CVE-2019-2275

CVE-2019-2275 centers on a buffer overflow during deserialization of a key blob in Qualcomm Snapdragon firmware (multiple Snapdragon Auto/Compute/Connectivity/Secure elements). The issue arises when key operations are invoked and depends on CVE-2018-13907. Affected components include numerous Sna...

CVE-2019-10565

CVE-2019-10565 describes a double-free vulnerability in Snapdragon socs (Snapdragon Auto/Compute/CS/IoT/Wearables, etc.) where freeing sensor power settings in one thread while another accesses the object can corrupt memory. Affected components include APQ8053, MDM92xx, SDM845, QCS605/SDX24, SXR1...

CVE-2019-10542

Buffer over-read may occur when downloading a corrupted firmware file that has chunk length in header which doesnt match the contents in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music i...

yic-electronics.pt Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-991978 Security Researcher metamorfosec Helped patch 1983 vulnerabilities Received 9 Coordinated Disclosure badges Received 32 recommendations , a holder of 9 badges for responsible and coordinated disclosure, found a security vulnerability affecting yic-electronics.pt...

CVE-2019-10506

While processing QCANL80211VENDORSUBCMDAVOIDFREQUENCY vendor command, driver does not validate the data obtained from the user space which could be invalid and thus leads to an undesired behaviour in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdrago...

CVE-2019-2294

Usage of hard-coded magic number for calculating heap guard bytes can allow users to corrupt heap blocks without heap algorithm knowledge in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial...

CVE-2019-10540

Buffer overflow in WLAN NAN function due to lack of check of count value received in NAN availability attribute in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,...

CVE-2019-13540

Delta Electronics TPEditor, Versions 1.94 and prior. Multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to remotely execute arbitrary code...

CVE-2019-13544

Delta Electronics TPEditor, Versions 1.94 and prior. Multiple out-of-bounds write vulnerabilities may be exploited by processing specially crafted project files, which may allow remote code execution...

CVE-2019-13536

Delta Electronics TPEditor, Versions 1.94 and prior. Multiple heap-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to remotely execute arbitrary code...

CVE-2019-13544

Delta Electronics TPEditor, Versions 1.94 and prior. Multiple out-of-bounds write vulnerabilities may be exploited by processing specially crafted project files, which may allow remote code execution...

CVE-2019-13540

Delta Electronics TPEditor, Versions 1.94 and prior. Multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to remotely execute arbitrary code...

CVE-2019-13536

Delta Electronics TPEditor, Versions 1.94 and prior. Multiple heap-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to remotely execute arbitrary code...

Heap overflow

Delta Electronics TPEditor, Versions 1.94 and prior. Multiple heap-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to remotely execute arbitrary code...

Remote code execution

Delta Electronics TPEditor, Versions 1.94 and prior. Multiple out-of-bounds write vulnerabilities may be exploited by processing specially crafted project files, which may allow remote code execution...

Stack overflow

Delta Electronics TPEditor, Versions 1.94 and prior. Multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to remotely execute arbitrary code...

CVE-2019-13540

Delta Electronics TPEditor CVE-2019-13540 affects Version 1.94 and earlier. Documents consistently describe multiple stack-based buffer overflow vulnerabilities that may allow remote code execution when processing specially crafted project files. ZDI advisories describe remote code execution via ...

CVE-2019-13540

Delta Electronics TPEditor, Versions 1.94 and prior. Multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to remotely execute arbitrary code...

CVE-2019-13536

Delta Electronics TPEditor (Windows) prior to or equal to version 1.94 contains a heap-based buffer overflow in the parsing/processing of TPE files (specifically crafted project files). The vulnerability can allow remote code execution, with exploitation described as requiring user interaction in...

CVE-2019-13536

Delta Electronics TPEditor, Versions 1.94 and prior. Multiple heap-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to remotely execute arbitrary code...