Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2013-6123

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-14 Jan, 2014 | 02:00
Updated At-06 Aug, 2024 | 17:29
Rejected At-
Credits

Multiple array index errors in drivers/media/video/msm/server/msm_cam_server.c in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to gain privileges by leveraging camera device-node access, related to the (1) msm_ctrl_cmd_done, (2) msm_ioctl_server, and (3) msm_server_send_ctrl functions.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:14 Jan, 2014 | 02:00
Updated At:06 Aug, 2024 | 17:29
Rejected At:
▼CVE Numbering Authority (CNA)

Multiple array index errors in drivers/media/video/msm/server/msm_cam_server.c in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to gain privileges by leveraging camera device-node access, related to the (1) msm_ctrl_cmd_done, (2) msm_ioctl_server, and (3) msm_server_send_ctrl functions.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://www.codeaurora.org/projects/security-advisories/out-bounds-array-access-camera-driver-cve-2013-6123
x_refsource_CONFIRM
https://www.codeaurora.org/cgit/quic/la//kernel/msm/commit/?id=60e4af06161d91d5aeaa04c7d6e9f4345a6acdd4
x_refsource_CONFIRM
https://exchange.xforce.ibmcloud.com/vulnerabilities/90505
vdb-entry
x_refsource_XF
https://www.codeaurora.org/cgit/quic/la//kernel/msm/commit/?id=7beb04ea945a7178e61d935918d3cb152996b558
x_refsource_CONFIRM
Hyperlink: https://www.codeaurora.org/projects/security-advisories/out-bounds-array-access-camera-driver-cve-2013-6123
Resource:
x_refsource_CONFIRM
Hyperlink: https://www.codeaurora.org/cgit/quic/la//kernel/msm/commit/?id=60e4af06161d91d5aeaa04c7d6e9f4345a6acdd4
Resource:
x_refsource_CONFIRM
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/90505
Resource:
vdb-entry
x_refsource_XF
Hyperlink: https://www.codeaurora.org/cgit/quic/la//kernel/msm/commit/?id=7beb04ea945a7178e61d935918d3cb152996b558
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://www.codeaurora.org/projects/security-advisories/out-bounds-array-access-camera-driver-cve-2013-6123
x_refsource_CONFIRM
x_transferred
https://www.codeaurora.org/cgit/quic/la//kernel/msm/commit/?id=60e4af06161d91d5aeaa04c7d6e9f4345a6acdd4
x_refsource_CONFIRM
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/90505
vdb-entry
x_refsource_XF
x_transferred
https://www.codeaurora.org/cgit/quic/la//kernel/msm/commit/?id=7beb04ea945a7178e61d935918d3cb152996b558
x_refsource_CONFIRM
x_transferred
Hyperlink: https://www.codeaurora.org/projects/security-advisories/out-bounds-array-access-camera-driver-cve-2013-6123
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://www.codeaurora.org/cgit/quic/la//kernel/msm/commit/?id=60e4af06161d91d5aeaa04c7d6e9f4345a6acdd4
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/90505
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: https://www.codeaurora.org/cgit/quic/la//kernel/msm/commit/?id=7beb04ea945a7178e61d935918d3cb152996b558
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:14 Jan, 2014 | 04:29
Updated At:29 Apr, 2026 | 01:13

Multiple array index errors in drivers/media/video/msm/server/msm_cam_server.c in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to gain privileges by leveraging camera device-node access, related to the (1) msm_ctrl_cmd_done, (2) msm_ioctl_server, and (3) msm_server_send_ctrl functions.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.06.9MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 6.9
Base severity: MEDIUM
Vector:
AV:L/AC:M/Au:N/C:C/I:C/A:C
CPE Matches

codeaurora
codeaurora
>>android-msm>>2.6.29
cpe:2.3:o:codeaurora:android-msm:2.6.29:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>quic_mobile_station_modem_kernel>>3.10
cpe:2.3:o:qualcomm:quic_mobile_station_modem_kernel:3.10:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primarynvd@nist.gov
CWE ID: CWE-20
Type: Primary
Source: nvd@nist.gov
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://exchange.xforce.ibmcloud.com/vulnerabilities/90505cve@mitre.org
N/A
https://www.codeaurora.org/cgit/quic/la//kernel/msm/commit/?id=60e4af06161d91d5aeaa04c7d6e9f4345a6acdd4cve@mitre.org
Exploit
Patch
https://www.codeaurora.org/cgit/quic/la//kernel/msm/commit/?id=7beb04ea945a7178e61d935918d3cb152996b558cve@mitre.org
Patch
https://www.codeaurora.org/projects/security-advisories/out-bounds-array-access-camera-driver-cve-2013-6123cve@mitre.org
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/90505af854a3a-2127-422b-91ae-364da2661108
N/A
https://www.codeaurora.org/cgit/quic/la//kernel/msm/commit/?id=60e4af06161d91d5aeaa04c7d6e9f4345a6acdd4af854a3a-2127-422b-91ae-364da2661108
Exploit
Patch
https://www.codeaurora.org/cgit/quic/la//kernel/msm/commit/?id=7beb04ea945a7178e61d935918d3cb152996b558af854a3a-2127-422b-91ae-364da2661108
Patch
https://www.codeaurora.org/projects/security-advisories/out-bounds-array-access-camera-driver-cve-2013-6123af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/90505
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://www.codeaurora.org/cgit/quic/la//kernel/msm/commit/?id=60e4af06161d91d5aeaa04c7d6e9f4345a6acdd4
Source: cve@mitre.org
Resource:
Exploit
Patch
Hyperlink: https://www.codeaurora.org/cgit/quic/la//kernel/msm/commit/?id=7beb04ea945a7178e61d935918d3cb152996b558
Source: cve@mitre.org
Resource:
Patch
Hyperlink: https://www.codeaurora.org/projects/security-advisories/out-bounds-array-access-camera-driver-cve-2013-6123
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/90505
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://www.codeaurora.org/cgit/quic/la//kernel/msm/commit/?id=60e4af06161d91d5aeaa04c7d6e9f4345a6acdd4
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Patch
Hyperlink: https://www.codeaurora.org/cgit/quic/la//kernel/msm/commit/?id=7beb04ea945a7178e61d935918d3cb152996b558
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: https://www.codeaurora.org/projects/security-advisories/out-bounds-array-access-camera-driver-cve-2013-6123
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

249Records found

CVE-2013-6122
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-6.9||MEDIUM
EPSS-0.30% / 21.42%
||
7 Day CHG~0.00%
Published-12 Nov, 2013 | 01:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

goodix_tool.c in the Goodix gt915 touchscreen driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly synchronize updates to a global variable, which allows local users to bypass intended access restrictions or cause a denial of service (memory corruption) via crafted arguments to the procfs write handler.

Action-Not Available
Vendor-n/aQualcomm Technologies, Inc.
Product-quic_mobile_station_modem_kerneln/a
CWE ID-CWE-20
Improper Input Validation
CVE-2013-2596
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-3.37% / 87.29%
||
7 Day CHG~0.00%
Published-13 Apr, 2013 | 01:00
Updated-21 Apr, 2026 | 18:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-10-06||Apply updates per vendor instructions.

Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted /dev/graphics/fb0 mmap2 system calls, as demonstrated by the Motochopper pwn program.

Action-Not Available
Vendor-n/aMotorola Mobility LLC. (Lenovo Group Limited)Qualcomm Technologies, Inc.Linux Kernel Organization, Inc
Product-razr_mmsm8960razr_hdatrix_hdandroidlinux_kerneln/aKernel
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-14072
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7||HIGH
EPSS-0.13% / 3.23%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unhandled paging request is observed due to dereferencing an already freed object because of race condition between sparse free and sparse bind ioctls which access the same physical entry in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8096AU, APQ8098, MDM9607, MSM8909W, MSM8939, MSM8953, MSM8996AU, Nicobar, QCS405, QCS605, Rennell, SA6155P, Saipan, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM450, SDM632, SDM670, SDM710, SDM845, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm429sm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150apq8009_firmwaresdm670sxr2130qcs605_firmwaresc8180xsdm670_firmwaresdx24_firmwaresda845_firmwareapq8098msm8939qcs605sdm429_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130apq8009msm8909wsda845nicobarsa6155p_firmwaremsm8953sdm450apq8098_firmwaremdm9607_firmwaresm8250_firmwaresc8180x_firmwareqcs405sdm710mdm9607sdm710_firmwaremsm8939_firmwaresa6155psm8150_firmwaresxr2130_firmwareapq8096auqcs405_firmwarerennellsda660_firmwarerennell_firmwaresdx55msm8953_firmwareapq8096au_firmwaresaipan_firmwaresm6150_firmwaresm8250sm8150nicobar_firmwaresaipansdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2019-14071
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.22% / 12.67%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Compromised reset handler may bypass access control due to AC config is being reset if debug path is enabled to collect secure or non-secure ram dumps in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8017, APQ8053, APQ8096, APQ8096AU, IPQ6018, MDM9205, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS404, QCS405, QCS605, QM215, Rennell, SA6155P, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-apq8096_firmwareqcm2150_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632apq8096sdx24sdm439qcs404_firmwaresdm429msm8940_firmwaresm7150_firmwaresm6150msm8996ausm7150msm8917sdm670sxr2130qcs605_firmwaresc8180xsdm670_firmwareqcs404sdx24_firmwaresdm636sda845_firmwareipq6018_firmwaremdm9205qcs605msm8937_firmwaresdm429_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130apq8053_firmwaresda845nicobarsdm850_firmwaresa6155p_firmwaremsm8920msm8953sdm450sdm636_firmwaremsm8998_firmwareqcm2150msm8920_firmwaresdm630sdm660sc8180x_firmwareqcs405sdm710qm215apq8017_firmwaresdm710_firmwaresa6155pmsm8937msm8996_firmwareipq6018sm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwarerennellsdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaremsm8998sm8150sdm850apq8017msm8996nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CVE-2019-14119
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7||HIGH
EPSS-0.13% / 3.25%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'While processing SMCInvoke asynchronous message header, message count is modified leading to a TOCTOU race condition and lead to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ6018, Kamorta, MDM9205, MDM9607, Nicobar, QCS404, QCS405, QCS605, QCS610, Rennell, SA415M, SA515M, SA6155P, SC7180, SC8180X, SDM670, SDM710, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-kamorta_firmwaresa6155p_firmwareqcs610sa515m_firmwaresdx24qcs404_firmwaremdm9607_firmwaresm8250_firmwaresc8180x_firmwaresa415m_firmwareqcs405sm7150_firmwaresdm710sc7180_firmwaremdm9607sm6150sdm710_firmwaresm7150sa6155psdm670qcs610_firmwaresxr2130qcs605_firmwaresc8180xipq6018sdm670_firmwareqcs404sdx24_firmwaresm8150_firmwaresxr2130_firmwareqcs405_firmwarerennellsa415msc7180mdm9205_firmwarerennell_firmwareipq6018_firmwaremdm9205sa515mqcs605sdx55sm6150_firmwaresm8250sm8150sxr1130_firmwarekamortasdx55_firmwarenicobar_firmwaresxr1130nicobarSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2019-14070
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7||HIGH
EPSS-0.14% / 3.71%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible use after free issue in pcm volume controls due to race condition exist in private data used in mixer controls in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9615, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCS605, QM215, Rennell, SA6155P, Saipan, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaresc8180xipq4019_firmwaremdm9206sdm670_firmwaresdx24_firmwareipq8074sdm636sda845_firmwareapq8098mdm9615ipq6018_firmwaremdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwareipq8064sxr1130_firmwareapq8064_firmwaresxr1130msm8909wapq8009apq8053_firmwareipq8064_firmwaresda845nicobarsa6155p_firmwaremsm8920msm8953sdm450sdm636_firmwareapq8064sdm845_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwaresc8180x_firmwareipq8074_firmwaresdm710qm215mdm9607apq8017_firmwaresdm710_firmwaresa6155pmsm8937mdm9207c_firmwaremsm8905ipq6018mdm9207csm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwarerennellsdm630_firmwaresda660_firmwarerennell_firmwareqm215_firmwareipq4019sdx55msm8953_firmwaremsm8940saipan_firmwaresm6150_firmwareapq8053msm8917_firmwareapq8096au_firmwaremsm8998sm8150sdx20_firmwaresm8250mdm9615_firmwareapq8017saipannicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-416
Use After Free
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2018-13909
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7||HIGH
EPSS-0.14% / 3.52%
||
7 Day CHG~0.00%
Published-14 Jun, 2019 | 17:02
Updated-05 Aug, 2024 | 09:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Metadata verification and partial hash system calls by bootloader may corrupt parallel hashing state in progress resulting in unexpected behavior in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9206, MDM9607, MDM9650, MDM9655, QCS605, Qualcomm 215, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 712 / SD 710 / SD 670, SD 845 / SD 850, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_427_firmwaresd_712sd_850sd_632sd_412sd_439sd_670_firmwaresd_425sd_429sdm660sd_430_firmwaremdm9607_firmwaresd_435mdm9655_firmwaremdm9650sd_636sd_710_firmwaresd_625sdm439sdm630snapdragon_high_med_2016_firmwareqm215mdm9607sd_636_firmwaresd_450_firmwaresd_845_firmwaresd_410sd_439_firmwareqcs605_firmwaresd_429_firmwaremdm9206sd_425_firmwaresnapdragon_high_med_2016sd_850_firmwaresd_625_firmwaresd_450mdm9655sdm439_firmwaresd_412_firmwaresd_712_firmwaresdm630_firmwaresd_8cx_firmwaresda660_firmwaresd_845qm215_firmwareqcs605mdm9206_firmwaresd_427sd_430sd_670sd_8cxsd_435_firmwaresd_632_firmwaremdm9650_firmwaresd_710sd_410_firmwaresda660sxr1130_firmwaresxr1130sdm660_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2021-35090
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.3||CRITICAL
EPSS-0.12% / 2.04%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 09:51
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible hypervisor memory corruption due to TOC TOU race condition when updating address mappings in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewcn3991wsa8830wcd9380_firmwaresd780gsd865_5gqca6431_firmwaresdx55m_firmwarewcn6856_firmwaresd888wsa8835sa8540p_firmwarewcd9380sd765g_firmwaresd888_5gqca6420_firmwareqca6390_firmwaresd690_5gwcd9370sd690_5g_firmwarewcn6855_firmwaresm7325pqca6426qrb5165n_firmwareqca6430_firmwarewcn6750wcn3998sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwaresd_8cx_gen2_firmwaresa9000pwcd9340_firmwarewsa8815sm7325p_firmwareqsm8350_firmwarewcn6850qsm8350sd765qca6426_firmwaresa9000p_firmwaresm7315_firmwarewcn7850sd768g_firmwarewcd9375_firmwarewcn3998_firmwareqrb5165msm7315sm7250p_firmwareqca6391sdx55mqca6420qca6436_firmwareqrb5165nqca6421_firmwareaqt1000_firmwarewcn6740_firmwaresd778gsd_8cx_gen2wcn7851qcs6490qrb5165_firmwareqrb5165m_firmwaresdxr2_5gqcm6490_firmwareqrb5165wcn6851_firmwarewcn3988_firmwareqca6430qca6421sd778g_firmwarewcd9340wsa8810_firmwaresd765gwcd9341_firmwarewsa8810sd765_firmwaresd870qca6436wcn6851wcn6855sa8540pwcn7851_firmwarewcn6856wcd9385wcd9341sd768gqca6431qcs6490_firmwaresd750gsd870_firmwarewcn6740qca6391_firmwareqca6390wcd9375sd_8cxaqt1000sd750g_firmwaresd780g_firmwarewcd9370_firmwaresd888_firmwarewsa8830_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewcn7850_firmwarewsa8815_firmwarewsa8835_firmwaresm7250pwcn6750_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2017-18305
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7||HIGH
EPSS-0.24% / 14.35%
||
7 Day CHG~0.00%
Published-23 Oct, 2018 | 13:00
Updated-05 Aug, 2024 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

XBL sec mem dump system call allows complete control of EL3 by unlocking all XPUs if enable fuse is not blown in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9206sd_210mdm9607mdm9650_firmwaresd_212_firmwaresd_212sd_835_firmwaresd_835sd_205sd_210_firmwaresd_205_firmwaremdm9206_firmwaremdm9607_firmwaremdm9650Snapdragon Mobile, Snapdragon Wear
CVE-2021-35095
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.15% / 4.39%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 10:11
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper serialization of message queue client registration can lead to race condition allowing multiple gunyah message clients to register with same label in Snapdragon Connectivity, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn6855_firmwareqca8337_firmwarewcd9380_firmwaresdx65_firmwarewsa8830qca8337ar8035wcn6856_firmwaresd_8_gen1_5g_firmwarear8035_firmwaresdx65wsa8830_firmwarewsa8835wsa8835_firmwarewcd9380wcn6855qca8081_firmwaresm8475qca8081wcn6856Snapdragon Connectivity, Snapdragon Mobile
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2013-4740
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-6.9||MEDIUM
EPSS-0.24% / 14.59%
||
7 Day CHG~0.00%
Published-12 Nov, 2013 | 01:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

goodix_tool.c in the Goodix gt915 touchscreen driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, relies on user-space length values for kernel-memory copies of procfs file content, which allows attackers to gain privileges or cause a denial of service (memory corruption) via an application that provides crafted values.

