Lucene search

K
QualcommSdm439 Firmware

158 matches found

CVE
CVE
added 2019/11/06 5:15 p.m.58 views

CVE-2019-2275

While deserializing any key blob during key operations, buffer overflow could occur exposing partial key information if any key operations are invoked(Depends on CVE-2018-13907) in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon...

5.5CVSS5.6AI score0.00385EPSS
CVE
CVE
added 2019/05/24 5:29 p.m.57 views

CVE-2019-2248

Buffer overflow can occur if invalid header tries to overwrite the existing buffer which fix size allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon W...

7.8CVSS7.9AI score0.00045EPSS
CVE
CVE
added 2019/05/24 5:29 p.m.56 views

CVE-2019-2244

Possible integer underflow can happen when calculating length of elementary stream info from invalid section length which is later used to read from input buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snap...

10CVSS9.2AI score0.0033EPSS
CVE
CVE
added 2019/05/06 11:29 p.m.55 views

CVE-2017-18131

In QTEE, an incorrect fuse value can be blown in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 820, SD 820A, SD 835, SD 845, SDM429, SDM439, SDM6...

7.8CVSS7.2AI score0.00034EPSS
CVE
CVE
added 2019/05/24 5:29 p.m.55 views

CVE-2018-13895

Due to the missing permissions on several content providers of the RCS app in its android manifest file will lead to an unprivileged access to phone in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile...

7.8CVSS7.6AI score0.00021EPSS
CVE
CVE
added 2019/09/30 4:15 p.m.55 views

CVE-2019-10538

Lack of check of address range received from firmware response allows modem to respond arbitrary pages into its address range which can compromise HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...

10CVSS9.3AI score0.00332EPSS
CVE
CVE
added 2019/11/06 5:15 p.m.55 views

CVE-2019-10541

Dereference on uninitialized buffer can happen when parsing FLV clip with corrupted codec specific data in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MSM8909W, MSM899...

10CVSS9.4AI score0.00301EPSS
CVE
CVE
added 2019/01/03 3:29 p.m.54 views

CVE-2017-11004

A non-secure user may be able to access certain registers in snapdragon automobile, snapdragon mobile and snapdragon wear in versions IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16...

5.5CVSS5.6AI score0.00051EPSS
CVE
CVE
added 2019/11/06 5:15 p.m.54 views

CVE-2019-10491

ADSP can be compromised since it`s a general-purpose CPU processing untrusted data in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Netwo...

7.8CVSS7.7AI score0.00042EPSS
CVE
CVE
added 2019/09/30 4:15 p.m.54 views

CVE-2019-10497

Use after free issue occurs If another instance of open for voice_svc node has been called from application without closing the previous one. in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in ...

7.8CVSS8.5AI score0.0005EPSS
CVE
CVE
added 2019/02/25 11:0 p.m.52 views

CVE-2018-13912

Arbitrary write issue can occur when user provides kernel address in compat mode in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909...

5.5CVSS5.7AI score0.00106EPSS
CVE
CVE
added 2019/07/22 2:15 p.m.52 views

CVE-2019-2287

Improper validation for inputs received from firmware can lead to an out of bound write issue in video driver. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, ...

9.8CVSS9.4AI score0.00322EPSS
CVE
CVE
added 2019/02/25 11:0 p.m.51 views

CVE-2018-11820

Use of non-time constant memcmp function creates side channel that leaks information and leads to cryptographic issues in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, S...

5.5CVSS5.6AI score0.00051EPSS
CVE
CVE
added 2019/05/24 5:29 p.m.51 views

CVE-2019-2247

Possibility of double free issue while running multiple instances of smp2p test because of proper protection is missing while using global variable in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music...

7.8CVSS7.7AI score0.00042EPSS
CVE
CVE
added 2019/09/30 4:15 p.m.51 views

CVE-2019-2333

Buffer overflow due to improper validation of buffer size while IPA driver processing to perform read operation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9607, MDM9650,...

7.8CVSS8.3AI score0.00045EPSS
CVE
CVE
added 2019/02/25 11:0 p.m.50 views

CVE-2018-11289

Data truncation during higher to lower type conversion which causes less memory allocation than desired can lead to a buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Sn...

7.8CVSS7.8AI score0.00098EPSS
CVE
CVE
added 2019/05/24 5:29 p.m.50 views

CVE-2018-13920

Use-after-free condition due to Improper handling of hrtimers when the PMU driver tries to access its events in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MSM8909W, QCS605, Qualcomm 215, SD 425, SD 439 /...

