Lucene search

K
QualcommSdx20 Firmware

164 matches found

CVE
CVE
added 2019/06/14 5:29 p.m.265 views

CVE-2018-11934

Possible out of bounds write due to improper input validation while processing DO_ACS vendor command in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM964...

7.8CVSS7.8AI score0.00042EPSS
CVE
CVE
added 2019/06/14 5:29 p.m.260 views

CVE-2018-5911

Buffer overflow in WLAN function due to improper check of buffer size before copying in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCS605, SD 625, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 730,...

7.8CVSS7.9AI score0.00045EPSS
CVE
CVE
added 2019/06/14 5:29 p.m.257 views

CVE-2018-13911

Out of bounds memory read and access may lead to unexpected behavior in GNSS XTRA Parser in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM961...

10CVSS9.2AI score0.0033EPSS
CVE
CVE
added 2019/06/14 5:29 p.m.255 views

CVE-2018-3583

A buffer overflow can occur while processing an extscan hotlist event in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA9379, QC...

7.8CVSS7.9AI score0.00037EPSS
CVE
CVE
added 2019/06/14 5:29 p.m.208 views

CVE-2018-11942

Failure to initialize the reserved memory which is sent to the firmware might lead to exposure of 1 byte of uninitialized kernel SKB memory to FW in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and ...

5.5CVSS5.6AI score0.00043EPSS
CVE
CVE
added 2019/06/14 5:29 p.m.205 views

CVE-2018-5903

Out of bounds read occurs due to improper validation of array while processing VDEV stop response from WLAN firmware in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, ...

7.8CVSS7.6AI score0.00022EPSS
CVE
CVE
added 2019/06/14 5:29 p.m.202 views

CVE-2018-11947

The txrx stats req might be double freed in the pdev detach when the host driver is unloading in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networ...

5.5CVSS5.7AI score0.00043EPSS
CVE
CVE
added 2019/06/14 5:29 p.m.201 views

CVE-2018-11955

Lack of check on length of reason-code fetched from payload may lead driver access the memory not allocated to the frame and results in out of bound read in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon ...

9.8CVSS9.1AI score0.00322EPSS
CVE
CVE
added 2019/06/14 5:29 p.m.199 views

CVE-2018-13906

The HMAC authenticating the message from QSEE is vulnerable to timing side channel analysis leading to potentially forged application message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial...

9.1CVSS9AI score0.00233EPSS
CVE
CVE
added 2019/06/14 5:29 p.m.199 views

CVE-2018-13907

While deserializing any key blob during key operations, buffer overflow could occur, exposing partial key information if any key operations are invoked in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon ...

5.3CVSS5.6AI score0.00385EPSS
CVE
CVE
added 2019/06/14 5:29 p.m.191 views

CVE-2018-13902

Out of bounds memory read and access due to improper array index validation may lead to unexpected behavior while decoding XTRA file in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon We...

7.5CVSS7.6AI score0.0026EPSS
CVE
CVE
added 2019/06/14 5:29 p.m.140 views

CVE-2017-8252

Kernel can inject faults in computations during the execution of TrustZone leading to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon ...

5.5CVSS5.5AI score0.0004EPSS
CVE
CVE
added 2019/06/14 5:29 p.m.134 views

CVE-2018-11929

Lack of input validation in WLAN function can lead to potential heap overflow in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCS405, QCS605, SD 425, SD 427, SD 430, SD 435...

7.8CVSS7.8AI score0.00045EPSS
CVE
CVE
added 2019/06/14 5:29 p.m.132 views

CVE-2019-2257

Wrong permissions in configuration file can lead to unauthorized permission in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9607, MDM9650, MSM8909W, MSM8...

7.8CVSS7.6AI score0.00021EPSS
CVE
CVE
added 2019/06/14 5:29 p.m.130 views

CVE-2018-13919

Use-after-free vulnerability will occur if reset of the routing table encounters an invalid rule id while processing command to reset in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9...

7.8CVSS7.7AI score0.00041EPSS
CVE
CVE
added 2019/06/14 5:29 p.m.128 views

CVE-2018-5883

Buffer overflow in WLAN driver event handlers due to improper validation of array index in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCS405, QCS605, SD 636, SD 675, SD 730, SD 82...

7.8CVSS7.8AI score0.00037EPSS
CVE
CVE
added 2019/06/14 5:29 p.m.126 views

CVE-2018-11819

Use after issue in WLAN function due to multiple ACS scan requests at a time in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 675, SD 730, SD 820A, S...

