Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2014-10031

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-13 Jan, 2015 | 15:00
Updated At-06 Aug, 2024 | 14:02
Rejected At-
Credits

Buffer overflow in the IMAPd service in Qualcomm Eudora WorldMail 9.0.333.0 allows remote attackers to execute arbitrary code via a long string in a UID command.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:13 Jan, 2015 | 15:00
Updated At:06 Aug, 2024 | 14:02
Rejected At:
▼CVE Numbering Authority (CNA)

Buffer overflow in the IMAPd service in Qualcomm Eudora WorldMail 9.0.333.0 allows remote attackers to execute arbitrary code via a long string in a UID command.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://osvdb.org/show/osvdb/104071
vdb-entry
x_refsource_OSVDB
https://exchange.xforce.ibmcloud.com/vulnerabilities/91833
vdb-entry
x_refsource_XF
http://www.exploit-db.com/exploits/31694
exploit
x_refsource_EXPLOIT-DB
Hyperlink: http://osvdb.org/show/osvdb/104071
Resource:
vdb-entry
x_refsource_OSVDB
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/91833
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://www.exploit-db.com/exploits/31694
Resource:
exploit
x_refsource_EXPLOIT-DB
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://osvdb.org/show/osvdb/104071
vdb-entry
x_refsource_OSVDB
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/91833
vdb-entry
x_refsource_XF
x_transferred
http://www.exploit-db.com/exploits/31694
exploit
x_refsource_EXPLOIT-DB
x_transferred
Hyperlink: http://osvdb.org/show/osvdb/104071
Resource:
vdb-entry
x_refsource_OSVDB
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/91833
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://www.exploit-db.com/exploits/31694
Resource:
exploit
x_refsource_EXPLOIT-DB
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:13 Jan, 2015 | 15:59
Updated At:12 Apr, 2025 | 10:46

Buffer overflow in the IMAPd service in Qualcomm Eudora WorldMail 9.0.333.0 allows remote attackers to execute arbitrary code via a long string in a UID command.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.5HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 2.0
Base score: 7.5
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
Qualcomm Technologies, Inc.
qualcomm
>>eudora_worldmail>>9.0.333.0
cpe:2.3:a:qualcomm:eudora_worldmail:9.0.333.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-119Primarynvd@nist.gov
CWE ID: CWE-119
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://osvdb.org/show/osvdb/104071cve@mitre.org
N/A
http://www.exploit-db.com/exploits/31694cve@mitre.org
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/91833cve@mitre.org
N/A
http://osvdb.org/show/osvdb/104071af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.exploit-db.com/exploits/31694af854a3a-2127-422b-91ae-364da2661108
Exploit
https://exchange.xforce.ibmcloud.com/vulnerabilities/91833af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://osvdb.org/show/osvdb/104071
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.exploit-db.com/exploits/31694
Source: cve@mitre.org
Resource:
Exploit
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/91833
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://osvdb.org/show/osvdb/104071
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.exploit-db.com/exploits/31694
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/91833
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

1676Records found
CVE-2019-10565
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.32% / 54.62%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 17:11
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Double free issue can happen when sensor power settings is freed by some thread while another thread try to access. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8053, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909, MSM8909W, QCN7605, QCS405, QCS605, SDM845, SDX24, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9206msm8905mdm9207cmsm8909sdx24_firmwareqcs405_firmwaresdm845qcn7605sdx24mdm9206_firmwaremdm9607_firmwareqcs605qcs405apq8053msm8909w_firmwaremdm9607msm8905_firmwaresxr1130_firmwareqcn7605_firmwaresxr1130msm8909wmsm8909_firmwareapq8053_firmwareqcs605_firmwaremdm9207c_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-415
Double Free
CVE-2019-10505
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.32% / 54.62%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 17:11
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound access while processing a non-standard IE measurement request with length crossing past the size of frame in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS405, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresd_850mdm9150_firmwaresd_632mdm9640_firmwaresd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdx24sdm439mdm9650sd_636sd_615_firmwaremsm8909w_firmwaremsm8996ausd_650sd_450_firmwaresd_845_firmwaresd_820a_firmwaresd_675_firmwaremdm9206sd_652sd_425_firmwareqca9379_firmwareqca6174asd_665sdx24_firmwaresd_625_firmwaresd_450qca9377sd_845mdm9206_firmwaresd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835qca6574au_firmwaresda660sd_210_firmwaresd_415_firmwaresd_652_firmwaremsm8909wsd_665_firmwaresd_616_firmwaresd_205_firmwaresd_415sd_212sd_650_firmwaresd_712sd_855sd_730_firmwaresdx20sd_616sd_425sdm660sdm630mdm9607_firmwaresd_615sd_710_firmwareqcs405sd_625qca6574ausd_210mdm9607sd_636_firmwaresd_439_firmwaremdm9150sd_429_firmwareqca6174a_firmwaresd_730sd_212_firmwaresd_850_firmwaresd_855_firmwaresdm439_firmwareqcs405_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_670sdx20_firmwaresd_710sd_205qca9379sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-10542
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.34% / 55.81%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 17:11
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer over-read may occur when downloading a corrupted firmware file that has chunk length in header which doesn`t match the contents in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9615, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 625, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 845 / SD 850, SDX20

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_427_firmwaresd_712qca9377_firmwaresd_850mdm9150_firmwaremdm9640_firmwaresd_820amsm8996au_firmwaresdx20sd_670_firmwaresd_425sd_430_firmwaremdm9607_firmwaresd_435mdm9650sd_710_firmwaresd_625qca6574ausd_210mdm9607msm8996ausd_820_firmwaresd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwaremdm9150mdm9206qca6174a_firmwareqca6174aqca9379_firmwaresd_212_firmwaresd_425_firmwaresd_850_firmwaresd_625_firmwaresd_450qca9377sd_712_firmwaremdm9615sd_845mdm9206_firmwaresd_427sd_430sd_670sd_435_firmwaremdm9615_firmwaremdm9650_firmwaresd_710sdx20_firmwaresd_600_firmwaresd_205qca6574au_firmwaresd_210_firmwaresd_600qca9379sd_205_firmwaresd_212mdm9640Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-10614
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.29% / 52.30%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 05:25
Updated-04 Aug, 2024 | 22:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of boundary access is possible as there is no validation of data accessed against the received size of the packet in case of malicious firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCN7605, QCS405, QCS605, QM215, SA6155P, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaremdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwareapq8098qcn7605mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009apq8053_firmwaresda845nicobarsa6155p_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwareqcs405sdm710qm215mdm9607apq8017_firmwaresdm710_firmwareqcn7605_firmwaresa6155pmsm8937mdm9207c_firmwaremdm9207csm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwaresdm630_firmwaresda660_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250msm8998sm8150sdx20_firmwareapq8017nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-2302
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.40% / 60.02%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 17:11
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While processing vendor command which contains corrupted channel count, an integer overflow occurs and finally will lead to heap overflow. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8976, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS405, QCS605, SDA845, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM8150

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaremdm9640_firmwaresdm636_firmwaresdm845_firmwaremsm8996au_firmwaresdm845sdx20sdm660sdx24mdm9607_firmwaremdm9650qcs405qca6574ausdm710msm8909w_firmwaremdm9607msm8976_firmwaremsm8996ausm6150apq8017_firmwaresdm710_firmwareqcn7605_firmwaresdm670qcs605_firmwaremdm9207c_firmwaremdm9206msm8905mdm9207cqca6174a_firmwareqca6174aqca9379_firmwaresdm670_firmwaresm8150_firmwaremsm8909sdx24_firmwareapq8096ausdm636qcs405_firmwareqca9377sda845_firmwareqcn7605mdm9206_firmwareqcs605msm8976apq8053apq8096au_firmwaresm6150_firmwaremdm9650_firmwaresm8150sdx20_firmwaremsm8905_firmwareqca6574au_firmwareapq8017msm8909wqca9379msm8909_firmwareapq8053_firmwaresdm660_firmwaresda845mdm9640Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-21054
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.16% / 37.31%
||
7 Day CHG~0.00%
Published-08 Apr, 2020 | 17:50
Updated-05 Aug, 2024 | 12:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung mobile devices with M(6.0), N(7.x) and O(8.x) except exynos9610/9820 in all Platforms, M(6.0) except MSM8909 SC77xx/9830 exynos3470/5420, N(7.0) except MSM8939, N(7.1) except MSM8996 SDM6xx/M6737T software. There is an integer underflow with a resultant buffer overflow in eCryptFS. The Samsung ID is SVE-2017-11857 (September 2018).

Action-Not Available
Vendor-n/aMediaTek Inc.SamsungGoogle LLCQualcomm Technologies, Inc.Unisoc (Shanghai) Technologies Co., Ltd.
Product-exynos_9610m6737texynos_3470msm8909androidsc7715sdm6xxexynos_5420sc7730msm9830sc7731msm8996msm8939exynos_9820n/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-20556
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.15% / 35.76%
||
7 Day CHG~0.00%
Published-24 Mar, 2020 | 18:23
Updated-05 Aug, 2024 | 02:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung mobile devices with P(9.0) (SM6150, SM8150, SM8150_FUSION, exynos7885, exynos9610, and exynos9820 chipsets) software. RKP memory corruption allows attackers to control the effective address in EL2. The Samsung ID is SVE-2019-15221 (October 2019).

