Lucene search
K
QualcommSd 415 Firmware

283 matches found

CVE
CVE
added 2019/06/14 5:2 p.m.306 views

CVE-2018-13901

CVE-2018-13901 involves information disclosure due to missing permissions in the Android Manifest within the PCI RCS app across a wide range of Qualcomm/Snapdragon devices (Snapdragon Auto, Connectivity, IoT, Mobile, etc.). Affected components are Android apps that rely on these manifests; the ro...

5.5CVSS5.5AI score0.00195EPSS
CVE
CVE
added 2019/06/14 5:2 p.m.270 views

CVE-2018-5913

Technical details about CVE-2018-5913 are not publicly provided in the supplied documents. No affected product/version or remediation information is stated here. Monitor the sources for updates.

7.8CVSS7.4AI score0.00208EPSS
CVE
CVE
added 2019/06/14 5:2 p.m.226 views

CVE-2018-13906

CVE-2018-13906 involves a timing side-channel in the HMAC authentication of messages from QSEE on Qualcomm Snapdragon platforms, affecting a wide range of Snapdragon Auto/Compute/Connectivity/IoT/Wearables/Networking devices (many Snapdragon SoCs listed). Root cause: timing leakage allows an atta...

9.1CVSS9AI score0.00665EPSS
CVE
CVE
added 2019/06/14 5:2 p.m.223 views

CVE-2018-11955

CVE-2018-11955: A missing length check on the reason-code in the payload can cause a driver to read memory outside the allocated frame, leading to an out-of-bounds read in Qualcomm/Snapdragon WLAN/driver components across Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon M...

9.8CVSS9.1AI score0.00815EPSS
CVE
CVE
added 2019/06/14 5:2 p.m.218 views

CVE-2018-5903

CVE-2018-5903 is an out-of-bounds read caused by improper validation of an array when processing the VDEV stop response in Qualcomm WLAN firmware (qcacld 3.0). Affected products span Qualcomm/Snapdragon platforms including Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapd...

7.8CVSS7.6AI score0.0022EPSS
CVE
CVE
added 2019/06/14 5:2 p.m.208 views

CVE-2018-13907

The CVE-2018-13907 entry describes a vulnerability in Qualcomm/Snapdragon components where deserializing a key blob during key operations can trigger a buffer overflow, potentially exposing partial key information across a wide range of Snapdragon devices (IPQ4019, IPQ8074, MDM9... and many SD/So...

5.3CVSS5.6AI score0.00665EPSS
CVE
CVE
added 2019/06/14 5:2 p.m.152 views

CVE-2017-8252

CVE-2017-8252 describes a kernel-level information-disclosure vulnerability in TrustZone across Qualcomm/Snapdragon platforms (e.g., IPQ4019, QCS605, SD families). The root cause is the ability for an attacker to induce faults in TrustZone computations, leading to leakage of sensitive data from m...

5.5CVSS5.5AI score0.00224EPSS
CVE
CVE
added 2019/06/14 5:2 p.m.146 views

CVE-2018-13908

CVE-2018-13908 affects Qualcomm Snapdragon platforms (e.g., Snapdragon Auto/Compute/Connectivity families across numerous SoCs). The issue is a truncated access authentication token that weakens access control for stored secure application data, enabling local attacker access with partial confide...

7.8CVSS7.8AI score0.00192EPSS
CVE
CVE
added 2019/06/14 5:2 p.m.143 views

CVE-2019-2257

CVE-2019-2257 involves wrong permissions in a configuration file, enabling unauthorized permissions on numerous Qualcomm Snapdragon platforms. Affected families include Snapdragon Auto, Connectivity, Consumer IoT, Industrial IoT, IoT, Mobile, Voice & Music, Wearables, and related configurations a...

7.8CVSS7.6AI score0.00182EPSS
CVE
CVE
added 2019/06/14 5:2 p.m.139 views

CVE-2018-11939

CVE-2018-11939 affects Qualcomm-based WLAN components (e.g., Snapdragon WLAN host/MDM platforms) where a use-after-issue in WLAN functionality occurs due to multiple ACS scan requests in parallel. The NVD entry lists a Local access vector with Low attack complexity and no authentication, yielding...

7.8CVSS7.8AI score0.00198EPSS
CVE
CVE
added 2019/11/06 5:11 p.m.124 views

CVE-2019-10529

CVE-2019-10529 is a use-after-free race in Qualcomm’s KGSL kernel path when marking user entries dirty via set_page_dirty, occurring if page->mapping is freed concurrently. It affects Snapdragon/KGSL GPU components and is associated with a documented exploit (exploit-db 46941). The provided do...

