Mdm9650 Firmware Security Vulnerabilities and Issues — Page 5 of Mdm9650 Firmware CVE List

Lucene search

QualcommMdm9650 Firmware

221 matches found

CVE•added 2019/09/30 4:15 p.m.•40 views

CVE-2019-2252

Classic buffer overflow vulnerability while playing the specific video whose Decode picture buffer size is more than 16 in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearab...

10CVSS9.5AI score0.01204EPSS

CVE•added 2019/12/12 9:15 a.m.•40 views

CVE-2019-2321

Incorrect length used while validating the qsee log buffer sent from HLOS which could then lead to remap conflict in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdr...

7.8CVSS7.8AI score0.00033EPSS

CVE•added 2019/05/06 11:29 p.m.•39 views

CVE-2017-18274

While iterating through the models contained in a fixed-size array in the actData structure, which also stores an incorrect number of models that is greater than the size of the array, a buffer overflow occurs in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650...

7.8CVSS7.5AI score0.00035EPSS

CVE•added 2019/01/03 3:29 p.m.•39 views

CVE-2017-18327

Security keys are logged when any WCDMA call is configured or reconfigured in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 712 ...

5.5CVSS6.1AI score0.00051EPSS

CVE•added 2019/04/04 3:29 p.m.•39 views

CVE-2018-11970

TZ App dynamic allocations not protected from XBL loader in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9206, MDM9607, MDM9650, MDM9655, QCS605, SD 410/12, SD 636, SD 712 / SD 710 / SD...

7.8CVSS8.2AI score0.00033EPSS

CVE•added 2019/11/21 3:15 p.m.•39 views

CVE-2019-10503

Out-of-bounds access can occur in camera driver due to improper validation of array index in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8...

7.8CVSS8.2AI score0.00043EPSS

CVE•added 2019/07/25 5:15 p.m.•39 views

CVE-2019-2254

Position determination accuracy may be degraded due to wrongly decoded information in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9615, MDM...

9.8CVSS9.1AI score0.00286EPSS

CVE•added 2019/01/03 3:29 p.m.•38 views

CVE-2017-18326

Cryptographic keys are printed in modem debug messages in snapdragon mobile and snapdragon wear in versions MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 636, S...

5.5CVSS6AI score0.00051EPSS

CVE•added 2019/02/11 3:29 p.m.•38 views

CVE-2018-11888

Unauthorized access may be allowed by the SCP11 Crypto Services TA will processing commands from other TA in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile and Snapdrag...

7.8CVSS6.2AI score0.00025EPSS

CVE•added 2019/02/25 11:0 p.m.•38 views

CVE-2018-11932

Improper input validation can lead RW access to secure subsystem from HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in versions MDM9650, MDM9655, MSM8996AU, QC...

9.1CVSS9AI score0.00221EPSS

CVE•added 2019/07/25 5:15 p.m.•38 views

CVE-2019-2334

Null pointer dereferencing can happen when playing the clip with wrong block group id in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, ...

7.8CVSS7.6AI score0.00246EPSS

CVE•added 2019/01/18 10:29 p.m.•37 views

CVE-2017-18160

AGPS session failure in GNSS module due to cyphersuites are hardcoded and needed manual update everytime in snapdragon mobile and snapdragon wear in versions MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD 835, SD 845, SD 850

10CVSS8.1AI score0.00217EPSS

CVE•added 2019/02/25 11:0 p.m.•37 views

CVE-2018-11931

Improper access to HLOS is possible while transferring memory to CPZ in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in versions MDM9150, MD...

7.8CVSS7.6AI score0.00038EPSS

CVE•added 2019/11/06 5:15 p.m.•37 views

CVE-2019-10512

Payload size is not checked before using it as array index in audio in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ401...

7.8CVSS7.7AI score0.00042EPSS

CVE•added 2019/12/12 9:15 a.m.•37 views

CVE-2019-2337

While Skipping unknown IES, EMM is reading the buffer even if the no of bytes to read are more than message length which may cause device to shutdown in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ80...

7.8CVSS7.6AI score0.00369EPSS

CVE•added 2019/11/21 3:15 p.m.•36 views

CVE-2019-10486

Race condition due to the lack of resource lock which will be concurrently modified in the memcpy statement leads to out of bound access in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdrago...

7CVSS7.5AI score0.00033EPSS

CVE•added 2019/07/25 5:15 p.m.•36 views

CVE-2019-2237

Failure in taking appropriate action to handle the error case If keypad gpio deactivation fails leads to silent failure scenario and subsequent logic gets executed everytime in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Ind...

5.5CVSS5.7AI score0.00048EPSS

CVE•added 2019/07/25 5:15 p.m.•36 views

CVE-2019-2238

Lack of check of data type can lead to subsequent loop-expression potentially go negative and the condition will still evaluate to true leading to buffer underflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial I...

7.8CVSS7.7AI score0.00043EPSS

CVE•added 2019/01/03 3:29 p.m.•35 views

CVE-2017-18321

Security keys used by the terminal and NW for a session could be leaked in snapdragon mobile in versions MDM9650, MDM9655, SD 835, SDA660.

5.5CVSS6AI score0.00051EPSS

CVE•added 2019/01/03 3:29 p.m.•35 views

CVE-2017-18328

Use after free in QSH client rule processing in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 820, SD 835, SDA660, SDM630, SDM660, Snapdrago...

7.8CVSS7.9AI score0.00042EPSS

CVE•added 2019/05/24 5:29 p.m.•33 views

CVE-2018-11925

Data length received from firmware is not validated against the max allowed size which can result in buffer overflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, IP...

7.8CVSS7.8AI score0.00037EPSS

Total number of security vulnerabilities221