Lucene search

K
QualcommSdx24 Firmware

475 matches found

CVE
CVE
added 2021/04/07 8:15 a.m.44 views

CVE-2020-11252

Trustzone initialization code will disable xPU`s when memory dumps are enabled and lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infras...

7.2CVSS5.6AI score0.00043EPSS
CVE
CVE
added 2021/05/07 9:15 a.m.44 views

CVE-2020-11288

Out of bound write can occur in playready while processing command due to lack of input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

7.8CVSS7.8AI score0.00033EPSS
CVE
CVE
added 2020/06/22 7:15 a.m.44 views

CVE-2020-3614

Possible buffer overflow while copying the frame to local buffer due to lack of check of length before copying in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdrago...

9.8CVSS9.2AI score0.00309EPSS
CVE
CVE
added 2020/11/02 7:15 a.m.44 views

CVE-2020-3684

u'QSEE reads the access permission policy for the SMEM TOC partition from the SMEM TOC contents populated by XBL Loader and applies them without validation' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdr...

7.8CVSS7.7AI score0.00018EPSS
CVE
CVE
added 2021/09/08 12:15 p.m.44 views

CVE-2021-1916

Possible buffer underflow due to lack of check for negative indices values when processing user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

10CVSS9.4AI score0.00243EPSS
CVE
CVE
added 2022/01/03 8:15 a.m.44 views

CVE-2021-30270

Possible null pointer dereference in thread profile trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdrago...

7.8CVSS7.7AI score0.00031EPSS
CVE
CVE
added 2022/01/03 8:15 a.m.44 views

CVE-2021-30271

Possible null pointer dereference in trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, ...

7.8CVSS7.7AI score0.00031EPSS
CVE
CVE
added 2023/01/09 8:15 a.m.44 views

CVE-2022-33286

Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames.

7.5CVSS6.7AI score0.00123EPSS
CVE
CVE
added 2019/02/11 3:29 p.m.43 views

CVE-2018-11899

While processing radio connection status change events, Radio index is not properly validated in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile and Snapdragon Voice & Music in versions MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, SD...

7.8CVSS7.7AI score0.00043EPSS
CVE
CVE
added 2019/01/18 10:29 p.m.43 views

CVE-2018-11999

Improper input validation in trustzone can lead to denial of service in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 636, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDM630...

5.5CVSS5.9AI score0.00046EPSS
CVE
CVE
added 2019/01/18 10:29 p.m.43 views

CVE-2018-3595

Anti-rollback can be bypassed in replay scenario during app loading due to improper error handling of RPMB writes in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 712...

5.5CVSS6AI score0.00055EPSS
CVE
CVE
added 2019/09/30 4:15 p.m.43 views

CVE-2019-10498

Buffer overflow scenario if the client sends more than 5 io_vec requests to the server in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640,...

7.8CVSS8.3AI score0.00054EPSS
CVE
CVE
added 2019/09/30 4:15 p.m.43 views

CVE-2019-10501

Possible use after free issue due to improper input validation in volume listener library in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MS...

7.8CVSS8.2AI score0.00101EPSS
CVE
CVE
added 2020/03/05 9:15 a.m.43 views

CVE-2019-10526

Out of bound write in WLAN driver due to NULL character not properly placed after SSID name in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8009, APQ8017, APQ8...

10CVSS9.3AI score0.0033EPSS
CVE
CVE
added 2019/12/12 9:15 a.m.43 views

CVE-2019-10571

Snapshot of IB can lead to invalid address access due to missing check for size in the related function in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon W...

7.8CVSS7.6AI score0.00043EPSS
CVE
CVE
added 2020/04/16 11:15 a.m.43 views

CVE-2019-10610

Possible buffer over read when trying to process SDP message Video media line with frame-size attribute in video Media line in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables i...

9.4CVSS9AI score0.00239EPSS
CVE
CVE
added 2020/09/08 10:15 a.m.43 views

CVE-2019-14052

u'Accessing an uninitialized data structure could result in partially copying of contents and thus incorrect processing' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017,...

