Sd 835 Firmware Security Vulnerabilities and Issues — Page 2 of Sd 835 Firmware CVE List

Lucene search

QualcommSd 835 Firmware

408 matches found

CVE•added 2019/11/06 5:15 p.m.•58 views

CVE-2019-2275

While deserializing any key blob during key operations, buffer overflow could occur exposing partial key information if any key operations are invoked(Depends on CVE-2018-13907) in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon...

5.5CVSS5.6AI score0.00385EPSS

CVE•added 2019/09/30 4:15 p.m.•57 views

CVE-2019-10540

Buffer overflow in WLAN NAN function due to lack of check of count value received in NAN availability attribute in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapd...

10CVSS9.5AI score0.00941EPSS

CVE•added 2018/04/18 2:29 p.m.•56 views

CVE-2016-10431

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, and SD 850, TZ applications are not properly val...

10CVSS8.5AI score0.00217EPSS

CVE•added 2018/03/30 3:29 p.m.•56 views

CVE-2017-14911

In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mobile, Snapdragon Automobile APQ8096AU, MDM9206, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 625, SD 650/52, SD 820, SD 835, it is possible for the XBL loader to skip the authentication of device config.

10CVSS8.9AI score0.01962EPSS

CVE•added 2019/05/24 5:29 p.m.•56 views

CVE-2018-11924

Improper buffer length validation in WLAN function can lead to a potential integer oveflow issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206,...

7.8CVSS7.7AI score0.00042EPSS

CVE•added 2019/05/24 5:29 p.m.•56 views

CVE-2018-11937

Lack of input validation before copying can lead to a buffer over read in WLAN function in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, QCS605, SD 425, SD 427, SD 430,...

10CVSS9.3AI score0.00266EPSS

CVE•added 2019/05/24 5:29 p.m.•56 views

CVE-2019-2244

Possible integer underflow can happen when calculating length of elementary stream info from invalid section length which is later used to read from input buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snap...

10CVSS9.2AI score0.0033EPSS

CVE•added 2024/11/26 9:15 a.m.•55 views

CVE-2016-10394

Initial xbl_sec revision does not have all the debug policy features and critical checks.

8.4CVSS8.5AI score0.00021EPSS

CVE•added 2019/05/06 11:29 p.m.•55 views

CVE-2017-18131

In QTEE, an incorrect fuse value can be blown in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 820, SD 820A, SD 835, SD 845, SDM429, SDM439, SDM6...

7.8CVSS7.2AI score0.00034EPSS

CVE•added 2019/05/24 5:29 p.m.•55 views

CVE-2018-11923

Improper buffer length check before copying can lead to integer overflow and then a buffer overflow in WMA event handler in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU...

7.8CVSS7.9AI score0.00045EPSS

CVE•added 2019/05/24 5:29 p.m.•55 views

CVE-2018-13895

Due to the missing permissions on several content providers of the RCS app in its android manifest file will lead to an unprivileged access to phone in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile...

7.8CVSS7.6AI score0.00021EPSS

CVE•added 2019/11/06 5:15 p.m.•55 views

CVE-2019-10541

Dereference on uninitialized buffer can happen when parsing FLV clip with corrupted codec specific data in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MSM8909W, MSM899...

10CVSS9.4AI score0.00301EPSS

CVE•added 2019/01/03 3:29 p.m.•54 views

CVE-2017-11004

A non-secure user may be able to access certain registers in snapdragon automobile, snapdragon mobile and snapdragon wear in versions IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16...

5.5CVSS5.6AI score0.00051EPSS

CVE•added 2019/05/24 5:29 p.m.•54 views

CVE-2018-11940

Lack of check in length before using memcpy in WLAN function can lead to OOB access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCS605, SD 625, SD 636, SD 712 / SD 710 / SD 6...

10CVSS9.3AI score0.00266EPSS

CVE•added 2019/07/22 2:15 p.m.•54 views

CVE-2018-13927

Debug policy with invalid signature can be loaded when the debug policy functionality is disabled by using the parallel image loading in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Sn...