Action-Not Available
Vendor-n/aQualcomm Technologies, Inc.
Product-quic_mobile_station_modem_kerneln/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2021-1921
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.10% / 1.23%
||
7 Day CHG~0.00%
Published-12 Nov, 2021 | 06:15
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible memory corruption due to Improper handling of hypervisor unmap operations for concurrent memory operations in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wsa8830wcd9380_firmwarewcn3990sd780gsd865_5gqca6595qca6431_firmwaresdx24sdx55m_firmwarewcn6856_firmwarewcd9360_firmwarewsa8835wcn3950_firmwarewcd9380sd888_5gqca6420_firmwareqca6390_firmwarewcd9370sd675_firmwarewcn6855_firmwareqca6426sdx24_firmwarewcn3990_firmwareqrb5165n_firmwaresm7325qca6430_firmwarewcn3980wcn6750wcn3998sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcn3950whs9410wcd9340_firmwaresd855wsa8815wcn6850qsm8350_firmwareqsm8350sd_8c_firmwareqca6426_firmwarewcn7850qca6574au_firmwaresdx55_firmwarewcd9375_firmwarewcn3998_firmwarewcn3980_firmwareqca6391sdx55mwcd9360qca6420qca6436_firmwareqrb5165nqca6421_firmwareaqt1000_firmwarewcn6740_firmwaresd778gsa6155p_firmwarewhs9410_firmwarewcn7851qcs6490qrb5165_firmwaresdxr2_5gqcm6490_firmwareqrb5165wcn6851_firmwareqca6430qca6574auqca6421sd778g_firmwarewcd9340sa8195psdm830_firmwarewsa8810_firmwarewcd9341_firmwarewsa8810sd870qca6436wcn6851wcn6855sa6155pwcn7851_firmwarewcn6856sd_8cwcd9385wcd9341qca6431qcs6490_firmwareqca6595_firmwaresd870_firmwarewcn6740qca6391_firmwareqca6390wcd9375sd_8cxaqt1000sd780g_firmwarewcd9370_firmwaresdx55sd675wsa8830_firmwaresd855_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn6850_firmwarewcn7850_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresdm830wcn6750_firmwaresm7325_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2020-3680
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7||HIGH
EPSS-0.19% / 9.40%
||
7 Day CHG~0.00%
Published-02 Jun, 2020 | 15:05
Updated-04 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A race condition can occur when using the fastrpc memory mapping API. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8009, APQ8053, MSM8909W, MSM8917, MSM8953, QCS605, QM215, SA415M, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM670, SDM710, SDM845, SDX24, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-msm8953sdm450sdm429wsdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439sdm429sa415m_firmwaresdm710msm8909w_firmwareqm215sdm429w_firmwaresdm710_firmwareapq8009apq8009_firmwaremsm8917sdm670qcs605_firmwaresdm670_firmwaresdx24_firmwaresdm439_firmwaresa415mqm215_firmwareqcs605msm8953_firmwareapq8053msm8917_firmwaresdm429_firmwaresxr1130_firmwaresxr1130msm8909wapq8053_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2020-3619
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7||HIGH
EPSS-0.16% / 5.66%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-04 Aug, 2024 | 07:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Non-secure memory is touched multiple times during TrustZone\u2019s execution and can lead to privilege escalation or memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8098, IPQ8074, Kamorta, MDM9150, MDM9206, MDM9607, MDM9650, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8998, QCA8081, QCS404, QCS605, QCS610, QM215, Rennell, SA415M, SC7180, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwarekamorta_firmwareqcs610sdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439qcs404_firmwaremdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150sm7150apq8009_firmwaremsm8917sdm670qcs605_firmwaremdm9206sdm670_firmwareqcs404sdx24_firmwareipq8074sdm636sda845_firmwaresa415mapq8098mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sxr1130_firmwareqca8081_firmwaresxr1130apq8009msm8909_firmwareapq8053_firmwaresda845sdm850_firmwaremsm8920msm8953sdm450sdm636_firmwareapq8098_firmwaremsm8998_firmwaresdm660msm8920_firmwaresdm630mdm9607_firmwaresa415m_firmwareipq8074_firmwaresdm710qm215sc7180_firmwaremdm9607apq8017_firmwaresdm710_firmwareqca8081qcs610_firmwaremsm8937mdm9150msm8905sm8150_firmwaremsm8909sdm439_firmwarerennellsc7180sdm630_firmwaresda660_firmwarerennell_firmwareqm215_firmwaremsm8953_firmwaremsm8940sm6150_firmwareapq8053msm8917_firmwaremsm8998sm8150sdm850kamortaapq8017sdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2020-11298
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.14% / 3.44%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 06:20
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While waiting for a response to a callback or listener request, non-secure clients can change permissions to shared memory buffers used by HLOS Invoke Call to secure kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwarewsa8830sd678sm6250p_firmwareqcs610qcs2290_firmwareqca8337qca6431_firmwaresd7c_firmwaremdm9628_firmwarewcd9360_firmwarecsra6620qcs4290wcn3950_firmwaresc8180x\+sdx55sd765g_firmwareqca6420_firmwareqca6595au_firmwareqcs2290qca6390_firmwaresd690_5gsd730_firmwarewcd9370csra6620_firmwareqcs605_firmwaresd_675_firmwaresd675_firmwarecsra6640_firmwareqcs6125_firmwareqca6426qca6584au_firmwarewcn3990_firmwareqca9984_firmwareqca9377sa415mwcn3998sd_8cx_firmwarewcd9371_firmwaresdxr2_5g_firmwarewcd9385_firmwaresm4125mdm9628sd720gmdm9206_firmwarewcd9326_firmwarewcn3950whs9410sd662sd710_firmwaresd460_firmwaresa8155qca6574au_firmwaresdx55_firmwareqca6595auwcd9375_firmwarewcn3998_firmwarewcn3999_firmwaresm7250p_firmwareqca6420qca6436_firmwarewcd9360qca6564au_firmwareqca6584ausa6155p_firmwareqca9367_firmwarewcd9306whs9410_firmwarewcn3999sa515m_firmwaresdxr2_5gqca9367qcs6125sa8155_firmwareqca4004_firmwaresd662_firmwaresa415m_firmwareqcs405qca6430wcn3988_firmwareqca6421sd712_firmwaresm6250wcd9306_firmwaresa8195psdm830_firmwarewcd9340wsa8810_firmwaresd765gsd765_firmwareqca6436wcd9326wcd9335sa6155pwcn6851qcs603_firmwareqcs4290_firmwarewcd9385wcd9341qca6431qca6696_firmwarewcd9371sd750gsd870_firmwarear8035qca6390sd_8cxaqt1000sd750g_firmwarewcd9375sc8180x\+sdx55_firmwaresm6250_firmwarewcn3910_firmwareqca4004wsa8830_firmwaresd855_firmwaresd865_5g_firmwaresd712sd888_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwareqca6564awcn6750_firmwareqcm6125_firmwareqcm2290_firmwarewcn3991qca8337_firmwarewcd9380_firmwarewcn3990sd_675wcd9330sd865_5gqca6595qca6564ausdx24sdx55m_firmwaresd670_firmwarewsa8835sd665_firmwarewcd9380sd888_5gsm6250pqcs410qca6574asd690_5g_firmwaresdx50m_firmwaremdm9206sdx24_firmwareqca6430_firmwarewcd9335_firmwarewcn3980wcn6750mdm9205sa515mqcs605wcd9340_firmwaresd855sm4125_firmwarewcn6850sd665sd7cwcn3910wsa8815sd_8c_firmwaresd765qca6426_firmwareqca6574a_firmwareqca9984sd768g_firmwarewcn3980_firmwaresd460qca6391sd730sdx55msdxr1_firmwarewcd9330_firmwareqca6421_firmwareaqt1000_firmwaresd678_firmwarear8031_firmwareqcm4290sdx50msd480_firmwareqcs603wcn6851_firmwareqca6574ausa8155p_firmwaresd710sd670qca6564a_firmwarewcd9341_firmwareqcm6125qcm4290_firmwaresd480sd870wsa8810qcs610_firmwareqsm8250sd_8csdxr1sd768gar8031qca6595_firmwareqcs405_firmwareqca6696mdm9205_firmwareqca6391_firmwarewcd9370_firmwaresdx55sa8155pcsra6640sd675sm7250psdm830sd720g_firmwareqcs410_firmwarear8035_firmwareqcm2290qsm8250_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2020-11290
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7||HIGH
EPSS-0.18% / 7.64%
||
7 Day CHG~0.00%
Published-17 Mar, 2021 | 06:01
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free condition in msm ioctl events due to race between the ioctl register and deregister events in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qca9377_firmwareqpm5679_firmwareqca8337qdm5579qfs2608_firmwareqfs2530qpm8870_firmwareqln1030pm6125qat5522_firmwarewcn3950_firmwarepm8150aqdm5670qca6595au_firmwareqpa5581_firmwaresa6155pm7150lqcc1110_firmwarepm8998_firmwareqpa8821wtr5975_firmwareqcs6125_firmwareqpa5580_firmwaresa415mwcn3998wcn3950qsw8573_firmwarewcn3660bsd450_firmwareqfe4320qsw8574_firmwaresd460_firmwarepm8953_firmwareqpa4360_firmwarewcn3998_firmwareqfe2520_firmwareapq8009w_firmwarepm855papq8053_firmwareqca6420qpm6670_firmwarepm660_firmwarepm8150bsa8155_firmwareqfe2101qca6430qat3522pmr735awcd9340sdm830_firmwaresd765gsdr660qfs2630_firmwaresdr865qdm5620_firmwaresmb1358smr545qca6696_firmwareqln5020sd870_firmwarepmm855au_firmwaresa8150pqfe3340qdm5621qtc800sqat3514_firmwaresd660sd865_5g_firmwarepm640p_firmwaresd660_firmwarewcn6750_firmwareqat5516_firmwaresd450pm855l_firmwareqtc410swcn3991qpa8801sdm429wpm8150l_firmwareqat5533_firmwaresdx55m_firmwareqpa8673_firmwarepm6150smb1354_firmwaresd670_firmwareqca6574sd632_firmwareqfs2630qpa8842wcd9380qualcomm215smb1380_firmwareqfe4309_firmwarepmk8350_firmwaresmb1381pm855p_firmwarepm7250qca9379_firmwarewtr4905qpa8803sdx24_firmwaresd439_firmwareqdm2301wcd9340_firmwarewsa8815wcn6850qfe2101_firmwareqdm5621_firmwareqdm2301_firmwarewcn3980_firmwarepm660l_firmwarewcn6740_firmwarepm8008pm8350b_firmwareqtm525_firmwarepme605_firmwarepme605qpm5621_firmwareqln1021aq_firmwareqcs603rsw8577qpa6560_firmwareqpa8802_firmwareqfe4308_firmwareqpm5621qpm6582sd670pm8009_firmwareapq8009wqfe4303qfs2580_firmwareqcm4290_firmwarepm8150lpmi8998_firmwaresa6145ppm660a_firmwarepm215ar8031wtr2965sa2150pqca6391_firmwarepmi8937_firmwarewcd9370_firmwareqat3516_firmwaresdx55apq8053csra6640pm8350bhsqat3555_firmwareqpa8803_firmwarewcn3660qca9379pm855bqln1031qsm8250_firmwareqpm5870pm8909wsa8830pm660qet6110_firmwareqdm5579_firmwarepm6125_firmwareqbt1500qpa5581csrb31024pmx24_firmwarefsm10055_firmwareqbt1500_firmwareqpm5870_firmwareqcs4290qet6100pmm855auqca6420_firmwaresmb1394_firmwareapq8009_firmwaresmb1396pm7150asd675_firmwarepm8350qca6564qpa4361_firmwarepm8350c_firmwareqpa5461_firmwareqca6426wcn3990_firmwareqca9377qpm5641qpa5373_firmwarewcd9385_firmwareqdm5650_firmwareqpa4340_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwarewtr2955pm7250_firmwaresdr845_firmwareqdm5620qln1021aqsmb1380pmk8002_firmwareqsw6310_firmwaresa8155qln1031_firmwareqdm4650_firmwaresdx55_firmwarepmm6155au_firmwareqat5533wcn3615sm7250p_firmwarewcn3610_firmwareqsm7250_firmwareqpm6670pm7150l_firmwareqca6584auqpm4641qat5515_firmwarepm855sd429pm8250qdm4643qfs2530_firmwaresa415m_firmwarepmx55qpm4641_firmwarewcn3988_firmwaresd205sd429_firmwarepm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresa8195psdr735_firmwarepm8953qat5515qpm5677qat3514wcd9326wcd9335pm8004_firmwaresdr8150_firmwareqcs4290_firmwarepm439qtc800h_firmwarepmk7350_firmwareqpm4630qca6390wcd9375aqt1000pmm8195auqln4642msm8917_firmwareqpm5677_firmwarewsa8815_firmwaresd888_5g_firmwarepmi8937pm8998pmk7350sdw3100qpm8820_firmwaresmr525_firmwarewtr3925_firmwareqfe4301_firmwareapq8017qln1020_firmwareqpm6621_firmwarepm670a_firmwareqcm6125_firmwarepmx55_firmwarewtr2955_firmwareqfe4373fc_firmwaresd865_5gqca6595smb1398_firmwareqat5522pm8150cpmr735bsd665_firmwareqpa4360qpa4361qpm4640_firmwareqdm5679_firmwarepm8350csmr525qca6310_firmwareqfe4305_firmwarepmr525pm8150a_firmwareqca6574_firmwareqln1036aq_firmwaresd665pm6150_firmwaresd765qca6574a_firmwareqpm4630_firmwareqat3555apq8009qpa5461wtr2965_firmwarepm670_firmwarecsrb31024_firmwareqfs2608qln1036aqqtc801sqpm5641_firmwaresd710pm8008_firmwareqpm6621pmr735a_firmwarepmw3100qca6564_firmwaresdr8250sd768gqln1030_firmwarewcn6740pmw3100_firmwarepm8004pm640lpmk8002sd845sdm830qpa5580fsm10055qfe2550sa6150p_firmwareqdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqat3519qbt2000_firmwarepm855a_firmwareqtc800hsa8150p_firmwaresdr8250_firmwareqca6335msm8917csra6620_firmwareqcs605_firmwareqln1020smr546_firmwareqdm5671csra6640_firmwareqpm4650_firmwareqat3518sd632sdr425_firmwaresmr526_firmwareqpa5460pm640a_firmwarewgr7640_firmwareqdm2305_firmwareqpm5670_firmwaresd710_firmwareqca4020qdm5652qca6574au_firmwareqpm8870wcd9375_firmwareqpm5679qbt2000sa6155_firmwaremsm8909wwcd9360sdr735gqpa5460_firmwareqdm3301_firmwareqsm7250qcs6125sd662_firmwareqcc1110qcs405smb1360qualcomm215_firmwarersw8577_firmwareqdm2308_firmwarefsm10056_firmwarepm439_firmwareqca4020_firmwareqca6436sa6155pwcn6851qcs603_firmwareqpa6560wcn3660_firmwarewcd9341pmi8952qdm4643_firmwarepm8937_firmwareqca6431sm7350_firmwareqet4100_firmwareqfe4320_firmwareqdm3302qpm5875_firmwarewsa8830_firmwaresd855_firmwareqdm5650wcn3988wtr3925sa8195p_firmwaresmb1390sdw3100_firmwareqet4100wcn3610qpa8686_firmwareqpm6585qca8337_firmwaresda429w_firmwarewcd9380_firmwaresmb1355qln4650sdr735g_firmwarepm8350bhs_firmwarewgr7640qat5568qet5100qdm5671_firmwareqpa8801_firmwareqca6564auwcn6856_firmwarepm8005_firmwareqet4101_firmwarepm7250bqln4642_firmwaresmb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwaresdr735smb1395pm660lsmr526wtr5975qca6430_firmwarewcd9335_firmwareqtc801s_firmwarewcn3980qat3522_firmwarepm7350c_firmwareqca6335_firmwareqsw8573qcs605smb1394qca6426_firmwarepm8350_firmwarewcn3660b_firmwarewcn3680qfe4309pm8009sdx55mpm670aqca6421_firmwareqfe4373fcmsm8953qat3518_firmwarepmi8998qfe2520qsw8574ar8031_firmwarewcn3680_firmwarepm855lwcn6851_firmwareqdm5670_firmwarepm7150a_firmwarepm8150b_firmwareqfe4302smr545_firmwareqca6564a_firmwareqdm2310_firmwaresd870pm670sd210_firmwareqdm5677pm8005qsm8250pm855_firmwareqdm2302pmm6155ausdxr1pm855b_firmwareqca6595_firmwareqcs405_firmwareqpm6582_firmwarepm640l_firmwareqln4650_firmwareqpm5875qet5100msa8155psd675sd439qet4101qat3516pm670lqpm5658qpm5658_firmwarewcn3991_firmwareqdm5652_firmwarepmm8155au_firmwareqln5030fsm10056pmi632qpa2625_firmwarepm8350bh_firmwarecsra6620pmr735b_firmwareqet5100_firmwareqpa5373qpm4621smb1360_firmwareqet6100_firmwarepm670l_firmwaresdr660gsd765g_firmwareqpa8686smb1358_firmwareqca6390_firmwarewcd9370sdr425pmr525_firmwareqca6584au_firmwareqfe3340_firmwarepmi632_firmwareqat5516sd662qpa8821_firmwareqfe4308sdr660g_firmwarepm8350bhpm3003awcn3680b_firmwareqca6595auqca6436_firmwaresm7350smb1354qca6564au_firmwareqdm2305sa6155p_firmwareqca6310qpm8820pm8937qln5020_firmwaresa515m_firmwaresdxr2_5gsmb1398sa6145p_firmwareapq8017_firmwarewsa8810_firmwaresd765_firmwareqdm5677_firmwareqca6174a_firmwarewcd9385qdm2302_firmwareqat3550_firmwarepmm8155auqln5040_firmwareqpa8673qdm2310qfe2550_firmwaremsm8953_firmwareqln5030_firmwaresda429wsd210wcn3620_firmwareqfe4302_firmwaresmb1396_firmwarewcn6850_firmwarewcn3620wsa8835_firmwareqca6564asmr546pmx24qet6110pmi8952_firmwareqln5040qpm8895sdr845qpm5670wcn3990pmk8350sdx24qdm3302_firmwarepm8350bqdm2307_firmwaremsm8909w_firmwarewsa8835sdm429w_firmwaresd888_5gpm855asdr660_firmwarepm8909_firmwareqca6574apm8916_firmwaresmb1390_firmwareqca6174aqfe4303_firmwareqpm4640wcn6750pm7350cqet5100m_firmwareqpm4650qtm525sa515msa2150p_firmwaresd855qfe4305pm640psd768g_firmwaresdr865_firmwarepm8250_firmwaresd460qca6391sdxr1_firmwaresmb1351aqt1000_firmwarepm215_firmwareqpm8895_firmwarepm660aqpa4340qcm4290pm640asdr8150pm8916smb1395_firmwareqdm4650pmd9655qca6574ausa8155p_firmwaresd205_firmwareqsw6310wcd9341_firmwareqcm6125wsa8810qtc410s_firmwareqat5568_firmwareqdm2308qat3550wtr4905_firmwarewcn6856qdm5679wcn3680bpm3003a_firmwareqca6696qfe4301qtc800s_firmwaresmb1381_firmwaresd845_firmwareqpa2625sa6150ppmm8195au_firmwaresm7250pqpm4621_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2020-11233
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7||HIGH
EPSS-0.13% / 3.10%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 05:00
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Time-of-check time-of-use race condition While processing partition entries due to newly created buffer was read again from mmc without validation in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100qca9377_firmwarepm8909qfe1040qfe2550mdm9640_firmwarepm660pmd9607_firmwarepmi8996pmi632qfe1040_firmwareqfe1045mdm9628_firmwareqfe2340_firmwaremdm9650qln1030smb1360_firmwarepmk8001qfe2340mdm9250smb1358_firmwarepmd9635_firmwareapq8009_firmwareqca6174_firmwareqcc1110_firmwareapq8076wtr3905wtr5975_firmwareapq8076_firmwareqca9377pmi632_firmwaresdw2500_firmwarewcd9326_firmwaremdm9628wcn3615_firmwaremdm9206_firmwareqsw8573_firmwarergr7640au_firmwarewtr2955wcn3660bwgr7640_firmwareqln1021aqqcc112qca4020mdm9230_firmwarepm8953_firmwareqca6574au_firmwareqca6584mdm9630qln1031_firmwarewcn3615wcn3680b_firmwaremsm8909wapq8009w_firmwarewcn3610_firmwareapq8053_firmwaresdx20mqca6564au_firmwarewcd9306qca9367_firmwarepm8937pm660_firmwarepm8996qca9367mdm9607_firmwaremdm9655_firmwareqcc1110smb1360sd205wcd9306_firmwareapq8017_firmwarewsa8810_firmwarepm8953qualcomm215_firmwaresmb231pm439_firmwareqca4020_firmwarewcd9326wcd9335qet4200aqqfe1045_firmwaremsm8937qfe3345pm8004_firmwareqca6174a_firmwaremdm9250_firmwaresmb1358pm439pmi8952mdm9655pm8937_firmwareqet4100_firmwaresmb1350qfe2550_firmwarepm8952_firmwaremdm9330_firmwaresd210wcn3620_firmwaresd820sdx20_firmwarewsa8815_firmwarepmi8937wcn3620sdw3100wtr3925_firmwarewtr3925sdw3100_firmwareapq8017qcc112_firmwarecsr6030_firmwareqca6564amdm9630_firmwareqet4100wcn3610mdm9640pmi8952_firmwareqfe3335_firmwaresmb1355wcd9330msm8996au_firmwarewtr2955_firmwarewgr7640csr6030qca6564aupmi8994_firmwarepmm8996au_firmwareqet4101_firmwaremsm8909w_firmwaremsm8996aupmk8001_firmwareqfe1035pmm8996ausmb1355_firmwaresmb1351_firmwarepmd9655_firmwarergr7640aumdm9230qualcomm215pm8996_firmwareqet4200aq_firmwarepm8909_firmwareqca6574amdm9206pm8916_firmwareqca9379_firmwareqca6174aqfe3100_firmwaresmb358s_firmwaresmb358swtr4905wtr5975qca6174wcd9335_firmwareqtc801s_firmwaresd439_firmwarepmd9645pm8956_firmwareqsw8573qfe3335qln1036aq_firmwarewsa8815qca6584_firmwaremsm8937_firmwaremdm9650_firmwarewcn3660b_firmwarewcn3680pmx20pmd9607qca6574a_firmwareapq8009qfe3320_firmwaresmb1351smb1357_firmwarewcd9330_firmwarewtr3905_firmwarepm215_firmwaremdm9626wtr2965_firmwareqfe1035_firmwarewcn3680_firmwaresdx20qln1021aq_firmwarepm8916qln1036aqqtc801spmd9635mdm9626_firmwarepmd9655qca6574auqfe3320mdm9607sd205_firmwareqca6564a_firmwareapq8009wpmd9645_firmwaresdx20m_firmwarewsa8810smb231_firmwarewtr4905_firmwaresd210_firmwareqfe3345_firmwarewcn3680bpm215apq8096auqln1030_firmwaresmb1350_firmwarewtr2965sd820_firmwarepmi8996_firmwarepmx20_firmwarepmi8937_firmwarepm8004sdw2500apq8053apq8096au_firmwaresd439qet4101pm8952pmi8994smb1357mdm9330qca9379pm8956qln1031Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2020-11179
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7||HIGH
EPSS-0.32% / 23.39%
||
7 Day CHG~0.00%
Published-21 Jan, 2021 | 09:41
