Lucene search

K
QualcommMdm9655 Firmware

80 matches found

CVE
CVE
added 2019/02/25 11:0 p.m.44 views

CVE-2018-11845

Usage of non-time-constant comparison functions can lead to information leakage through side channel analysis in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdra...

5.5CVSS5.6AI score0.00051EPSS
CVE
CVE
added 2019/02/25 11:0 p.m.44 views

CVE-2018-13904

Improper input validation in SCM handler to access storage in TZ can lead to unauthorized access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in versions MDM9206, MDM9607, MDM9650, MDM9655...

9.8CVSS9.2AI score0.00391EPSS
CVE
CVE
added 2019/09/30 4:15 p.m.44 views

CVE-2019-2294

Usage of hard-coded magic number for calculating heap guard bytes can allow users to corrupt heap blocks without heap algorithm knowledge in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT...

10CVSS9.3AI score0.0033EPSS
CVE
CVE
added 2019/11/21 3:15 p.m.44 views

CVE-2019-2335

While processing Attach Reject message, Valid exit condition is not met resulting into an infinite loop in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, ...

7.5CVSS7.6AI score0.00359EPSS
CVE
CVE
added 2019/01/18 10:29 p.m.43 views

CVE-2018-11279

Lack of check of input size can make device memory get corrupted because of buffer overflow in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410...

8.8CVSS8.4AI score0.00113EPSS
CVE
CVE
added 2019/01/18 10:29 p.m.43 views

CVE-2018-11999

Improper input validation in trustzone can lead to denial of service in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 636, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDM630...

5.5CVSS5.9AI score0.00046EPSS
CVE
CVE
added 2019/01/03 3:29 p.m.42 views

CVE-2017-18141

When a 3rd party TEE has been loaded it is possible for the non-secure world to create a secure monitor call which will give it access to privileged functions meant to only be accessible from the TEE in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions IPQ8074, MDM9206, MDM96...

7.8CVSS7.6AI score0.00038EPSS
CVE
CVE
added 2019/01/03 3:29 p.m.42 views

CVE-2017-18323

Cryptographic key material leaked in TDSCDMA RRC debug messages in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/1...

5.5CVSS6AI score0.00051EPSS
CVE
CVE
added 2019/02/25 11:0 p.m.42 views

CVE-2018-5839

Improperly configured memory protection allows read/write access to modem image from HLOS kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in versions MDM9150, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8996AU, QCS60...

7.1CVSS6.8AI score0.00044EPSS
CVE
CVE
added 2019/11/21 3:15 p.m.42 views

CVE-2019-2289

Lack of integrity check allows MODEM to accept any NAS messages which can result into authentication bypass of NAS in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009...

10CVSS9.4AI score0.00054EPSS
CVE
CVE
added 2019/01/03 3:29 p.m.41 views

CVE-2017-18319

Information leak in UIM API debug messages in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD...

5.5CVSS6AI score0.00051EPSS
CVE
CVE
added 2019/04/04 3:29 p.m.41 views

CVE-2018-11830

Improper input validation in QCPE create function may lead to integer overflow in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, SD 410/12, SD 820A

7.8CVSS7.8AI score0.00033EPSS
CVE
CVE
added 2019/02/25 11:0 p.m.41 views

CVE-2018-11864

Bytes can be written to fuses from Secure region which can be read later by HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...

5.5CVSS5.6AI score0.00051EPSS
CVE
CVE
added 2019/12/12 9:15 a.m.41 views

CVE-2019-10511

Possibility of memory overflow while decoding GSNDCP compressed mode PDU in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MD...

10CVSS9.5AI score0.00312EPSS
CVE
CVE
added 2019/07/25 5:15 p.m.41 views

CVE-2019-2236

Null pointer dereference during secure application termination using specific application ids. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Mus...

5.5CVSS5.8AI score0.00044EPSS
CVE
CVE
added 2019/01/18 10:29 p.m.40 views

CVE-2017-18332

Security keys are logged when any WCDMA call is configured or reconfigured in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 712 ...