Action-Not Available
Vendor-n/aGoogle LLCQualcomm Technologies, Inc.Samsung
Product-exynos_9610sm6150sm8150androidexynos_7885sm8150_fusionexynos_9820n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-20553
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.15% / 35.76%
||
7 Day CHG~0.00%
Published-24 Mar, 2020 | 18:20
Updated-05 Aug, 2024 | 02:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung mobile devices with P(9.0) (SM6150, SM8150, SM8150_FUSION, exynos7885, exynos9610, and exynos9820 chipsets) software. Arbitrary memory read and write operations can occur in RKP. The Samsung ID is SVE-2019-15143 (October 2019).

Action-Not Available
Vendor-n/aGoogle LLCQualcomm Technologies, Inc.Samsung
Product-exynos_9610sm6150sm8150androidexynos_7885sm8150_fusionexynos_9820n/a
CVE-2019-20590
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.15% / 35.76%
||
7 Day CHG~0.00%
Published-24 Mar, 2020 | 19:01
Updated-05 Aug, 2024 | 02:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung mobile devices with O(8.x) (Qualcomm chipsets) software. There is an integer underflow in the Secure Storage Trustlet. The Samsung ID is SVE-2019-13952 (July 2019).

Action-Not Available
Vendor-n/aQualcomm Technologies, Inc.Google LLC
Product-sdm660androidn/a
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CVE-2019-14073
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.31% / 53.51%
||
7 Day CHG~0.00%
Published-22 Jun, 2020 | 07:10
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Copying RTCP messages into the output buffer without checking the destination buffer size which could lead to a remote stack overflow when processing large data or non-standard feedback messages in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8076, APQ8096, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SA415M, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwarekamorta_firmwaremdm9635m_firmwaremdm9640_firmwareapq8096_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632apq8096sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996aumdm9645sdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670qcs605_firmwareapq8076sc8180xmdm9206sdm670_firmwaresdx24_firmwareapq8076_firmwaresdm636sda845_firmwaresa415mmdm9635mapq8098mdm9615mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresdm660mdm9655_firmwaresc8180x_firmwaresa415m_firmwaresdm710qm215sc7180_firmwaremdm9607mdm9645_firmwareapq8017_firmwaresdm710_firmwaremdm9150msm8937mdm9207c_firmwaremsm8905mdm9207csm8150_firmwaremsm8909mdm9655apq8096ausdm439_firmwarerennellsc7180sdm630_firmwaresda660_firmwarerennell_firmwareqm215_firmwaremsm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaremdm9615_firmwaremsm8998sm8150sdx20_firmwaresdm850kamortaapq8017nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-10572
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.36% / 57.61%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 05:25
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper check in video driver while processing data from video firmware can lead to integer overflow and then buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCS405, QCS605, QM215, SA6155P, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausm7150apq8009_firmwaremsm8917sdm670qcs605_firmwaremdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwareapq8098mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009apq8053_firmwaresda845nicobarsa6155p_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660msm8920_firmwaresdm630mdm9607_firmwareqcs405sdm710qm215mdm9607apq8017_firmwaresdm710_firmwaresa6155pmsm8937mdm9207c_firmwaremsm8905mdm9207csm8150_firmwareapq8096ausdm439_firmwareqcs405_firmwaresdm630_firmwaresda660_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaremsm8998sm8150sdx20_firmwareapq8017nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2017-11088
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.26% / 48.99%
||
7 Day CHG~0.00%
Published-06 Jul, 2018 | 17:00
Updated-17 Sep, 2024 | 03:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper Input Validation in Linux io-prefetch in Snapdragon Mobile and Snapdragon Wear, A SQL injection vulnerability exists in versions MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 835, SD 845.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_652sd_212_firmwaresd_625_firmwaresd_450msm8996au_firmwaresd_205_firmwaresd_845sd_430_firmwaresd_430sd_650_firmwaresd_625sd_210msm8909w_firmwaremsm8996ausd_820sd_650sd_820_firmwaresd_835_firmwaresd_835sd_205sd_450_firmwaresd_845_firmwaresd_210_firmwaresd_652_firmwaresd_617msm8909wsd_212sd_617_firmwareSnapdragon Mobile, Snapdragon Wear
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2020-11212
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.27% / 50.33%
||
7 Day CHG~0.00%
Published-21 Jan, 2021 | 09:41
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bounds reads while parsing NAN beacons attributes and OUIs due to improper length of field check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100qfs2580qca1023qca8337ar9380qfs2530qln1030qpa8688pm6125qcn5124mdm9645pm8150aqdm5670sa6155pm7150lqpa8821mdm8215apq8076qfe2320msm8108sa415mwcn3998wcn3950sm4125sd720gwtr1605wcn3660bqfe4320qcc112sd6905gpm855pqca6420pm6150apm8150bqca0000qfe2101qca6430qat3522qfe4455fcpmr735awcd9340sd765gsdr660qfe3345sdr865smb1358smr545qln5020wcd9371smb1350pmm8920ausa8150pwtr3950pm6350qdm5621qfe3340qtc800ssd660sd712qcn5121pm6150lsd450sd8885gqtc410swcn3991qpa8801ipq8078ipq8173sdxr25gpm6150qca6574qfs2630qpa8842pmm8996auwcd9380qualcomm215qln4640qcs410smb1381qcn5024pm7250wtr4905qpa8803pmd9645qdm2301wsa8815wcn6850qpm6375ipq6028ipq8064sd835pmp8074qca1990sd730pm8008pme605qca6234qcn5054qcs603rsw8577qca9994qca9980qpm5621qpm6582sd670qfe4303wcn6855pm8150lsa6145ppm215ar8031qpm5577wtr2965pm8150qca4024sdx55apq8053csra6640pmi8994wcn3660qca9379pm855bsmb2351qln1031qcn7606qpm5870pm8909qfe1040wsa8830pm660qpm6325qbt1500qpa5581csrb31024mdm9650qca9378apmk8001qca9992qcs4290pmm855auqet6100mdm9250smb1396pm7150aipq8072pm8350qca6564qca6426qca9377qca4531qpm5641whs9410wtr2955qdm5620qln1021aqipq8074asmb1380apq8094sa8155qca6584qat5533wcn3615pm8940qpm6670wcd9306qca6584aumsm8208qpm4641ipq8174pm855sd429pm8250qcn5052qca9367apq8092sdm630qdm4643pmx55qcn9074sd205qca6421qdm3301sa8195ppm8953qat5515qca6694qpm5677qat3514wcd9326wcd9335qcn6023pm439qpm5620qpm4630qca6390wcd9375aqt1000msm8976pmm8195auqln4642msm8994qfe2310pmi8937pm8998msm8916apq8017pm8019qca6595qpm8830apq8039qat5522pm8150cpmr735bqpa4360qcn5154qpa4361mdm9206pm8350csmr525qca9888pmr525mdm9615msm8929qca9886sd665qca6175asd765pmx20pmd9607qat3555apq8009qpa5461mdm9310qfe2082fcqfs2608qln1036aqqtc801sqfe3320sd710mdm9607qcn5122qpm6621pmx50pm8018qcn5022sdr8250sd768gpm8004pm640lmsm8940pmk8002qca8075qcn6024qcn9022sd845sdm830smb1357qpa5580qpm5579qfe2550qcs610qcn5550pmi8996qfe1045qdm2307qpa8802qat3519ipq8078aqtc800hqcs2290qca6335msm8917qcn5064qln1020wtr3905qca1990aqdm5671pmc1000hqfe2330qat3518sd632sd8cipq8076amdm9628qpa5460qca4020qca6428qdm5652ipq8071qpm8870qpm5679qbt2000wcd9360sdx20mwtr1625lsdr735gwcn