7.8CVSS7.6AI score0.00041EPSS
CVE
CVE
added 2019/12/12 9:15 a.m.50 views

CVE-2019-10485

Infinite loop while decoding compressed data can lead to overrun condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, ...

7.8CVSS7.5AI score0.00245EPSS
CVE
CVE
added 2019/09/30 4:15 p.m.50 views

CVE-2019-10509

Device record of the pairing device used after free during ACL disconnection in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, MSM8996AU, QCA6574AU, QCS4...

10CVSS9.4AI score0.00266EPSS
CVE
CVE
added 2019/11/06 5:15 p.m.50 views

CVE-2019-2323

Lack of check to ensure crypto engine data passed by user is initialized can result in bus error in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM96...

10CVSS9.2AI score0.0033EPSS
CVE
CVE
added 2019/04/04 3:29 p.m.49 views

CVE-2018-11966

Undefined behavior in UE while processing unknown IEI in OTA message in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCS605, SD 210/SD 21...

7.8CVSS7.7AI score0.00033EPSS
CVE
CVE
added 2019/04/04 3:29 p.m.49 views

CVE-2018-13918

kernel could return a received message length higher than expected, which leads to buffer overflow in a subsequent operation and stops normal operation in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, in MDM9150, MDM9206, MDM9607, MDM9...

7.8CVSS7.7AI score0.00121EPSS
CVE
CVE
added 2019/11/06 5:15 p.m.49 views

CVE-2019-10522

While playing the clip which is nonstandard buffer overflow can occur while parsing in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MSM8909W, MSM8996AU,...

9.8CVSS9.6AI score0.00441EPSS
CVE
CVE
added 2019/12/12 9:15 a.m.49 views

CVE-2019-10555

Buffer overflow can occur due to usage of wrong datatype and missing length check before copying into buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdra...

7.8CVSS8.1AI score0.00054EPSS
CVE
CVE
added 2019/05/24 5:29 p.m.49 views

CVE-2019-2245

Possible integer underflow can happen when calculating length of elementary stream map from invalid packet length which is later used to read from input buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdr...

10CVSS9.2AI score0.0033EPSS
CVE
CVE
added 2019/11/06 5:15 p.m.49 views

CVE-2019-2246

Thread start can cause invalid memory writes to arbitrary memory location since the argument is passed by user to kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9205, MDM9640, MSM8996AU, QCA6574, QC...

7.8CVSS7.5AI score0.00094EPSS
CVE
CVE
added 2019/11/06 5:15 p.m.48 views

CVE-2019-10531

Incorrect reading of system image resulting in buffer overflow when size of system image is increased in Snapdragon Auto, Snapdragon Mobile, Snapdragon Wearables in MDM9607, MSM8909W, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SDM439

10CVSS9.7AI score0.00271EPSS
CVE
CVE
added 2019/07/25 5:15 p.m.48 views

CVE-2019-2235

Buffer overflow occurs when emulated RPMB is used due to sector size assumptions in the TA rollback protection logic. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,...

7.8CVSS7.8AI score0.00054EPSS
CVE
CVE
added 2019/02/25 11:0 p.m.47 views

CVE-2018-11938

Improper input validation for argument received from HLOS can lead to buffer overflows and unexpected behavior in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdrago...

7.8CVSS7.8AI score0.00062EPSS
CVE
CVE
added 2019/09/30 4:15 p.m.47 views

CVE-2019-10492

Boot image not getting verified by AVB in Snapdragon Auto, Snapdragon Mobile, Snapdragon Wearables in MDM9607, MSM8909W, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 820, SD 820A, SDM439

7.8CVSS7.7AI score0.00017EPSS
CVE
CVE
added 2019/12/12 9:15 a.m.47 views

CVE-2019-10494

Race condition between the camera functions due to lack of resource lock which will lead to memory corruption and UAF issue in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon W...

8.1CVSS8.6AI score0.00161EPSS
CVE
CVE
added 2019/11/06 5:15 p.m.47 views

CVE-2019-2258

Improper validation of array index causes OOB write and then leads to memory corruption in MMCP in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9607, MDM9615,...

10CVSS9.5AI score0.00251EPSS
CVE
CVE
added 2019/11/06 5:15 p.m.47 views

CVE-2019-2283

Improper validation of read and write index of tx and rx fifo`s before calculating pointer can lead to out-of-bound access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM920...

10CVSS9.2AI score0.00312EPSS
CVE
CVE
added 2019/12/12 9:15 a.m.47 views

CVE-2019-2288

Out of bound write in TZ while copying the secure dump structure on HLOS provided buffer as a part of memory dump in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infras...

