CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A non-time constant function memcmp is used which creates a side channel that could leak information in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile...

7.8CVSS7AI score0.00094EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 10:31 a.m.•4 views

CVE-2019-14007

Due to the use of non-time-constant comparison functions there is issue in timing side channels which can be used as a potential side channel for SUI corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,...

5.5CVSS7.4AI score0.00045EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 10:24 a.m.•5 views

CVE-2019-10483

Side channel issue in QTEE due to usage of non-time-constant comparison function such as memcmp or strcmp in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon...

5.5CVSS7.2AI score0.00045EPSS

Exploits0References1

Prion•added 2020/04/16 11:15 a.m.•20 views

Design/Logic Flaw

4.9CVSS5.9AI score0.00045EPSS

Exploits0References1

CVE•added 2020/04/16 10:46 a.m.•57 views

CVE-2019-14007

CVE-2019-14007 describes a timing side-channel issue caused by non-time-constant comparison functions affecting Qualcomm Snapdragon components (closed-source) across multiple devices. The underlying problem could enable a local attacker to infer sensitive information (SUI-related) due to timing d...

5.5CVSS5.8AI score0.00045EPSS

Exploits0References1Affected Software1

Cvelist•added 2020/04/16 10:46 a.m.•22 views

CVE-2019-14007

5.8AI score0.00045EPSS

Exploits0References1

CVE•added 2020/04/16 10:46 a.m.•57 views

CVE-2019-10483

CVE-2019-10483 describes a side-channel vulnerability in Qualcomm’s QTEE due to non-time-constant comparisons (memcpy-like memcmp/strcmp) used across Snapdragon platforms (Auto, Compute, Connectivity, etc. including APQ8009, SDM, SM, and other family seeds). Root cause: non-constant-time comparis...

5.5CVSS5.7AI score0.00045EPSS

Exploits0References1Affected Software1

Cvelist•added 2020/04/16 10:46 a.m.•20 views

CVE-2019-10483

5.7AI score0.00045EPSS

Exploits0References1

NVD•added 2019/06/14 5:29 p.m.•17 views

CVE-2018-5913

7.8CVSS7.5AI score0.00094EPSS

Exploits0References1

Cvelist•added 2019/02/25 11:0 p.m.•22 views

CVE-2018-11820

Use of non-time constant memcmp function creates side channel that leaks information and leads to cryptographic issues in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT,...

5.7AI score0.00051EPSS

Exploits0References2

CVE•added 2019/02/25 11:0 p.m.•59 views

CVE-2018-11820

CVE-2018-11820 concerns a side-channel leak caused by using a non-time-constant memcmp function in Qualcomm/Snapdragon components. Affected platforms include Snapdragon Auto/Compute/Connectivity, Snapdragon IoT lines and many SDM/SD/SDM variants (e.g., IPQ8074, MDM9150, MDM9206, MDM9607, MDM9640,...

5.5CVSS5.6AI score0.00051EPSS

Exploits0References2Affected Software1

Prion•added 2019/02/25 10:29 p.m.•23 views

Code injection

4.9CVSS5.7AI score0.00051EPSS

Exploits0References2

CVE•added 2018/10/26 1:0 p.m.•42 views

CVE-2018-11846

The CVE-2018-11846 entry affects Snapdragon Mobile: SD 210/SD 212/SD 205, SD 845, and SD 850. The root cause is a non-time-constant memory comparison operation that can create timing/side-channel attacks. Exploitation details are not provided in the documents; there is no public exploit informati...

4.7CVSS5.6AI score0.00096EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by