3999qsm7250pm8996qcs6125ipq6010smb1360qcs405qfe3440fcqca6436wcn6851sa6155pqpa6560msm8937wcd9341pmi8952mdm9655qca6431sd750gqpm5657qdm5650wcn3988qca6438wtr3925qfe2080fcsdr052smb1390qca9898ipq4028qet4100wcn3610msm8608mdm9640qpm6585smb1355ipq8072aqln4650wcd9330wgr7640csr6030qat5568qet5100sd636qca6564auqcn5164pm8994pm7250bsdr735smb1395smb358spm660lar8151smr526wtr5975qca6174pmk8003wcn3980qsw8573msm8939qcs605qbt1000sd7cqca6320wcn3910wcn3680qca9984qfe4309qcn9024pm8009qpa8675sdx55mpm670aqfe4373fcmsm8953qsw8574pmi8998qfe2520pm855lipq8070sd8655gqfe4302pm670qdm5677pm8005ipq6018qdm2302pmm6155ausdxr1apq8096auqpm5875qet5100msa8155psd675wtr4605sd439qet4101pm8952qat3516pm670lqpm5658qcm2290qfe4465fcsdr051qcn9070qln5030pm4125pmi632pm456qca9378csra6620qpa5373qpm4621qcn9072sdr660gqfe2340sd455qpa8686ipq6000wcd9370sdr425ipq5018qca9369qcn7605qpm5541qat5516sd662qfe4308pm8350bhapq8037pm3003aqca6595auqtc800tsmb1354ipq5010qdm2305qca6310qpm8820pm8937qpm2630qfe2081fcqca9990smb1398sd821sdr675msm8992sm6250smb231qfe1100qca4010qet4200aqqca8081ipq8071awcd9385pmm8155auar8035csr8811apq8064auqpa8673qdm2310sd210sd820wcn3620qca6564asmr546pmx24qet6110qln5040qca8072qpm8895sdr845qpm5670wcn3990qcn9000qtm527pmk8350sdx24qcn9012pm8350bwsa8835msm8996auqfe1035pmi8940sm6250prgr7640auqln1035bdpm855aipq4018qca6574aqca9889qca6174aipq8074qpm4640wcn6750qpm4650qtm525sa515mwtr6955qfe3335sd855sd8cxqfe4305ipq8076pm640pqcn5021ipq8069qcn5152msm8209sd460qca6391smb1351ipq6005msm8920qcn9100mdm9626pm660aqpa4340qcm4290sdx50mpm640asdr8150sdx20pm8916qdm4650mdm9215pmd9655qca6574auqsw6310qcm6125wsa8810qdm2308qat3550wcn6856qdm5679wcn3680bqca6696qfe4301sm4350apq8016qpa2625sa6150pipq8070asm7250pipq4029pm8956sd850pm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-10422
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.32% / 54.14%
||
7 Day CHG~0.00%
Published-18 Apr, 2018 | 14:00
Updated-16 Sep, 2024 | 17:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear FSM9055, IPQ4019, MDM9206, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, improper access control in system call leads to unauthorized access.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9635m_firmwarefsm9055mdm9640_firmwaresd_820asd_412sd_617_firmwaresd_808_firmwaresd_400sdx20sd_425sd_430_firmwaremdm9650mdm9655_firmwaresd_650_firmwaresd_625sd_210sd_820_firmwaresd_820mdm9645mdm9645_firmwaresd_650sd_808fsm9055_firmwaresd_450_firmwaresd_800sd_845_firmwaresd_410sd_617sd_820a_firmwaresd_400_firmwareipq4019_firmwaremdm9206sd_652sd_425_firmwaresd_212_firmwaresd_800_firmwaresd_850_firmwaresd_625_firmwaresd_450mdm9655sd_412_firmwaremdm9635msd_845mdm9206_firmwaresd_430ipq4019sd_810sd_835_firmwaremdm9650_firmwaresdx20_firmwaresd_410_firmwaresd_835sd_205sd_210_firmwaresd_652_firmwaresd_810_firmwaresd_205_firmwaresd_212mdm9640Small Cell SoC , Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-284
Improper Access Control
CVE-2016-10430
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 55.03%
||
7 Day CHG~0.00%
Published-18 Apr, 2018 | 14:00
Updated-16 Sep, 2024 | 16:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, when executing a TA which has been granted privileges to the CPVC MINK class it is possible for the TA to access methods exposed by the CPVC interface.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_652sd_425_firmwaresd_820asd_625_firmwaresd_450sd_425sd_430_firmwaresd_430sd_625sd_820_firmwaresd_820sd_650sd_450_firmwaresd_652_firmwaresd_820a_firmwaresd_650_firmwareSnapdragon Automobile, Snapdragon Mobile
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2016-10412
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.35% / 56.97%
||
7 Day CHG~0.00%
Published-18 Apr, 2018 | 14:00
Updated-17 Sep, 2024 | 00:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Mobile, and Snapdragon Wear FSM9055, MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, an integer overflow leading to buffer overflow can potentially occur in a memory API function.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9635m_firmwarefsm9055mdm9640_firmwaresd_412sd_617_firmwaresd_808_firmwaresd_400sdx20sd_415sd_616sd_425sd_430_firmwaremdm9607_firmwaresd_615mdm9650sd_650_firmwaresd_625sd_615_firmwaremsm8909w_firmwaremdm9607sd_210sd_820_firmwaresd_650sd_820sd_808fsm9055_firmwaresd_450_firmwaresd_800sd_410sd_617sd_400_firmwaremdm9206sd_652sd_425_firmwaresd_212_firmwaresd_800_firmwaresd_625_firmwaresd_450sd_412_firmwaremdm9635mmdm9615mdm9206_firmwaresd_430sd_810sd_835_firmwaremdm9615_firmwaremdm9650_firmwaresdx20_firmwaresd_410_firmwaresd_835sd_205sd_600_firmwaresd_210_firmwaresd_415_firmwaresd_652_firmwaresd_600msm8909wsd_810_firmwaresd_616_firmwaresd_205_firmwaresd_212mdm9640Small Cell SoC , Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-10559
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.32% / 54.17%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 08:30
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Accessing data buffer beyond the available data while parsing ogg clip can lead to null-pointer dereference and then memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8939, MSM8953, MSM8996, MSM8996AU, Nicobar, QCS405, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-msm891_firmwaresdm632_firmwaremsm8996au_firmwaresdm450_firmwaresdm632sdm439sdm429sm7150_firmwaresm6150msm8909w_firmwaremsm8996ausm7150apq8009_firmwaresxr2130qcs605_firmwaremdm9206sdm636sda845_firmwareapq8098mdm9206_firmwaremsm8939qcs605sdm429_firmwaremsm8905_firmwaresda660sxr1130_firmwareapq8064_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarmsm8953sdm450apq8064sdm636_firmwareapq8098_firmwaresdx20sdm660sdm630mdm9607_firmwaresm8250_firmwareqcs405qm215mdm9607apq8017_firmwaremsm8939_firmwaremdm9207c_firmwaremsm8996_firmwaremsm8905mdm9207csm8150_firmwaremsm8909sxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwaresdm630_firmwaresda660_firmwareqm215_firmwaremsm8953_firmwareapq8053apq8096au_firmwaresm6150_firmwaresm8250sm8150sdx20_firmwareapq8017msm8996nicobar_firmwaresdm660_firmwaremsm891Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2018-5882
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.37% / 58.01%
||
7 Day CHG~0.00%
Published-06 Jul, 2018 | 17:00
Updated-16 Sep, 2024 | 23:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While parsing a Flac file with a corrupted comment block, a buffer over-read can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_820amsm8996au_firmwaresdx20sd_415sd_616sd_425sd_430_firmwaremdm9607_firmwaresd_615mdm9650sd_650_firmwaresd_625sd_615_firmwaremsm8909w_firmwaremdm9607msm8996ausd_210sd_650sd_820_firmwaresd_820sd_450_firmwaresd_845_firmwaresd_617sd_820a_firmwaremdm9206sd_652sd_425_firmwaresd_212_firmwaresd_625_firmwaresd_450sd_845mdm9206_firmwaresd_430sd_835_firmwaremdm9650_firmwaresdx20_firmwaresd_600_firmwaresd_205sd_835sd_210_firmwaresd_600sd_415_firmwaresd_652_firmwaremsm8909wsd_616_firmwaresd_205_firmwaresd_212sd_617_firmwareSnapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-30351
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.39% / 59.47%
||
7 Day CHG~0.00%
