Lucene search

K
QualcommMsm8996au Firmware

689 matches found

CVE
CVE
added 2021/02/22 7:15 a.m.73 views

CVE-2020-11177

User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device lock in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voic...

8.8CVSS8.7AI score0.00033EPSS
CVE
CVE
added 2021/06/09 5:15 a.m.73 views

CVE-2020-11235

Buffer overflow might occur while parsing unified command due to lack of check of input data received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile,...

7.8CVSS7.9AI score0.00035EPSS
CVE
CVE
added 2022/06/14 10:15 a.m.73 views

CVE-2021-35083

Possible out of bound read due to improper validation of certificate chain in SSL or Internet key exchange in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon...

9.4CVSS9AI score0.0016EPSS
CVE
CVE
added 2019/05/24 5:29 p.m.72 views

CVE-2018-13886

Unchecked OTA field in GNSS XTRA3 lead to integer overflow and then buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Weara...

10CVSS9.6AI score0.00356EPSS
CVE
CVE
added 2019/07/22 2:15 p.m.72 views

CVE-2019-2277

Out of bound read can happen due to lack of NULL termination on user controlled data in WLAN in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MSM8996AU, QCS405, QCS605, SD 210/SD 212/SD 205, SD 425, SD 427, SD...

7.8CVSS7.5AI score0.00042EPSS
CVE
CVE
added 2021/02/22 7:15 a.m.72 views

CVE-2020-11195

Out of bound write and read in TA while processing command from NS side due to improper length check on command and response buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

7.8CVSS7.7AI score0.00033EPSS
CVE
CVE
added 2023/03/10 9:15 p.m.72 views

CVE-2022-40531

Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.

8.4CVSS8.1AI score0.0006EPSS
CVE
CVE
added 2019/05/24 5:29 p.m.71 views

CVE-2018-11930

Improper input validation on input data which is used to locate and copy the additional IEs in WLAN function can lead to potential integer truncation issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607, MDM...

10CVSS9.2AI score0.00266EPSS
CVE
CVE
added 2019/05/24 5:29 p.m.71 views

CVE-2018-11953

While processing ssid IE length from remote AP, possible out-of-bounds access may occur due to crafted ssid IE length in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Sn...

10CVSS9.2AI score0.00266EPSS
CVE
CVE
added 2022/12/13 4:15 p.m.71 views

CVE-2022-25677

Memory corruption in diag due to use after free while processing dci packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

7.8CVSS8AI score0.00032EPSS
CVE
CVE
added 2024/04/01 3:15 p.m.71 views

CVE-2023-33023

Memory corruption while processing finish_sign command to pass a rsp buffer.

8.4CVSS8.7AI score0.0006EPSS
CVE
CVE
added 2020/09/08 10:15 a.m.70 views

CVE-2019-13994

u'Lack of check that the current received data fragment size of a particular packet that are read from shared memory are less than the actual packet size can lead to memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Cons...

7.8CVSS7.6AI score0.00111EPSS
CVE
CVE
added 2022/06/14 10:15 a.m.70 views

CVE-2021-35104

Possible buffer overflow due to improper parsing of headers while playing the FLAC audio clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Netw...

10CVSS9.6AI score0.00701EPSS
CVE
CVE
added 2022/10/19 11:15 a.m.70 views

CVE-2022-25666

Memory corruption due to use after free in service while trying to access maps by different threads in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

6.7CVSS7AI score0.00042EPSS
CVE
CVE
added 2023/02/12 4:15 a.m.70 views

CVE-2022-33246

Memory corruption in Audio due to use of out-of-range pointer offset while Initiating a voice call session from user space with invalid session id.

7.8CVSS6.9AI score0.00034EPSS
CVE
CVE
added 2019/05/24 5:29 p.m.69 views

CVE-2018-11967

Signature verification of the skel library could potentially be disabled as the memory region on the remote subsystem in which the library is loaded is allocated from userspace currently in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial ...