9.3CVSS8.1AI score0.01738EPSS
CVE
CVE
added 2019/05/24 4:44 p.m.121 views

CVE-2018-11976

The CVE-2018-11976 issue is described in multiple sources as an ECDSA key leakage vulnerability in Qualcomm’s secure environment. Findings indicate that private keys could be exposed from the secure world to the non-secure world via the Qualcomm Secure Execution Environment (QSEE) on Snapdragon-b...

5.5CVSS5.7AI score0.00204EPSS
CVE
CVE
added 2019/05/24 4:32 p.m.99 views

CVE-2018-11271

CVE-2018-11271 is an improper authentication vulnerability affecting Qualcomm Snapdragon platforms (broad range of Snapdragon Auto/Compute/Connectivity/IoT families and related devices). The issue relates to remote command handling caused by improper event handling, enabling potential unauthorize...

9.8CVSS9.6AI score0.00807EPSS
CVE
CVE
added 2019/05/24 4:44 p.m.82 views

CVE-2018-13886

Technical details about CVE-2018-13886 are not publicly available in the provided documents; no affected products, versions, or fixes are specified here. Monitor for updates.

10CVSS9.6AI score0.01112EPSS
CVE
CVE
added 2019/05/24 4:44 p.m.80 views

CVE-2018-11953

CVE-2018-11953 describes a potential out-of-bounds access when processing the SSID IE length from a remote AP in Qualcomm WLAN/WiFi stack. Affected are Snapdragon platforms including Auto, CE Connectivity, C IoT, Industrial IoT, IoT, Mobile, Voice & Music, and Wearables (many chipsets listed: MDM...

10CVSS9.2AI score0.00945EPSS
CVE
CVE
added 2019/07/22 1:47 p.m.76 views

CVE-2019-2243

CVE-2019-2243 describes a possible buffer overflow at the end of an iteration when retrieving version information, potentially leading to information disclosure. Affected components are Qualcomm Snapdragon family (across numerous Snapdragon Auto/Compute/IoT lines and related SoCs listed in the de...

5.5CVSS5.8AI score0.00194EPSS
CVE
CVE
added 2019/04/04 3:9 p.m.74 views

CVE-2018-11958

CVE-2018-11958 affects a wide range of Qualcomm Snapdragon platforms (e.g., Snapdragon Auto/Consumer/IoT/Industrial IoT, Snapdragon Mobile, Snapdragon Voice & Music) and related Media/SoC components. The root issue is insufficient protection of keypad keys, which could allow a high-security, high...

5.5CVSS5.8AI score0.00204EPSS
CVE
CVE
added 2019/07/22 1:47 p.m.74 views

CVE-2018-13924

The CVE-2018-13924 entry concerns a buffer length validation flaw that can take negative values, causing a stack overflow in Qualcomm components across many Snapdragon platforms (Auto/Compute/Connectivity/IOT/Industrial IOT, Mobile, Wearables, etc.) including IPQ8074 family and various SD/SM/QR s...

10CVSS9.4AI score0.01112EPSS
CVE
CVE
added 2019/05/24 4:44 p.m.74 views

CVE-2019-2244

CVE-2019-2244 affects Qualcomm Snapdragon firmware components across a wide range of SoCs. The issue is a possible integer underflow when calculating the length of elementary stream info from an invalid section length, which is then used to read from the input buffer. Impact is described as poten...

10CVSS9.2AI score0.00988EPSS
CVE
CVE
added 2018/04/18 2:0 p.m.72 views

CVE-2014-9986

CVE-2014-9986 concerns Android devices with Qualcomm components (e.g., Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear MSM8909W, SD系列) where in playready_licacq_process_response(), the length of the cbResponse is not validated and is controlled by the HLOS. If cbResponse is too large, a...

7.5CVSS7.8AI score0.00887EPSS
CVE
CVE
added 2019/05/24 4:44 p.m.71 views

CVE-2018-12012

CVE-2018-12012 affects Qualcomm Snapdragon platforms where the blacklisting mechanism uses a shared buffered memory region during boot. The root cause described is that updates to the blacklist are not validated against the newly updated blacklist, allowing boot‑up to be compromised on a wide set...