Published-03 Jan, 2022 | 07:26
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out of bound memory access can occur due to improper validation of number of frames being passed during music playback in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarefsm10055sa6150p_firmwaresm6250p_firmwareqcs610ipq4028_firmwareqcn5550qca8337ar9380ipq8173_firmwarewcd9360_firmwaresdx65qcn5124qca4024_firmwarewcn3950_firmwareipq8078asa8150p_firmwareqcs2290qca6595au_firmwaresa6155qcn5064csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwaresa415mwcn3998wcn3950ipq8076asd720gmdm9628mdm9206_firmwareqsw8573_firmwaresm6375_firmwarewcn3660bsd460_firmwaresm7315_firmwareqca6428qca6574au_firmwareqcn5164_firmwareipq8071wcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwaresdx12_firmwaremsm8909wapq8009w_firmwarewcd9360qca6438_firmwareipq8070_firmwareqca9367_firmwareipq8065ipq8078a_firmwarewcn3999qrb5165_firmwareqca7500ipq8072_firmwareipq4029_firmwaresa8155_firmwareipq6010sd662_firmwareipq8068qcs405wcd9340sd765gqualcomm215_firmwarefsm10056_firmwareqca6436wcn6851sa6155pqcs603_firmwaremdm9250_firmwareqca9888_firmwarewcd9341ipq8068_firmwareqca6696_firmwaresd870_firmwaresd750gwcn3910_firmwaresa8150pwsa8830_firmwareqca9992_firmwaresd660sd865_5g_firmwaresd855_firmwarewcn3988qca6438sd660_firmwaresa8195p_firmwareqcn5022_firmwarewcn6750_firmwareqca9898ipq4028wcn3610qca6428_firmwaresm6375qca9985_firmwarewcn3991ipq4018_firmwareqca8337_firmwaresda429w_firmwarewcd9380_firmwareipq8072aqca7500_firmwareqca9980_firmwaresdm429wwcd9330msm8996au_firmwareipq8076a_firmwareqca6564ausdx55m_firmwareipq8173wcn6856_firmwareqcn5164qet4101_firmwareqca6574csr8811_firmwarewcd9380qualcomm215qcs410qcn5024sd690_5g_firmwaresdx24_firmwareqca9985wcd9335_firmwareqcn5052_firmwarewcn3980ipq6018_firmwareqsw8573qcs605wcd9340_firmwarewsa8815wcn6850wcn3910qca6426_firmwarewcn3660b_firmwareqca9984ipq6028ipq8064wcn3980_firmwaresd730qcn5550_firmwarewcd9330_firmwaresdx55mipq8064_firmwarewcn6740_firmwareqcn5064_firmwaresd678_firmwarear8031_firmwareqrb5165wcn6851_firmwareqcs603ipq8070qca9994qca9980qca6564a_firmwareipq8174_firmwareapq8009wqca9880qcm4290_firmwaresd480sd870wcn6855sd210_firmwareqcs610_firmwareqsm8250sa6145pipq6018qca9886_firmwaresdxr1ar8031qcs405_firmwaresa8145pqca6391_firmwareqca4024wcd9370_firmwaresd780g_firmwaresdx55sd888_firmwaresa8155pcsra6640sd675qet4101ar8035_firmwareqcm2290qsm8250_firmwareqcn5024_firmwarewcn3991_firmwaremdm9150_firmwarewsa8830sd678sa8145p_firmwareqcs2290_firmwarefsm10056csrb31024mdm9628_firmwarecsra6620fsm10055_firmwareqca9880_firmwareqca9992qcs4290mdm9250sd765g_firmwareqca6390_firmwareapq8009_firmwaresd690_5gipq6000sd730_firmwarewcd9370sd675_firmwareipq8072qcn5152_firmwareqca6564qca6426qca6584au_firmwarewcn3990_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwareqca9377sm8450sdw2500_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwareipq8074asd662qcn5124_firmwaresa8155wcn3680b_firmwareqcn5122_firmwaresdx55_firmwarewcn3615qca6595auwcn3999_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwareqrb5165nqca6564au_firmwareqca6584ausd778gsa6155p_firmwaresm6225ipq8174sd429sa515m_firmwareqca9990qcs6490qcn5052qca9367sdxr2_5gmdm9607_firmwaresa415m_firmwarewcn3988_firmwareqcn9074sd205sd429_firmwaresa6145p_firmwaresd778g_firmwaresm6250sa8195papq8017_firmwarewsa8810_firmwaresm8450_firmwaresd765_firmwarewcd9326wcd9335qca8081ipq8071aqca6174a_firmwareipq8071a_firmwareqcs4290_firmwarewcd9385qcs6490_firmwareqca6390qca9898_firmwaresd750g_firmwareaqt1000wcd9375ar8035sm6250_firmwarecsr8811sda429wsd210wcn3620_firmwaresdx20_firmwareipq8074a_firmwaresd888_5g_firmwarewsa8815_firmwareqcm6490wcn6850_firmwarewsa8835_firmwarewcn3620apq8017qcx315qca6564aqcm2290_firmwarewcn3990qcn9000sd_675sd780gsd865_5gar9380_firmwaresdx24sm8450p_firmwaresd888msm8909w_firmwareipq8065_firmwareqcx315_firmwarewsa8835msm8996ausd665_firmwaresdm429w_firmwaresd888_5gsm6250pqca8075_firmwareipq4018qca6574amdm9206wcn6855_firmwareqca9889qca6174asm7325pqca9888ipq8074qca9994_firmwarewcn6750ipq8070a_firmwareipq8076_firmwaresa515mqca6574_firmwareqca9886sd855sm7325p_firmwaresd665ipq8076sd765qca6574a_firmwareqcn5152sd768g_firmwaresm7315apq8009sd460qca6391sdxr1_firmwareaqt1000_firmwaresdx65_firmwareqcm4290csrb31024_firmwareqcm6490_firmwaresdx20sd480_firmwareipq6028_firmwareipq8072a_firmwaresm6225_firmwareipq8074_firmwareqca6574auqca9889_firmwaresa8155p_firmwaremdm9607qcn5122sd205_firmwarewcd9341_firmwarewsa8810sm8450pmdm9150wcn6856qcn5022wcn3680bqca6564_firmwaresd768gipq6010_firmwarewcn6740qca6696sd845_firmwaresdw2500sa6150pqca8075sd845qca9990_firmwareipq8070asm7250pipq6000_firmwaresd720g_firmwaresdx12ipq8071_firmwareqcs410_firmwareqcn9074_firmwareipq4029Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-3688
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.37% / 58.07%
||
7 Day CHG~0.00%
Published-30 Jul, 2020 | 11:40
Updated-04 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow while parsing mp4 clip with corrupted sample atoms due to improper validation of index in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Kamorta, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA6574AU, QCM2150, QCS405, QCS605, QM215, Rennell, SA6155P, Saipan, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-kamorta_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdm439sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaremdm9206sdm670_firmwaresdm636sda845_firmwareapq8098mdm9206_firmwareqcs605msm8937_firmwaresdm429_firmwaremsm8905_firmwareqca6574au_firmwaresda660sxr1130_firmwaresxr1130msm8909wapq8009apq8053_firmwaresda845nicobarsa6155p_firmwaremsm8920msm8953sdm450sdm636_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwaresdm660qcs405qca6574ausdm710qm215mdm9607apq8017_firmwaresdm710_firmwaresa6155pmsm8937mdm9207c_firmwaremsm8996_firmwaremsm8905mdm9207csm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwarerennellsdm630_firmwaresda660_firmwarerennell_firmwareqm215_firmwaremsm8953_firmwaremsm8940saipan_firmwaresm6150_firmwareapq8053msm8917_firmwareapq8096au_firmwaremsm8998sm8150sdx20_firmwaresm8250kamortaapq8017msm8996saipannicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-3671
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.31% / 53.61%
||
7 Day CHG~0.00%
Published-30 Jul, 2020 | 11:40
Updated-04 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free issue could occur due to dangling pointer when generating a frame buffer in OpenGL ES in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8009, Nicobar, QCM2150, QCS405, Saipan, SDM845, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm2150_firmwaresm8150_firmwaresxr2130_firmwareqcs405_firmwaresdm845qcm2150sm8250_firmwareqcs405saipan_firmwaresm8250sm8150apq8009_firmwarenicobar_firmwareapq8009saipansxr2130nicobarsdm845_firmwareSnapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-416
Use After Free
CVE-2018-13918
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.12% / 31.76%
||
7 Day CHG~0.00%
Published-04 Apr, 2019 | 15:09
Updated-05 Aug, 2024 | 09:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