7.8CVSS7.7AI score0.00028EPSS

CVE•added 2019/11/06 5:15 p.m.•54 views

CVE-2019-10491

ADSP can be compromised since it`s a general-purpose CPU processing untrusted data in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Netwo...

7.8CVSS7.7AI score0.00042EPSS

CVE•added 2019/09/30 4:15 p.m.•54 views

CVE-2019-10497

Use after free issue occurs If another instance of open for voice_svc node has been called from application without closing the previous one. in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in ...

7.8CVSS8.5AI score0.0005EPSS

CVE•added 2019/07/22 2:15 p.m.•54 views

CVE-2019-2292

Out of bound access can occur due to buffer copy without checking size of input received from WLAN firmware in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9650, MSM8996AU, QCA6574AU, QCS405, QCS605, SD 210/SD 212/SD...

7.8CVSS7.7AI score0.00042EPSS

CVE•added 2018/04/18 2:29 p.m.•53 views

CVE-2016-10420

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and...

7.1CVSS6.5AI score0.00114EPSS

CVE•added 2018/04/18 2:29 p.m.•53 views

CVE-2016-10448

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 62...

9.8CVSS8.6AI score0.00328EPSS

CVE•added 2018/10/26 1:29 p.m.•53 views

CVE-2018-11824

A stack-based buffer overflow can occur in a firmware routine in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SD 845, SD 850, SDA660

7.8CVSS7.9AI score0.00035EPSS

CVE•added 2019/05/24 5:29 p.m.•53 views

CVE-2018-12004

Secure keypad is unlocked with secure display still intact in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MDM965...

5.5CVSS5.6AI score0.00045EPSS

CVE•added 2018/04/18 2:29 p.m.•52 views

CVE-2015-9122

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 80...

10CVSS8.8AI score0.00379EPSS

CVE•added 2018/10/23 1:29 p.m.•52 views

CVE-2017-18172

In a device, with screen size 1440x2560, the check of contiguous buffer will overflow on certain buffer size resulting in an Integer Overflow or Wraparound in System UI in Snapdragon Automobile, Snapdragon Mobile in version MDM9635M, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615...

7.8CVSS7.5AI score0.00029EPSS

CVE•added 2018/10/23 1:29 p.m.•52 views

CVE-2017-18298

Lack of Input Validation in SDMX API can lead to NULL pointer access in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820...

7.8CVSS6.8AI score0.00054EPSS

CVE•added 2018/10/23 1:29 p.m.•52 views

CVE-2017-18304

Insufficient memory allocation in boot due to incorrect size being passed could result in out of bounds access in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in version FSM9055, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, S...

7.8CVSS6.8AI score0.00054EPSS

CVE•added 2024/11/26 2:15 p.m.•52 views

CVE-2017-18307

Information disclosure possible while audio playback.

8.4CVSS8.3AI score0.00021EPSS

CVE•added 2018/11/28 3:29 p.m.•52 views

CVE-2018-11264

Possible buffer overflow in Ontario fingerprint code due to lack of input validation for the parameters coming into TZ from HLOS in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450,...

7.8CVSS8.1AI score0.0004EPSS

CVE•added 2019/02/25 11:0 p.m.•52 views

CVE-2018-13912

Arbitrary write issue can occur when user provides kernel address in compat mode in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909...

5.5CVSS5.7AI score0.00106EPSS

CVE•added 2019/07/22 2:15 p.m.•52 views

CVE-2019-2287

Improper validation for inputs received from firmware can lead to an out of bound write issue in video driver. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, ...

9.8CVSS9.4AI score0.00322EPSS

CVE•added 2019/07/25 5:15 p.m.•52 views

CVE-2019-2290

Multiple open and close from multiple threads will lead camera driver to access destroyed session data pointer in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MS...

7.8CVSS8.2AI score0.00042EPSS

CVE•added 2018/04/18 2:29 p.m.•51 views

CVE-2015-9128

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD...