7.8CVSS7.8AI score0.00094EPSS
CVE
CVE
added 2019/12/12 9:15 a.m.47 views

CVE-2019-2320

Possible out of bounds write in a MT SMS/SS scenario due to improper validation of array index in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, ...

10CVSS9.3AI score0.0033EPSS
CVE
CVE
added 2019/02/25 11:0 p.m.46 views

CVE-2018-11945

Improper input validation in wireless service messaging module for data received from broadcast messages can lead to heap overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mob...

9.8CVSS9.5AI score0.00354EPSS
CVE
CVE
added 2019/02/25 11:0 p.m.46 views

CVE-2018-11948

Exceeding the limit of usage entries are not tracked and the information will be lost causing the content to lose continuity in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon ...

5.5CVSS5.6AI score0.00056EPSS
CVE
CVE
added 2019/02/25 11:0 p.m.46 views

CVE-2018-13905

KGSL syncsource lock not handled properly during syncsource cleanup can lead to use after free issue in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MSM8909W, QCS605, SD 210/SD 212/SD 205, SD 439 / SD 429,...

7.8CVSS7.7AI score0.00051EPSS
CVE
CVE
added 2019/11/21 3:15 p.m.46 views

CVE-2018-13916

Out-of-bounds memory access in Qurt kernel function when using the identifier to access Qurt kernel buffer to retrieve thread data. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snap...

7.8CVSS7.7AI score0.00094EPSS
CVE
CVE
added 2019/11/06 5:15 p.m.46 views

CVE-2019-10504

Firmware not able to send EXT scan response to host within 1 sec due to resource consumption issue in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MSM8909W, Qualcomm 215, SD 210/SD 212/SD 205, SD 42...

6.5CVSS6.6AI score0.00249EPSS
CVE
CVE
added 2019/11/06 5:15 p.m.46 views

CVE-2019-10515

DCI client which might be preemptively freed up might be accessed for transferring packets leading to kernel error in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650...

5.5CVSS5.6AI score0.00042EPSS
CVE
CVE
added 2019/12/12 9:15 a.m.46 views

CVE-2019-10530

Lack of check of data truncation on user supplied data in kernel leads to buffer overflow in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QC...

7.8CVSS8AI score0.00045EPSS
CVE
CVE
added 2019/12/12 9:15 a.m.46 views

CVE-2019-10559

Accessing data buffer beyond the available data while parsing ogg clip can lead to null-pointer dereference and then memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon V...

9.8CVSS9.6AI score0.00317EPSS
CVE
CVE
added 2019/07/25 5:15 p.m.46 views

CVE-2019-2239

Sanity checks are missing in layout which can lead to SUI Corruption or can lead to Denial of Service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voic...

5.5CVSS5.7AI score0.00044EPSS
CVE
CVE
added 2019/11/21 3:15 p.m.46 views

CVE-2019-2271

Buffer over read can happen while parsing downlink session management OTA messages if network sends un-intended values in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ...

10CVSS9.2AI score0.00374EPSS
CVE
CVE
added 2019/11/21 3:15 p.m.46 views

CVE-2019-2303

SNDCP module may access array out side its boundary when it receives malformed XID message. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ...

9.8CVSS9.3AI score0.00294EPSS
CVE
CVE
added 2019/01/03 3:29 p.m.45 views

CVE-2017-18320

QSEE unload attempt on a 3rd party TEE without previously loading results in a data abort in snapdragon automobile and snapdragon mobile in versions MSM8996AU, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / ...

7.8CVSS7.5AI score0.00038EPSS
CVE
CVE
added 2019/01/03 3:29 p.m.45 views

CVE-2017-18330

Buffer overflow in AES-CCM and AES-GCM encryption via initialization vector in snapdragon automobile, snapdragon mobile and snapdragon wear in versions IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 43...

7.8CVSS7.7AI score0.00023EPSS
CVE
CVE
added 2019/02/11 3:29 p.m.45 views

CVE-2018-11847

Malicious TA can tag QSEE kernel memory and map to EL0, there by corrupting the physical memory as well it can be used to corrupt the QSEE kernel and compromise the whole TEE in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Co...

7.8CVSS6.1AI score0.00033EPSS
CVE
CVE
added 2019/01/18 10:29 p.m.45 views

CVE-2018-5867

Lack of checking input size can lead to buffer overflow In WideVine in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, ...

7.8CVSS7.8AI score0.0004EPSS
Total number of security vulnerabilities158