211 matches found
CVE-2019-14052
CVE-2019-14052 affects Qualcomm Snapdragon devices (Auto/Compute/Consumer IoT/Industrial IoT/ Mobile/ Wearables, etc.) across numerous SoCs (APQ8xxx, MDM*, MSM*, QCM/QCS, etc.). The issue arises from accessing an uninitialized data structure, which could cause partial copying of contents and lead...
CVE-2019-14052
u'Accessing an uninitialized data structure could result in partially copying of contents and thus incorrect processing' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ801...
CVE-2019-13999
u'Lack of check for integer overflow for round up and addition operations result into memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial...
CVE-2019-13999
CVE-2019-13999 involves a lack of check for integer overflow during round-up and addition, causing memory corruption and potential information leakage on multiple Qualcomm/Snapdragon platforms. The vulnerability affects a wide range of Snapdragon products (Auto, Compute, Connectivity, Consumer El...
CVE-2019-10596
u'Improper access control can lead signed process to guess pid of other processes and access their address space' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking ...
CVE-2019-10562
u'Improper authentication and signature verification of debug polices in secure boot loader will allow unverified debug policies to be loaded into secure memory and leads to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon...
Command injection
Out of bounds read can happen in diag event set mask command handler when user provided length in the command request is less than expected length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon...
CVE-2020-3688
Possible buffer overflow while parsing mp4 clip with corrupted sample atoms due to improper validation of index in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in...
Code injection
kernel writes to user passed address without any checks can lead to arbitrary memory write in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ6018, IPQ8074, MSM8996, MSM8996AU, Nicobar,...
Design/Logic Flaw
Use after free issue in camera applications when used randomly over multiple operations due to pointer not set to NULL after free/destroy of the object in Snapdragon Consumer IOT, Snapdragon Mobile in Kamorta, QCS605, Rennell, Saipan, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SM8250, SXR113...
CVE-2020-3635
Stack based overflow If the maximum number of arguments allowed per request in perflock exceeds in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096AU, APQ8098, MSM8909W, MSM8917, MSM8920, MSM8937,...
CVE-2020-3614
CVE-2020-3614 is a buffer-overflow risk reported for Qualcomm Snapdragon firmware. The description in multiple sources specifies a lack of length check before copying a frame into a local buffer, affecting a broad set of Snapdragon products (Auto, Compute, Connectivity, IoT variants, Wearables, a...
CVE-2020-3626
Any application can bind to it and exercise the APIs due to no protection for AIDL uimlpaservice in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096AU, APQ8098, MSM8905, MSM8909W, MSM8917, MSM8920,...
CVE-2020-3614
Possible buffer overflow while copying the frame to local buffer due to lack of check of length before copying in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT,...
CVE-2019-14094
CVE-2019-14094 describes an integer overflow in the diag command handler when a large value is supplied for the number of tasks in request packets. Affected products are Qualcomm Snapdragon families including Snapdragon Auto, Compute, Connectivity, etc., across numerous SoCs (e.g., APQ8009, APQ80...
CVE-2019-14080
CVE-2019-14080 is a high-severity, Qualcomm‑related vulnerability affecting Snapdragon modem data in multiple SoCs. Root cause: out-of-bounds write from lack of array index validation while parsing SDP attributes for SAR. Impact could be remote execution via network (per CVSS, network attack, cri...
CVE-2019-10597
kernel writes to user passed address without any checks can lead to arbitrary memory write in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ6018, IPQ8074, MSM8996, MSM8996AU, Nicobar,...
CVE-2019-10597
CVE-2019-10597 is a kernel-level issue described across multiple sources as a local vulnerability where the kernel writes to a user-supplied address, enabling arbitrary memory writes in Qualcomm/Qualcomm-closed components. Public references in the dataset include a Red Hat advisory listing affect...
CVE-2020-3645
Firmware will hit assert in WLAN firmware If encrypted data length in FILS IE of reassoc response is more than 528 bytes in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon...
CVE-2020-3630
Possibility of out of bound access while processing the responses from video firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053,...