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Arbitrary read and write to kernel addresses by temporarily overwriting ring buffer pointer and creating a race condition. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qpm5579qfs2580fsm10055qfe2550pmi8996qca8337qdm5579qdm2307qfs2530qpa8802qln1030qpa8688pm6125qat3519pm8150aqtc800hqdm5670sa6155qca6335msm8917pm7150lqpa8821qln1020wtr3905qdm5671pmc1000hqat3518sd632sd8csa415mwcn3998wcn3950sm4125sd720gqpa5460wcn3660bqfe4320qca4020qdm5652sd6905gqpm8870qpm5679qbt2000msm8909wpm855pqca6420pm6150asdx20msdr735gwcn3999pm8150bqsm7250pm8996qcs6125qfe2101qcc1110qca6430qcs405qat3522smb1360pmr735awcd9340sd765gsdr660qca6436wcn6851sa6155pqpa6560msm8937sdr865pmc7180smb1358wcd9341pmi8952smr545qca6431qln5020smb1350sd750gqdm3302wtr3950sa8150ppm6350qdm5621qfe3340qtc800ssd660qdm5650wcn3988wtr3925sdr052smb1390pm6150lsd450sd8885gqet4100wcn3610qpm6585qtc410swcn3991smb1355qln4650qpa8801sdm429wwcd9330wgr7640qat5568qet5100sd636qca6564ausdxr25gpm6150qca6574pm7250bqfs2630qpa8842pmm8996auwcd9380qualcomm215qln4640smb1381sdr735pm7250wtr4905smb1395pm660lqpa8803ar8151smr526wtr5975wcn3980pmk8003qdm2301qsw8573qcs605wsa8815wcn6850qbt1000sd7cqca6320qpm6375wcn3910smb1394wcn3680qfe4309sd835pm8009qpa8675sd730sdx55mpm670aqfe4373fcpm8008msm8953qsw8574pmi8998qfe2520pme605pm855lqcs603rsw8577sd8655gqfe4302qpm5621qpm6582sd670apq8009wqfe4303pm670pm8150lqdm5677pm8005sa6145ppm215qdm2302pmm6155ausdxr1ar8031apq8096auqpm5577wtr2965pm8150qpm5875sdx55qet5100mapq8053sd675csra6640pm8350bhssa8155psd439qet4101pmi8994qat3516pm670lwcn3660qpm5658qca9379pm855bsmb2351qln1031qpm5870pm8909wsa8830sdr051pm660qln5030qpm6325pm4125qbt1500fsm10056qpa5581pmi632pm456csrb31024mdm9650csra6620qpa5373qpm4621pmk8001qcs4290qet6100pmm855ausdr660gsd455qpa8686smb1396pm7150awcd9370pm8350qca6564sdr425qca6426qca9377qpm5641qpm5541qat5516wtr2955qdm5620qln1021aqsd662smb1380qfe4308pm8350bhapq8037pm3003asa8155qat5533wcn3615qca6595ausm7350qtc800tpm8940qpm6670smb1354qca6584auqdm2305qca6310qpm8820qpm4641pm8937pm855sd429pm8250qca9367smb1398sdm630sd821qdm4643pmx55sd205sdr675qca6421sm6250qdm3301sa8195ppm8953qat5515qpm5677smb231qat3514wcd9326wcd9335qet4200aqwcd9385pm439pmm8155auqpm4630qca6390wcd9375ar8035aqt1000apq8064auqpa8673qdm2310pmm8195auqln4642sda429wsd210sd820pmi8937pm8998pmk7350sdw3100wcn3620apq8017qca6564asmr546pmx24qet6110qln5040qpm8895sdr845qpm5670wcn3990qtm527qca6595pmk8350sdx24qpm8830pm8350bqat5522wsa8835msm8996aupm8150cpmr735bsm6250prgr7640auqpa4360pm855aqpa4361qca6574amdm9206qca6174apm8350csmr525qpm4640wcn6750pmr525pm7350cqpm4650qtm525sa515msd855sd8cxsd665qfe4305qca6175asd765pm640ppmx20pmd9607qat3555apq8009sd460qca6391smb1351qpa5461msm8920pm660aqpa4340qcm4290sdx50mpm640asdr8150qfs2608sdx20pm8916qln1036aqqtc801sqdm4650pmd9655qca6574ausd710qsw6310qcm6125qpm6621wsa8810qdm2308pmw3100pmx50qat3550wcn6856qdm5679wcn3680bsdr8250sd768gwcn6740qca6696qfe4301sm4350pm8004pm640lmsm8940pmk8002sdw2500qpa2625sd845sa6150psm7250psdm830smb1357pm6250qpa5580Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-11277
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.4||HIGH
EPSS-0.11% / 1.86%
||
7 Day CHG~0.00%
Published-22 Feb, 2021 | 06:26
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible race condition during async fastrpc session after sending RPC message due to the fastrpc ctx gets free during async session in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qpm5679_firmwareqpm5620_firmwareqdm5579qdm2307qfs2608_firmwareqfs2530qpm8870_firmwareqpa8802qpm6585_firmwarepm6125qat3519qbt2000_firmwareqat5522_firmwarewcn3950_firmwarepm8150aqdm5670qpa5581_firmwarepm7150lqpa8821smr546_firmwareqdm5671qpm4650_firmwareqat3518qpa5580_firmwaresdr425_firmwarewcn3998smr526_firmwarewcn3950wgr7640_firmwareqpm5670_firmwaresd460_firmwareqdm5652sd6905gqpm8870wcd9375_firmwarewcn3998_firmwareqpm5679qbt2000pm6150aqpm6670_firmwaresdr735gpm8150bqdm3301_firmwareqsm7250sd662_firmwarepmr735asd765gqdm2308_firmwarewcn6851qpa6560qfs2630_firmwaresdr865qdm5620_firmwarewcd9341sm7350_firmwaresmr545qdm4643_firmwareqln5020sd750gqdm3302sm4350_firmwareqpm5657pm6350qdm5621qpm5875_firmwareqat3514_firmwarewsa8830_firmwareqdm5650wcn3988wtr3925smb1390qat5516_firmwarepm6150lsd8885gqpa8686_firmwareqpm6585wcn3991wcd9380_firmwaresmb1355qln4650qpa8801sdr735g_firmwarepm8350bhs_firmwarewgr7640qat5568qet5100qdm5671_firmwareqpa8801_firmwarepm8150l_firmwareqat5533_firmwaresdx55m_firmwarewcn6856_firmwareqpa8673_firmwareqet4101_firmwaresmb1354_firmwarepm7250bqln4642_firmwareqfs2630qpa8842wcd9380smb1355_firmwarepm7250b_firmwarepmk8350_firmwaresdr735pm7250smb1395qpa8803smr526pmk8003pm7350c_firmwarewsa8815wcn6850qdm5621_firmwaresmb1394qca6426_firmwarepm8350_firmwarepm8009sdx55mwcn6740_firmwarepm8008pm8350b_firmwareqtm525_firmwareqat3518_firmwaresd6905g_firmwareqpm5621_firmwarewcn6851_firmwareqdm5670_firmwareqpa6560_firmwaresd8655gqpa8802_firmwarepm7150a_firmwarepm8150b_firmwareqpm5621smr545_firmwarepm8009_firmwareqdm2310_firmwarepm4250_firmwareqfs2580_firmwareqcm4290_firmwaresd8885g_firmwarepm8150lqdm5677pm4250wtr2965qca6391_firmwarewcd9370_firmwareqln4650_firmwareqat3516_firmwareqpm5875qet5100mpm8350bhsqet4101qat3555_firmwareqat3516qpa8803_firmwareqpm5658qpm5658_firmwareqpm5870wcn3991_firmwareqdm5652_firmwarewsa8830qet6110_firmwareqdm5579_firmwareqln5030pm6125_firmwareqpa5581pmi632qpa2625_firmwarepm8350bh_firmwarepmr735b_firmwareqet5100_firmwareqpm4621qpm5870_firmwareqet6100_firmwareqcs4290qet6100sd765g_firmwareqpa8686smb1394_firmwareqca6390_firmwaresmb1396pm7150awcd9370pm8350qpa5461_firmwaresdr425pm8350c_firmwarepmr525_firmwareqca6426qpm5641pmi632_firmwarewcd9385_firmwareqdm5650_firmwareqat5516pm7250_firmwareqdm5620sd662qpa8821_firmwarepm8350bhpmk8002_firmwarepm3003aqdm4650_firmwareqat5533sm7250p_firmwaresm7350qsm7250_firmwareqpm6670smb1354pm7150l_firmwareqpm8820qpm4641qat5515_firmwareqln5020_firmwarepm8250smb1398qdm4643qfs2530_firmwarewcn3988_firmwarepmx55qpm4641_firmwarepm8150c_firmwareqpa8842_firmwareqdm3301sdr735_firmwareqat3519_firmwarewsa8810_firmwareqpm5677qat5515sd765_firmwareqat3514qdm5677_firmwarepm6350_firmwareqcs4290_firmwarewcd9385pmk7350_firmwareqpm5620qln5040_firmwareqpm4630qca6390wcd9375sd750g_firmwareqpa8673qdm2310qln5030_firmwareqln4642qpm5677_firmwarewsa8815_firmwarewtr3925_firmwaresmr525_firmwaresmb1396_firmwarepmk7350wcn6850_firmwareqpm8820_firmwarewsa8835_firmwareqpm6621_firmwaresmr546qet6110qln5040qpm8895qpm5670pmx55_firmwarepmk8350smb1398_firmwareqdm3302_firmwarepm8350bqat5522qdm2307_firmwarewsa8835pm8150cpmr735bqpm5657_firmwarepmk8003_firmwareqpm4640_firmwaresmb1390_firmwareqdm5679_firmwarepm8350csmr525qpm4640pm6150l_firmwarepmr525pm7350cpm8150a_firmwareqet5100m_firmwareqpm4650qtm525pm6150a_firmwaresd765qpm4630_firmwaresd768g_firmwaresdr865_firmwareqat3555pm8250_firmwaresd460qca6391qpa5461qpm8895_firmwarewtr2965_firmwareqcm4290qfs2608smb1395_firmwareqdm4650qpm5641_firmwarepm8008_firmwaresd8655g_firmwarewcd9341_firmwareqpm6621wsa8810pmr735a_firmwareqat5568_firmwareqdm2308wcn6856qdm5679sd768gpm3003a_firmwarewcn6740sm4350qpa2625pmk8002sm7250pqpm4621_firmwareqpa5580Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-416
Use After Free
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2020-11152
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.4||MEDIUM
EPSS-0.13% / 3.10%
||
7 Day CHG~0.00%
Published-21 Jan, 2021 | 09:41
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition in HAL layer while processing callback objects received from HIDL due to lack of synchronization between accessing objects in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100qfe2550qfe4465fcsdr051pm660qbt1500qca8337pmi632csra6620qtc800hmsm8917apq8076qca9377wcn3998whs9410wcn3950qpa5460wtr2955wcn3660bqfe4320smb1380qfe4308apq8037wcn3615qbt2000msm8909wpm855pqca6420wcd9360qtc800tpm8940wcd9306qca6584auqca6310pm8937qfe2081fcwcn3999pm855sdm630msm8976sgqcc1110qca6430qcs405qat3522qfe2101qfe4455fcsmb1360wcd9340pm8953smb231qfe3440fcqat3514sdr660wcd9326wcd9335msm8937apq8052smb1358wcd9341pm439pmi8952aqt1000msm8956msm8976qtc800smsm8952apq8056sd660sd712wtr3925pmi8937pm8998qfe2080fcsdr052sdw3100smb1390wcn3620msm8916apq8017qca6564apmx24sd450qet4100wcn3610wcn3990smb1355wcd9330wgr7640sd636qet5100qca6564ausdx24msm8996aupmm8996aurgr7640auqln1035bdqpa4360pm855asmb1381qca6574aqca6174apm660lwtr4905wtr5975wcn3980qsw8573qcs605sd855wsa8815sd8cxqbt1000qfe4305qca6320qfe4309sd835smb1351pm670aqfe4373fcqfe2082fcmsm8920msm8953pmi8998pm660aqpa4340sdx50msdr8150pm855lpm8916qcs603qtc801srsw8577pmd9655qfe4302qca6574ausd710apq8009wqfe4303wsa8810pm670qat3550pmx50pm8005wcn3680bapq8096auar8031wtr2965qfe4301pm8004qet5100mmsm8940apq8053sdw2500csra6640sd439qet4101pm8952pm670lsdm830pm855bpm8956Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2020-11250
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7||HIGH
EPSS-0.11% / 1.56%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 05:00
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free due to race condition when reopening the device driver repeatedly in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qpm5679_firmwaresm6250p_firmwareqca8337qdm5579qfs2608_firmwareqfs2530qpm8870_firmwareqln1030pm6125qcn5124qat5522_firmwarewcn3950_firmwarepm8150aqdm5670qca6595au_firmwareqpm5541_firmwareqpa5581_firmwaresa6155pm7150lqcc1110_firmwarepm8998_firmwareqpa8821wtr5975_firmwarepm456_firmwareqpa5580_firmwarewcn3998wcd9371_firmwarewcn3950sm4125sd720gqsw8573_firmwarewcn3660bqfe4320qsw8574_firmwaresd460_firmwaresmb2351_firmwarepm8953_firmwareqpa4360_firmwareqca8081_firmwareqfe2520_firmwarewcn3998_firmwareapq8009w_firmwarepm855papq8053_firmwareqca6420pm6150aqpm6670_firmwarepm660_firmwarepm8150bsa8155_firmwareqfe2101qca6430qat3522pmr735awcd9340sd765gsdr660qfs2630_firmwaresdr865qdm5620_firmwaresmb1358qca6696_firmwareqln5020wcd9371qcn5154_firmwarepmm855au_firmwaresm4350_firmwaresd_8cxpm6350qdm5621qfe3340qtc800sqat3514_firmwaresd660sd865_5g_firmwarepm640p_firmwaresd660_firmwareqcn5022_firmwarewcn6750_firmwareqat5516_firmwarepm6150lpm855l_firmwareqtc410swcn3991qpa8801pm8150l_firmwareqat5533_firmwaresdx55m_firmwareqpa8673_firmwarepm6150smb1354_firmwaresd670_firmwareqca6574sd632_firmwareqfs2630qpa8842csr8811_firmwaresdr052_firmwarewcd9380qualcomm215qln4640qcs410qpm5579_firmwaresmb1380_firmwareqfe4309_firmwarepmk8350_firmwareqcn5024pm855p_firmwaresd690_5g_firmwaresmb1381pm7250wtr4905qpa8803sd439_firmwareqdm2301ipq6018_firmwarewcd9340_firmwarewsa8815wcn6850qfe2101_firmwarepmp8074_firmwareqdm5621_firmwareqdm2301_firmwareqpm6375sd_8c_firmwareipq6028pmp8074wcn3980_firmwaresd730pm660l_firmwarepm6250_firmwarewcn6740_firmwarepm8008pm8350b_firmwareqtm525_firmwareqpm5621_firmwareqcn5054qln1021aq_firmwarersw8577qpa6560_firmwareqpa8802_firmwareqln4640_firmwareqfe4308_firmwareqpm5621qpm6582qcn9024_firmwareipq8174_firmwareapq8009wpm8009_firmwareqfe4303qfs2580_firmwaresd670pm8150lpmi8998_firmwareqcs610_firmwaresa6145ppm660a_firmwarepm215ar8031qpm5577wtr2965qca6391_firmwarepm8150qca4024pmi8937_firmwarewcd9370_firmwareqat3516_firmwaresdx55apq8053qcn5021_firmwarecsra6640pm8350bhsqat3555_firmwareqpa8803_firmwarepm855bsmb2351qln1031qsm8250_firmwareqpm5870pm8909wsa8830pm660qet6110_firmwareqdm5579_firmwareqpm6325pm6125_firmwareqbt1500qpa5581fsm10055_firmwareqbt1500_firmwareqpm5870_firmwareqet6100pmm855auqca6420_firmwaresmb1394_firmwaresd690_5gsmb1396pm7150asd675_firmwarepm8350qca6564qpa4361_firmwarepm8350c_firmwareqpa5461_firmwareqca6426wcn3990_firmwareqpm5641qpa5373_firmwarewcd9385_firmwareqdm5650_firmwareqpa4340_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwarewtr2955pm7250_firmwareqdm5620qln1021aqipq8074asmb1380pmk8002_firmwareqsw6310_firmwaresa8155qln1031_firmwareqdm4650_firmwaresdx55_firmwarepmm6155au_firmwareqat5533wcn3615sm7250p_firmwarewcn3610_firmwareqsm7250_firmwareqpm6670pm7150l_firmwareqca6584auqpm4641qat5515_firmwareipq8174pm855qpm8830_firmwaresd429pm8250qcn5052qdm4643qfs2530_firmwarewcn3988_firmwarepmx55qpm4641_firmwareqcn9074sd205sd429_firmwarepm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresdr735_firmwarepm8953qat5515qpm5677qat3514wcd9326wcd9335pm6350_firmwarepm8004_firmwaresdr8150_firmwarepm439qtc800h_firmwarepmk7350_firmwareqpm5620qpm4630qca6390wcd9375sd750g_firmwareaqt1000sm6250_firmwareqln4642msm8917_firmwareqpm5677_firmwareipq8074a_firmwaresd888_5g_firmwarepmi8937pm8998pmk7350sdw3100qpm8820_firmwaresmr525_firmwarewsa8815_firmwareqfe4301_firmwareapq8017qln1020_firmwareqpm6621_firmwarepmx55_firmwarewtr2955_firmwareqfe4373fc_firmwaresd865_5gqca6595pm8150_firmwaresmb1398_firmwareqpm8830qat5522pm8150cpmr735bsd665_firmwareqpa4360pmk8003_firmwareqcn5154qca8075_firmwareqpa4361qpm4640_firmwareqpm5577_firmwareqdm5679_firmwarepm8350csmr525qca6310_firmwareqfe4305_firmwarepm6150l_firmwarepmr525pm8150a_firmwareqca6574_firmwareqln1036aq_firmwaresd665pm6150a_firmwarepm6150_firmwareqca6175asd765qca6574a_firmwareqpm4630_firmwareqat3555qpa5461wtr2965_firmwareqfs2608qln1036aqqtc801sipq6028_firmwareqpm5641_firmwaresd710pm8008_firmwareqpm6621pmr735a_firmwarepmw3100pmx50qcn5022qca6564_firmwaresdr8250sd768gqln1030_firmwarewcn6740pmw3100_firmwarepm8004pm640lpmk8002qca8075qcn9022sd845qcs410_firmwareqca6175a_firmwareqpa5580qpm5579fsm10055qfe2550qcs610qpm5620_firmwareqdm2307qca6431_firmwareqpa8802qpm6585_firmwareqat3519qbt2000_firmwareqca4024_firmwareqtc800hsdr8250_firmwareqca6335msm8917csra6620_firmwareqln1020sd_675_firmwareqdm5671csra6640_firmwarepmc1000hqpm4650_firmwareqat3518sd632sdr425_firmwaresmr526_firmwareipq8076apm640a_firmwarewgr7640_firmwareqdm2305_firmwareqpm5670_firmwaresd710_firmwareqdm5652qca6574au_firmwareqpm8870wcd9375_firmwareqpm5679qbt2000sa6155_firmwaremsm8909wpmx50_firmwareqpa8675_firmwaresdr735gwcn3999qdm3301_firmwareqsm7250ipq6010sd662_firmwareqcc1110qcs405qualcomm215_firmwarersw8577_firmwareqdm2308_firmwarefsm10056_firmwarepm439_firmwareqca6436wcn6851sa6155pqpa6560sdr675_firmwarewcd9341pmi8952qdm4643_firmwarepm8937_firmwareqca6431sm7350_firmwareqet4100_firmwaresd750gqfe4320_firmwareqdm3302wcn3910_firmwareqpm5657qpm5875_firmwarewsa8830_firmwaresd855_firmwareqdm5650wcn3988wtr3925sdr052smb1390sdw3100_firmwareqet4100wcn3610qpa8686_firmwareqpm6585qca8337_firmwaresda429w_firmwarewcd9380_firmwaresmb1355qln4650sdr735g_firmwarepm8350bhs_firmwarewgr7640ipq8076a_firmwareqat5568qdm5671_firmwareqet5100qca6564auqpa8801_firmwareqtm527_firmwarewcn6856_firmwarepm8005_firmwareqet4101_firmwarepm7250bqln4642_firmwaresmb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwareqcn5054_firmwareqet4200aq_firmwaresdx50m_firmwaresdr735smb1395pm660lsmr526qca8072_firmwarewtr5975qca6430_firmwarepmk8003qcn5052_firmwareqtc801s_firmwareqat3522_firmwarewcd9335_firmwarewcn3980pm7350c_firmwareqca6335_firmwareqsw8573wcn3910smb1394qca6426_firmwarepm8350_firmwarewcn3660b_firmwareqfe4309qcn9024pm8009qpa8675sdr051_firmwaresdx55mqca6421_firmwareqfe4373fcmsm8953qat3518_firmwarepmi8998qfe2520qsw8574ar8031_firmwarepm855lwcn6851_firmwareqdm5670_firmwarepm7150a_firmwarepm8150b_firmwareqfe4302pmc1000h_firmwareqca6564a_firmwareqdm2310_firmwaresd210_firmwareqdm5677pm8005qsm8250ipq6018pm855_firmwareqdm2302pmm6155ausdxr1pm855b_firmwareqca6595_firmwareqcs405_firmwareqpm6582_firmwareqpm6375_firmwarepm640l_firmwareqln4650_firmwareqpm5875qet5100msa8155psd675sd439qet4101qat3516qpm5658ar8035_firmwareqpm5658_firmwareqcn5024_firmwarewcn3991_firmwareqdm5652_firmwarepmm8155au_firmwaresdr051qln5030pm4125fsm10056pmi632qpa2625_firmwarepm456pm8350bh_firmwarecsra6620pmr735b_firmwareqet5100_firmwareqpa5373qpm4621qet6100_firmwaresdr660gsd765g_firmwareqpa8686smb1358_firmwareqca6390_firmwaresd730_firmwarewcd9370sdr425pmr525_firmwareqca6584au_firmwareqcn9000_firmwareqfe3340_firmwarepmi632_firmwaresd_8cx_firmwareqpm5541qat5516sd662qpa8821_firmwareqfe4308qcn5124_firmwaresdr660g_firmwarepm8350bhpm3003awcn3680b_firmwareqca6595auwcn3999_firmwareqca6436_firmwaresm7350smb1354qca6564au_firmwareqdm2305sa6155p_firmwareqca6310qpm8820pm8937qpm2630qln5020_firmwaresa515m_firmwaresdxr2_5gsmb1398sa6145p_firmwaresdr675sm6250apq8017_firmwarewsa8810_firmwaresd765_firmwareqdm5677_firmwareqca8081qet4200aqwcd9385qpm6325_firmwareqdm2302_firmwareqat3550_firmwarepmm8155auqln5040_firmwarepm4125_firmwarear8035csr8811qpa8673qdm2310qfe2550_firmwaremsm8953_firmwareqln5030_firmwaresda429wsd210wcn3620_firmwareqfe4302_firmwarewtr3925_firmwaresmb1396_firmwarewcn6850_firmwarewcn3620wsa8835_firmwareqca6564aqet6110pmi8952_firmwareqca8072qln5040qpm8895qpm5670wcn3990qcn9000sd_675qtm527pmk8350qdm3302_firmwarepm8350bqdm2307_firmwaremsm8909w_firmwarewsa8835qpm5657_firmwaresd888_5gsm6250psdr660_firmwarepm8909_firmwareqca6574asmb1390_firmwareqfe4303_firmwareqpm4640wcn6750pm7350cqet5100m_firmwareqpm4650qtm525sa515mwtr6955sd855sm4125_firmwareqfe4305wtr6955_firmwarepm640pqcn5021sd768g_firmwaresdr865_firmwarepm8250_firmwaresd460qca6391sdxr1_firmwaresmb1351aqt1000_firmwarepm215_firmwareqpm8895_firmwarepm660aqpa4340sdx50mpm640asdr8150smb1395_firmwareqdm4650pmd9655qca6574ausa8155p_firmwaresd205_firmwareqsw6310wcd9341_firmwarewsa8810qtc410s_firmwareqpm2630_firmwareqat5568_firmwareqdm2308qat3550wtr4905_firmwarewcn6856qdm5679sd_8cwcn3680bipq6010_firmwarepm3003a_firmwareqca6696qfe4301qtc800s_firmwaresm4350sd845_firmwaresmb1381_firmwareqpa2625qcn9022_firmwaresm7250psd720g_firmwareqcn9074_firmwareqpm4621_firmwarepm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-416
Use After Free
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2020-11151
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.4||MEDIUM
EPSS-0.13% / 3.10%
||
7 Day CHG~0.00%
Published-21 Jan, 2021 | 09:41
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Race condition occurs while calling user space ioctl from two different threads can results to use after free issue in video in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580wsa8830qln5030qbt1500pmi632qpa5581qdm2307qfs2530qpa8802pm6125qat3519qcs4290qet6100pmm855ausdr660gpm8150aqtc800hqdm5670qpa8686pm7150lqpa8821pm7150asmb1396wcd9370qdm5671sdr425qca6426qat3518wcn3998wcn3950qat5516wcn3660bqdm5620sd662pm3003asa8155qdm5652sd6905gqat5533qca6595auqpm5679qbt2000qpm8870pm6150asmb1354qca6584auqdm2305qpm8820pm8150bqsm7250pm8250pmx55qat3522pmr735aqca6421qdm3301sa8195pqpm5677qat5515sd765gqca6436sdr660wcn6851sa6155pqpa6560sdr865wcd9385wcd9341qca6431qln5020sd750gqca6390wcd9375qpa8673sa8150ppm6350pmm8195auqdm2310qdm5621qln4642sda429wqdm5650wcn3988wtr3925wcn3620smb1390pm6150lwcn3610qet6110qln5040qpm8895qpm6585qtc410sqpm5670wcn3991smb1355qln4650qpa8801wgr7640qet5100qca6595qpm8830sdxr25gpm6150qat5522wsa8835pm7250bpm8150cpmr735bqpa8842wcd9380qpa4360qca6574asdr735pm7250smb1395smr525qpa8803smr526wcn3980pmk8003wcn6750pmr525qdm2301qpm4650qtm525wsa8815wcn6850sd665sd765pm640pqat3555pm8009sd460qca6391sdx55mpm8008qsw8574qcm4290pm640aqtc801ssd8655gqca6574auqpm5621qpm6582wsa8810pm8150lqdm2308qat3550qdm5677qdm5679sdr8250sd768gwtr2965qca6696qpa2625pm640lpmk8002sdx55sd675qet4101qat3516sm7250pqpm5658qpa5580Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2019-2260
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7||HIGH
EPSS-0.14% / 3.67%
||
7 Day CHG~0.00%
Published-22 Jul, 2019 | 13:47
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A race condition occurs while processing perf-event which can lead to a use after free condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDM439, SDM630, SDM660, SDX20, SDX24, Snapdragon_High_Med_2016, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632mdm9640_firmwaresd_820asd_439sd_670_firmwaresd_429sdx24sdm439mdm9650sd_636snapdragon_high_med_2016_firmwaremsm8909w_firmwaresd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaremdm9206sd_425_firmwaresd_665sdx24_firmwaresd_625_firmwaresd_450sd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sxr1130_firmwaresd_210_firmwaresxr1130msm8909wsd_665_firmwaresd_205_firmwaresd_212sd_427_firmwaresd_712sd_855sd_730_firmwarequalcomm_215sdx20sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_710_firmwaresdm630qcs405sd_625sd_210mdm9607sd_636_firmwaresd_439_firmwarequalcomm_215_firmwaremdm9150sd_429_firmwaresd_730snapdragon_high_med_2016sd_212_firmwaresd_850_firmwaresd_855_firmwaresdm439_firmwareqcs405_firmwaresd_712_firmwaresdm630_firmwaresd_430sd_427sd_670sd_435_firmwaresdx20_firmwaresd_710sd_205sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2014-10051
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.25% / 65.83%
||
7 Day CHG~0.00%
Published-18 Apr, 2018 | 14:00
Updated-16 Sep, 2024 | 23:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, and SDX20, after loading a dynamically loaded code section, I-Cache is not invalidated, which could lead to executing code from stale cache lines.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9206mdm9635m_firmwaresd_212_firmwaremdm9640_firmwaresd_412mdm9655sd_412_firmwaremdm9635msd_400sdx20mdm9206_firmwaremdm9607_firmwaremdm9655_firmwaremdm9650msm8909w_firmwaremdm9607sd_210mdm9645mdm9645_firmwaremdm9650_firmwaresdx20_firmwaresd_410_firmwaresd_205sd_210_firmwaresd_410msm8909wsd_400_firmwaresd_205_firmwaresd_212mdm9640Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-20
Improper Input Validation
CVE-2025-21460
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 0.53%
||
7 Day CHG~0.00%
Published-06 May, 2025 | 08:32
Updated-26 Feb, 2026 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in Automotive Software platform based on QNX