7.8CVSS7.7AI score0.00035EPSS
CVE
CVE
added 2021/07/13 6:15 a.m.69 views

CVE-2020-11307

Buffer overflow in modem due to improper array index check before copying into it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

10CVSS9.5AI score0.00356EPSS
CVE
CVE
added 2022/09/02 12:15 p.m.69 views

CVE-2022-25659

Memory corruption due to buffer overflow while parsing MKV clips with invalid bitmap size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

9.8CVSS9.7AI score0.00136EPSS
CVE
CVE
added 2022/10/19 11:15 a.m.69 views

CVE-2022-25748

Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdr...

9.8CVSS9.8AI score0.00328EPSS
CVE
CVE
added 2023/03/10 9:15 p.m.69 views

CVE-2022-40515

Memory corruption in Video due to double free while playing 3gp clip with invalid metadata atoms.

9.8CVSS8AI score0.00071EPSS
CVE
CVE
added 2023/06/06 8:15 a.m.69 views

CVE-2022-40521

Transient DOS due to improper authorization in Modem

7.5CVSS7.5AI score0.00106EPSS
CVE
CVE
added 2024/04/01 3:15 p.m.68 views

CVE-2023-28547

Memory corruption in SPS Application while requesting for public key in sorter TA.

8.4CVSS8.7AI score0.0006EPSS
CVE
CVE
added 2022/06/14 10:15 a.m.67 views

CVE-2021-35116

APK can load a crafted model into the CDSP which can lead to a compromise of CDSP and other APK`s data executing there in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

7.7CVSS6.9AI score0.00044EPSS
CVE
CVE
added 2023/01/09 8:15 a.m.67 views

CVE-2022-22079

Denial of service while processing fastboot flash command on mmc due to buffer over read

4.6CVSS4.9AI score0.0007EPSS
CVE
CVE
added 2023/03/10 9:15 p.m.67 views

CVE-2022-25705

Memory corruption in modem due to integer overflow to buffer overflow while handling APDU response

7.8CVSS8AI score0.0006EPSS
CVE
CVE
added 2023/04/13 7:15 a.m.67 views

CVE-2022-33289

Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.

6.8CVSS6.8AI score0.00039EPSS
CVE
CVE
added 2023/10/03 6:15 a.m.67 views

CVE-2023-24848

Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value.

8.2CVSS7.5AI score0.0012EPSS
CVE
CVE
added 2024/01/02 6:15 a.m.67 views

CVE-2023-43511

Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains IPPROTO_NONE as the next header.

7.5CVSS7.5AI score0.00325EPSS
CVE
CVE
added 2025/02/03 5:15 p.m.67 views

CVE-2024-38416

Information disclosure during audio playback.

6.1CVSS6.2AI score0.00021EPSS
CVE
CVE
added 2019/07/22 2:15 p.m.66 views

CVE-2019-2243

Possible buffer overflow at the end of iterating loop while getting the version info and lead to information disclosure. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in M...

5.5CVSS5.8AI score0.00047EPSS
CVE
CVE
added 2022/09/02 12:15 p.m.66 views

CVE-2022-25658

Memory corruption due to incorrect pointer arithmetic when attempting to change the endianness in video parser function in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearab...

9.8CVSS9.4AI score0.00112EPSS
CVE
CVE
added 2024/03/04 11:15 a.m.66 views

CVE-2023-33066

Memory corruption in Audio while processing RT proxy port register driver.

8.4CVSS8.6AI score0.0007EPSS
CVE
CVE
added 2019/09/30 4:15 p.m.65 views

CVE-2019-10506

While processing QCA_NL80211_VENDOR_SUBCMD_AVOID_FREQUENCY vendor command, driver does not validate the data obtained from the user space which could be invalid and thus leads to an undesired behaviour in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdr...

