...

4.6CVSS8.1AI score0.00105EPSS
Exploits0References1
osv
osv
added 2017/10/10 8:29 p.m.5 views

CVE-2017-9715

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a vendor command, a buffer over-read can occur...

7.5CVSS6AI score0.00514EPSS
Exploits0References2
osv
osv
added 2017/10/10 8:29 p.m.4 views

CVE-2017-11054

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted cfg80211 vendor command, a buffer over-read can occur...

7.5CVSS6AI score0.00514EPSS
Exploits0References2
osv
osv
added 2017/10/10 8:29 p.m.5 views

CVE-2017-11052

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted QCANL80211VENDORSUBCMDNDP cfg80211 vendor command a buffer over-read can occur...

7.5CVSS6AI score0.00514EPSS
Exploits0References2
osv
osv
added 2017/10/10 8:29 p.m.3 views

CVE-2017-11055

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted QCANL80211VENDORSUBCMDSETWIFICONFIGURATION cfg80211 vendor command, a buffer over-read can occur...

7.5CVSS6AI score0.00514EPSS
Exploits0References2
Rows per page
Query Builder