7.8CVSS7.6AI score0.00208EPSS
CVE
CVE
added 2019/05/24 4:44 p.m.70 views

CVE-2018-13895

CVE-2018-13895 describes an issue where missing permissions on several content providers in the RCS app’s Android manifest could enable unprivileged access on Qualcomm Snapdragon platforms (covering a broad set of Snapdragon Auto, Compute, Connectivity, IoT, Wearable, and related devices). The ro...

7.8CVSS7.6AI score0.00182EPSS
CVE
CVE
added 2019/05/24 4:44 p.m.70 views

CVE-2018-13925

CVE-2018-13925 describes a heap-use-after-free in Qualcomm Snapdragon devices caused by an error in parsing the PMT table, where memory is freed but the context map reference is not reset. Affected products span Snapdragon Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, IoT, Mobile, We...

10CVSS9.4AI score0.00935EPSS
CVE
CVE
added 2018/04/18 2:0 p.m.68 views

CVE-2015-9165

CVE-2015-9165 affects Android devices with Qualcomm Snapdragon/related SoCs (IPQ4019, MDM9206, MDM9607, MSM8909W, SD 210/212/205, SD 400/410/12/615/16/ SD 415/617/650/52/ SD 808/810) where a flaw in the QTEE file service API allows a double-free due to incorrect error handling. The vulnerability ...

10CVSS8.5AI score0.01252EPSS
CVE
CVE
added 2018/04/18 2:0 p.m.67 views

CVE-2015-9131

CVE-2015-9131 corresponds to an input validation flaw in Qualcomm’s qsee on Android devices, affecting Snapdragon targets (SD 400/410/12, 615/16/SD 415, 800, 808, 810). The issue can enable unauthorized memory access due to lack of input validation. Public details in the connected documents show ...

7.5CVSS7.8AI score0.00928EPSS
CVE
CVE
added 2019/09/30 3:40 p.m.67 views

CVE-2019-10497

Technical details about CVE-2019-10497 are not publicly provided in the supplied documents. No specifics on affected products, root cause, or fixes are available here. Monitor for updates.

7.8CVSS8.5AI score0.00192EPSS
CVE
CVE
added 2019/05/24 4:44 p.m.67 views

CVE-2019-2248

CVE-2019-2248 describes a buffer overflow that can occur when an invalid header overwrites an existing buffer with a fixed-size allocation, affecting a wide range of Qualcomm Snapdragon products (e.g., Snapdragon Auto/Compute/Connectivity, Snapdragon IoT/Wearables, Snapdragon 615/16, 625, 820/820...

7.8CVSS7.9AI score0.00197EPSS
CVE
CVE
added 2018/04/18 2:0 p.m.66 views

CVE-2015-9128

CVE-2015-9128 describes a buffer overread caused by lack of validation of the buffer size in Android on Qualcomm Snapdragon platforms (Automobile, Mobile, Wear) across multiple SD/x variants. The issue affects devices with Android before the 2018-04-05 security patch level and is addressed by the...

10CVSS8.5AI score0.01273EPSS
CVE
CVE
added 2019/05/06 10:19 p.m.66 views

CVE-2017-18131

In CVE-2017-18131, the issue is in QTEE where an incorrect fuse value can be blown on Qualcomm Snapdragon platforms (list of Snapdragon Automotive/Mobile/Wear variants and chipsets). The connected sources (NVD/NVD listing and CVE records) specify the affected families and device suffixes, with ro...

7.8CVSS7.2AI score0.00234EPSS
CVE
CVE
added 2019/01/03 3:0 p.m.65 views

CVE-2017-11004

CVE-2017-11004 affects Qualcomm Snapdragon components across multiple platforms (e.g., IPQ8074, MDM9xxx, MSM8996AU and a wide range of SD-series chipsets) where a non-secure user can access certain registers in Snapdragon Automotive, Mobile and Wear devices. The impact is local with partial confi...

5.5CVSS5.6AI score0.0021EPSS
CVE
CVE
added 2018/04/18 2:0 p.m.64 views

CVE-2015-9198

Summary of CVE-2015-9198 : An integer underflow in the Qualcomm qsee_register_log_buff function allows writing beyond intended bounds, potentially corrupting secure memory. The public records identify affected Android builds on Qualcomm-based devices (e.g., Snapdragon Automobile, Snapdragon Mobil...

