Total
399 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-5917 | 1 Qualcomm | 28 Msm8996au, Msm8996au Firmware, Sd 425 and 25 more | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| Possible buffer overflow in OEM crypto function due to improper input validation in Snapdragon Automobile, Snapdragon Mobile in versions MSM8996AU, SD 425, SD 430, SD 450, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24, SXR1130. | |||||
| CVE-2017-18171 | 1 Qualcomm | 50 Qca9379, Qca9379 Firmware, Sd 205 and 47 more | 2024-02-04 | 8.3 HIGH | 8.8 HIGH |
| Improper input validation for GATT data packet received in Bluetooth Controller function can lead to possible memory corruption in Snapdragon Mobile in version QCA9379, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, SD 850, SDM630, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016. | |||||
| CVE-2018-13912 | 1 Qualcomm | 72 Mdm9150, Mdm9150 Firmware, Mdm9206 and 69 more | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
| Arbitrary write issue can occur when user provides kernel address in compat mode in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24. | |||||
| CVE-2018-11289 | 1 Qualcomm | 84 Ipq8074, Ipq8074 Firmware, Mdm9150 and 81 more | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| Data truncation during higher to lower type conversion which causes less memory allocation than desired can lead to a buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in versions IPQ8074, MDM9150, MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, QCA8081, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130. | |||||
| CVE-2018-11849 | 1 Qualcomm | 86 Ipq8074, Ipq8074 Firmware, Mdm9206 and 83 more | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| Lack of check on out of range of bssid parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, QCA9886, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016 | |||||
| CVE-2018-11932 | 1 Qualcomm | 40 Mdm9650, Mdm9650 Firmware, Mdm9655 and 37 more | 2024-02-04 | 6.4 MEDIUM | 9.1 CRITICAL |
| Improper input validation can lead RW access to secure subsystem from HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in versions MDM9650, MDM9655, MSM8996AU, QCS605, SD 410/12, SD 615/16/SD 415, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SXR1130. | |||||
| CVE-2018-5877 | 1 Qualcomm | 32 Mdm9206, Mdm9206 Firmware, Mdm9607 and 29 more | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| In the device programmer target-side code for firehose, a string may not be properly NULL terminated can lead to a incorrect buffer size in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 600, SD 820, SD 820A, SD 835, SDA660, SDX20. | |||||
| CVE-2017-18295 | 1 Qualcomm | 38 Mdm9206, Mdm9206 Firmware, Mdm9607 and 35 more | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| Possible buffer overflow if input is not null terminated in DSP Service module in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SDX20. | |||||
| CVE-2018-5914 | 1 Qualcomm | 28 Mdm9206, Mdm9206 Firmware, Mdm9607 and 25 more | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| Improper input validation in TZ led to array out of bound in TZ function while accessing the peripheral details using the incoming data in Snapdragon Mobile, Snapdragon Wear version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SDA660. | |||||
| CVE-2017-18331 | 1 Qualcomm | 22 Mdm9206, Mdm9206 Firmware, Mdm9607 and 19 more | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| Improper access control on secure display buffers in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 820, SD 820A, SD 835, SDA660 | |||||
| CVE-2018-13913 | 1 Qualcomm | 82 Mdm9150, Mdm9150 Firmware, Mdm9206 and 79 more | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
| Improper validation of array index can lead to unauthorized access while processing debugFS in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in version MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24. | |||||
| CVE-2018-11931 | 1 Qualcomm | 80 Mdm9150, Mdm9150 Firmware, Mdm9206 and 77 more | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| Improper access to HLOS is possible while transferring memory to CPZ in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in versions MDM9150, MDM9206, MDM9607, MDM9650, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130. | |||||
| CVE-2018-11938 | 1 Qualcomm | 90 Ipq8074, Ipq8074 Firmware, Mdm9150 and 87 more | 2024-02-04 | 4.6 MEDIUM | 7.8 HIGH |
| Improper input validation for argument received from HLOS can lead to buffer overflows and unexpected behavior in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in versions IPQ8074, MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCA8081, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130. | |||||
| CVE-2018-11945 | 1 Qualcomm | 100 Mdm9150, Mdm9150 Firmware, Mdm9206 and 97 more | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
| Improper input validation in wireless service messaging module for data received from broadcast messages can lead to heap overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in versions MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130. | |||||
| CVE-2017-18304 | 2 Qaulcomm, Qualcomm | 52 Fsm9055, Fsm9055 Firmware, Mdm9206 and 49 more | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| Insufficient memory allocation in boot due to incorrect size being passed could result in out of bounds access in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in version FSM9055, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660 and SDX20 | |||||
| CVE-2018-11880 | 1 Qualcomm | 8 Sd 835, Sd 835 Firmware, Sd 845 and 5 more | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| Incorrect bound check can lead to potential buffer overwrite in WLAN function in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660. | |||||
| CVE-2018-11856 | 1 Qualcomm | 6 Sd 835, Sd 835 Firmware, Sd 845 and 3 more | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| Improper input validation leads to buffer overwrite in the WLAN function that handles WMI commands in Snapdragon Mobile in version SD 835, SD 845, SD 850. | |||||
| CVE-2017-18323 | 1 Qualcomm | 70 Mdm9206, Mdm9206 Firmware, Mdm9607 and 67 more | 2024-02-04 | 2.1 LOW | 5.5 MEDIUM |
| Cryptographic key material leaked in TDSCDMA RRC debug messages in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDX20, SXR1130. | |||||
| CVE-2018-11857 | 1 Qualcomm | 6 Sd 835, Sd 835 Firmware, Sd 845 and 3 more | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| Improper input validation in WLAN encrypt/decrypt module can lead to a buffer copy in Snapdragon Mobile in version SD 835, SD 845, SD 850 | |||||
| CVE-2018-11847 | 1 Qualcomm | 66 Ipq8074, Ipq8074 Firmware, Mdm9206 and 63 more | 2024-02-04 | 7.2 HIGH | 7.8 HIGH |
| Malicious TA can tag QSEE kernel memory and map to EL0, there by corrupting the physical memory as well it can be used to corrupt the QSEE kernel and compromise the whole TEE in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables and Snapdragon Wired Infrastructure and Networking in versions IPQ8074, MDM9206, MDM9607, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCA8081, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 650/52, SD 820, SD 820A, SD 835, SD 8CX, SDM439 and Snapdragon_High_Med_2016 | |||||