7.8CVSS7.8AI score0.00042EPSS
CVE
CVE
added 2019/06/14 5:29 p.m.126 views

CVE-2018-11939

Use after issue in WLAN function due to multiple ACS scan requests at a time in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, QCA6574AU, SD 210/SD 212/SD 205, SD 615/16/SD 415, SD 625, SD 650/52, SD 8...

7.8CVSS7.8AI score0.00042EPSS
CVE
CVE
added 2019/07/25 5:15 p.m.111 views

CVE-2019-2308

User application could potentially make RPC call to the fastrpc driver and the driver will allow the message to go through to the remote subsystem in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MD...

7.8CVSS7.5AI score0.00035EPSS
CVE
CVE
added 2019/11/06 5:15 p.m.110 views

CVE-2019-10529

Possible use after free issue due to race condition while attempting to mark the entry pages as dirty using function set_page_dirty() in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon W...

9.3CVSS8.1AI score0.09057EPSS
CVE
CVE
added 2019/12/18 6:15 a.m.102 views

CVE-2019-10600

Use of local variable as argument to netlink CB callback goes out of it scope when callback triggered lead to invalid stack memory in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wi...

7.8CVSS7.6AI score0.00094EPSS
CVE
CVE
added 2019/12/18 6:15 a.m.100 views

CVE-2019-10525

Buffer overflow during SIB read when network configures complete sib list along with first and last segment of other SIB in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in A...

10CVSS9.4AI score0.00356EPSS
CVE
CVE
added 2019/12/18 6:15 a.m.100 views

CVE-2019-10557

Out-of-bound read in the wireless driver in the Linux kernel due to lack of check of buffer length. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8009, APQ8017, APQ8053, APQ8096...

10CVSS8.9AI score0.0033EPSS
CVE
CVE
added 2019/12/18 6:15 a.m.99 views

CVE-2019-10598

Out of bound access can occur while processing peer info in IBSS connection mode due to lack of upper bounds check to ensure that for loop further will not cause an overflow in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdra...

7.8CVSS7.8AI score0.00094EPSS
CVE
CVE
added 2019/12/18 6:15 a.m.96 views

CVE-2018-11980

When a fake broadcast/multicast 11w rmf without mmie received, since no proper length check in wma_process_bip, buffer overflow will happen in both cds_is_mmie_valid and qdf_nbuf_trim_tail in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industri...

7.8CVSS7.9AI score0.00121EPSS
CVE
CVE
added 2019/12/18 6:15 a.m.96 views

CVE-2019-10480

Out of bound write can happen in WMI firmware event handler due to lack of validation of data received from WLAN firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music...

7.8CVSS7.7AI score0.00094EPSS
CVE
CVE
added 2019/12/18 6:15 a.m.96 views

CVE-2019-2242

Device memory may get corrupted because of buffer overflow/underflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ800...

10CVSS9.4AI score0.00379EPSS
CVE
CVE
added 2019/12/18 6:15 a.m.95 views

CVE-2019-10595

Possible buffer overwrite in message handler due to lack of validation of tid value calculated from packets received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voic...

7.8CVSS7.8AI score0.00094EPSS
CVE
CVE
added 2019/12/18 6:15 a.m.94 views

CVE-2019-10487

Buffer over read can happen while parsing SMS OTA messages at transport layer if network sends un-intended values in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009,...

10CVSS9.2AI score0.00396EPSS
CVE
CVE
added 2019/12/18 6:15 a.m.94 views

CVE-2019-10517

Memory is being freed up twice when two concurrent threads are executing in parallel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096, A...

7.8CVSS7.7AI score0.00043EPSS
CVE
CVE
added 2019/12/18 6:15 a.m.94 views

CVE-2019-10614

Out of boundary access is possible as there is no validation of data accessed against the received size of the packet in case of malicious firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Indu...

9.8CVSS9.4AI score0.00294EPSS
CVE
CVE
added 2019/12/18 6:15 a.m.93 views

CVE-2019-10518

Use after free of a pointer in iWLAN scenario during netmgr state transition to CONNECT in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and ...

7.8CVSS8.4AI score0.00044EPSS
CVE
CVE
added 2019/12/18 6:15 a.m.93 views

CVE-2019-10536

Potential double free scenario if driver receives another DIAG_EVENT_LOG_SUPPORTED event from firmware as the pointer is not set to NULL on first call in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon...