10CVSS8.5AI score0.01252EPSS
CVE
CVE
added 2019/02/25 11:0 p.m.64 views

CVE-2018-11938

CVE-2018-11938 affects Qualcomm/Snapdragon components (e.g., IPQ8074, MSM89xx, SDx series, etc.) via improper input validation of an HLOS argument, causing potential buffer overflows and unexpected behavior. Root cause is input validation failure in the argument path from HLOS; impact could invol...

7.8CVSS7.8AI score0.00248EPSS
CVE
CVE
added 2019/11/06 5:11 p.m.64 views

CVE-2019-10491

CVE-2019-10491 affects Qualcomm ADSP (Audio DSP) across a broad set of Snapdragon platforms (e.g., IPQ4019, IPQ8064, IPQ8074, MDM9150/9206/9607/9640/9650, MSM8909W/8996AU, QCS405/605, SD-series like SD 210–435/439, SD 450, 615/16/625/632/636/665/675, 712/710/670, 730, 820/820A, 835, 845/850, 855,...

7.8CVSS7.7AI score0.00192EPSS
CVE
CVE
added 2019/05/24 4:44 p.m.64 views

CVE-2019-2247

CVE-2019-2247 involves a potential double-free condition triggered when running multiple smp2p tests due to missing protection for a global variable across Qualcomm Snapdragon platforms (Auto/Compute/IoT/Industrial IoT/Smart wearables and multiple SoCs). The issue affects a broad set of devices (...

7.8CVSS7.7AI score0.00198EPSS
CVE
CVE
added 2018/04/18 2:0 p.m.63 views

CVE-2014-9997

CVE-2014-9997 affects Android on Qualcomm Snapdragon platforms (various SoCs) where PRDiagMaintenanceHandler lacks input validation, causing a buffer over-read. The issue spans multiple Snapdragon products listed in the initial description; CVSS scores indicate Critical impact (C/H, I/H, A/H) wit...

10CVSS8.6AI score0.01169EPSS
CVE
CVE
added 2018/04/18 2:0 p.m.63 views

CVE-2016-10448

CVE-2016-10448 affects Android on Qualcomm Snapdragon platforms (multiple SoCs) where addSA/updateSA commands on the same SA can race. The root cause is that APIs addSA and updateSA access the global ipsec_sa_list[] without mutex protection, enabling memory corruption under concurrent operations....

9.8CVSS8.6AI score0.0094EPSS
CVE
CVE
added 2018/10/23 1:0 p.m.63 views

CVE-2017-18172

CVE-2017-18172 describes a local vulnerability in various Snapdragon Mobile/Automotive platforms where a check of a contiguous buffer can overflow for certain buffer sizes, causing an Integer Overflow or Wraparound in System UI. Affected are devices with large screen resolutions (e.g., 1440x2560)...

7.8CVSS7.5AI score0.00209EPSS
CVE
CVE
added 2019/05/24 4:44 p.m.63 views

CVE-2018-12004

CVE-2018-12004 affects Qualcomm Snapdragon-based mobile/embedded platforms (e.g., Snapdragon Auto, Compute, Consumer Electronics Connectivity, IOT, Industrial IOT, Mobile, Wearables) and related SoCs (e.g., SDM63x/SD 210–SD 845 family). The vulnerability description indicates that the secure keyp...

5.5CVSS5.6AI score0.00204EPSS
CVE
CVE
added 2024/11/26 1:56 p.m.63 views

CVE-2018-5852

CVE-2018-5852 describes an unsigned integer underflow in the Qualcomm IPA driver that results in a buffer over-read when reading NAT entries via the debugfs path /sys/kernel/debug/ipa/ip4_nat. The vulnerability is tied to the IPA driver component and affects Qualcomm chipsets; the underlying issu...

8.4CVSS8.6AI score0.00115EPSS
CVE
CVE
added 2018/04/11 3:0 p.m.62 views

CVE-2017-18146

CVE-2017-18146 affects Android on Qualcomm Snapdragon platforms (Automobile, Mobile, Wear; various SDM/MDM/SD chips). In vulnerable builds prior to the 2018-04-05 patch level, ECDSA signature verification can fail in corner cases, potentially impacting message authentication. The issue is listed ...

10CVSS8.9AI score0.00953EPSS
CVE
CVE
added 2018/10/23 1:0 p.m.62 views

CVE-2017-18298

CVE-2017-18298 describes a lack of input validation in the SDMX API that can cause NULL pointer dereference in Qualcomm Snapdragon platforms listed (e.g., MDM9206/9607/9650; MSM8996AU; SD 210/212/205, 410/12, 425, 430, 450, 615/16/ SD 415, 617, 625, 650/52, 810, 820/820A, 835, 845, 850, SDA660). ...