7.8CVSS8.2AI score0.00042EPSS
CVE
CVE
added 2021/09/09 8:15 a.m.65 views

CVE-2021-1963

Possible use-after-free due to lack of validation for the rule count in filter table in IPA driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

6.7CVSS6.7AI score0.00048EPSS
CVE
CVE
added 2023/01/09 8:15 a.m.65 views

CVE-2022-25717

Memory corruption in display due to double free while allocating frame buffer memory

7.8CVSS7.2AI score0.00034EPSS
CVE
CVE
added 2023/09/05 7:15 a.m.65 views

CVE-2023-21654

Memory corruption in Audio during playback session with audio effects enabled.

7.8CVSS7.2AI score0.0002EPSS
CVE
CVE
added 2019/05/24 5:29 p.m.64 views

CVE-2018-12005

An unprivileged user can issue a binder call and cause a system halt in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS...

5.5CVSS5.7AI score0.0004EPSS
CVE
CVE
added 2019/07/22 2:15 p.m.64 views

CVE-2018-13896

XBL_SEC image authentication and other crypto related validations are accessible to a compromised OEM XBL Loader due to missing lock at XBL_SEC stage.. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon ...

7.8CVSS7.7AI score0.00036EPSS
CVE
CVE
added 2020/06/02 3:15 p.m.64 views

CVE-2020-3641

Integer overflow may occur if atom size is less than atom offset as there is improper validation of atom size in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU,...

10CVSS9.5AI score0.0033EPSS
CVE
CVE
added 2022/10/19 11:15 a.m.64 views

CVE-2022-25687

memory corruption in video due to buffer overflow while parsing asf clips in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

9.8CVSS9.7AI score0.0019EPSS
CVE
CVE
added 2023/01/09 8:15 a.m.64 views

CVE-2022-33219

Memory corruption in Automotive due to integer overflow to buffer overflow while registering a new listener with shared buffer.

9.3CVSS8.2AI score0.00096EPSS
CVE
CVE
added 2023/01/09 8:15 a.m.64 views

CVE-2022-33285

Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames.

7.5CVSS6.7AI score0.00158EPSS
CVE
CVE
added 2024/05/06 3:15 p.m.64 views

CVE-2023-43528

Information disclosure when the ADSP payload size received in HLOS in response to Audio Stream Manager matrix session is less than this expected size.

6.1CVSS6.6AI score0.00041EPSS
CVE
CVE
added 2019/09/30 4:15 p.m.63 views

CVE-2019-10539

Possible buffer overflow issue due to lack of length check when parsing the extended cap IE header length in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...

10CVSS9.6AI score0.00427EPSS
CVE
CVE
added 2019/07/22 2:15 p.m.63 views

CVE-2019-2261

Unauthorized access from GPU subsystem to HLOS or other non secure subsystem memory can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired I...

5.5CVSS5.5AI score0.00039EPSS
CVE
CVE
added 2019/07/22 2:15 p.m.63 views

CVE-2019-2269

Possible buffer overflow while processing the high level lim process action frame due to improper buffer length validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9650, MSM8996AU, QCS405, ...

9.8CVSS9.6AI score0.00342EPSS
CVE
CVE
added 2023/03/10 9:15 p.m.63 views

CVE-2022-25655

Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload.

8.4CVSS8.2AI score0.00067EPSS
CVE
CVE
added 2023/06/06 8:15 a.m.63 views

CVE-2022-33264

Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message.

7.9CVSS8.1AI score0.00094EPSS
CVE
CVE
added 2019/05/24 5:29 p.m.62 views

CVE-2018-11928

Lack of check on length parameter may cause buffer overflow while processing WMI commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, S...

7.8CVSS8AI score0.00035EPSS
CVE
CVE
added 2020/11/02 7:15 a.m.62 views

CVE-2020-3654

u'Buffer overflow occurs while processing SIP message packet due to lack of check of index validation before copying into it' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in Agatti, APQ80...

10CVSS9.4AI score0.00356EPSS
Total number of security vulnerabilities689