Memory corruption while processing a message, when the buffer is controlled by a Guest VM, the value can be changed continuously.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qam8295pqca6696_firmwaresa8775psa8770p_firmwaresa9000pqam8295p_firmwareqam8255p_firmwareqca6698aq_firmwaresrv1lsa8540p_firmwareqca6696srv1h_firmwaresa8775p_firmwaresa6150p_firmwareqca6595sa8295psa8620p_firmwareqca6688aq_firmwareqam8620psa6155p_firmwareqam8775p_firmwaresa8155_firmwaresa8195p_firmwareqca6574au_firmwaresa8155p_firmwaresa8255p_firmwaresa8155qam8255pqca6595ausa8145p_firmwareqca6698aqsrv1msa8150pqamsrv1hsa7775p_firmwaresa8650pqam8650psa6155sa7775pqca6574ausa9000p_firmwareqam8775psa6145psa8195pqca6574a_firmwaresa6150pqca6595au_firmwaresrv1l_firmwaresa8255psa8540psa8295p_firmwareqca6595_firmwareqca6688aqqca6574asa8620pqamsrv1h_firmwaresa8150p_firmwaresa7255p_firmwaresrv1hsa6145p_firmwaresa6155_firmwaresa8770pqam8650p_firmwareqamsrv1msa6155psa8155psa8145psa7255pqam8620p_firmwaresa8650p_firmwareqamsrv1m_firmwaresrv1m_firmwareSnapdragon
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2013-2598
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.6||MEDIUM
EPSS-0.31% / 22.60%
||
7 Day CHG~0.00%
Published-31 Aug, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