10CVSS8.5AI score0.00312EPSS

CVE•added 2018/04/18 2:29 p.m.•51 views

CVE-2015-9152

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile IPQ4019, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 800, SD 810, SD 820, SD 820A, SD 835, and Snapdragon_High_Med_2...

10CVSS8.6AI score0.00176EPSS

CVE•added 2024/11/26 2:15 p.m.•51 views

CVE-2017-18306

Information disclosure due to uninitialized variable.

8.4CVSS8.2AI score0.00021EPSS

CVE•added 2018/10/26 1:29 p.m.•51 views

CVE-2017-18311

XPU Master privilege escalation is possible due to improper access control of unused configuration xPU ports where unused configuration ports are open in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, ...

7.8CVSS7.9AI score0.00033EPSS

CVE•added 2019/01/03 3:29 p.m.•51 views

CVE-2017-18329

Possible Buffer overflow when transmitting an RTP packet in snapdragon automobile and snapdragon wear in versions MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 6...

7.8CVSS7.7AI score0.0004EPSS

CVE•added 2019/02/25 11:0 p.m.•51 views

CVE-2018-11820

Use of non-time constant memcmp function creates side channel that leaks information and leads to cryptographic issues in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, S...

5.5CVSS5.6AI score0.00051EPSS

CVE•added 2018/10/26 1:29 p.m.•51 views

CVE-2018-11849

Lack of check on out of range of bssid parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6...

7.8CVSS7.9AI score0.00038EPSS

CVE•added 2019/05/24 5:29 p.m.•51 views

CVE-2018-11936

Index of array is processed in a wrong way inside a while loop and result in invalid index (-1 or something else) leads to out of bound memory access. in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapd...

10CVSS9.2AI score0.0033EPSS

CVE•added 2018/07/06 5:29 p.m.•51 views

CVE-2018-5876

While parsing an mp4 file, a buffer overflow can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear.

8.8CVSS8.1AI score0.00457EPSS

CVE•added 2019/05/24 5:29 p.m.•51 views

CVE-2019-2247

Possibility of double free issue while running multiple instances of smp2p test because of proper protection is missing while using global variable in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music...

7.8CVSS7.7AI score0.00042EPSS

CVE•added 2019/09/30 4:15 p.m.•51 views

CVE-2019-2333

Buffer overflow due to improper validation of buffer size while IPA driver processing to perform read operation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9607, MDM9650,...

7.8CVSS8.3AI score0.00045EPSS

CVE•added 2018/04/18 2:29 p.m.•50 views

CVE-2014-10048

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, S...

10CVSS8.5AI score0.00217EPSS

CVE•added 2018/04/18 2:29 p.m.•50 views

CVE-2015-9120

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, S...

10CVSS8.5AI score0.00312EPSS

CVE•added 2018/04/18 2:29 p.m.•50 views

CVE-2015-9136

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9640, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 600, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, and SDX20, in pre-auth request, Host driver use...

10CVSS8.7AI score0.00234EPSS

CVE•added 2018/04/18 2:29 p.m.•50 views

CVE-2015-9163

7.5CVSS7.7AI score0.00228EPSS

CVE•added 2018/04/11 3:29 p.m.•50 views

CVE-2017-18146

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 8...

10CVSS8.9AI score0.00101EPSS

CVE•added 2019/02/25 11:0 p.m.•50 views

CVE-2018-11289

Data truncation during higher to lower type conversion which causes less memory allocation than desired can lead to a buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Sn...

7.8CVSS7.8AI score0.00098EPSS

CVE•added 2019/05/24 5:29 p.m.•50 views

CVE-2018-12013

Improper authentication in locked memory region can lead to unprivilged access to the memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in...

7.8CVSS7.8AI score0.00035EPSS

CVE•added 2019/09/30 4:15 p.m.•50 views

CVE-2019-10509

Device record of the pairing device used after free during ACL disconnection in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, MSM8996AU, QCA6574AU, QCS4...

10CVSS9.4AI score0.00266EPSS

Total number of security vulnerabilities408