kernel could return a received message length higher than expected, which leads to buffer overflow in a subsequent operation and stops normal operation in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, QCS605, Qualcomm 215, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 675, SD 712 / SD 710 / SD 670, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDM439, SDX24, SM7150

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_712sd_850mdm9150_firmwaresd_632sd_855sd_820asd_675sd_439sd_670_firmwaresd_425sd_429sdx24sdm439mdm9607_firmwaresd_710_firmwaremdm9650sm7150_firmwaresd_625msm8909w_firmwaremdm9607qm215sd_450_firmwaresd_845_firmwaresm7150sd_439_firmwaresd_820a_firmwaremdm9150sd_429_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_425_firmwaresd_850_firmwaresdx24_firmwaresd_625_firmwaresd_450sdm439_firmwaresd_712_firmwaresd_845qm215_firmwareqcs605mdm9206_firmwaresd_670sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_710sd_835msm8909wsd_855_firmwareSnapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables,
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-13912
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.11% / 29.27%
||
7 Day CHG~0.00%
Published-25 Feb, 2019 | 23:00
Updated-05 Aug, 2024 | 09:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Arbitrary write issue can occur when user provides kernel address in compat mode in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaremdm9640_firmwaresd_820amsm8996au_firmwaresd_439snapdragon_mobile_firmwaresd_670_firmwaresd_429sdx24sdm439mdm9650sd_636msm8909w_firmwaremsm8996ausd_820sd_845_firmwaresd_820a_firmwareqcs605_firmwaremdm9206snapdragon_industrial_internet_of_things_firmwaresd_425_firmwaresnapdragon_auto_firmwaresnapdragon_mobilesdx24_firmwaresd_625_firmwaresnapdragon_voice_\&_music_firmwaresnapdragon_consumer_internet_of_thingssd_845mdm9206_firmwareqcs605snapdragon_autosnapdragon_voice_\&_musicsd_835_firmwaremdm9650_firmwaresnapdragon_connectivitysd_835sda660sd_210_firmwaremsm8909wsd_205_firmwaresd_212sd_712snapdragon_consumer_internet_of_things_firmwaresdx20sd_425sdm660sdm630mdm9607_firmwaresd_710_firmwaresd_625sd_210mdm9607sd_636_firmwaresd_820_firmwaresd_439_firmwaremdm9150sd_429_firmwaresd_212_firmwaresd_850_firmwaresdm439_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresnapdragon_connectivity_firmwaresd_670sd_710sdx20_firmwaresd_205sdm660_firmwaresnapdragon_industrial_internet_of_thingsmdm9640Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9997
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.31% / 53.80%
||
7 Day CHG~0.00%
Published-18 Apr, 2018 | 14:00
Updated-17 Sep, 2024 | 02:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9625, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 450, SD 625, SD 650/52, SD 808, and SD 810, lack of input validation in PRDiagMaintenanceHandler can leads to buffer over read.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9635m_firmwaresd_412sd_808_firmwaresd_400sd_415sd_616sd_425sd_430_firmwaresd_615sd_650_firmwaresd_625sd_615_firmwaremsm8909w_firmwaresd_210sd_650mdm9625_firmwaresd_808sd_450_firmwaresd_410sd_400_firmwaremdm9206sd_652sd_425_firmwaresd_212_firmwaresd_625_firmwaresd_450sd_412_firmwaremdm9635mmdm9625mdm9206_firmwaresd_430sd_810sd_410_firmwaresd_205sd_210_firmwaresd_415_firmwaresd_652_firmwaremsm8909wsd_810_firmwaresd_616_firmwaresd_205_firmwaresd_212Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9994
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.23% / 46.18%
||
7 Day CHG~0.00%
Published-18 Apr, 2018 | 14:00
Updated-16 Sep, 2024 | 17:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, lack of validation of input could cause a integer overflow that could subsequently lead to a buffer overflow.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_400_firmwaresd_400sd_800_firmwaresd_800Snapdragon Mobile
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2014-9995
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.23% / 46.18%
||
7 Day CHG~0.00%
Published-18 Apr, 2018 | 14:00
Updated-16 Sep, 2024 | 22:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, in drmprov_cmd_verify_key(), the variable feature_name_length is not validated. There is a check for feature_name_len + filePathLen but there might be an integer wrap when checking feature_name_len + filePathLen. This leads to a buffer overflow.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_400_firmwaresd_400sd_800_firmwaresd_800Snapdragon Mobile
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9998
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.31% / 53.80%
||
7 Day CHG~0.00%
Published-18 Apr, 2018 | 14:00
Updated-17 Sep, 2024 | 04:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, QCA4531, QCA6174A, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, QCA9558, QCA9880, QCA9886, QCA9980, SD 210/SD 212/SD 205, SD 425, SD 625, SD 808, SD 810, SD 820, and SDX20, while processing firmware image signature, the internal buffer may overflow if the firmware signature size is large.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwareqca6584aumdm9635m_firmwareqca4531_firmwaremdm9640_firmwaresd_808_firmwareqca9980_firmwaresdx20sd_425mdm9607_firmwareqca9378mdm9650qca9558qca9558_firmwareqca6574ausd_625sd_210mdm9607qca9980mdm9645mdm9645_firmwareqca9880_firmwaresd_820_firmwareqca9880sd_808sd_820ipq4019_firmwaremdm9206qca6174a_firmwareqca6174asd_212_firmwaresd_425_firmwareqca9379_firmwareqca9886_firmwareqca6584au_firmwaresd_625_firmwareqca9377mdm9635mqca4531mdm9206_firmwareipq4019qca9886qca6584_firmwaresd_810mdm9650_firmwaresdx20_firmwareqca9378_firmwaresd_205ipq8064qca6574au_firmwaresd_210_firmwareqca6584qca9379sd_810_firmwaresd_205_firmwareipq8064_firmwaresd_212mdm9640Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9987
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.22% / 44.32%
||
7 Day CHG~0.00%
Published-18 Apr, 2018 | 14:00
Updated-17 Sep, 2024 | 00:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, a buffer over-read can occur in a DRM API.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_820asd_412sd_808_firmwaresd_415sd_616sd_425sd_430_firmwaresd_615mdm9650sd_650_firmwaresd_625sd_615_firmwaresd_210sd_820_firmwaresd_820sd_650sd_808sd_450_firmwaresd_845_firmwaresd_410sd_617sd_820a_firmwaremdm9206sd_652sd_425_firmwaresd_212_firmwaresd_850_firmwaresd_625_firmwaresd_450sd_412_firmwaresd_845mdm9206_firmwaresd_430sd_810sd_835_firmwaremdm9650_firmwaresd_410_firmwaresd_835sd_205sd_210_firmwaresd_415_firmwaresd_652_firmwaresd_810_firmwaresd_616_firmwaresd_205_firmwaresd_212sd_617_firmwareSnapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2023-21637
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 6.50%
||
7 Day CHG~0.00%
Published-04 Jul, 2023 | 04:46
Updated-02 Aug, 2024 | 09:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Restrictions of Operations within the Bounds of a Memory Buffer in Linux

Memory corruption in Linux while calling system configuration APIs.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_865_5gwsa8830wcd9380_firmwaresa6150p_firmwarewcn3990sa8145p_firmwaresw5100psd865_5gfastconnect_6800snapdragon_855\+\/860_firmwarewcd9360_firmwaresnapdragon_855wsa8835snapdragon_auto_5g_firmwarewcd9380sa8150p_firmwareqca6420_firmwareqca6595au_firmwaresnapdragon_865\+_5gsnapdragon_x55_5gsnapdragon_wear_4100\+snapdragon_855_firmwaresxr2130qca6574asnapdragon_auto_5gsnapdragon_835_firmwareqca6426snapdragon_855\+\/860wcn3990_firmwareqca6310_firmwareqca6430_firmwarewcd9335_firmwarewcn3980fastconnect_6200wcd9340_firmwarewcn3660bsd855wsa8815qca6320qca6426_firmwarewcn3660b_firmwareqca6320_firmwaresnapdragon_x55_5g_firmwareqca6574au_firmwaresdx55_firmwarewcn3680b_firmwareqca6574a_firmwareqca6595aufastconnect_6200_firmwaresd835wcn3980_firmwareqca6391wcn3610_firmwareqca6420qca6436_firmwarewcd9360snapdragon_w5\+_gen_1_firmwaresnapdragon_xr2_5gsnapdragon_w5\+_gen_1aqt1000_firmwaresa6155p_firmwareqca6310snapdragon_wear_4100\+_firmwarefastconnect_6900fastconnect_6900_firmwarewcn3988_firmwareqca6430qca6574ausa6145p_firmwaresnapdragon_870_5gsa8155p_firmwarewcd9340sa8195pwsa8810_firmwarewcd9341_firmwaresw5100wsa8810qca6436wcd9335sa6155psw5100p_firmwaresnapdragon_865\+_5g_firmwaresa6145pwcn3680bsd835_firmwaresnapdragon_835sxr2130_firmwarewcd9341qca6696_firmwaresa8145pqca6696qca6391_firmwaresnapdragon_xr2_5g_firmwareaqt1000sa8150psa6150psdx55sa8155pwsa8830_firmwaresnapdragon_870_5g_firmwaresd855_firmwaresd865_5g_firmwarewcn3988wsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresw5100_firmwarefastconnect_6800_firmwaresnapdragon_865_5g_firmwarewcn3610Snapdragon
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-21633
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 6.50%
||
7 Day CHG~0.00%
Published-04 Jul, 2023 | 04:46
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Restriction of Operations within the Bounds of a Memory Buffer in Linux