app/aboot/aboot.c in the Little Kernel (LK) bootloader, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to overwrite signature-verification code via crafted boot-image load-destination header values that specify memory locations within bootloader memory.

Action-Not Available
Vendor-codeauroran/a
Product-android-msmn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2023-21657
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.12% / 1.86%
||
7 Day CHG~0.00%
Published-06 Jun, 2023 | 07:39
Updated-02 Aug, 2024 | 09:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in Audio

Memoru corruption in Audio when ADSP sends input during record use case.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwareqam8255p_firmwareqca9377_firmwaresnapdragon_662_mobile_platform_firmwaresm7325-ae_firmwaresa6150p_firmwarewsa8830sa8145p_firmwareqcs610qcs2290_firmwareqam8650pwcn785x-5qam8775psnapdragon_820_automotive_platform_firmwareflight_rb5_5g_platformmdm9650csra6620flight_rb5_5g_platform_firmwaresm7250-ac_firmwareqcs4290wcn3950_firmwaresa8150p_firmwareqcs2290qca6595au_firmwareqca6390_firmwaresm8350wcd9370csra6620_firmwarecsra6640_firmwareqca6426wcn685x-1qrb5165n_firmwaresm7350-ab_firmwarewcn3990_firmwareqca9377sm4375wcn3998sm8250-abwcd9385_firmwareqam8295pwcn3950sm4125wcd9326_firmwarewcn3615_firmwaresm6375_firmwarewcn3660bqam8295p_firmwaresm7325-afqcn9011_firmwaresm7315_firmwareqca6320_firmwaresm7325-aeqca6574au_firmwaresm4250-aasnapdragon_835_mobile_pc_platform_firmwaresnapdragon_x55_5g_modem-rf_systemqca6595auwcn3998_firmwaresm6225-adsm7325-af_firmwaresm7250p_firmwarewcd9375_firmwarewcn3615qca6436_firmwaresm4350-acqrb5165nsnapdragon_xr2\+_gen_1_platformsnapdragon_auto_5g_modem-rf_firmwaresa6155p_firmwareqca6310sm6225smart_audio_400_platform_firmwaresm6225-ad_firmwareqcs6490qrb5165m_firmwareqrb5165_firmwareqca6698aqsa4155p_firmwareqcs8550_firmwaresm8250_firmwaresm7250-ab_firmwaresm8250-acwcn3988_firmwaresa6145p_firmwareqm215sm7250-aawcd9340sa8195pwsa8810_firmwaresm4375_firmwareqca6436wcd9326sa8255p_firmwaresa6155psg4150pwcd9335qca6698aq_firmwareqca6174a_firmwarewcn685x-1_firmwareqcs4290_firmwaresxr2130_firmwareqam8775p_firmwaresa8255pwcd9341wcd9385qca6696_firmwareqcs6490_firmwaresnapdragon_x12_lte_modem_firmwaresnapdragon_x12_lte_modemqca6797aqqca6390sm4350_firmwarewcd9375wcn3910_firmwaresa8150psnapdragon_662_mobile_platformsm8250-ac_firmwarewsa8830_firmwaresd660sd865_5g_firmwaresm7225_firmwareqcm6490snapdragon_7c\+_gen_3_compute_firmwarewcn3620_firmwaresd660_firmwarewcn3620sm4250-aa_firmwaresa8195p_firmwarewcn3988sm7350-abwsa8815_firmwarewsa8835_firmwarewcn6750_firmwaresa8295p_firmwaresa4150psg4150p_firmwarewcn785x-1qcm4325qcm2290_firmwaresm6375wcn3991wcd9380_firmwarewcn3990sdm429wsd865_5gqca6595sm8350-ac_firmwaresdm439snapdragon_835_mobile_pc_platformqcn9012sd888sdm429wsa8835qca6574sdm429w_firmwaresnapdragon_7c\+_gen_3_computesnapdragon_auto_5g_modem-rfwcd9380qcs410sxr2130qca6574asmart_audio_400_platformwcn685x-5_firmwareqca6174asm7325pqca6310_firmwaresm7325wcn6750qcn9012_firmwarewcd9335_firmwarewcn3980sm7225qcm4325_firmwaresm7250-abqca6574_firmwarewcd9340_firmwaresm4125_firmwarewcn3680b_firmwaresm7325p_firmwarewsa8815wcn3910qca6320sdm429_firmwaremdm9650_firmwaresnapdragon_xr2_5g_platform_firmwareqca6426_firmwareqcs8250wcn3660b_firmwareqca6574a_firmwaresd835qrb5165mwcn785x-5_firmwaresm7315sm8250-ab_firmwareqca6391snapdragon_x55_5g_modem-rf_system_firmwaresnapdragon_xr2\+_gen_1_platform_firmwarewcn3980_firmwaresnapdragon_820_automotive_platformsa8295psm6350wcn6740_firmwaresnapdragon_xr2_5g_platformqcm4290qcm6490_firmwaresm8350_firmwareqrb5165wcn685x-5sdm660qcn9011sm6225_firmwareqca6797aq_firmwaresm6350_firmwarewcn785x-1_firmwareqca6574ausa8155p_firmwareqcs8250_firmwarewcd9341_firmwareqcm4290_firmwaresm7250-aa_firmwarewsa8810sm7250-acqcs610_firmwaresa6145pwcn3680bsd835_firmwaresm8350-acqam8650p_firmwaresdm439_firmwareqca6595_firmwaresa8145pwcn6740qca6696qca6391_firmwareqcs8550sa4150p_firmwaresm4350qm215_firmwarewcd9370_firmwaresm4350-ac_firmwaresa6150psd888_firmwaresa8155pcsra6640sm8250sm7250pqcs410_firmwareqam8255psa4155psdm660_firmwareqcm2290sm7325_firmwareSnapdragonqcm2290_firmwareqam8255p_firmwareqca9377_firmwarerobotics_rb5_platform_firmwaresnapdragon_662_mobile_platform_firmwarewcd9380_firmwaresa6150p_firmwaresnapdragon_778g_5g_mobile_platform_firmwaresa8145p_firmwareqcs2290_firmwaresnapdragon_820_automotive_platform_firmwareflight_rb5_5g_platform_firmwaresdm429w_firmwarewcn3950_firmwaresnapdragon_888_5g_mobile_platform_firmwaresa8150p_firmwareqca6595au_firmwaresnapdragon_4_gen_1_mobile_platform_firmwarecsra6620_firmwarecsra6640_firmwaresnapdragon_460_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwarewcn3990_firmwareqrb5165n_firmwareqca6310_firmwareqcn9012_firmwarewcd9335_firmwarewcd9385_firmwarewcd9326_firmwarewcn3615_firmwareqcm4325_firmwareqca6574_firmwarewcd9340_firmwaresm4125_firmwaresm7325p_firmwaresnapdragon_660_mobile_platform_firmwareqam8295p_firmwaremdm9650_firmwaresnapdragon_xr2_5g_platform_firmwareqcn9011_firmwaresnapdragon_439_mobile_platform_firmwaresm7315_firmwareqca6320_firmwaresnapdragon_695_5g_mobile_platform_firmwareqca6574au_firmwaresnapdragon_429_mobile_platform_firmwaresnapdragon_835_mobile_pc_platform_firmwarewcn3680b_firmwarewcd9375_firmwarewcn3660b_firmwareqca6574a_firmwarefastconnect_6200_firmwaresm7250p_firmwarewcn3980_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareqca6436_firmwaresnapdragon_680_4g_mobile_platform_firmwarewcn6740_firmwaresnapdragon_auto_5g_modem-rf_firmwaresa6155p_firmwaresnapdragon_690_5g_mobile_platform_firmwaresmart_audio_400_platform_firmwareqrb5165m_firmwareqcm6490_firmwaresa4155p_firmwarefastconnect_6900_firmwareqcs8550_firmwarewcn3988_firmwareqca6797aq_firmwaresa6145p_firmwaresa8155p_firmwarefastconnect_6700_firmwarewsa8810_firmwareqcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwareqcm4290_firmwaresa8255p_firmwareqcs610_firmwareqca6698aq_firmwareqca6426_firmwarequalcomm_215_mobile_platform_firmwaresd835_firmwareqca6174a_firmwareqcs4290_firmwareqam8650p_firmwaresxr2130_firmwareqam8775p_firmwareqca6696_firmwareqcs6490_firmwareqca6595_firmwaresnapdragon_x12_lte_modem_firmwareqca6391_firmwaresa4150p_firmwarewcn3910_firmwarewcd9370_firmwaresd888_firmwarewsa8830_firmwaresd865_5g_firmwarewcn3620_firmwarewsa8815_firmwarewsa8835_firmwaresd660_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwareqcs410_firmwaresa8295p_firmwaresg4150p_firmwaresnapdragon_750g_5g_mobile_platform_firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2022-40502
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.42% / 34.15%
||
7 Day CHG~0.00%
Published-09 Feb, 2023 | 06:58
Updated-03 Aug, 2024 | 12:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper input validation in WLAN Host

Transient DOS due to improper input validation in WLAN Host.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn5024_firmwarewsa8830qcn9070sxr2230p_firmwareqcs610ipq8173_firmwareqcn5124qca4024_firmwareqcn9072wcn3950_firmwareipq8078aipq5028_firmwareqca6595au_firmwareipq6000wcd9370ssg2115pqcn5152_firmwareqca6584au_firmwareqcn9000_firmwareipq5018qca6554a_firmwarewcd9385_firmwareqam8295pwcn3950ipq8076aqcn6024_firmwaresd_8_gen1_5g_firmwareipq8074aqcn5124_firmwareqam8295p_firmwareqcn6100_firmwareqcn6102_firmwarewcn7850qca6574au_firmwareqcn5122_firmwareqcn5164_firmwareqca6595auqca8081_firmwareqcn6023_firmwarewcd9375_firmwareqcn9002ipq5010qca6564au_firmwareqca6584ausa6155p_firmwaresd680_firmwareipq8078a_firmwareqcn9274ipq8174qcn9001wcn7851ipq5028qca6698aqqcn5052ipq6010qcn6112_firmwarewcn3988_firmwareqcn9074sa8195pqcn6132wsa8810_firmwaresd680sa6155psg4150pqca8081wcn7851_firmwareqca6698aq_firmwareipq8071aqcn6023ipq8071a_firmwarewcd9385qca9888_firmwareqcn6122wcd9341qca6696_firmwareipq9008_firmwareqcn5154_firmwarecsr8811wcd9375qcn9100_firmwarewsa8830_firmwareipq5010_firmwareipq8074a_firmwarewcn3988wsa8815_firmwarewcn7850_firmwarewsa8835_firmwaresa8195p_firmwaresm8475qcn5022_firmwaresa8295p_firmwaresa4150psg4150p_firmwareqca8072ipq5018_firmwarewcd9380_firmwaressg2125pqcn9000ipq8072aqca6554aipq8076a_firmwareqca6595ipq8078qca6564auqcn9001_firmwareipq8173wcn6856_firmwareipq9008qcn5164qcn6122_firmwareqca6574sxr1230p_firmwarewsa8835csr8811_firmwarewcd9380qcn5054_firmwareqcs410qcn5154qca8075_firmwaressg2125p_firmwareqca6574aqcn5024wcn6855_firmwareqca9889qcn6132_firmwareqcn9003_firmwaresxr1230pqca9888qca8072_firmwarewcn3980qcn5052_firmwareqcn9274_firmwareqcn9003ipq8070a_firmwareipq6018_firmwareipq8076_firmwareqca6574_firmwarewsa8815qcn6112sxr2230pipq8076qca6574a_firmwareqcn5152ipq6028qcn9024ipq9574_firmwarewcn3980_firmwaresa8295pwcn6740_firmwareqcn6102qcn9100ipq8078_firmwarewsa8832_firmwareqcn5054qcn9070_firmwareipq6028_firmwareipq8072a_firmwareqca6574auqca9889_firmwaresa8155p_firmwareipq9574qcn5122qcn9024_firmwareipq8174_firmwarewcd9341_firmwarewsa8810wsa8832wcn6855qcs610_firmwarewcn6856ipq6018qcn5022ipq6010_firmwareqca6595_firmwarewcn6740qca6696sa4150p_firmwareqca4024wcd9370_firmwareqca8075qcn9022_firmwaresa8155pqcn6024qcn9022ipq8070aqcn9002_firmwareqcn6100qcn9072_firmwareipq6000_firmwaressg2115p_firmwareqcn9074_firmwareqcs410_firmwareSnapdragonqcn5024_firmwareipq5018_firmwarewcd9380_firmwaresxr2230p_firmwareipq8076a_firmwareipq8173_firmwareqcn9001_firmwarewcn6856_firmwareqca4024_firmwareqcn6122_firmwaresxr1230p_firmwarewcn3950_firmwarecsr8811_firmwareipq5028_firmwareqca6595au_firmwareqcn5054_firmwareqca8075_firmwaressg2125p_firmwarewcn6855_firmwareqcn5152_firmwareqcn6132_firmwareqcn9003_firmwareqca6584au_firmwareqca8072_firmwareqcn9000_firmwareqcn5052_firmwareqcn9274_firmwareipq8070a_firmwareqca6554a_firmwarewcd9385_firmwareqcn6024_firmwareipq8076_firmwareipq6018_firmwareqca6574_firmwaresd_8_gen1_5g_firmwareqcn5124_firmwareqam8295p_firmwareqcn6100_firmwareqcn6102_firmwareqca6574a_firmwareqca6574au_firmwareqcn5122_firmwareqcn5164_firmwarewcd9375_firmwareqca8081_firmwareqcn6023_firmwareipq9574_firmwarewcn3980_firmwarewcn6740_firmwareqca6564au_firmwaresd680_firmwaresa6155p_firmwareipq8078a_firmwareipq8078_firmwarewsa8832_firmwareqcn9070_firmwareipq6028_firmwareipq8072a_firmwareqcn6112_firmwarewcn3988_firmwareqca9889_firmwaresa8155p_firmwareqcn9024_firmwareipq8174_firmwarewsa8810_firmwarewcd9341_firmwareqcs610_firmwarewcn7851_firmwareqca6698aq_firmwareipq8071a_firmwareqca9888_firmwareipq6010_firmwareqca6696_firmwareqca6595_firmwareipq9008_firmwareqcn5154_firmwaresa4150p_firmwarewcd9370_firmwareqcn9100_firmwareqcn9022_firmwarewsa8830_firmwareqcn9002_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwarewsa8835_firmwarewcn7850_firmwareqcn9072_firmwareipq6000_firmwaresa8195p_firmwaressg2115p_firmwareqcn9074_firmwareqcs410_firmwareqcn5022_firmwaresa8295p_firmwaresg4150p_firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2024-38420
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-8.8||HIGH
EPSS-0.10% / 1.10%
||
7 Day CHG~0.00%
Published-03 Feb, 2025 | 16:51
Updated-05 Feb, 2025 | 13:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in Hypervisor