7.8CVSS6.8AI score0.0026EPSS
CVE
CVE
added 2018/10/23 1:0 p.m.62 views

CVE-2017-18313

CVE-2017-18313 affects Qualcomm Snapdragon platforms where DirectX/ DXE memory (DXE-accessible memory) is within the authenticated image, enabling potential access to tamper with the WCNSS firmware stored in DDR. Affected devices include Snapdragon Mobile and Wear variants across MSM8909W, SD 210...

5.7CVSS5.8AI score0.00257EPSS
CVE
CVE
added 2019/01/03 3:0 p.m.62 views

CVE-2017-18329

CVE-2017-18329 describes a potential buffer overflow in RTP packet handling on Qualcomm Snapdragon automotive and wearable platforms. Affected are Snapdragon Automotive/Wear devices across listed Snapdragon/HW variants (e.g., MDM9615/9625/9635M/9640/9645/9650/9655, MSM8909W, MSM8996AU, SD 210–SD ...

7.8CVSS7.7AI score0.00241EPSS
CVE
CVE
added 2019/04/04 3:9 p.m.62 views

CVE-2018-11971

CVE-2018-11971 concerns an interrupt exit code flow issue that may undermine the TrustZone access control on Qualcomm Snapdragon platforms (e.g., Snapdragon Auto/Compute/Consumer devices and various Qualcomm SoCs). Descriptions across sources consistently state risk of secure asset leakage within...

5.5CVSS5.8AI score0.00204EPSS
CVE
CVE
added 2019/05/24 4:44 p.m.62 views

CVE-2018-12013

CVE-2018-12013 : The issue is an improper authentication flaw in a locked memory region that can grant unprivileged access to memory in multiple Qualcomm Snapdragon products (e.g., Snapdragon Auto/Compute/IoT lines and various SDM/SD chips). Root cause: insufficient authentication controls within...

7.8CVSS7.8AI score0.0021EPSS
CVE
CVE
added 2018/07/06 5:0 p.m.62 views

CVE-2018-5876

The CVE-2018-5876 issue affects Snapdragon Automotive, Snapdragon Mobile, and Snapdragon Wear. It stems from a buffer overflow while parsing MP4 files. The documented impact is high: CVSS v3 base score 8.8 (Network attack, no privileges required, user interaction required) with high confidentiali...

8.8CVSS8.1AI score0.00824EPSS
CVE
CVE
added 2019/05/24 4:44 p.m.62 views

CVE-2019-2245

CVE-2019-2245 is a Qualcomm/Snapdragon vulnerability describing a possible integer underflow when calculating the length of an elementary stream map from an invalid packet length, which is then used to read from an input buffer. Affected products include a broad set of Snapdragon platforms (Auto,...

10CVSS9.2AI score0.00988EPSS
CVE
CVE
added 2018/04/18 2:0 p.m.61 views

CVE-2015-9122

CVE-2015-9122 describes a possible buffer overflow in Android on Qualcomm Snapdragon/mobile SoCs when a SIM response exceeds 64 KB for a stream APDU command. Affected products include a wide range of Qualcomm/Snapdragon modems and Android devices, with the issue stemming from handling large APDU ...

10CVSS8.8AI score0.01405EPSS
CVE
CVE
added 2018/04/18 2:0 p.m.61 views

CVE-2015-9207

CVE-2015-9207 describes a buffer overread in playready_getadditional_responsedata due to insufficient input validation, affecting Android devices on Qualcomm Snapdragon Mobile and Snapdragon Wear (MSM8909W) and a range of Qualcomm SoCs (SD 210/212/205, 400, 410/12, 615/16/415, 617, 650/52, 800, 8...

10CVSS8.5AI score0.01252EPSS
CVE
CVE
added 2018/04/18 2:0 p.m.61 views

CVE-2016-10420

CVE-2016-10420 affects Android devices with Qualcomm Snapdragon/mobile platforms listed (e.g., MDM9206/9607/9650 and SD family up to SDX20). The issue arises while playing a .flv clip that lacks an inbuilt seek table, where a dynamic index table access goes out of bounds, causing a crash (availab...

7.1CVSS6.5AI score0.00527EPSS
Total number of security vulnerabilities283