Lucene search

K
QualcommSdx24 Firmware

143 matches found

CVE
CVE
added 2019/07/25 5:15 p.m.44 views

CVE-2019-2305

Out of bound access when reason code is extracted from frame data without validating the frame length in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM96...

9.8CVSS9.4AI score0.00322EPSS
CVE
CVE
added 2019/07/25 5:15 p.m.44 views

CVE-2019-2314

Possible race condition that will cause a use-after-free when writing to two sysfs entries at nearly the same time in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, QCS405, QCS605, Qualcomm 215, ...

7CVSS6.9AI score0.00038EPSS
CVE
CVE
added 2019/11/06 5:15 p.m.44 views

CVE-2019-2324

When ADSP is compromised, the audio port index that`s returned from ADSP might be out of the valid range and leads to out of boundary access in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, ...

10CVSS9.2AI score0.00251EPSS
CVE
CVE
added 2019/07/25 5:15 p.m.44 views

CVE-2019-2330

improper input validation in allocation request for secure allocations can lead to page fault. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networkin...

5.5CVSS5.7AI score0.00042EPSS
CVE
CVE
added 2019/11/06 5:15 p.m.44 views

CVE-2019-2332

Memory corruption while accessing the memory as payload size is not validated before access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM...

10CVSS9.5AI score0.0033EPSS
CVE
CVE
added 2019/09/30 4:15 p.m.44 views

CVE-2019-2341

Buffer overflow when the audio buffer size provided by user is larger than the maximum allowable audio buffer size. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM915...

7.8CVSS8.5AI score0.00045EPSS
CVE
CVE
added 2019/02/11 3:29 p.m.43 views

CVE-2018-11899

While processing radio connection status change events, Radio index is not properly validated in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile and Snapdragon Voice & Music in versions MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, SD...

7.8CVSS7.7AI score0.00043EPSS
CVE
CVE
added 2019/01/18 10:29 p.m.43 views

CVE-2018-11999

Improper input validation in trustzone can lead to denial of service in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 636, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDM630...

5.5CVSS5.9AI score0.00046EPSS
CVE
CVE
added 2019/01/18 10:29 p.m.43 views

CVE-2018-3595

Anti-rollback can be bypassed in replay scenario during app loading due to improper error handling of RPMB writes in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 712...

5.5CVSS6AI score0.00055EPSS
CVE
CVE
added 2019/09/30 4:15 p.m.43 views

CVE-2019-10498

Buffer overflow scenario if the client sends more than 5 io_vec requests to the server in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640,...

7.8CVSS8.3AI score0.00054EPSS
CVE
CVE
added 2019/09/30 4:15 p.m.43 views

CVE-2019-10501

Possible use after free issue due to improper input validation in volume listener library in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MS...

7.8CVSS8.2AI score0.00101EPSS
CVE
CVE
added 2019/12/12 9:15 a.m.43 views

CVE-2019-10571

Snapshot of IB can lead to invalid address access due to missing check for size in the related function in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon W...

7.8CVSS7.6AI score0.00043EPSS
CVE
CVE
added 2019/07/25 5:15 p.m.43 views

CVE-2019-2240

While sending the rendered surface content to the screen, Error handling is not properly checked results in an unpredictable behaviour in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, S...

5.5CVSS5.7AI score0.00048EPSS
CVE
CVE
added 2019/07/25 5:15 p.m.43 views

CVE-2019-2298

Protection is missing while accessing md sessions info via macro which can lead to use-after-free in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9...

7.8CVSS7.6AI score0.00044EPSS
CVE
CVE
added 2019/07/25 5:15 p.m.43 views

CVE-2019-2301

Possibility of out-of-bound read if id received from SPI is not in range of FIFO in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, MSM8909W, MSM8996...

7.8CVSS7.6AI score0.00042EPSS
CVE
CVE
added 2019/11/06 5:15 p.m.43 views

CVE-2019-2331

Possible Integer overflow because of subtracting two integers without checking if the result would overflow or not in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150...

10CVSS9.5AI score0.0033EPSS
CVE
CVE
added 2019/01/03 3:29 p.m.42 views

CVE-2017-18141

When a 3rd party TEE has been loaded it is possible for the non-secure world to create a secure monitor call which will give it access to privileged functions meant to only be accessible from the TEE in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions IPQ8074, MDM9206, MDM96...

7.8CVSS7.6AI score0.00038EPSS
CVE
CVE
added 2019/01/18 10:29 p.m.42 views

CVE-2017-8276

Improper authorization involving a fuse in TrustZone in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52...

7.8CVSS7.5AI score0.00042EPSS
CVE
CVE
added 2019/11/21 3:15 p.m.42 views

CVE-2019-2266

Possible double free issue in kernel while handling the camera sensor and its sub modules power sequence in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Net...

7.8CVSS7.6AI score0.00043EPSS
CVE
CVE
added 2019/11/21 3:15 p.m.42 views

CVE-2019-2289

Lack of integrity check allows MODEM to accept any NAS messages which can result into authentication bypass of NAS in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009...

10CVSS9.4AI score0.00054EPSS
CVE
CVE
added 2019/11/21 3:15 p.m.42 views

CVE-2019-2297

Buffer overflow can occur while processing non-standard NAN message from user space. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in A...

7.8CVSS7.8AI score0.00054EPSS
CVE
CVE
added 2019/07/25 5:15 p.m.42 views

CVE-2019-2299

An out-of-bound write can be triggered by a specially-crafted command supplied by a userspace application. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructu...

7.8CVSS7.8AI score0.00042EPSS
CVE
CVE
added 2019/07/25 5:15 p.m.42 views

CVE-2019-2326

Data token is received from ADSP and is used without validation as an index into the array leads to out of bound access in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearab...