Memory corruption while configuring a Hypervisor based input virtual device.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_7800_firmwareqca6421snapdragon_678_mobilesnapdragon_ar2_gen_1qcm6490_firmwaresd675qcn6224_firmwareqca6420snapdragon_670_mobile_firmwaresa7775p_firmwaresa8775pqca6574au_firmwaresc8180x-ad_firmwaresd670_firmwareqam8775pqca6584ausnapdragon_x65_5g_modem-rf_firmwarewcd9326qca6430sa8255pqdu1210_firmwaresnapdragon_x62_5g_modem-rfwcd9370_firmwaresnapdragon_888_5g_mobileqcc710_firmwareqru1052qdu1000_firmwaresc8180xp-acafsa8540p_firmwarerobotics_rb3_firmwaresd675_firmwaresnapdragon_865\+_5g_mobilesnapdragon_675_mobileqep8111_firmwaresd_8_gen1_5g_firmwarerobotics_rb3qru1032sxr2130qca6574ssg2115p_firmwareqcm8550sa8650psa8770p_firmwareqca6698aq_firmwaresa8775p_firmwaresnapdragon_x55_5g_modem-rf_firmwareqamsrv1m_firmwaresnapdragon_865_5g_mobilewcd9326_firmwaresnapdragon_670_mobileqca6421_firmwaresnapdragon_xr2_5gfastconnect_6800wsa8810qdx1011snapdragon_8_gen_3_mobile_firmwareqam8255p_firmwaresnapdragon_888\+_5g_mobilewcd9375snapdragon_855_mobilesnapdragon_870_5g_mobile_firmwaresc8180x-aaabqdu1000sa6155fastconnect_6200_firmwarevision_intelligence_300snapdragon_855\+_mobilesa6155psnapdragon_765g_5g_mobile_firmwareqca6335_firmwarevideo_collaboration_vc3_platformqamsrv1h_firmwaresnapdragon_860_mobile_firmwarewsa8830_firmwareqca8081qdu1110_firmwaresc8380xpwcd9385wsa8840_firmwareqfw7124_firmwarewsa8840qca6426qfw7124qca6696sa8155p_firmwareqca6595snapdragon_678_mobile_firmwareqca8337snapdragon_845_mobile_firmwareqca8337_firmwareqam8650psxr1230p_firmwaresxr2330pvision_intelligence_400_firmwaresnapdragon_x24_lte_modemsrv1mqcs5430_firmwareqru1062qam8775p_firmwaresnapdragon_ar1_gen_1sm7250p_firmwaresnapdragon_x50_5g_modem-rf_firmwareqcm5430qcs9100qca6335sa8295p_firmwaresd855_firmwareqca9377sa9000pwsa8835aqt1000_firmwareqca8081_firmwareqca6797aq_firmwarefastconnect_7800wcd9340snapdragon_xr2_5g_firmwareqca6174aqca6574ausnapdragon_765_5g_mobilesnapdragon_auto_5g_modem-rf_gen_2qca6584au_firmwaresd_675_firmwarewcn3990fastconnect_6700qca6696_firmwaresnapdragon_x72_5g_modem-rf_firmwareqdx1011_firmwareqcs9100_firmwareqru1032_firmwaresrv1m_firmwarewsa8832fastconnect_6700_firmwarewcd9390_firmwareqcn6274sc8180x-adsc8280xp-abbb_firmwarewsa8815snapdragon_768g_5g_mobile_firmwaresxr1230pqru1062_firmwaresdx57mqca6574a_firmwaresdx55_firmwaresa8620pqca6430_firmwaresrv1lsrv1h_firmwareqcs6490sa8540psa6155_firmwaresc8180x-acaf_firmwaresa9000p_firmwaresa7775psnapdragon_auto_5g_modem-rf_gen_2_firmwarewsa8835_firmwaresnapdragon_855_mobile_firmwareqep8111sa7255psnapdragon_x35_5g_modem-rfqdu1210qamsrv1mqcs5430qam8295p_firmwareqcs8550_firmwareqcm6490qru1052_firmwareqdu1010_firmwaresnapdragon_x50_5g_modem-rfssg2125p_firmwaresa8650p_firmwareqcn6274_firmwarewcn3950_firmwareqca6391snapdragon_x65_5g_modem-rfvision_intelligence_400qcn9274_firmwareqca6564aqca6310qdu1110sdx57m_firmwarewcn3950video_collaboration_vc3_platform_firmwarewsa8845_firmwaresnapdragon_x55_5g_modem-rfqca6574_firmwareqcm8550_firmwaresa8150p_firmwarear8035qca6564a_firmwaresrv1l_firmwaresc8180xp-aaab_firmwarewsa8845hsa6155p_firmwarewcd9341wcd9395_firmwaresa8155sc8180x-aaab_firmwarewcn3990_firmwarefastconnect_6900qca6574aqca6431wcd9375_firmwarewcd9385_firmwareqam8650p_firmwaresnapdragon_855\+_mobile_firmwareqcn9274snapdragon_850_mobile_computesnapdragon_860_mobileqca6310_firmwaresa8295psa6145p_firmwaresa6145psdx80msa8620p_firmwaresnapdragon_888_5g_mobile_firmwaresdx80m_firmwaresa7255p_firmwareqca6595_firmwaresnapdragon_765g_5g_mobilevision_intelligence_300_firmwareqamsrv1hsdx55sc8180xp-acaf_firmwaresnapdragon_865\+_5g_mobile_firmwarewcd9380snapdragon_x75_5g_modem-rf_firmwareqsm8350qca6436_firmwaresa8155pwsa8832_firmwaresd_8cxqca6564ausc8180xp-adsxr2130_firmwareqcs6490_firmwareqca6595au_firmwareqcn6224sa8255p_firmwareqca6595ausc8180xp-ad_firmwareqam8255psc8280xp-abbbqca6431_firmwaresrv1hsnapdragon_845_mobileqam8620par8035_firmwaresc8380xp_firmwareqsm8350_firmwaresd865_5g_firmwaresd865_5gwsa8845h_firmwaresnapdragon_675_mobile_firmwareqdx1010_firmwaresnapdragon_x62_5g_modem-rf_firmwarewsa8845snapdragon_ar2_gen_1_firmwarewcd9380_firmwaresd855qca6391_firmwareqca6174a_firmwareqdx1010qdu1010wcn3980wcd9370wcd9340_firmwaresc8180x-acafqca6426_firmwaressg2125pqca6678aqsnapdragon_765_5g_mobile_firmwaresnapdragon_x75_5g_modem-rfwcd9341_firmwaresa8155_firmwaresnapdragon_8_gen_1_mobilesnapdragon_870_5g_mobilesnapdragon_865_5g_mobile_firmwareqca6564au_firmwareqam8295pqam8620p_firmwaresnapdragon_888\+_5g_mobile_firmwareqca6797aqqcs8550sa8150psnapdragon_768g_5g_mobileqcm5430_firmwaresnapdragon_8_gen_1_mobile_firmwaresd_8_gen1_5gsnapdragon_ar1_gen_1_firmwarewsa8810_firmwaresd_8cx_firmwareqcc710sm7250pssg2115psnapdragon_8_gen_3_mobilesnapdragon_x72_5g_modem-rfqca6420_firmwareqca9377_firmwaresc8180xp-aaabsnapdragon_850_mobile_compute_firmwaresd670wsa8830wsa8815_firmwaresa8770psnapdragon_x24_lte_modem_firmwarefastconnect_6200wcn3980_firmwaresnapdragon_x35_5g_modem-rf_firmwareqca6678aq_firmwareqca6698aqqca6436fastconnect_6900_firmwareqfw7114sd_675aqt1000fastconnect_6800_firmwarewcd9390wcd9395qfw7114_firmwaresxr2330p_firmwareSnapdragon
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-18155
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.23% / 13.22%
||
7 Day CHG~0.00%
Published-12 Jul, 2018 | 14:00
Updated-16 Sep, 2024 | 23:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While playing HEVC content using HD DMB in Snapdragon Automobile and Snapdragon Mobile in version MSM8996AU, SD 450, SD 625, SD 820, SD 820A, SD 835, an uninitialized variable can be used leading to a kernel fault.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_625sd_820_firmwaresd_835_firmwaremsm8996ausd_820sd_625_firmwaresd_450sd_820amsm8996au_firmwaresd_835sd_450_firmwaresd_820a_firmwareSnapdragon Automobile, Snapdragon Mobile
CWE ID-CWE-20
Improper Input Validation
CVE-2020-11253
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.16% / 5.69%
||
7 Day CHG~0.00%
Published-22 Feb, 2021 | 06:25
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Arbitrary memory write issue in video driver while setting the internal buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qpm5679_firmwaresa6150p_firmwareqpm5620_firmwareqdm2307qca6431_firmwareqfs2530qpm8870_firmwareqpa8802qpm6585_firmwareqat3519qbt2000_firmwareqat5522_firmwarepm8150aqtc800hqdm5670sa8150p_firmwareqca6595au_firmwaresdr8250_firmwareqpa5581_firmwaresa6155pm7150lqpa8821qdm5671pmc1000hqpm4650_firmwareqat3518sd8cqpa5580_firmwarewcn3998wcd9371_firmwaresmr526_firmwareqdm2305_firmwareqpm5670_firmwaresmb2351_firmwareqdm5652sd6905gqca6574au_firmwareqpm8870wcd9375_firmwarewcn3998_firmwareqpm5679qbt2000sa6155_firmwarepm855pqca6420pm6150apmx50_firmwaresdr735gpm8150bqdm3301_firmwareqsm7250sa8155_firmwareqca6430pmr735awcd9340sd765gqdm2308_firmwaresdr660qca6436wcn6851sa6155pqpa6560sdr865qdm5620_firmwarewcd9341qca6431qca6696_firmwareqln5020wcd9371sd750gpmm855au_firmwarewcn3910_firmwaresa8150pqpm5657pm6350qdm5621wsa8830_firmwaresd855_firmwareqdm5650wcn3988sdr052sa8195p_firmwaresmb1390wcn6750_firmwareqat5516_firmwarepm6150lpm855l_firmwareqpa8686_firmwareqpm6585wcn3991wcd9380_firmwaresmb1355qln4650qpa8801sdr735g_firmwareqet5100qdm5671_firmwareqpa8801_firmwarepm8150l_firmwareqat5533_firmwaresdx55m_firmwaresdxr25gqpa8673_firmwarepm6150qet4101_firmwareqca6574pm7250bqln4642_firmwareqpa8842sdr052_firmwarewcd9380smb1355_firmwarepm7250b_firmwaresmb1381pm855p_firmwaresdx50m_firmwaresdr735pm7250smb1395qpa8803smr526qca6430_firmwarepmk8003qtc801s_firmwarewcn3980sdxr25g_firmwareqdm2301wcd9340_firmwarewsa8815wcn6850wcn3910qdm5621_firmwareqdm2301_firmwareqca6426_firmwarepm8009wcn3980_firmwaresd730sdr051_firmwaresdx55mqca6421_firmwarepm8008qtm525_firmwareqat3518_firmwaresd6905g_firmwareqpm5621_firmwarepm855lwcn6851_firmwareqdm5670_firmwareqpa6560_firmwaresd8655gqpa8802_firmwarepm7150a_firmwarepm8150b_firmwareqpm5621qpm6582pmc1000h_firmwarepm8009_firmwareqdm2310_firmwareqfs2580_firmwarepm8150lqdm5677qsm8250sa6145ppm855_firmwarepmm6155aupm855b_firmwareqpm6582_firmwareqca6391_firmwarepm8150wcd9370_firmwareqln4650_firmwareqat3516_firmwaresdx55sa8155pqet4101qat3555_firmwareqat3516qpa8803_firmwareqpm5658pm855bsmb2351qsm8250_firmwareqpm5658_firmwarewcn3991_firmwareqdm5652_firmwarewsa8830pmm8155au_firmwaresdr051qet6110_firmwareqln5030qbt1500qpa5581qpa2625_firmwarepmr735b_firmwareqbt1500_firmwareqet5100_firmwareqet6100_firmwareqet6100pmm855ausd765g_firmwareqpa8686qca6420_firmwareqca6390_firmwaresmb1396sd730_firmwarepm7150awcd9370pmr525_firmwareqca6426wcn3990_firmwarewcd9385_firmwareqdm5650_firmwareqat5516pm7250_firmwareqdm5620qpa8821_firmwarepmk8002_firmwarepm3003asa8155sdx55_firmwarepmm6155au_firmwareqat5533qca6595ausm7250p_firmwareqca6436_firmwareqsm7250_firmwarepm7150l_firmwareqdm2305sa6155p_firmwareqpm8820qat5515_firmwareqln5020_firmwarepm855qpm8830_firmwarepm8250qfs2530_firmwarewcn3988_firmwarepmx55sa6145p_firmwarepm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresa8195psdr735_firmwarewsa8810_firmwareqpm5677qat5515sd765_firmwareqdm5677_firmwarepm6350_firmwarepm8004_firmwaresdr8150_firmwarewcd9385qtc800h_firmwareqpm5620pmm8155auqln5040_firmwareqca6390wcd9375sd750g_firmwareaqt1000qpa8673qdm2310pmm8195auqln5030_firmwareqln4642qpm5677_firmwarewsa8815_firmwaresmb1396_firmwaresmr525_firmwarewcn6850_firmwarewsa8835_firmwareqpm8820_firmwareqet6110qln5040qpm8895qpm5670wcn3990pmx55_firmwarepm8150_firmwareqpm8830qdm2307_firmwareqat5522wsa8835pm8150cpmr735bqpm5657_firmwarepmk8003_firmwaresdr660_firmwaresc8180xqca6574asmb1390_firmwareqdm5679_firmwaresmr525wcn6750pm6150l_firmwarepmr525pm8150a_firmwareqpm4650qtm525qca6574_firmwaresd855sd8cxpm6150a_firmwarepm6150_firmwaresd765qca6574a_firmwaresd768g_firmwaresdr865_firmwareqat3555pm8250_firmwareqca6391sd8cx_firmwareaqt1000_firmwaresd8c_firmwareqpm8895_firmwaresdx50msdr8150qtc801ssmb1395_firmwaresc8180x_firmwareqca6574ausa8155p_firmwarepm8008_firmwaresd8655g_firmwarewcd9341_firmwarewsa8810pmr735a_firmwareqdm2308pmx50qdm5679sdr8250sd768gpm3003a_firmwareqca6696smb1381_firmwarepm8004pmk8002qpa2625sa6150ppmm8195au_firmwaresm7250pqpa5580Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CVE-2020-11237
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.20% / 10.28%
||
7 Day CHG~0.00%
Published-07 Apr, 2021 | 07:55
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory crash when accessing histogram type KPI input received due to lack of check of histogram definition before accessing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qpm5679_firmwaresm6250p_firmwareqpm5620_firmwareqca8337qdm2307qca6431_firmwareqfs2530qpm8870_firmwareqpa8802qpm6585_firmwareqat3519qbt2000_firmwareqat5522_firmwarewcn3950_firmwarepm8150aqtc800hqdm5670sdr8250_firmwareqca6595au_firmwareqpa5581_firmwarepm7150lqpa8821qdm5671qpm4650_firmwareqat3518pm456_firmwareqpa5580_firmwaresa415mwcn3998smr526_firmwarewcn3950sd720gqdm2305_firmwareqpm5670_firmwareqdm5652sd6905gqca6574au_firmwareqpm8870wcd9375_firmwarewcn3998_firmwareqpm5679qbt2000pm6150aqpa8675_firmwaresdr735gpm8150bqdm3301_firmwareqsm7250pmr735asd765gqdm2308_firmwaresdr660qca6436wcn6851qpa6560sdr675_firmwaresdr865qdm5620_firmwarewcd9341qca6431qca6696_firmwareqln5020qet4100_firmwaresd870_firmwaresd750gqpm5657pm6350qdm5621wsa8830_firmwaresd855_firmwareqdm5650wcn3988smb1390qat5516_firmwarepm6150lpm855l_firmwareqet4100qpa8686_firmwareqpm6585wcn3991qca8337_firmwarewcd9380_firmwaresmb1355qln4650qpa8801sdr735g_firmwareqet5100qdm5671_firmwareqpa8801_firmwareqca6564aupm8150l_firmwareqat5533_firmwaresdx55m_firmwareqtm527_firmwaresdxr25gqpa8673_firmwarepm6150qet4101_firmwarepm7250bqln4642_firmwareqpa8842wcd9380smb1355_firmwarepm7250b_firmwareqln4640smb1381sdr735pm7250smb1395qpa8803smr526wcn3980pmk8003qtc801s_firmwaresdxr25g_firmwareqdm2301wsa8815wcn6850qdm5621_firmwareqdm2301_firmwareqca6426_firmwarepm8009wcn3980_firmwareqpa8675sd730sdx55mpm6250_firmwareqca6421_firmwarepm8008qtm525_firmwareqat3518_firmwaresd6905g_firmwaresd678_firmwareqpm5621_firmwarepm855lqln1021aq_firmwarewcn6851_firmwareqdm5670_firmwareqpa6560_firmwaresd8655gqpa8802_firmwareqln4640_firmwarepm7150a_firmwarepm8150b_firmwareqpm5621qpm6582pm8009_firmwareqdm2310_firmwareqfs2580_firmwaresd480sd870pm8150lqdm5677pm855_firmwarepm855b_firmwareqpm6582_firmwareqca6391_firmwarewcd9370_firmwareqln4650_firmwareqat3516_firmwaresdx55sd675qet4101qat3555_firmwareqat3516qpa8803_firmwareqpm5658pm855bqln1031qpm5658_firmwarewcn3991_firmwareqdm5652_firmwarewsa8830sd678qet6110_firmwareqln5030qbt1500qpa5581pmi632qpa2625_firmwarepm456csrb31024pmr735b_firmwarepmx24_firmwareqbt1500_firmwareqet5100_firmwareqet6100_firmwareqet6100sd765g_firmwareqpa8686qca6390_firmwaresmb1396sd730_firmwarepm7150awcd9370sd675_firmwarepmr525_firmwareqca6426qca6584au_firmwarewcn3990_firmwarepmi632_firmwarewcd9385_firmwareqdm5650_firmwareqat5516pm7250_firmwareqdm5620qln1021aqqpa8821_firmwarepmk8002_firmwarepm3003aqln1031_firmwaresdx55_firmwareqat5533qca6595ausm7250p_firmwareqca6436_firmwareqsm7250_firmwarepm7150l_firmwareqca6564au_firmwareqca6584auqdm2305qpm8820qat5515_firmwareqln5020_firmwarepm855qpm8830_firmwarepm8250qfs2530_firmwaresa415m_firmwarepmx55wcn3988_firmwaresdr675pm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresdr735_firmwaresm6250wsa8810_firmwareqpm5677qat5515sd765_firmwareqdm5677_firmwarepm6350_firmwaresdr8150_firmwarewcd9385qtc800h_firmwareqpm5620qln5040_firmwareqca6390wcd9375sd750g_firmwareqpa8673sm6250_firmwareqdm2310qln5030_firmwareqln4642qpm5677_firmwarewsa8815_firmwaresmb1396_firmwaresmr525_firmwarewcn6850_firmwarewsa8835_firmwareqpm8820_firmwarepmx24qet6110qln5040qpm8895qpm5670wcn3990pmx55_firmwareqtm527qpm8830qdm2307_firmwareqat5522wsa8835pm8150cpmr735bqpm5657_firmwaresm6250ppmk8003_firmwaresdr660_firmwareqca6574asmb1390_firmwareqdm5679_firmwaresmr525pm6150l_firmwarepmr525pm8150a_firmwareqpm4650qtm525qln1036aq_firmwaresd855pm6150a_firmwarepm6150_firmwaresd765qca6574a_firmwaresd768g_firmwaresdr865_firmwareqat3555pm8250_firmwareqca6391qpm8895_firmwarecsrb31024_firmwaresdr8150sd480_firmwareqln1036aqqtc801ssmb1395_firmwareqca6574aupm8008_firmwaresd8655g_firmwarewcd9341_firmwarewsa8810pmr735a_firmwareqdm2308qdm5679sdr8250sd768gpm3003a_firmwareqca6696smb1381_firmwareqpa2625pmk8002sm7250psd720g_firmwarepm6250qpa5580Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile
CWE ID-CWE-20
Improper Input Validation
CVE-2022-34146
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.42% / 34.15%
||
7 Day CHG~0.00%
Published-09 Feb, 2023 | 06:58
Updated-03 Aug, 2024 | 08:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper input validation in WLAN Host

Transient DOS due to improper input validation in WLAN Host while parsing frame during defragmentation.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn5024_firmwarewsa8830qcn9070sxr2230p_firmwareqcs610ipq8173_firmwareqcn5124qca4024_firmwareqcn9072wcn3950_firmwareipq8078aipq5028_firmwareqca6595au_firmwareipq6000wcd9370ssg2115pqcn5152_firmwareqca6584au_firmwareqcn9000_firmwareipq5018qca6554a_firmwarewcd9385_firmwareqam8295pwcn3950ipq8076aqcn6024_firmwaresd_8_gen1_5g_firmwareipq8074aqcn5124_firmwareqam8295p_firmwareqcn6100_firmwareqcn6102_firmwarewcn7850qca6574au_firmwareqcn5122_firmwareqcn5164_firmwareqca6595auqca8081_firmwareqcn6023_firmwarewcd9375_firmwareqcn9002ipq5010qca6564au_firmwareqca6584ausa6155p_firmwaresd680_firmwareipq8078a_firmwareqcn9274ipq8174qcn9001wcn7851ipq5028qca6698aqqcn5052ipq6010qcn6112_firmwarewcn3988_firmwareqcn9074sa8195pqcn6132wsa8810_firmwaresd680sa6155psg4150pqca8081wcn7851_firmwareqca6698aq_firmwareipq8071aqcn6023ipq8071a_firmwarewcd9385qca9888_firmwareqcn6122wcd9341qca6696_firmwareipq9008_firmwareqcn5154_firmwarecsr8811wcd9375qcn9100_firmwarewsa8830_firmwareipq5010_firmwareipq8074a_firmwarewcn3988wsa8815_firmwarewcn7850_firmwarewsa8835_firmwaresa8195p_firmwaresm8475qcn5022_firmwaresa8295p_firmwaresa4150psg4150p_firmwareqcm4325qca8072ipq5018_firmwarewcd9380_firmwaressg2125pqcn9000ipq8072aqca6554aipq8076a_firmwareqca6595ipq8078qca6564auqcn9001_firmwareipq8173wcn6856_firmwareipq9008qcn5164qcn6122_firmwareqca6574sxr1230p_firmwarewsa8835csr8811_firmwarewcd9380qcn5054_firmwareqcs410qcn5154qca8075_firmwaressg2125p_firmwareqca6574aqcn5024wcn6855_firmwareqca9889qcn6132_firmwareqcn9003_firmwaresxr1230pqca9888qca8072_firmwarewcn3980qcn5052_firmwareqcn9274_firmwareqcn9003ipq8070a_firmwareipq6018_firmwareipq8076_firmwareqcm4325_firmwareqca6574_firmwarewsa8815qcn6112sxr2230pipq8076qca6574a_firmwareqcn5152ipq6028qcn9024ipq9574_firmwarewcn3980_firmwaresa8295pwcn6740_firmwareqcn6102qcn9100ipq8078_firmwarewsa8832_firmwareqcn5054qcn9070_firmwareipq6028_firmwareipq8072a_firmwareqca6574auqca9889_firmwaresa8155p_firmwareipq9574qcn5122qcn9024_firmwareipq8174_firmwarewcd9341_firmwarewsa8810wsa8832wcn6855qcs610_firmwarewcn6856ipq6018qcn5022ipq6010_firmwareqca6595_firmwarewcn6740qca6696sa4150p_firmwareqca4024wcd9370_firmwareqca8075qcn9022_firmwaresa8155pqcn6024qcn9022ipq8070aqcn9002_firmwareqcn6100qcn9072_firmwareipq6000_firmwaressg2115p_firmwareqcn9074_firmwareqcs410_firmwareSnapdragonqcn5024_firmwareipq5018_firmwarewcd9380_firmwaresxr2230p_firmwareipq8076a_firmwareipq8173_firmwareqcn9001_firmwarewcn6856_firmwareqca4024_firmwareqcn6122_firmwaresxr1230p_firmwarewcn3950_firmwarecsr8811_firmwareipq5028_firmwareqca6595au_firmwareqcn5054_firmwareqca8075_firmwaressg2125p_firmwarewcn6855_firmwareqcn5152_firmwareqcn6132_firmwareqcn9003_firmwareqca6584au_firmwareqca8072_firmwareqcn9000_firmwareqcn5052_firmwareqcn9274_firmwareipq8070a_firmwareqca6554a_firmwarewcd9385_firmwareqcn6024_firmwareipq8076_firmwareipq6018_firmwareqcm4325_firmwareqca6574_firmwaresd_8_gen1_5g_firmwareqcn5124_firmwareqam8295p_firmwareqcn6100_firmwareqcn6102_firmwareqca6574a_firmwareqca6574au_firmwareqcn5122_firmwareqcn5164_firmwarewcd9375_firmwareqca8081_firmwareqcn6023_firmwareipq9574_firmwarewcn3980_firmwarewcn6740_firmwareqca6564au_firmwaresd680_firmwaresa6155p_firmwareipq8078a_firmwareipq8078_firmwarewsa8832_firmwareqcn9070_firmwareipq6028_firmwareipq8072a_firmwareqcn6112_firmwarewcn3988_firmwareqca9889_firmwaresa8155p_firmwareqcn9024_firmwareipq8174_firmwarewsa8810_firmwarewcd9341_firmwareqcs610_firmwarewcn7851_firmwareqca6698aq_firmwareipq8071a_firmwareqca9888_firmwareipq6010_firmwareqca6696_firmwareqca6595_firmwareipq9008_firmwareqcn5154_firmwaresa4150p_firmwarewcd9370_firmwareqcn9100_firmwareqcn9022_firmwarewsa8830_firmwareqcn9002_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwarewsa8835_firmwarewcn7850_firmwareqcn9072_firmwareipq6000_firmwaresa8195p_firmwaressg2115p_firmwareqcn9074_firmwareqcs410_firmwareqcn5022_firmwaresa8295p_firmwaresg4150p_firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2022-33211
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.42% / 33.56%
||
7 Day CHG~0.00%
Published-04 Apr, 2023 | 04:46
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in MODEM

memory corruption in modem due to improper check while calculating size of serialized CoAP message

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9206wcd9306snapdragon_wear_1300mdm8207snapdragon_wear_1200wcd9330snapdragon_x5_lte_modemsnapdragon_x5_lte_modem_firmwaremdm8207_firmwaresnapdragon_wear_1100mdm9205_firmwaremdm9205qca4004_firmwaremdm9206_firmwaremdm9207_firmwareqca4004qts110wcd9306_firmwaresnapdragon_wear_1100_firmwaresnapdragon_wear_1300_firmwarewcd9330_firmwaresnapdragon_wear_1200_firmwaremdm9207qts110_firmwareSnapdragon9205_lte_modem_firmware9206_lte_modem_firmwaresnapdragon_wear_1300_platform_firmware9207_lte_modem_firmwarewcd9306_firmwaresnapdragon_x5_lte_modem_firmwaremdm8207_firmwarewcd9330_firmwareqca4004_firmwaresnapdragon_1200_wearable_platform_firmwaresnapdragon_1100_wearable_platform_firmwareqts110_firmware
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-131
Incorrect Calculation of Buffer Size
CVE-2024-53022
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 1.83%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in Automotive OS Platform