10CVSS9.3AI score0.0033EPSS
CVE
CVE
added 2020/06/22 7:15 a.m.43 views

CVE-2019-14062

Buffer overflows while decoding setup message from Network due to lack of check of IE message length received from network in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in...

10CVSS9.3AI score0.00356EPSS
CVE
CVE
added 2020/03/05 9:15 a.m.43 views

CVE-2019-14095

Buffer overflow occurs while processing LMP packet in which name length parameter exceeds value specified in BT-specification in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon...

10CVSS9.5AI score0.00379EPSS
CVE
CVE
added 2020/04/16 11:15 a.m.43 views

CVE-2019-14135

Possible integer overflow to buffer overflow in WLAN while parsing nonstandard NAN IE messages. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Mu...

7.8CVSS7.9AI score0.00035EPSS
CVE
CVE
added 2019/07/25 5:15 p.m.43 views

CVE-2019-2240

While sending the rendered surface content to the screen, Error handling is not properly checked results in an unpredictable behaviour in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, S...

5.5CVSS5.7AI score0.00048EPSS
CVE
CVE
added 2019/07/25 5:15 p.m.43 views

CVE-2019-2298

Protection is missing while accessing md sessions info via macro which can lead to use-after-free in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9...

7.8CVSS7.6AI score0.00044EPSS
CVE
CVE
added 2019/07/25 5:15 p.m.43 views

CVE-2019-2301

Possibility of out-of-bound read if id received from SPI is not in range of FIFO in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, MSM8909W, MSM8996...

7.8CVSS7.6AI score0.00042EPSS
CVE
CVE
added 2019/11/06 5:15 p.m.43 views

CVE-2019-2331

Possible Integer overflow because of subtracting two integers without checking if the result would overflow or not in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150...

10CVSS9.5AI score0.0033EPSS
CVE
CVE
added 2021/05/07 9:15 a.m.43 views

CVE-2020-11284

Locked memory can be unlocked and modified by non secure boot loader through improper system call sequence making the memory region untrusted source of input for secure boot loader in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure ...

8.4CVSS7.7AI score0.00026EPSS
CVE
CVE
added 2021/05/07 9:15 a.m.43 views

CVE-2020-11285

Buffer over-read while unpacking the RTCP packet we may read extra byte if wrong length is provided in RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapd...

9.4CVSS9AI score0.00239EPSS
CVE
CVE
added 2021/05/07 9:15 a.m.43 views

CVE-2021-1895

Possible integer overflow due to improper length check while flashing an image in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music

7.8CVSS7.8AI score0.00033EPSS
CVE
CVE
added 2021/09/09 8:15 a.m.43 views

CVE-2021-1933

UE assertion is possible due to improper validation of invite message with SDP body in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

10CVSS9.3AI score0.00251EPSS
CVE
CVE
added 2021/10/20 7:15 a.m.43 views

CVE-2021-1959

Possible memory corruption due to lack of bound check of input index in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

7.8CVSS7.5AI score0.00039EPSS
CVE
CVE
added 2022/01/03 8:15 a.m.43 views

CVE-2021-30303

Possible buffer overflow due to lack of buffer length check when segmented WMI command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &...

7.8CVSS8AI score0.00035EPSS
CVE
CVE
added 2019/01/03 3:29 p.m.42 views

CVE-2017-18141

When a 3rd party TEE has been loaded it is possible for the non-secure world to create a secure monitor call which will give it access to privileged functions meant to only be accessible from the TEE in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions IPQ8074, MDM9206, MDM96...

7.8CVSS7.6AI score0.00038EPSS
CVE
CVE
added 2019/01/18 10:29 p.m.42 views

CVE-2017-8276

Improper authorization involving a fuse in TrustZone in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52...

7.8CVSS7.5AI score0.00042EPSS
CVE
CVE
added 2018/11/28 3:29 p.m.42 views

CVE-2018-11921

Failure condition is not handled properly and the correct error code is not returned. It could cause unintended SUI behavior and create unintended SUI display in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 4...

7.8CVSS7.7AI score0.00038EPSS
CVE
CVE
added 2020/03/05 9:15 a.m.42 views

CVE-2019-14031

Buffer overflow can occur while parsing RSN IE containing list of PMK ID`s which are more than the buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdrago...