Memory Corruption in Linux while processing QcRilRequestImsRegisterMultiIdentityMessage request.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6431sw5100psa6150p_firmwaresd865_5gsxr1120qca6595qcs610_firmwarewcd9335sxr2130_firmwarewcd9370snapdragon_730gqca6696wcd9341_firmwareqca6426snapdragon_720g_firmwareqca6564auwcn3610sm6250p_firmwarewsa8815_firmwaresnapdragon_865_5gsa8195p_firmwaresnapdragon_wear_4100\+_firmwareqca6426_firmwareqca6574au_firmwaresnapdragon_w5\+_gen_1qca6564_firmwaresm7250p_firmwareqam8295pwcd9341qca6574auvision_intelligence_400_firmwarewcn3950wsa8810_firmwaresd730_firmwaresnapdragon_690_5gsnapdragon_690_5g_firmwaresnapdragon_865\+_5gsnapdragon_765_5gwcn3660b_firmwaresd730fastconnect_6800_firmwaresa8295p_firmwaresnapdragon_855\+\/860sd_675_firmwaresd835_firmwaresnapdragon_865\+_5g_firmwaresm6250_firmwaresm7250psa8155snapdragon_768g_5g_firmwarevideo_collaboration_vc1_platform_firmwaresnapdragon_710_firmwaresnapdragon_x50_5gsnapdragon_xr2_5g_firmwaresnapdragon_xr1_firmwaresw5100_firmwaresnapdragon_732gsnapdragon_710sxr1120_firmwaresnapdragon_730fastconnect_6800snapdragon_wear_4100\+snapdragon_765g_5g_firmwareqca6595_firmwarefastconnect_6900video_collaboration_vc1_platformwcd9371snapdragon_855\+\/860_firmwarewcd9385_firmwareqca6421fastconnect_6900_firmwaresnapdragon_670sa6145p_firmwaresa6155_firmwaresnapdragon_678_firmwaresa8155_firmwarewcd9380snapdragon_xr2_5gsa8150psnapdragon_732g_firmwaresnapdragon_765g_5gsnapdragon_x50_5g_firmwaremsm8996au_firmwaresa6155pqca6421_firmwareqca6564au_firmwarewsa8810snapdragon_670_firmwaresnapdragon_855_firmwaresw5100video_collaboration_vc3_platformqca6595auaqt1000snapdragon_678snapdragon_865_5g_firmwarewcd9326_firmwaresa6155p_firmwaresnapdragon_730g_firmwareqam8295p_firmwaresd855qca6431_firmwaresd835wcn3990_firmwaresnapdragon_750g_5gqca6564a_firmwareqca6436_firmwareqca6698aq_firmwarewcd9385wcd9371_firmwarewcn3610_firmwaresnapdragon_675_firmwareqca6420qca6430apq8064au_firmwaresm6250pwcd9370_firmwaresnapdragon_855sdx55_firmwaresnapdragon_x55_5gsnapdragon_765_5g_firmwarewcn3660bqca6574asxr2130sa8195psnapdragon_750g_5g_firmwaresnapdragon_870_5gqca6420_firmwareaqt1000_firmwaresnapdragon_x55_5g_firmwarewcn3988sd855_firmwarewcd9335_firmwarewcn3980_firmwareqca6436qca6574wsa8835qca6595au_firmwareqca6391_firmwaresd675_firmwareqca6430_firmwaresw5100p_firmwareqca6696_firmwarewcd9380_firmwaresnapdragon_820_firmwaresa6150pqca6574_firmwarewcd9326sa8155p_firmwarewsa8815qca6564asa8155pwsa8830snapdragon_870_5g_firmwaresa6145psnapdragon_730_firmwaresnapdragon_720gqca6574a_firmwaresdx55msm8996auqca6564sa6155snapdragon_820sd675wcd9375_firmwaresnapdragon_w5\+_gen_1_firmwareqca6391apq8064auqca6698aqwcn3950_firmwaresm6250sa8295psnapdragon_675fastconnect_6200sd670wcn3680bsa8145p_firmwaresd865_5g_firmwaresnapdragon_xr1wcd9375sa8150p_firmwarewcn3988_firmwaresnapdragon_768g_5gvideo_collaboration_vc3_platform_firmwaresa8145psd_675wcn3990vision_intelligence_400wsa8835_firmwaresd670_firmwarewcn3980fastconnect_6200_firmwarewsa8830_firmwarewcn3680b_firmwareqcs610Snapdragonqualcomm_video_collaboration_vc1_platform_firmwarewcd9380_firmwaresa6150p_firmwaresm6250p_firmwaresa8145p_firmwaremsm8996au_firmwareqca6431_firmwaresnapdragon_820_automotive_platform_firmwaresnapdragon_670_mobile_platform_firmwaresd670_firmwarewcn3950_firmwaresa8150p_firmwareqca6420_firmwareqca6595au_firmwaresd730_firmwaresd_675_firmwaresd675_firmwarewcn3990_firmwareqca6430_firmwarewcd9335_firmwarequalcomm_video_collaboration_vc3_platform_firmwarewcd9371_firmwarewcd9385_firmwarewcd9326_firmwareqca6574_firmwareqam8295p_firmwaresnapdragon_xr2_5g_platform_firmwareqca6426_firmwarewcn3660b_firmwareqca6574a_firmwarefastconnect_6200_firmwarewcn3680b_firmwareqca6574au_firmwaresdx55_firmwarewcd9375_firmwaresa6155_firmwarewcn3980_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwaresnapdragon_x50_5g_modem-rf_system_firmwareqca6421_firmwareaqt1000_firmwareqca6564au_firmwaresa6155p_firmwaresnapdragon_690_5g_mobile_platform_firmwareapq8064au_firmwaresa8155_firmwarefastconnect_6900_firmwarewcn3988_firmwaresa6145p_firmwaresa8155p_firmwareqca6564a_firmwarewsa8810_firmwarewcd9341_firmwaresw5100p_firmwareqcs610_firmwareqca6698aq_firmwaresd835_firmwareqca6564_firmwaresxr2130_firmwareqca6696_firmwareqca6595_firmwareqca6391_firmwaresnapdragon_710_mobile_platform_firmwaresnapdragon_855_mobile_platform_firmwarewcd9370_firmwaresm6250_firmwarevision_intelligence_400_platform_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwaresw5100_firmwarefastconnect_6800_firmwaresxr1120_firmwaresa8295p_firmwaresnapdragon_720g_mobile_platform_firmwaresnapdragon_750g_5g_mobile_platform_firmwaresnapdragon_xr1_platform_firmwaresnapdragon_675_mobile_platform_firmware
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-21663
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 3.48%
||
7 Day CHG~0.00%
Published-05 Sep, 2023 | 06:24
Updated-02 Aug, 2024 | 09:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Restrictions of Operations within the Bounds of a Memory Buffer in Display

Memory Corruption while accessing metadata in Display.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sda429w_firmwarewcd9380_firmwaresa6150p_firmwarewsa8830sa8145p_firmwaresw5100pqcc5100wcn6856_firmwarewsa8835sd_8_gen1_5gwcd9380sa8150p_firmwaresd888_5gqca6420_firmwarewcn6855_firmwareqca6430_firmwarewcn3980wcn3998wcd9385_firmwaresd_8_gen1_5g_firmwaresd855wcn3660bwcn6850wsa8815wcn3660b_firmwarewcn7850qca6574au_firmwarewcn3680b_firmwarewcn3998_firmwarewcn3980_firmwarewcn3610_firmwareqca6420qcc5100_firmwareaqt1000_firmwaresa6155p_firmwarewcn7851wcn6851_firmwarewcn3988_firmwareqca6430qca6574ausa6145p_firmwaresa8155p_firmwaresa8195pwsa8810_firmwarewcd9341_firmwaresw5100wsa8810wcn6855wcn6851sa6155psw5100p_firmwarewcn7851_firmwarewcn6856sa6145pwcn3680bwcd9385wcd9341qca6696_firmwaresa8145pqca6696aqt1000sa8150psa6150psa8155pwsa8830_firmwaresda429wsd855_firmwarewsa8815_firmwarewcn3988wsa8835_firmwaresd888_5g_firmwarewcn6850_firmwarewcn7850_firmwaresa8195p_firmwaresw5100_firmwarewcn3610Snapdragon
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-21634
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 11.11%
||
7 Day CHG~0.00%
Published-05 Dec, 2023 | 03:03
Updated-02 Aug, 2024 | 09:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Restriction of Operations within the Bounds of a Memory Buffer in Radio Interface Layer

Memory Corruption in Radio Interface Layer while sending an SMS or writing an SMS to SIM.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_855\+\/860_mobile_platform_firmwarewsa8830wcd9380_firmwaresa6150p_firmwarewcn3990sa8145p_firmwaresw5100psd865_5gfastconnect_6800snapdragon_w5\+_gen_1_wearable_platformsnapdragon_835_mobile_pc_platformsnapdragon_870_5g_mobile_platform_firmwaresnapdragon_865_5g_mobile_platformwsa8835wcd9380sa8150p_firmwareqca6420_firmwareqca6595au_firmwaresnapdragon_wear_4100\+_platform_firmwaresnapdragon_855\+\/860_mobile_platformsxr2130snapdragon_wear_4100\+_platformqca6426wcn3990_firmwareqca6310_firmwareqca6430_firmwarewcd9335_firmwarewcn3980fastconnect_6200wcd9340_firmwarewcn3660bsd855wsa8815qca6320snapdragon_865\+_5g_mobile_platformsnapdragon_xr2_5g_platform_firmwareqca6426_firmwarewcn3660b_firmwareqca6320_firmwaresnapdragon_x55_5g_modem-rf_systemqca6574au_firmwaresnapdragon_835_mobile_pc_platform_firmwarewcn3680b_firmwarefastconnect_6200_firmwareqca6595ausd835wcn3980_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareqca6391wcn3610_firmwareqca6420qca6436_firmwaresnapdragon_w5\+_gen_1_wearable_platform_firmwareaqt1000_firmwaresa6155p_firmwareqca6310snapdragon_865\+_5g_mobile_platform_firmwaresnapdragon_870_5g_mobile_platformsnapdragon_xr2_5g_platformfastconnect_6900fastconnect_6900_firmwarewcn3988_firmwareqca6430qca6574ausa6145p_firmwaresa8155p_firmwarewcd9340sa8195pwsa8810_firmwarewcd9341_firmwaresw5100wsa8810qca6436wcd9335sa6155psw5100p_firmwaresa6145pwcn3680bsd835_firmwaresxr2130_firmwarewcd9341qca6696_firmwaresa8145pqca6696qca6391_firmwaresnapdragon_855_mobile_platform_firmwareaqt1000sa8150psa6150psa8155pwsa8830_firmwaresd855_firmwaresd865_5g_firmwarewcn3988wsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwaresw5100_firmwarefastconnect_6800_firmwaresnapdragon_855_mobile_platformwcn3610Snapdragon
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-21628
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.05% / 16.49%
||
7 Day CHG~0.00%
Published-06 Jun, 2023 | 07:39
Updated-02 Aug, 2024 | 09:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in WLAN HAL

Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresnapdragon_850_mobile_compute_platform_firmwaremdm9640_firmwaresm6250p_firmwareipq4028_firmwareqca1023ar9380ipq8173_firmwareqcn5124mdm9645wcn3950_firmwaresc8180x\+sdx55sm4450_firmwareqca6595au_firmwaresa6155mdm8215home_hub_100_platformsd_455_firmwareapq8076qcs6125_firmwaresm4375wcn3998sc8180xp-adwcd9371_firmwarewcn3950qcn6024_firmwaresm4125immersive_home_316_platform_firmwaresm6375_firmwarewcn3660bsd460_firmwaresm4250-aasnapdragon_636_mobile_platformwcn3998_firmwareqca8081_firmwareqca6420qca9986snapdragon_auto_5g_modem-rf_firmwareipq8070_firmwareqca9367_firmwareipq8065ipq8078a_firmwareipq8072_firmwaresc8180xp-aa_firmwareqca0000sa8155_firmwarerobotics_rb3_platform_firmwareipq8068qca6430snapdragon_630_mobile_platformwcd9340snapdragon_808_processorqca6698aq_firmwaresnapdragon_808_processor_firmwarewcn685x-1_firmwaremdm9250_firmwareqca9888_firmwareqcn6122sm8150_firmwaresnapdragon_810_processor_firmwareqca6696_firmwarewcd9371sc8180x-abqcn5154_firmwaremdm8215_firmwaresm4350_firmwaresd_8cxsa8150pqca9992_firmwaresd660sm7225_firmwaresd660_firmwareqcn5121qcn5022_firmwarewcn6750_firmwareqcn7606_firmwaresm6125_firmwareimmersive_home_216_platform_firmwareqca4010_firmwaresnapdragon_675_mobile_platform_firmwareqca6428_firmwaresm6375qca9985_firmwarewcn3991ipq4018_firmwareqca4531_firmwareqca9980_firmwareipq8078ipq8173sd670_firmwareqca6574csr8811_firmwarewcd9380qcs410qcn5024qca9379_firmwaresc8180xp-ad_firmwareqca9985qcn9012_firmwareipq6018_firmwareqcm4325_firmwarewcd9340_firmwarewsa8815sm6150-ac_firmwareqca6584_firmwaresnapdragon_630_mobile_platform_firmwaremdm9215_firmwareipq6028ipq8064sd835snapdragon_821_mobile_platformqca1990wcn3980_firmwaresd730sc7180-ac_firmwaresm6350qcn5064_firmwareqcs4490_firmwareapq8064au_firmwareipq8078_firmwareqcn5054qca9994sm6350_firmwareqca9980sd670qcn9024_firmwareipq8174_firmwaresmart_audio_200_platform_firmwareqcm4290_firmwareqcn7605_firmwaresw5100p_firmwareqcs610_firmwaresa6145pqca9886_firmwarear8031immersive_home_214_platformqca1023_firmwaresd820_firmwareqca6391_firmwaresa4150p_firmwareqca4024wcd9370_firmwaresdx55qcn5021_firmwarecsra6640snapdragon_x20_lte_modemqca9379sa4155pqcn7606wsa8830qca9561sdm712_firmwaresnapdragon_850_mobile_compute_platformsnapdragon_x24_lte_modem_firmwarecsrb31024mdm9628_firmwaremdm9650qca9992qcs4290snapdragon_x20_lte_modem_firmwaremdm9250qca6420_firmwaresc7180-acsnapdragon_auto_4g_modem_firmwaremdm9310_firmwaresd675_firmwareipq8072qca6564wcn3990_firmwareqca9984_firmwareqca9377qca4531wcd9385_firmwarewcd9326_firmwarewcn3615_firmwareipq8074aqca9982apq8094sa8155snapdragon_x55_5g_modem-rf_systemqca6584snapdragon_835_mobile_pc_platform_firmwareqcn5122_firmwaresdx55_firmwarewcn3615qcn6023_firmwaresm7250p_firmwarewcn3610_firmwareqca6584auqfe1952sm6225ipq8174qcn5052qca9367apq8092wcn3988_firmwareqcn9074sm7250-aasa8195psxr1120sdm710_firmwaresm4375_firmwarewcd9326wcd9335qca9982_firmwareqcm4490qcn6023qcs4290_firmwaresm7150-abqca6390qca9898_firmwarewcd9375aqt1000sc8180x\+sdx55_firmwaresm6250_firmwaresnapdragon_662_mobile_platformapq8092_firmwareipq5010_firmwareipq8074a_firmwaresm8150wsa8815_firmwaresnapdragon_636_mobile_platform_firmwareapq8017sxr1120_firmwareqcm6125_firmwaresnapdragon_x5_lte_modemqca9882qca6595ipq8065_firmwareqcn5154qca8075_firmwaresc8180xp-acsmart_audio_400_platformipq6005_firmwarewcn685x-5_firmwareqcn6132_firmwaresdm670_firmwareqca9888qca6310_firmwareapq8094_firmwareipq8070a_firmwaremdm9615qca6574_firmwareqca9886qca6175aqca6574a_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaremdm9310snapdragon_auto_4g_modemcsrb31024_firmwarewsa8832_firmwaresnapdragon_xr1_platformqcn9070_firmwarewcn685x-5ipq6028_firmwareipq8072a_firmwareqca9531sc8180xp-af_firmwareqca9889_firmwareqcn5122mdm9645_firmwaresdx20m_firmwaresm7250-aa_firmwaresc8180x-aa_firmwaresm8150-ac_firmwareqcn5022sc8180x-aaqca6564_firmwaresc8180x-af_firmwaresm6150-acsnapdragon_x50_5g_modem-rf_systemqca8075qcn6024qcn9022mdm9615_firmwareipq6000_firmwareqcs410_firmwareqca6175a_firmwaresdm660_firmwaresa6150p_firmwareqcs610qcn5550sc8180x-ab_firmwarewcd9360_firmwaresnapdragon_820_automotive_platform_firmwareqca9561_firmwareqca4024_firmwareimmersive_home_318_platform_firmwareipq8078aipq5028_firmwaresa8150p_firmwareqcs2290qca6335sdm712qcn5064sdm670csra6620_firmwaresd_675_firmwarecsra6640_firmwarewcn685x-1qca6554a_firmwareipq8076amdm9628sm7150-acqca6428qca6574au_firmwareqcn5164_firmwareipq8071wcd9375_firmwaresa6155_firmwaresm6225-adwcd9360sdx20mqca6438_firmwaresc8180xp-afsmart_audio_400_platform_firmwarewcn3999sm6225-ad_firmwareipq5028qca7500ipq4029_firmwareqca6698aqqcs6125sa4155p_firmwareipq6010sd662_firmwaresm7250-ab_firmwarerobotics_rb3_platformqcn6132snapdragon_820_mobile_platformqca1990_firmwaresw5100home_hub_100_platform_firmwaresa6155pwcd9341ipq8068_firmwaresc8180xp-ab_firmwaresnapdragon_x12_lte_modemwcn3910_firmwareqfe1922wsa8830_firmwaresd855_firmwarewcn3988qca6438sm4250-aa_firmwaresa8195p_firmwareqca9898ipq4028wcn3610mdm9640wcd9380_firmwareipq8072aqca7500_firmwaresw5100pmsm8996au_firmwarewcd9330ipq8076a_firmwaresnapdragon_w5\+_gen_1_wearable_platformqca6564auqcn5164qca9558sc8180xp-aaqcn5054_firmwareipq4019_firmwaresm7150-aa_firmwaresc8180x-ac_firmwareqca6174qca6430_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980qca6335_firmwaresm7225wcn3910qca6320mdm9650_firmwareqca9986_firmwaresm4450wcn3660b_firmwareqca9984sc8180x-adqcn9024qcn5550_firmwarewcd9330_firmwareipq8064_firmwaresm7150-aasnapdragon_820_automotive_platformsnapdragon_x50_5g_modem-rf_system_firmwaresm7125smart_audio_200_platformsd821_firmwaresnapdragon_652_mobile_platformar8031_firmwaresm7150-ab_firmwareipq8070sdm660qca9887_firmwaresdm710qca6564a_firmwareqca9880snapdragon_x24_lte_modemqcn5121_firmwaresc8180xp-ac_firmwarewsa8832snapdragon_810_processoripq6018qcs4490qca6595_firmwaresa8145pimmersive_home_214_platform_firmwaresm4350-ac_firmwaresa8155psd675qca9531_firmwarear8035_firmwareqcm2290qcn5024_firmwarewcn3991_firmwaresnapdragon_662_mobile_platform_firmwareqcn9070sa8145p_firmwaresm6125qcs2290_firmwarecsra6620qcn9072sm7250-ac_firmwareqca9880_firmwareqca6390_firmwareipq8069_firmwareipq6000qca6174_firmwaresd730_firmwarewcd9370qcn5152_firmwareqca0000_firmwareqca6584au_firmwareapq8076_firmwareqcn9000_firmwaresd_8cx_firmwareqcn7605immersive_home_216_platformimmersive_home_316_platformimmersive_home_318_platformsd662qcn5124_firmwareqfe1952_firmwareqca6320_firmwarewcn3680b_firmwareqca6595auwcn3999_firmwaresm4350-acsnapdragon_w5\+_gen_1_wearable_platform_firmwareipq5010qca6564au_firmwaresa6155p_firmwareqca6310snapdragon_821_mobile_platform_firmwareqca9990snapdragon_x5_lte_modem_firmwaresd821vision_intelligence_300_platform_firmwaresa6145p_firmwaresm6250apq8017_firmwarewsa8810_firmwarevision_intelligence_400_platformsc7180-adqca4010sg4150pqca8081ipq8071aqca6174a_firmwareipq8071a_firmwarewcd9385snapdragon_x12_lte_modem_firmwaresc8180x-acar8035csr8811apq8064auipq4019qcn9100_firmwarevision_intelligence_400_platform_firmwaresd820wsa8835_firmwareqca6564asa4150psg4150p_firmwareqcm4325qcm2290_firmwaresnapdragon_845_mobile_platformwcn3990qcn9000sd_675qca6554aar9380_firmwaresnapdragon_835_mobile_pc_platformsm8150-acqcn9012qca9558_firmwareqcn6122_firmwarewsa8835msm8996ausc7180-ad_firmwaresnapdragon_auto_5g_modem-rfsm6250pipq4018qca6574aqca9889qca6174asc8180x-afipq8074wcn6750qca9994_firmwareipq8076_firmwaresm7150-ac_firmwaresm7250-absd855sm4125_firmwareipq8076qfe1922_firmwareqca9887qcn5021ipq8069qcn5152vision_intelligence_300_platformsd460qca6391ipq6005aqt1000_firmwareqcn9100qcm4490_firmwaresnapdragon_845_mobile_platform_firmwareqcm4290qca9882_firmwaremdm9215sd_455sm6225_firmwareipq8074_firmwareqca6574ausa8155p_firmwarewcd9341_firmwareqcm6125wsa8810sm7250-acwcn3680bsd835_firmwaresnapdragon_675_mobile_platformipq6010_firmwareqca6696sm4350sm7125_firmwaresa6150psc8180xp-abqcn9022_firmwareqca9990_firmwareipq8070asnapdragon_652_mobile_platform_firmwaresc8180x-ad_firmwareqcn9072_firmwaresnapdragon_820_mobile_platform_firmwaresm7250pipq8071_firmwareqcn9074_firmwaresw5100_firmwareipq4029snapdragon_xr1_platform_firmwareSnapdragon
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-33016
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.08% / 25.44%
||
7 Day CHG~0.00%
Published-02 Sep, 2024 | 10:22
Updated-03 Sep, 2024 | 14:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Restriction of Operations within the Bounds of a Memory Buffer in Storage