Memory corruption may occur during communication between primary and guest VM.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6696sa7775psa8775psa8540p_firmwaresa8775p_firmwareqam8255p_firmwaresrv1m_firmwaresrv1mqamsrv1h_firmwareqam8295p_firmwaresrv1l_firmwaresa8620pqam8775pqam8255pqca6696_firmwaresa9000p_firmwareqca6595_firmwaresa8540psa8620p_firmwaresa8770p_firmwaresa8255p_firmwareqca6595au_firmwaresrv1lqam8620p_firmwaresa7255psa8770psa8650p_firmwaresa9000psrv1hqam8775p_firmwareqamsrv1hsa7775p_firmwareqam8650p_firmwaresa8295pqamsrv1mqam8295pqca6595qamsrv1m_firmwaresa8295p_firmwareqam8650psa8255psa8650psrv1h_firmwareqam8620pqca6595ausa7255p_firmwareSnapdragon
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-53030
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 1.83%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in Automotive OS Platform

Memory corruption while processing input message passed from FE driver.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa9000pqca6595au_firmwaresa8650p_firmwareqca6678aqsa8255psa8155p_firmwareqamsrv1m_firmwareqcs9100msm8996aumsm8996au_firmwaresa8620p_firmwaresa8155pqam8650p_firmwareqca6574a_firmwareqca6595_firmwaresnapdragon_820_automotive_firmwareqca6584au_firmwaresa6155_firmwareqam8620psrv1hqca6564auqca6564a_firmwaresa7255psa8620pqam8620p_firmwaresa7255p_firmwareqam8775p_firmwareqam8295p_firmwareqca6797aqqam8255pqca6688aqsa7775p_firmwaresa8255p_firmwaresa8155_firmwaresa8770p_firmwaresa8295p_firmwaresa6150pqca6696_firmwareqam8295psa8150pqca6595ausa6150p_firmwareqcs9100_firmwaresa8295psa8145psa8150p_firmwaresrv1lsa6145psa6155p_firmwareqca6698aq_firmwareqam8650pqam8775pqca6595qca6688aq_firmwaresa8770psrv1h_firmwaresa8775psrv1msnapdragon_820_automotivesa8775p_firmwaresa9000p_firmwareqamsrv1mqca6564au_firmwareqca6574auqca6797aq_firmwaresrv1m_firmwaresa7775psa8650psa8540p_firmwaresa8145p_firmwaresa6155sa8195p_firmwareqca6698aqsa8195pqca6584ausa6155pqamsrv1hqca6564aqca6574au_firmwareqamsrv1h_firmwareqca6678aq_firmwareqca6574aqam8255p_firmwaresa6145p_firmwaresa8155srv1l_firmwareqca6696sa8540pSnapdragon
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-53031
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 1.83%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in Automotive OS Platform

Memory corruption while reading a type value from a buffer controlled by the Guest Virtual Machine.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa9000pqca6595au_firmwaresa8650p_firmwareqam8775psa8255pqamsrv1m_firmwareqca6595qca6688aq_firmwaresa8770psa8775psrv1h_firmwaresa8620p_firmwareqam8650p_firmwareqca6595_firmwaresrv1mqam8620psa8775p_firmwareqamsrv1msa9000p_firmwaresrv1hqca6574ausa7255psrv1m_firmwaresa8620psa7775psa8650pqam8620p_firmwaresa8540p_firmwaresa7255p_firmwareqam8775p_firmwareqam8295p_firmwareqam8255pqca6688aqqca6698aqsa7775p_firmwaresa8255p_firmwaresa8770p_firmwaresa8295p_firmwareqca6696_firmwareqam8295pqamsrv1hsrv1l_firmwareqca6574au_firmwareqamsrv1h_firmwareqca6595auqam8255p_firmwaresa8295psrv1lqca6698aq_firmwareqam8650pqca6696sa8540pSnapdragon
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-49845
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 0.53%
||
7 Day CHG~0.00%
Published-06 May, 2025 | 08:32
Updated-26 Feb, 2026 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in HLOS

Memory corruption during the FRS UDS generation process.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1011_firmwarewcd9340_firmwaresa8775psnapdragon_765_5g_mobileqca6678aqwcd9385_firmwarewcn3988_firmwaresnapdragon_x35_5g_modem-rf_firmwareqca6431_firmwareqca6678aq_firmwareqam8295p_firmwareqca6698aq_firmwaresa8775p_firmwaresnapdragon_ar1_gen_1qfw7114_firmwarewsa8832_firmwareqcs615_firmwaresd_8_gen1_5g_firmwareqdx1010wcd9385snapdragon_x55_5g_modem-rf_firmwarewcd9340qsm8350qca6797aqqcs8550_firmwarefastconnect_6900snapdragon_865\+_5g_mobile_firmwaresm6650pqcn9274fastconnect_6200_firmwareqca6574_firmwareqfw7124_firmwareqca6595ausm7250p_firmwaresa8150pqca8337_firmwarewsa8835snapdragon_888\+_5g_mobile_firmwarear8035_firmwaresc8380xp_firmwaresa9000p_firmwarewcd9390sa8195psa6150pwcd9390_firmwarewcd9395snapdragon_x55_5g_modem-rfqcs5430_firmwaresm8650qsd865_5gqca6421_firmwareqca6688aqqca6574asnapdragon_x65_5g_modem-rfsnapdragon_x72_5g_modem-rfwsa8810_firmwaresxr2330pqru1062_firmwareqru1052_firmwareqdu1110_firmwarewsa8815fastconnect_6200qca6436_firmwaresm8650q_firmwaresa6155psa8155psa7255psa8650p_firmwareqcc710qca6797aq_firmwareqca6391_firmwarefastconnect_7800qcn6224wcn7881_firmwareqca6696_firmwaresnapdragon_888\+_5g_mobilesnapdragon_765_5g_mobile_firmwaresa9000psxr2330p_firmwarewsa8845hsrv1lqdx1011sa8540p_firmwaresrv1h_firmwaresnapdragon_888_5g_mobile_firmwareqca6174asm4635_firmwareqcn6274snapdragon_x62_5g_modem-rf_firmwaresm8750psa8530psm7675qca8081wsa8840_firmwarewsa8845qru1032qca6688aq_firmwaresm4635qam8620pqru1052sa8255p_firmwareqca6431snapdragon_8_gen_1_mobilesa8145p_firmwarewcd9380_firmwaresm8635p_firmwareqamsrv1hsa8650pqam8650pqdu1000wcd9370qca6574ausa6145psnapdragon_8_gen_1_mobile_firmwarewsa8815_firmwaresnapdragon_768g_5g_mobilewcn3950_firmwareqca8081_firmwareqcm5430_firmwaresa8620psnapdragon_8_gen_3_mobile_firmwareqmp1000qca6426_firmwaresa8150p_firmwaresrv1hwcn3950wcd9395_firmwareqdu1210_firmwaresm8635wcn7860_firmwaresnapdragon_x75_5g_modem-rfwcd9380qcs8550sa8770psm8635_firmwarewcn6650qdu1010_firmwaresnapdragon_auto_5g_modem-rf_gen_2qam8620p_firmwarewsa8840fastconnect_7800_firmwaresc8380xpsnapdragon_x35_5g_modem-rfqcs5430sm8635pqca6426qdu1110wsa8835_firmwaresm8735qru1032_firmwareqam8255p_firmwareqca6696snapdragon_765g_5g_mobilesc8280xp-abbb_firmwaresa6150p_firmwarewcn6755qcn6224_firmwaresd_8_gen1_5gqcs8300_firmwareqcs8300sa8295psm7675p_firmwareqep8111qca6174a_firmwareqdu1210qca8337fastconnect_6800_firmwaresm7250pwcd9378snapdragon_xr2_5gwcn6450sm7675_firmwarewcn6650_firmwareqca6698aqsm7675psnapdragon_888_5g_mobilewcn7860sxr2130_firmwarewsa8810sd865_5g_firmwaresnapdragon_768g_5g_mobile_firmwareqmp1000_firmwaresnapdragon_x32_5g_modem-rfsa7775pqam8775pqca6574a_firmwareqfw7124qca6595au_firmwarewcn7750_firmwareqcs9100sa8530p_firmwaresa8540psa8295p_firmwaresnapdragon_x65_5g_modem-rf_firmwareqca6574snapdragon_auto_5g_modem-rf_gen_2_firmwaresxr2130sm8750_firmwareqamsrv1h_firmwarefastconnect_6800qdu1010sa7255p_firmwarefastconnect_6700_firmwaresm8750p_firmwareqcm5430sm7635sm6650p_firmwareqcs9100_firmwaresnapdragon_x32_5g_modem-rf_firmwareqamsrv1mqca6436snapdragon_8_gen_3_mobilesnapdragon_765g_5g_mobile_firmwareqcn6274_firmwareqca6421qcm6490qcc710_firmwaresm8750sm6650_firmwaresrv1m_firmwarewcn7880qam8295psa8770p_firmwaresnapdragon_865\+_5g_mobileqcm6490_firmwaresc8280xp-abbbwcn7750wsa8845_firmwareqcm8550snapdragon_x72_5g_modem-rf_firmwarewcn7880_firmwareqca6391qca6595sa8620p_firmwarewsa8845h_firmwaresnapdragon_865_5g_mobile_firmwaresa6155p_firmwarewcn6450_firmwarewcn7861qam8775p_firmwareqca6584au_firmwareqca6584auqcs6490_firmwaresa8195p_firmwareqca6574au_firmwarewcd9370_firmwaresa8155p_firmwareqfw7114sm6650qam8255psnapdragon_870_5g_mobile_firmwaresm8735_firmwarewsa8832wcn6755_firmwareqep8111_firmwaresrv1mwcd9375qru1062sa7775p_firmwarear8035snapdragon_xr2_5g_firmwareqcs615wsa8830video_collaboration_vc3_platformqcm8550_firmwaresnapdragon_ar1_gen_1_firmwarewcd9375_firmwaresnapdragon_865_5g_mobilesrv1l_firmwarewcn7861_firmwaresa8255pfastconnect_6700video_collaboration_vc3_platform_firmwareqca6595_firmwarewcn7881qsm8350_firmwaresnapdragon_x75_5g_modem-rf_firmwaresnapdragon_x62_5g_modem-rfqdu1000_firmwareqcs6490snapdragon_870_5g_mobilewcn3988wsa8830_firmwareqam8650p_firmwaresm7635_firmwaresa8145pfastconnect_6900_firmwarewcd9378_firmwareqcn9274_firmwareqamsrv1m_firmwaresa6145p_firmwareqdx1010_firmwareSnapdragon
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-49844
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 0.53%
||
7 Day CHG~0.00%
Published-06 May, 2025 | 08:32
Updated-26 Feb, 2026 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in Automotive

Memory corruption while triggering commands in the PlayReady Trusted application.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1010_firmwaresdm429w_firmwareqcm8550_firmwarewcn6650sd865_5gsa6150p_firmwareqcs8155_firmwaresxr1120sm8735qca6595wcd9335wcd9370qca8081_firmwaresnapdragon_670_mobileqca6696qam8620p_firmwarewcn7880_firmwarewcd9340_firmwaresa8530pwcd9341_firmwaresxr2330p_firmwarewcd9395_firmwarewcn7881_firmwarewcn7750wcn6450qcc710_firmwareqca6426fastconnect_6700sa4150pwsa8832_firmwaresnapdragon_wear_4100\+_firmwareqca8337qdu1110qca6426_firmwarewcd9395qca6574au_firmwaresnapdragon_x72_5g_modem-rfqca6564_firmwareqam8295pwcd9341qca6574auwcd9390snapdragon_888\+_5g_mobile_firmwaresa8620p_firmwarewsa8810_firmwarewsa8845h_firmwaresa9000p_firmwaresrv1hsm8650q_firmwarewcn3660b_firmwareqcs9100fastconnect_6800_firmwareqcs5430wcn7860qcm5430qcm5430_firmwaresa4155psnapdragon_712_mobile_firmwaresa8770pqcc710snapdragon_x32_5g_modem-rf_firmwaresnapdragon_xr2_5g_firmwaresnapdragon_xr1_firmwaresa8540psxr1120_firmwareqsm8250_firmwareqsm8350_firmwaresnapdragon_wear_4100\+fastconnect_6900qru1032_firmwareqep8111sm8635sa7255pqfw7114wcd9385_firmwareqca6421qam8255p_firmwaresa8155_firmwaresnapdragon_x65_5g_modem-rfwsa8845sa6155pqca6421_firmwareqca6564au_firmwaresnapdragon_429_mobile_firmwarewsa8810qam8650pvideo_collaboration_vc5_platform_firmwaresa9000pqdu1000_firmwareqsm8250srv1h_firmwaresnapdragon_888_5g_mobile_firmwareqca6595ausnapdragon_888_5g_mobileqdu1010wcd9326_firmwaresa6155p_firmwarewsa8840snapdragon_ar1_gen_1srv1m_firmwareqcs8550_firmwaresnapdragon_x35_5g_modem-rf_firmwareqdu1210_firmwaresnapdragon_x55_5g_modem-rfqfw7124_firmwareqca6436_firmwaresm8750pqcn9012snapdragon_x55_5g_modem-rf_firmwaresm8635psnapdragon_x62_5g_modem-rf_firmwareqmp1000wcd9370_firmwaresnapdragon_712_mobileqdu1110_firmwareqdu1000wcn3660bqca6574asnapdragon_x72_5g_modem-rf_firmwaresa7255p_firmwarewcn3620_firmwareqca6174asa8195pwcd9340qcs8250_firmwareqdu1210snapdragon_auto_5g_modem-rf_gen_2sa8540p_firmwareqcm6490qcm8550snapdragon_765_5g_mobile_firmwareqcn9274vision_intelligence_300_firmwaresa8775pqca6574qcn9011sa8775p_firmwareqamsrv1hwsa8845hsa6150pwcd9326sm8650qsa8155p_firmwareqca6564asa8155psnapdragon_765g_5g_mobile_firmwarewsa8830sa6145psnapdragon_768g_5g_mobile_firmwaresm7675_firmwaresa8255p_firmwarear8035sm7635_firmwareqamsrv1m_firmwareqca6564wcn7750_firmwaresa8650p_firmwareqrb5165m_firmwarewcn3620wcn6450_firmwaresa6155srv1l_firmwareqcs9100_firmwaresnapdragon_865\+_5g_mobile_firmwareqcn6224snapdragon_429_mobileqcs615sa7775p_firmwareqca6698aqsm7635qrb5165nsa8530p_firmwarefastconnect_6200sd670wcn3680bsa8145p_firmwarewcd9378qcs8155sm8635p_firmwaresm6650p_firmwareqdx1011sa8150p_firmwarefastconnect_6700_firmwaresnapdragon_710_mobile_firmwarevideo_collaboration_vc3_platform_firmwarewcn3990snapdragon_x75_5g_modem-rf_firmwaresd670_firmwaresnapdragon_8_gen_3_mobileqcs6490qcs8250fastconnect_6200_firmwarewsa8830_firmwareqcn6224_firmwareqca6431qca6678aq_firmwarewsa8845_firmwarewsa8832wcd9378_firmwaresrv1lsxr2130_firmwaresm7675psrv1mqca6678aqsnapdragon_x35_5g_modem-rfar8035_firmwarewcn7860_firmwareqrb5165msc8380xpsa4150p_firmwaresnapdragon_x62_5g_modem-rfqca6564ausc8280xp-abbbwsa8815_firmwaresa8195p_firmwareqca8337_firmwareqcm6490_firmwaresm7250p_firmwareqru1032vision_intelligence_400_firmwareflight_rb5_5gsnapdragon_870_5g_mobile_firmwaresm8750qca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresa8295p_firmwaresnapdragon_870_5g_mobilesa4155p_firmwaresm7250psa8155qca6584auqcn6274_firmwarewcn6755_firmwareqcn9011_firmwareqru1062_firmwarewcn6650_firmwaresnapdragon_768g_5g_mobilesc8380xp_firmwareqru1062snapdragon_8_gen_3_mobile_firmwarefastconnect_6800qfw7114_firmwareqcs7230qca6595_firmwarefastconnect_7800_firmwaresnapdragon_865_5g_mobile_firmwaresm8635_firmwarefastconnect_6900_firmwarerobotics_rb5_firmwarewcd9380sa6145p_firmwareqam8255psa6155_firmwareqmp1000_firmwaresnapdragon_xr2_5gwcn7880sa8150pwcn6755sxr2330pwcn7881sm6650video_collaboration_vc3_platformsm6650pqca6688aqqam8295p_firmwareqca6431_firmwarewcn3990_firmwareqca6698aq_firmwareqca6564a_firmwarewcd9385snapdragon_888\+_5g_mobileqsm8350snapdragon_8_gen_1_mobilesa8255pqcs7230_firmwarewcd9390_firmwaresnapdragon_865\+_5g_mobileqep8111_firmwareqcs615_firmwaresnapdragon_765_5g_mobileqdx1011_firmwaresdx55_firmwaresm8750_firmwareflight_rb5_5g_firmwareqru1052sxr2130snapdragon_x65_5g_modem-rf_firmwareqamsrv1mrobotics_rb5qca6174a_firmwarewcn7861_firmwarewcn7861qam8650p_firmwarevideo_collaboration_vc5_platformsnapdragon_670_mobile_firmwareqcs6490_firmwaresm6650_firmwaresdm429wqam8620pwcd9335_firmwareqrb5165n_firmwareqca6436wcn3980_firmwareqca6584au_firmwarewsa8835wsa8840_firmwareqca6391_firmwareqcn6274qfw7124qca6595au_firmwareqdu1010_firmwareqcs8300_firmwareqca6696_firmwareqcs8300wcd9380_firmwareqca6574_firmwareqca8081wsa8815sd_8_gen1_5gqam8775pqca6797aqsnapdragon_x75_5g_modem-rfsa8620psdx55qca6574a_firmwaresnapdragon_865_5g_mobilesd_8_gen1_5g_firmwarewcd9375_firmwaresa7775pqca6391snapdragon_ar1_gen_1_firmwaresnapdragon_710_mobileqcn9274_firmwareqcn9012_firmwareqcs5430_firmwaresnapdragon_x32_5g_modem-rfqru1052_firmwaresa8770p_firmwaresa8295pqcs8550sm8735_firmwaresc8280xp-abbb_firmwarefastconnect_7800sa8650pqam8775p_firmwaresd865_5g_firmwaresm8750p_firmwaresnapdragon_xr1wcd9375qca6688aq_firmwarevision_intelligence_300snapdragon_765g_5g_mobileqamsrv1h_firmwaresm7675sa8145pwsa8835_firmwarevision_intelligence_400wcn3980sm7675p_firmwareqdx1010wcn3680b_firmwaresnapdragon_8_gen_1_mobile_firmwareSnapdragon
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-25729
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.44% / 35.52%
||
7 Day CHG~0.00%
Published-09 Feb, 2023 | 06:58
Updated-03 Aug, 2024 | 04:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in MODEM

