Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
QualcommMdm9205 Firmware

197 matches found

CVE
CVEadded 2023/04/13 7:15 a.m.219 views

CVE-2022-33223

Transient DOS in Modem due to null pointer dereference while processing the incoming packet with http chunked encoding.

7.5CVSS7.5AI score0.00106EPSS
CVE
CVEadded 2023/04/13 7:15 a.m.219 views

CVE-2022-33294

Transient DOS in Modem due to NULL pointer dereference while receiving response of lwm2m registration/update/bootstrap request message.

7.5CVSS7.5AI score0.00106EPSS
CVE
CVEadded 2022/06/14 10:15 a.m.142 views

CVE-2021-30342

Improper integrity check can lead to race condition between tasks PDCP and RRC? after a valid RRC Command packet has been received in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables

9.1CVSS5.9AI score0.00357EPSS
CVE
CVEadded 2023/03/10 9:15 p.m.129 views

CVE-2022-33213

Memory corruption in modem due to buffer overflow while processing a PPP packet

8.8CVSS8.5AI score0.00117EPSS
CVE
CVEadded 2022/02/11 11:15 a.m.111 views

CVE-2021-30323

Improper validation of maximum size of data write to EFS file can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

7.8CVSS7.9AI score0.00085EPSS
CVE
CVEadded 2019/12/18 6:15 a.m.97 views

CVE-2019-10513

Possibility of Null pointer access if the SPDM commands are executed in the non-standard way in Trustzone in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mob...

5.5CVSS5.8AI score0.0011EPSS
CVE
CVEadded 2021/03/17 6:15 a.m.97 views

CVE-2020-11226

Out of bound memory read in Data modem while unpacking data due to lack of offset length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

7.5CVSS7.5AI score0.0024EPSS
CVE
CVEadded 2019/12/18 6:15 a.m.94 views

CVE-2019-10487

Buffer over read can happen while parsing SMS OTA messages at transport layer if network sends un-intended values in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009,...

10CVSS9.2AI score0.00396EPSS
CVE
CVEadded 2021/03/17 6:15 a.m.93 views

CVE-2020-11190

Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wea...

9.1CVSS9.1AI score0.0037EPSS
CVE
CVEadded 2021/11/12 7:15 a.m.93 views

CVE-2021-30259

Possible out of bound access due to improper validation of function table entries in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure a...

7.8CVSS7.7AI score0.00041EPSS
CVE
CVEadded 2023/04/13 7:15 a.m.89 views

CVE-2022-33231

Memory corruption due to double free in core while initializing the encryption key.

9.3CVSS8.1AI score0.00044EPSS
CVE
CVEadded 2019/12/18 6:15 a.m.88 views

CVE-2019-10482

Due to the use of non-time-constant comparison functions there is issue in timing side channels which can be used as a potential side channel for SUI corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Sn...

7.1CVSS6AI score0.00229EPSS
CVE
CVEadded 2021/03/17 6:15 a.m.88 views

CVE-2020-11189

Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wea...

9.1CVSS9.1AI score0.0037EPSS
CVE
CVEadded 2019/12/18 6:15 a.m.86 views

CVE-2019-10516

Multiple read overflows in MM while decoding service accept,service reject,attach reject and MT detach in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, A...

10CVSS9.2AI score0.0033EPSS
CVE
CVEadded 2019/12/18 6:15 a.m.83 views

CVE-2019-10500

While processing MT Secondary PDP request, Buffer overflow will happen due to incorrect calculation of buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009...

10CVSS9.5AI score0.00356EPSS
CVE
CVEadded 2021/03/17 6:15 a.m.83 views

CVE-2020-11171

Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wea...

9.1CVSS9.1AI score0.0037EPSS
CVE
CVEadded 2020/01/21 7:15 a.m.82 views

CVE-2019-2267

Locked regions may be modified through other interfaces in secure boot loader image due to improper access control. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking ...

7.8CVSS8.2AI score0.00094EPSS
CVE
CVEadded 2021/03/17 6:15 a.m.81 views

CVE-2020-11227

Out of bound write while parsing RTT/TTY packet parsing due to lack of check of buffer size before copying into buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Sn...

9.8CVSS9.4AI score0.0037EPSS
CVE
CVEadded 2021/02/22 7:15 a.m.80 views

CVE-2020-11170

Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice &...

10CVSS9.2AI score0.0033EPSS
CVE
CVEadded 2021/03/17 6:15 a.m.80 views

CVE-2020-11199

HLOS to access EL3 stack canary by just mapping imem region due to Improper access control and can lead to information exposure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & ...

5.5CVSS5.5AI score0.00045EPSS
CVE
CVEadded 2021/07/13 6:15 a.m.80 views

CVE-2021-1886

Incorrect handling of pointers in trusted application key import mechanism could cause memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

8.4CVSS8.4AI score0.00039EPSS
CVE
CVEadded 2022/10/19 11:15 a.m.80 views

CVE-2022-25718

Cryptographic issue in WLAN due to improper check on return value while authentication handshake in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music...

9.8CVSS9.4AI score0.00208EPSS
CVE
CVEadded 2021/03/17 6:15 a.m.79 views

CVE-2020-11221

Usage of syscall by non-secure entity can allow extraction of secure QTEE diagnostic information in clear text form due to insufficient checks in the syscall handler and leads to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdra...

5.5CVSS5.5AI score0.00045EPSS
CVE
CVEadded 2021/03/17 6:15 a.m.78 views

CVE-2020-11166

Potential out of bound read exception when UE receives unusually large number of padding octets in the beginning of ROHC header in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & ...

9.1CVSS9AI score0.00286EPSS
CVE
CVEadded 2021/06/09 5:15 a.m.78 views

CVE-2020-11178

Trusted APPS to overwrite the CPZ memory of another use-case as TZ only checks the physical address not overlapping with its memory and its RoT memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon V...