10CVSS9.6AI score0.00427EPSS
CVE
CVE
added 2020/04/16 11:15 a.m.42 views

CVE-2019-14033

Multiple Read overflows issue due to improper length check while decoding tau reject/tau accept/detach request/attach reject/attach accept in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096, APQ8096...

9.4CVSS9.1AI score0.00239EPSS
CVE
CVE
added 2020/03/05 9:15 a.m.42 views

CVE-2019-14068

Out of bound access in msm routing due to lack of check of size before accessing in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, ...

7.8CVSS7.6AI score0.00033EPSS
CVE
CVE
added 2020/06/22 7:15 a.m.42 views

CVE-2019-14076

Buffer overflow occurs while processing an subsample data length out of range due to lack of user input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infra...

7.8CVSS7.8AI score0.00054EPSS
CVE
CVE
added 2020/07/30 12:15 p.m.42 views

CVE-2019-14099

Device misbehavior may be observed when incorrect offset, length or number of buffers is passed by user space in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8053, MDM9206, MDM9207C, ...

7.8CVSS8.2AI score0.0011EPSS
CVE
CVE
added 2020/09/08 10:15 a.m.42 views

CVE-2019-14119

u'While processing SMCInvoke asynchronous message header, message count is modified leading to a TOCTOU race condition and lead to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Vo...

7CVSS6.9AI score0.0003EPSS
CVE
CVE
added 2019/11/21 3:15 p.m.42 views

CVE-2019-2266

Possible double free issue in kernel while handling the camera sensor and its sub modules power sequence in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Net...

7.8CVSS7.6AI score0.00043EPSS
CVE
CVE
added 2019/11/21 3:15 p.m.42 views

CVE-2019-2289

Lack of integrity check allows MODEM to accept any NAS messages which can result into authentication bypass of NAS in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009...

10CVSS9.4AI score0.00054EPSS
CVE
CVE
added 2019/11/21 3:15 p.m.42 views

CVE-2019-2297

Buffer overflow can occur while processing non-standard NAN message from user space. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in A...

7.8CVSS7.8AI score0.00054EPSS
CVE
CVE
added 2019/07/25 5:15 p.m.42 views

CVE-2019-2299

An out-of-bound write can be triggered by a specially-crafted command supplied by a userspace application. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructu...

7.8CVSS7.8AI score0.00042EPSS
CVE
CVE
added 2019/07/25 5:15 p.m.42 views

CVE-2019-2326

Data token is received from ADSP and is used without validation as an index into the array leads to out of bound access in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearab...

7.8CVSS8.2AI score0.00035EPSS
CVE
CVE
added 2020/09/08 10:15 a.m.42 views

CVE-2020-3621

u'Lack of check to ensure that the TX read index & RX write index that are read from shared memory are less than the FIFO size results into memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectiv...

5.5CVSS5.7AI score0.00113EPSS
CVE
CVE
added 2020/04/16 11:15 a.m.42 views

CVE-2020-3651

Active command timeout since WM status change cmd is not removed from active queue if peer sends multiple deauth frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Mu...

7.8CVSS7.8AI score0.00245EPSS
CVE
CVE
added 2021/09/09 8:15 a.m.42 views

CVE-2021-1909

Buffer overflow occurs in trusted applications due to lack of length check of parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapd...

7.8CVSS7.8AI score0.00035EPSS
CVE
CVE
added 2021/11/12 7:15 a.m.42 views

CVE-2021-1921

Possible memory corruption due to Improper handling of hypervisor unmap operations for concurrent memory operations in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

7.8CVSS7.2AI score0.0003EPSS
CVE
CVE
added 2022/01/03 8:15 a.m.42 views

CVE-2021-30267

Possible integer overflow to buffer overflow due to improper input validation in FTM ARA commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

7.8CVSS8AI score0.00054EPSS
CVE
CVE
added 2022/01/03 8:15 a.m.42 views

CVE-2021-30268

Possible heap Memory Corruption Issue due to lack of input validation when sending HWTC IQ Capture command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

7.8CVSS7.8AI score0.00039EPSS
Total number of security vulnerabilities475