7.8CVSS7.7AI score0.00033EPSS
CVE
CVE
added 2019/12/18 6:15 a.m.91 views

CVE-2019-10572

Improper check in video driver while processing data from video firmware can lead to integer overflow and then buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdrago...

9.8CVSS9.6AI score0.00363EPSS
CVE
CVE
added 2019/12/18 6:15 a.m.91 views

CVE-2019-10607

Out of bounds memcpy can occur by providing the embedded NULL character string and length greater than the actual string length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdrag...

7.8CVSS7.7AI score0.00094EPSS
CVE
CVE
added 2019/12/18 6:15 a.m.91 views

CVE-2019-2274

Improper Access Control for RPU write access from secure processor in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in...

7.8CVSS7.8AI score0.00094EPSS
CVE
CVE
added 2019/12/18 6:15 a.m.86 views

CVE-2019-10516

Multiple read overflows in MM while decoding service accept,service reject,attach reject and MT detach in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, A...

10CVSS9.2AI score0.0033EPSS
CVE
CVE
added 2019/12/18 6:15 a.m.86 views

CVE-2019-10584

Possibility of out of bound access in debug queue, if packet size field is corrupted in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdr...

7.8CVSS8.2AI score0.00043EPSS
CVE
CVE
added 2019/12/18 6:15 a.m.83 views

CVE-2019-10500

While processing MT Secondary PDP request, Buffer overflow will happen due to incorrect calculation of buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009...

10CVSS9.5AI score0.00356EPSS
CVE
CVE
added 2019/12/18 6:15 a.m.83 views

CVE-2019-10605

Buffer overwrite can occur in IEEE80211 header filling function due to lack of range check of array index received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice ...

7.8CVSS7.7AI score0.00094EPSS
CVE
CVE
added 2019/12/18 6:15 a.m.81 views

CVE-2019-10544

Improper length check on source buffer to handle userspace data received can lead to out-of-bound access in diag handlers in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snap...

7.8CVSS8.3AI score0.00043EPSS
CVE
CVE
added 2019/05/24 5:29 p.m.74 views

CVE-2018-13885

Possible memory overread may be lead to access of sensitive data in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9650, MDM9655, QCS605, Qualcomm 215, SD 2...

5.5CVSS5.7AI score0.00045EPSS
CVE
CVE
added 2019/07/22 2:15 p.m.73 views

CVE-2019-2260

A race condition occurs while processing perf-event which can lead to a use after free condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM96...

7CVSS7AI score0.00032EPSS
CVE
CVE
added 2019/05/24 5:29 p.m.71 views

CVE-2018-13886

Unchecked OTA field in GNSS XTRA3 lead to integer overflow and then buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Weara...

10CVSS9.6AI score0.00379EPSS
CVE
CVE
added 2019/05/24 5:29 p.m.70 views

CVE-2018-11930

Improper input validation on input data which is used to locate and copy the additional IEs in WLAN function can lead to potential integer truncation issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607, MDM...

10CVSS9.2AI score0.00266EPSS
CVE
CVE
added 2019/05/24 5:29 p.m.69 views

CVE-2018-11953

While processing ssid IE length from remote AP, possible out-of-bounds access may occur due to crafted ssid IE length in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Sn...

10CVSS9.2AI score0.00266EPSS
CVE
CVE
added 2019/05/24 5:29 p.m.68 views

CVE-2018-11967

Signature verification of the skel library could potentially be disabled as the memory region on the remote subsystem in which the library is loaded is allocated from userspace currently in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial ...

7.8CVSS7.7AI score0.00035EPSS
CVE
CVE
added 2019/05/24 5:29 p.m.63 views

CVE-2018-12005

An unprivileged user can issue a binder call and cause a system halt in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS...

5.5CVSS5.7AI score0.0004EPSS
CVE
CVE
added 2019/05/24 5:29 p.m.62 views

CVE-2018-13899

Processing messages after error may result in user after free memory fault in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, QCS605, Qualcomm 2...

7.8CVSS7.8AI score0.00035EPSS
CVE
CVE
added 2019/09/30 4:15 p.m.62 views

CVE-2019-10539

Possible buffer overflow issue due to lack of length check when parsing the extended cap IE header length in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...

10CVSS9.6AI score0.00427EPSS
Total number of security vulnerabilities164