Memory corruption in modem due to improper length check while copying into memory

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9306wcd9380_firmwarewsa8830ssg2125psxr2230p_firmwarewcn3999wcn7851ar8031_firmwarewsa8832_firmwarewcn6856_firmwareqca4004_firmwarecsra6620qcs405qca4024_firmwareqts110wcd9306_firmwaresxr1230p_firmwarewsa8835wsa8810_firmwarewcd9380wsa8810wsa8832qca4020_firmwarewcn6855wcd9335csra6620_firmwaressg2125p_firmwarewcn6856ssg2115pwcn7851_firmwaremdm9206csra6640_firmwarewcn6855_firmwaresxr1230pwcd9385ar8031qcs405_firmwarewcd9335_firmwarewcn3980wcn3998mdm9205_firmwarewcd9385_firmwareqca4024mdm9205mdm9206_firmwarewsa8815qca4004csra6640sxr2230pwsa8830_firmwareqca4020wsa8815_firmwarewcn7850wcn7850_firmwarewsa8835_firmwaressg2115p_firmwarewcn3999_firmwarewcn3998_firmwarewcn3980_firmwareqts110_firmwareSnapdragonwcn6855_firmwarecsra6640_firmwarewcd9380_firmwaresxr2230p_firmwarecsra6620_firmwareqcs405_firmwarewcd9335_firmwarear8031_firmwarewsa8832_firmwaremdm9205_firmwarewcd9385_firmwarewcn6856_firmwareqca4004_firmwaremdm9206_firmwarewsa8830_firmwareqca4024_firmwarewcd9306_firmwaresxr1230p_firmwarewsa8815_firmwarewsa8835_firmwarewsa8810_firmwarewcn7851_firmwarewcn7850_firmwaressg2115p_firmwarewcn3999_firmwareqca4020_firmwarewcn3998_firmwarewcn3980_firmwaressg2125p_firmwareqts110_firmware
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-33300
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.12% / 1.87%
||
7 Day CHG~0.00%
Published-06 Jan, 2023 | 05:02
Updated-09 Apr, 2025 | 14:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper input validation in Automotive Android OS

Memory corruption in Automotive Android OS due to improper input validation.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewsa8830wcd9380_firmwaresa6150p_firmwarewcn3990sa8145p_firmwaresw5100psd865_5gqcc5100sdx55m_firmwarewcn6856_firmwareqcn9012wsa8835wcd9380sa8150p_firmwaresd888_5gqca6595au_firmwareqca6390_firmwarewcn6855_firmwareqca6174aqca6426wcn3990_firmwareqrb5165n_firmwareqcn9012_firmwareqca9377wcd9335_firmwarewcn3980wcd9385_firmwareqam8295psdxr2_5g_firmwaresd_8_gen1_5g_firmwarewsa8815wcn6850qam8295p_firmwareqcn9011_firmwareqca6426_firmwarewcn7850qca6574au_firmwareqca6595ausdx12_firmwareqrb5165mwcn3980_firmwareqca6391sdx55mqca6436_firmwareqrb5165nsa8295pqcc5100_firmwaresa6155p_firmwarewcn7851qrb5165_firmwareqrb5165m_firmwaresdxr2_5gqrb5165wcn6851_firmwareqcn9011wcn3988_firmwareqca6574ausa6145p_firmwaresa8155p_firmwaresa8195pwsa8810_firmwarewcd9341_firmwaresw5100wsa8810sd870qca6436wcn6851wcd9335sa6155pwcn6855sw5100p_firmwarewcn7851_firmwarewcn6856sa6145pqca6174a_firmwarewcd9385wcd9341qca6696_firmwaresa8145psd870_firmwareqca6696qca6391_firmwareqca6390sa8150psa6150psa8155pwsa8830_firmwaresd660sd865_5g_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwaresd660_firmwarewcn7850_firmwarewsa8815_firmwaresa8195p_firmwarewsa8835_firmwaresdx12sw5100_firmwaresm8475sa8295p_firmwareSnapdragon
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-33216
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-6||MEDIUM
EPSS-0.11% / 1.52%
||
7 Day CHG~0.00%
Published-09 Feb, 2023 | 06:58
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in Automotive

Transient Denial-of-service in Automotive due to improper input validation while parsing ELF file.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa6155p_firmwaresa6150p_firmwaresa8145p_firmwareqca6595sa8155_firmwareqca6574ausa6145p_firmwaresa8155p_firmwaresa8195psa8540p_firmwaresa8150p_firmwareqca6595au_firmwaresa6155sa6155psa8540pqca6574asa6145pqca6696_firmwareqca6595_firmwaresa8145pqca6696qam8295psa9000psa8150psa6150psa8155pqam8295p_firmwaresa8155qca6574a_firmwaresa9000p_firmwareqca6574au_firmwaresa8195p_firmwareqca6595ausa6155_firmwaresa8295p_firmwaresa8295pSnapdragon
CWE ID-CWE-20
Improper Input Validation
CVE-2024-45577
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.10% / 0.83%
||
7 Day CHG~0.00%
Published-06 May, 2025 | 08:32
Updated-26 Feb, 2026 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in Camera Driver

Memory corruption while invoking IOCTL calls from userspace to camera kernel driver to dump request information.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwaresnapdragon_429_mobile_firmwarefastconnect_7800_firmwarewcn3620_firmwarewsa8835wcn3620sdm429w_firmwarewsa8830wsa8830_firmwarewsa8835_firmwarewcd9380snapdragon_8_gen_1_mobile_firmwaresnapdragon_429_mobilefastconnect_6900sdm429wfastconnect_6900_firmwaresnapdragon_8_gen_1_mobilewcn3660b_firmwarefastconnect_7800wcn3660bSnapdragon
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-45579
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.10% / 0.83%
||
7 Day CHG~0.00%
Published-06 May, 2025 | 08:32
Updated-26 Feb, 2026 | 18:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in Camera Driver

Memory corruption may occur when invoking IOCTL calls from userspace to the camera kernel driver to dump request information, due to a missing memory requirement check.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwaresnapdragon_429_mobile_firmwarefastconnect_7800_firmwarewcn3620_firmwarewsa8835wcn3620sdm429w_firmwarewsa8830wsa8830_firmwarewsa8835_firmwarewcd9380snapdragon_8_gen_1_mobile_firmwaresnapdragon_429_mobilefastconnect_6900sdm429wfastconnect_6900_firmwaresnapdragon_8_gen_1_mobilewcn3660b_firmwarefastconnect_7800wcn3660bSnapdragon
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-18317
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.22% / 13.04%
||
7 Day CHG~0.00%
Published-28 Nov, 2018 | 15:00
Updated-05 Aug, 2024 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Restrictions related to the modem (sim lock, sim kill) can be bypassed by manipulating the system to issue a deactivation flow sequence in Snapdragon Automobile, Snapdragon Mobile in versions MSM8996AU,SD 410/12,SD 820,SD 820A.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_820_firmwaremsm8996ausd_412sd_820sd_410_firmwaresd_820asd_412_firmwaremsm8996au_firmwaresd_410sd_820a_firmwareSnapdragon Automobile, Snapdragon Mobile
CWE ID-CWE-20
Improper Input Validation
CVE-2024-43052
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.10% / 1.17%
||
7 Day CHG~0.00%
Published-02 Dec, 2024 | 10:18
Updated-12 Dec, 2024 | 15:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in Video Analytics and Processing

Memory corruption while processing API calls to NPU with invalid input.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_wear_2100_platformwsa8830sg8275p_firmwareqca6431_firmwaresnapdragon_870_5g_mobile_platform_firmwaresnapdragon_865_5g_mobile_platformwsa8840snapdragon_wear_2100_platform_firmwaresnapdragon_212_mobile_platformwcn6755_firmwaresnapdragon_427_mobile_platformwcd9370home_hub_100_platformqca6426snapdragon_8_gen_2_mobile_platformmsm8108msm8108_firmwarewcd9385_firmwarewcn7881_firmwarewcd9326_firmwarewcn3615_firmwareqsw8573_firmwarewcn3660bapq8037snapdragon_435_mobile_platform_firmwaresnapdragon_429_mobile_platform_firmwaresnapdragon_x55_5g_modem-rf_systemwcn3680b_firmwaresdx55_firmwaresnapdragon_208_processor_firmwaresnapdragon_212_mobile_platform_firmwarewcd9375_firmwaresnapdragon_8_gen_3_mobile_platformwcn3615wsa8845h_firmwaremsm8909wsnapdragon_425_mobile_platformwcn3610_firmwaresnapdragon_429_mobile_platformqca6436_firmwaresnapdragon_xr2\+_gen_1_platformwcn7860snapdragon_427_mobile_platform_firmwareqcm8550_firmwareqcn9274pm8937snapdragon_870_5g_mobile_platformsnapdragon_208_processorwcn7881snapdragon_439_mobile_platformwsa8840_firmwarevideo_collaboration_vc5_platformqcs8550_firmwaresc8380xp_firmwaresnapdragon_wear_3100_platformsm8635wcn7880_firmwareqca6421apq8017_firmwarewsa8810_firmwarehome_hub_100_platform_firmwarewsa8845hqca6436wcd9326wcd9335sm8750_firmwareqcs7230sm8750p_firmwarewcd9395_firmwarewcn6755msm8209_firmwareqca6174a_firmwarewcd9385sxr2130_firmwaresnapdragon_wear_2500_platformpm8937_firmwareqca6431wcd9375snapdragon_210_processor_firmwaresnapdragon_430_mobile_platformwcd9390wsa8830_firmwaresd865_5g_firmwarewcn3620_firmwarewsa8815_firmwarewsa8835_firmwarewcn3620video_collaboration_vc5_platform_firmwaresnapdragon_865_5g_mobile_platform_firmwareapq8017fastconnect_6800_firmwaresnapdragon_8_gen_2_mobile_platform_firmwarewcn3610wcn7880msm8608wcd9380_firmwareqcm2150_firmwaresdm429wsd865_5gfastconnect_6800qcm8550qcs7230_firmwareqet4101_firmwaremsm8909w_firmwarewsa8835sdm429w_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwarewcd9380snapdragon_wear_4100\+_platform_firmwaresnapdragon_210_processorsxr2130snapdragon_425_mobile_platform_firmwaresm8635_firmwaresnapdragon_wear_4100\+_platformsnapdragon_430_mobile_platform_firmwareqca9379_firmwareqca6174asg8275pwcd9335_firmwarewcn3980qcn9274_firmwarewsa8845qsw8573wsa8815snapdragon_865\+_5g_mobile_platformwsa8845_firmware205_mobile_platform_firmwaresnapdragon_xr2_5g_platform_firmwaresnapdragon_439_mobile_platform_firmwareqca6426_firmwareqcs8250snapdragon_435_mobile_platformsc8380xpsm8750pwcn3660b_firmwarewcn3680msm8209wcn3980_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresnapdragon_xr2\+_gen_1_platform_firmwareqca6391qca6421_firmwarefastconnect_7800snapdragon_865\+_5g_mobile_platform_firmwaresmart_audio_200_platform215_mobile_platformsnapdragon_xr2_5g_platformwcn7861_firmwarewcn3680_firmwarewsa8832_firmwarefastconnect_6900fastconnect_6900_firmwareqcm2150smart_audio_200_platform_firmwareqcs8250_firmwarefastconnect_7800_firmwaresnapdragon_8\+_gen_2_mobile_platformwsa8810wsa8832sm8550pqsm8250wcn3680bsm8750snapdragon_wear_2500_platform_firmwarewcn7860_firmwarewcd9395wcn7861205_mobile_platform215_mobile_platform_firmwareqca6391_firmwareqcs8550msm8608_firmwaresm8550p_firmwarewcd9370_firmwaresdx55snapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwareapq8037_firmwareqet4101snapdragon_wear_3100_platform_firmwareqca9379qsm8250_firmwareSnapdragonwcd9380_firmwareqcm2150_firmwaresg8275p_firmwareqca6431_firmwareqcs7230_firmwareqet4101_firmwaremsm8909w_firmwaresnapdragon_wear_2100_platform_firmwaresdm429w_firmwarewcn6755_firmwaresnapdragon_425_mobile_platform_firmwaresm8635_firmwaresnapdragon_430_mobile_platform_firmwareqca9379_firmwarewcd9335_firmwareqcn9274_firmwaremsm8108_firmwarewcd9385_firmwarewcn7881_firmwarewcd9326_firmwarewcn3615_firmwareqsw8573_firmwarewsa8845_firmwaresnapdragon_xr2_5g_platform_firmwaresnapdragon_439_mobile_platform_firmwaresnapdragon_435_mobile_platform_firmwareqca6426_firmwarewcn3660b_firmwaresnapdragon_429_mobile_platform_firmwarewcn3680b_firmwaresdx55_firmwaresnapdragon_208_processor_firmwaresnapdragon_212_mobile_platform_firmwarewcd9375_firmwarewsa8845h_firmwarewcn3980_firmwaresnapdragon_x55_5g_modem-rf_system_firmwarewcn3610_firmwareqca6436_firmwareqca6421_firmwaresnapdragon_427_mobile_platform_firmwareqcm8550_firmwarewcn7861_firmwarewcn3680_firmwarewsa8840_firmwarewsa8832_firmwarefastconnect_6900_firmwareqcs8550_firmwaresc8380xp_firmwarewcn7880_firmwaresmart_audio_200_platform_firmwareapq8017_firmwarewsa8810_firmwareqcs8250_firmwarefastconnect_7800_firmwarehome_hub_100_platform_firmwarewcd9395_firmwaresm8750_firmwaresm8750p_firmwaremsm8209_firmwarequalcomm_215_mobile_platform_firmwareqca6174a_firmwarequalcomm_205_mobile_platform_firmwaresxr2130_firmwarepm8937_firmwaresnapdragon_wear_2500_platform_firmwarewcn7860_firmwareqca6391_firmwaremsm8608_firmwaresm8550p_firmwaresnapdragon_210_processor_firmwarewcd9370_firmwarequalcomm_video_collaboration_vc5_platform_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwarewsa8830_firmwaresd865_5g_firmwarewcn3620_firmwareapq8037_firmwarewsa8815_firmwarewsa8835_firmwaresnapdragon_865_5g_mobile_platform_firmwaresnapdragon_wear_3100_platform_firmwarefastconnect_6800_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqsm8250_firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2019-14074
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.20% / 10.22%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Heap overflow in diag command handler due to lack of check of packet length received from user' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8076, APQ8096AU, APQ8098, Bitra, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM9207C, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SA415M, SA6155P, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9640_firmwareqcs610sdm450_firmwaresdm632qcs404_firmwaremdm9650mdm9645apq8009_firmwaremsm8917sdm670qcs605_firmwareapq8076apq8076_firmwaresda845_firmwaresa415mbitraapq8098qcn7605mdm9206_firmwarebitra_firmwaremsm8905_firmwaresda660sdx55_firmwareqca8081_firmwaresxr1130msm8909wapq8053_firmwaresda845sa6155p_firmwaresdm450sdm636_firmwareapq8098_firmwaremsm8998_firmwaresdm630mdm9607_firmwaresm8250_firmwaremdm9655_firmwaresa415m_firmwareqcs405qm215sc7180_firmwareapq8017_firmwaremdm9625_firmwaresdm710_firmwaresa6155pqca8081msm8937msm8905sm8150_firmwaremsm8909sxr2130_firmwaremdm9655rennellsc7180mdm9625msm8953_firmwaresaipan_firmwaresm6150_firmwaremsm8917_firmwaremsm8998sm8150sdx20_firmwaresdm850kamortaapq8017msm8996saipanmdm9640kamorta_firmwaremdm9635m_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdx24sdm439sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150sxr2130sc8180xmdm9206sdm670_firmwareqcs404sdx24_firmwareipq8074sdm636mdm9635mipq6018_firmwaremdm9205qcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaresxr1130_firmwareapq8009msm8909_firmwarenicobarsdm850_firmwaremsm8920msm8953sdx20qcm2150msm8920_firmwaresdm660sc8180x_firmwareipq8074_firmwaresdm710mdm9607mdm9645_firmwareqcn7605_firmwareqcs610_firmwaremdm9150mdm9207c_firmwaremsm8996_firmwareipq6018mdm9207capq8096ausdm439_firmwareqcs405_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwareqm215_firmwaresdx55msm8940apq8053apq8096au_firmwaresm8250nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-14123
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.20% / 9.77%
||
7 Day CHG~0.00%
Published-30 Jul, 2020 | 11:40
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow and over read possible due to missing bounds checks for fixed limits if we consider widevine HLOS client as non-trustable in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-kamorta_firmwareqcs404sxr2130_firmwarerennellsc7180rennell_firmwareqcs404_firmwaresm8250_firmwaresdx55sm7150_firmwaresm6150_firmwaresm8250sm6150sc7180_firmwarekamortasdx55_firmwaresm7150sxr2130Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
CVE-2019-14010
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.66% / 46.97%
||
7 Day CHG~0.00%
Published-21 Jan, 2020 | 06:30
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The device may enter into error state when some tool or application gets failure at 1st buffer map all and performs 2nd buffer map which happens to be at same physical address in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607, Nicobar, Rennell, SA6155P, SDM660, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa6155p_firmwaresm8150_firmwaresxr2130_firmwarerennellrennell_firmwaresdm660sm8250_firmwaremdm9607_firmwaresdx55sm7150_firmwaresm6150_firmwaresm8250sm6150mdm9607sm8150sdx55_firmwaresm7150nicobar_firmwaresa6155psxr2130sdm660_firmwarenicobarSnapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-20
Improper Input Validation
CVE-2019-14038
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.1||HIGH
EPSS-0.19% / 8.38%
||
7 Day CHG~0.00%
Published-02 Jun, 2020 | 15:05
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer over-read in ADSP parse function due to lack of check for availability of sufficient data payload received in command response in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8953, QCS605, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM670, SDM710, SDM845, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaremsm8953sdm845_firmwaresdm429wapq8098_firmwaresdm845sdx20sdx24sdm439mdm9607_firmwaremdm9650sdm429sdm710msm8909w_firmwaremdm9607sdm429w_firmwaresdm710_firmwareapq8009_firmwaremsm8909wmsm8917sdm670qcs605_firmwaremdm9207c_firmwaremdm9206msm8905mdm9207csdm670_firmwaresdx24_firmwaresdm439_firmwaresda845_firmwareapq8098sda660_firmwaremdm9206_firmwareqcs605msm8953_firmwareapq8053msm8917_firmwaresdm429_firmwaremdm9650_firmwaresdx20_firmwaremsm8905_firmwaresda660apq8009apq8053_firmwaresda845mdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • Next
Details not found