5.5CVSS6.1AI score0.00051EPSS
CVE
CVE
added 2019/02/11 3:29 p.m.40 views

CVE-2018-11855

If an end user makes use of SCP11 sample OCE code without modification it could lead to a buffer overflow when transmitting a CAPDU in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT and S...

7.8CVSS7.9AI score0.00035EPSS
CVE
CVE
added 2019/07/25 5:15 p.m.40 views

CVE-2019-2241

While rendering the layout background, Error status check is not caught properly and also incorrect status handling is being done leading to unintended SUI behaviour in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IO...

5.5CVSS5.7AI score0.00048EPSS
CVE
CVE
added 2019/01/03 3:29 p.m.39 views

CVE-2017-18327

Security keys are logged when any WCDMA call is configured or reconfigured in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 712 ...

5.5CVSS6.1AI score0.00051EPSS
CVE
CVE
added 2019/04/04 3:29 p.m.39 views

CVE-2018-11970

TZ App dynamic allocations not protected from XBL loader in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9206, MDM9607, MDM9650, MDM9655, QCS605, SD 410/12, SD 636, SD 712 / SD 710 / SD...

7.8CVSS8.2AI score0.00033EPSS
CVE
CVE
added 2019/07/25 5:15 p.m.39 views

CVE-2019-2254

Position determination accuracy may be degraded due to wrongly decoded information in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9615, MDM...

9.8CVSS9.1AI score0.00286EPSS
CVE
CVE
added 2019/01/03 3:29 p.m.38 views

CVE-2017-18326

Cryptographic keys are printed in modem debug messages in snapdragon mobile and snapdragon wear in versions MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 636, S...

5.5CVSS6AI score0.00051EPSS
CVE
CVE
added 2019/02/11 3:29 p.m.38 views

CVE-2018-11888

Unauthorized access may be allowed by the SCP11 Crypto Services TA will processing commands from other TA in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile and Snapdrag...

7.8CVSS6.2AI score0.00025EPSS
CVE
CVE
added 2019/02/25 11:0 p.m.38 views

CVE-2018-11932

Improper input validation can lead RW access to secure subsystem from HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in versions MDM9650, MDM9655, MSM8996AU, QC...

9.1CVSS9AI score0.00221EPSS
CVE
CVE
added 2019/01/18 10:29 p.m.37 views

CVE-2017-18160

AGPS session failure in GNSS module due to cyphersuites are hardcoded and needed manual update everytime in snapdragon mobile and snapdragon wear in versions MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD 835, SD 845, SD 850

10CVSS8.1AI score0.00217EPSS
CVE
CVE
added 2019/12/12 9:15 a.m.37 views

CVE-2019-2337

While Skipping unknown IES, EMM is reading the buffer even if the no of bytes to read are more than message length which may cause device to shutdown in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ80...

7.8CVSS7.6AI score0.00369EPSS
CVE
CVE
added 2019/07/25 5:15 p.m.36 views

CVE-2019-2237

Failure in taking appropriate action to handle the error case If keypad gpio deactivation fails leads to silent failure scenario and subsequent logic gets executed everytime in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Ind...

5.5CVSS5.7AI score0.00048EPSS
CVE
CVE
added 2019/07/25 5:15 p.m.36 views

CVE-2019-2238

Lack of check of data type can lead to subsequent loop-expression potentially go negative and the condition will still evaluate to true leading to buffer underflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial I...

7.8CVSS7.7AI score0.00043EPSS
CVE
CVE
added 2019/01/03 3:29 p.m.35 views

CVE-2017-18321

Security keys used by the terminal and NW for a session could be leaked in snapdragon mobile in versions MDM9650, MDM9655, SD 835, SDA660.

5.5CVSS6AI score0.00051EPSS
CVE
CVE
added 2019/01/03 3:29 p.m.35 views

CVE-2017-18328

Use after free in QSH client rule processing in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 820, SD 835, SDA660, SDM630, SDM660, Snapdrago...

7.8CVSS7.9AI score0.00042EPSS
Total number of security vulnerabilities80