7.8CVSS8.2AI score0.00035EPSS
CVE
CVE
added 2019/02/25 11:0 p.m.41 views

CVE-2018-13913

Improper validation of array index can lead to unauthorized access while processing debugFS in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in version MDM9150, MDM9206, MDM9607, MDM9640, MDM965...

7.8CVSS7.6AI score0.0005EPSS
CVE
CVE
added 2019/11/21 3:15 p.m.41 views

CVE-2019-10490

Use after free issue in Xtra daemon shutdown due to static object instance getting freed from a multiple places in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdrago...

5.5CVSS5.9AI score0.00102EPSS
CVE
CVE
added 2019/12/12 9:15 a.m.41 views

CVE-2019-10511

Possibility of memory overflow while decoding GSNDCP compressed mode PDU in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MD...

10CVSS9.5AI score0.00312EPSS
CVE
CVE
added 2019/11/06 5:15 p.m.41 views

CVE-2019-10524

Lack of check for a negative value returned for get_clk is wrongly interpreted as valid pointer and lead to use after free in clk driver in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM...

7.8CVSS7.8AI score0.0005EPSS
CVE
CVE
added 2019/11/06 5:15 p.m.41 views

CVE-2019-2302

While processing vendor command which contains corrupted channel count, an integer overflow occurs and finally will lead to heap overflow. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Musi...

9.8CVSS9.6AI score0.00402EPSS
CVE
CVE
added 2019/07/25 5:15 p.m.41 views

CVE-2019-2328

Possible buffer overflow when number of channels passed is more than size of channel mapping array in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM96...

7.8CVSS8.5AI score0.00037EPSS
CVE
CVE
added 2019/02/25 11:0 p.m.40 views

CVE-2018-13900

Use-after-free vulnerability will occur as there is no protection for the route table`s rule in IPA driver in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in versions MDM9150, MDM9206, MDM9607, MDM9640, MDM965...

7.8CVSS7.7AI score0.00051EPSS
CVE
CVE
added 2019/07/25 5:15 p.m.40 views

CVE-2019-2241

While rendering the layout background, Error status check is not caught properly and also incorrect status handling is being done leading to unintended SUI behaviour in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IO...

5.5CVSS5.7AI score0.00048EPSS
CVE
CVE
added 2019/12/12 9:15 a.m.40 views

CVE-2019-2321

Incorrect length used while validating the qsee log buffer sent from HLOS which could then lead to remap conflict in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdr...

7.8CVSS7.8AI score0.00033EPSS
CVE
CVE
added 2019/07/25 5:15 p.m.39 views

CVE-2019-2312

When handling the vendor command there exists a potential buffer overflow due to lack of input validation of data buffer received in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9...

7.8CVSS7.9AI score0.00045EPSS
CVE
CVE
added 2019/01/18 10:29 p.m.38 views

CVE-2018-5868

Lack of checking input size can lead to buffer overflow In WideVine in snapdragon automobile and snapdragon mobile in versions MSM8996AU, SD 425, SD 430, SD 450, SD 625, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDX24, SXR1130

7.8CVSS7.8AI score0.0004EPSS
CVE
CVE
added 2019/12/12 9:15 a.m.38 views

CVE-2019-2338

Crafted image that has a valid signature from a non-QC entity can be loaded which can read/write memory that belongs to the secure world in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastru...

7.1CVSS7AI score0.00043EPSS
CVE
CVE
added 2019/12/12 9:15 a.m.37 views

CVE-2019-10484

Use after free issue occurs when command destructors access dynamically allocated response buffer which is already deallocated during previous command teardwon sequence in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & ...

5.5CVSS6.2AI score0.00049EPSS
CVE
CVE
added 2019/11/06 5:15 p.m.37 views

CVE-2019-10512

Payload size is not checked before using it as array index in audio in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ401...

7.8CVSS7.7AI score0.00042EPSS
CVE
CVE
added 2019/12/12 9:15 a.m.37 views

CVE-2019-2337

While Skipping unknown IES, EMM is reading the buffer even if the no of bytes to read are more than message length which may cause device to shutdown in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ80...

7.8CVSS7.6AI score0.00369EPSS
CVE
CVE
added 2019/11/21 3:15 p.m.36 views

CVE-2019-10486

Race condition due to the lack of resource lock which will be concurrently modified in the memcpy statement leads to out of bound access in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdrago...

7CVSS7.5AI score0.00033EPSS
CVE
CVE
added 2019/07/25 5:15 p.m.36 views

CVE-2019-2293

Pointer dereference while freeing IFE resources due to lack of length check of in port resource. in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, QCS405, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 6...

7.8CVSS7.6AI score0.00042EPSS
CVE
CVE
added 2019/07/25 5:15 p.m.36 views

CVE-2019-2345

Race condition while accessing DMA buffer in jpeg driver in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MSM8909W, MSM8996AU, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 712 / SD 710 /...

7CVSS7.1AI score0.00033EPSS
CVE
CVE
added 2019/05/24 5:29 p.m.33 views

CVE-2018-11925

Data length received from firmware is not validated against the max allowed size which can result in buffer overflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, IP...

7.8CVSS7.8AI score0.00037EPSS
CVE
CVE
added 2019/09/30 4:15 p.m.33 views

CVE-2019-2284

Possible use-after-free issue due to a race condition while calling camera ioctl concurrently in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, QCS405, QCS605, Qualcomm 215, SD 425, SD 439 / SD 4...

7CVSS8.1AI score0.00038EPSS
Total number of security vulnerabilities143