7.8CVSS7.5AI score0.00033EPSS
CVE
CVEadded 2021/07/13 6:15 a.m.78 views

CVE-2021-1888

Memory corruption in key parsing and import function due to double freeing the same heap allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

8.4CVSS8.4AI score0.00039EPSS
CVE
CVEadded 2021/07/13 6:15 a.m.78 views

CVE-2021-1889

Possible buffer overflow due to lack of length check in Trusted Application in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

8.4CVSS8.4AI score0.00035EPSS
CVE
CVEadded 2022/06/14 10:15 a.m.78 views

CVE-2021-30344

Improper authorization of a replayed LTE security mode command can lead to a denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

7.8CVSS7.6AI score0.00338EPSS
CVE
CVEadded 2022/01/03 8:15 a.m.76 views

CVE-2021-30278

Improper input validation in TrustZone memory transfer interface can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

7.1CVSS5.5AI score0.00045EPSS
CVE
CVEadded 2022/06/14 10:15 a.m.76 views

CVE-2021-30281

Possible unauthorized access to secure space due to improper check of data allowed while flashing the no access control device configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wear...

8.4CVSS7.6AI score0.00143EPSS
CVE
CVEadded 2023/02/12 4:15 a.m.76 views

CVE-2022-25728

Information disclosure in modem due to buffer over-read while processing response from DNS server

8.2CVSS7.7AI score0.0008EPSS
CVE
CVEadded 2023/04/13 7:15 a.m.76 views

CVE-2022-33228

Information disclosure sue to buffer over-read in modem while processing ipv6 packet with hop-by-hop or destination option in header.

8.2CVSS7.7AI score0.00068EPSS
CVE
CVEadded 2021/02/22 7:15 a.m.75 views

CVE-2020-11269

Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdra...

8.8CVSS8.8AI score0.00074EPSS
CVE
CVEadded 2021/07/13 6:15 a.m.75 views

CVE-2021-1890

Improper length check of public exponent in RSA import key function could cause memory corruption. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

8.4CVSS8.2AI score0.00039EPSS
CVE
CVEadded 2022/06/14 10:15 a.m.75 views

CVE-2021-30341

Improper buffer size validation of DSM packet received can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

10CVSS9.6AI score0.00363EPSS
CVE
CVEadded 2023/08/08 10:15 a.m.73 views

CVE-2023-21626

Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key.

7.1CVSS7AI score0.0005EPSS
CVE
CVEadded 2021/02/22 7:15 a.m.72 views

CVE-2020-11177

User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device lock in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voic...

8.8CVSS8.7AI score0.00033EPSS
CVE
CVEadded 2023/02/12 4:15 a.m.72 views

CVE-2022-33233

Memory corruption due to configuration weakness in modem wile sending command to write protected files.

7.8CVSS7.9AI score0.0006EPSS
CVE
CVEadded 2023/08/08 10:15 a.m.72 views

CVE-2023-21625

Information disclosure in Network Services due to buffer over-read while the device receives DNS response.

8.2CVSS7.7AI score0.00074EPSS
CVE
CVEadded 2021/02/22 7:15 a.m.71 views

CVE-2020-11195

Out of bound write and read in TA while processing command from NS side due to improper length check on command and response buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

7.8CVSS7.7AI score0.00033EPSS
CVE
CVEadded 2023/03/10 9:15 p.m.71 views

CVE-2022-40531

Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.

8.4CVSS8.1AI score0.0006EPSS
CVE
CVEadded 2020/09/08 10:15 a.m.69 views

CVE-2019-13994

u'Lack of check that the current received data fragment size of a particular packet that are read from shared memory are less than the actual packet size can lead to memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Cons...

7.8CVSS7.6AI score0.00111EPSS
CVE
CVEadded 2020/06/02 3:15 p.m.68 views

CVE-2019-14042

Out of bound read in in fingerprint application due to requested data assigned to a local buffer without length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired In...

7.1CVSS7.4AI score0.00043EPSS
CVE
CVEadded 2021/02/22 7:15 a.m.68 views

CVE-2020-3664

Out of bound read access in hypervisor due to an invalid read access attempt by passing invalid addresses in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure...

6CVSS5.9AI score0.00094EPSS
CVE
CVEadded 2020/09/08 10:15 a.m.67 views

CVE-2019-10527

u'SMEM partition can be manipulated in case of any compromise on HLOS, thus resulting in access to memory outside of SMEM address range which could lead to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Co...

7.8CVSS7.6AI score0.00039EPSS
CVE
CVEadded 2023/03/10 9:15 p.m.66 views

CVE-2022-25705

Memory corruption in modem due to integer overflow to buffer overflow while handling APDU response

7.8CVSS8AI score0.0006EPSS
CVE
CVEadded 2023/02/12 4:15 a.m.66 views

CVE-2022-25735

Denial of service in modem due to missing null check while processing TCP or UDP packets from server

7.5CVSS7.5AI score0.00145EPSS
CVE
CVEadded 2023/03/10 9:15 p.m.66 views

CVE-2022-33257

Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust zone.

9.3CVSS7.6AI score0.00042EPSS
CVE
CVEadded 2023/04/13 7:15 a.m.66 views

CVE-2022-33295

Information disclosure in Modem due to buffer over-read while parsing the wms message received given the buffer and its length.

8.2CVSS7.7AI score0.00077EPSS
CVE
CVEadded 2022/06/14 10:15 a.m.63 views

CVE-2021-30349

Improper access control sequence for AC database after memory allocation can lead to possible memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infra...

8.2CVSS6.8AI score0.00107EPSS
Total number of security vulnerabilities197