memory corruption when an invalid firehose patch command is invoked.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-Snapdragonqam8255p_firmwareqca9377_firmwaresnapdragon_850_mobile_compute_platform_firmwaresa6150p_firmwaresm6250p_firmware315_5g_iot_modem_firmwaresg8275p_firmwareqca6431_firmwarewcd9360_firmwareqca4024_firmwarewcn3950_firmwaresa8150p_firmwarewcn6755_firmwareqca6595au_firmwarecsra6620_firmwaresd_675_firmwarecsra6640_firmwareqcm5430_firmwareqcs6125_firmwaresnapdragon_460_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwareqep8111_firmwarewcd9371_firmwareqcn6024_firmwareqca8386_firmwaresd_8_gen1_5g_firmwareqca8084_firmwareqsm8350_firmwaresd460_firmwaresm7315_firmwaresnapdragon_429_mobile_platform_firmwaresnapdragon_695_5g_mobile_platform_firmwareqca6574au_firmwareqcn6422_firmwarewcd9375_firmwareqca8081_firmwaresa6155_firmwaresnapdragon_auto_5g_modem-rf_firmwareqca6678aq_firmwaresmart_audio_400_platform_firmwareqrb5165m_firmwarewsa8840_firmwaresa4155p_firmwareqcf8001_firmwaresa8155_firmwarerobotics_rb3_platform_firmwareqca4004_firmwaresc8380xp_firmwaresd662_firmwareqru1062_firmwarewcd9306_firmwaresa7775p_firmwareqdu1000_firmwareqca6698aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqam8775p_firmwareqca6696_firmwareipq9008_firmwareqru1052_firmwarewcn3910_firmwaresnapdragon_855_mobile_platform_firmwareqcc710_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwareqcn5022_firmwareqcn7606_firmwaresa8295p_firmwaresnapdragon_750g_5g_mobile_platform_firmwaresnapdragon_675_mobile_platform_firmwarequalcomm_video_collaboration_vc1_platform_firmwareqca8337_firmwarewcd9380_firmwaresnapdragon_778g_5g_mobile_platform_firmwaresnapdragon_670_mobile_platform_firmwaresd670_firmwareqcn6402_firmwareqdu1110_firmwarecsr8811_firmwareipq9554_firmwaresnapdragon_x72_5g_modem-rf_system_firmwaresm8635_firmwarec-v2x_9150_firmwareqca8072_firmwareqca6430_firmwareqcn5052_firmwareqcn9012_firmwareqcn9274_firmwareqfw7114_firmwaresm6370_firmwarewcd9335_firmwareqca6335_firmwareipq6018_firmwareqcm4325_firmwarewcd9340_firmwareqxm8083_firmwareqca6426_firmwarewcn3660b_firmwaresnapdragon_x62_5g_modem-rf_system_firmwareipq9574_firmwarewcn3980_firmwareimmersive_home_3210_platform_firmwaresnapdragon_x50_5g_modem-rf_system_firmwareqca6421_firmware9205_lte_modem_firmwarewcn6740_firmwareqcs4490_firmwarear8031_firmwaresa8650p_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwareqca6797aq_firmwareqdx1011_firmwareqca6564a_firmwareqcn9024_firmwaresa7255p_firmwareqcm4290_firmwareqcn5121_firmwareqcn6412_firmwareqdx1010_firmwaresw5100p_firmwareqcs610_firmwareipq5302_firmwareqamsrv1m_firmwareqca6595_firmwareqcs5430_firmwareqca6391_firmwaresnapdragon_710_mobile_platform_firmwaresa4150p_firmwarewcd9370_firmwaresm8550p_firmwarequalcomm_video_collaboration_vc5_platform_firmwaresd888_firmwareqcn5021_firmwaressg2115p_firmwareqcs8155_firmwareqam8620p_firmwareqfw7124_firmwaresnapdragon_720g_mobile_platform_firmwareqdu1210_firmwarear8035_firmwareqsm8250_firmwaretalynplus_firmwaresnapdragon_662_mobile_platform_firmwaresa8145p_firmwaresxr2230p_firmwareqcs2290_firmwaresnapdragon_x24_lte_modem_firmwareflight_rb5_5g_platform_firmwareqcn6224_firmwaresnapdragon_x20_lte_modem_firmwaremdm9205s_firmwaresrv1l_firmwaresnapdragon_888_5g_mobile_platform_firmwareqca6420_firmwaresd730_firmwaresnapdragon_auto_4g_modem_firmwaresd675_firmwareqcn5152_firmwareqca0000_firmwareqca6584au_firmwarewcn3990_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwarequalcomm_video_collaboration_vc3_platform_firmwaresd_8cx_firmwarewcd9385_firmwarewcd9326_firmwareqamsrv1h_firmwareqcn5124_firmwareqam8295p_firmwareqcn9011_firmwareqca8082_firmwareqca6320_firmwaresa9000p_firmwaresnapdragon_835_mobile_pc_platform_firmwareqcn5122_firmwaresdx55_firmwarewcn3680b_firmwarewsa8845h_firmwareqcn6023_firmwarewcn3999_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwaresnapdragon_680_4g_mobile_platform_firmwareqca6564au_firmwaresa8620p_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwaresnapdragon_x70_modem-rf_system_firmwaresa8775p_firmwareqcs8550_firmwarevision_intelligence_300_platform_firmwarewcn3988_firmwaresa6145p_firmwarefastconnect_6700_firmwarewsa8810_firmwaresnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwarewcd9395_firmwaresdx65m_firmwareqca6174a_firmwareqcs4290_firmwaresa8770p_firmwareqca8085_firmwaresnapdragon_wear_1300_platform_firmwaresxr2130_firmwareqcs6490_firmwaresnapdragon_665_mobile_platform_firmwaresm6250_firmwaresnapdragon_712_mobile_platform_firmwarevision_intelligence_400_platform_firmwarewcn3620_firmwarewsa8815_firmwarewsa8835_firmwaresxr1120_firmwaresxr2250p_firmwaresg4150p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqca6688aq_firmwareqcm6125_firmwareqcm2290_firmwarerobotics_rb5_platform_firmwaresm4635_firmwareqcf8000_firmwarewcd9378_firmwareqcs7230_firmwareqdu1010_firmwaresa8530p_firmwareimmersive_home_326_platform_firmwaresxr1230p_firmwaresdm429w_firmwaresa8540p_firmwaresnapdragon_4_gen_1_mobile_platform_firmwareqca8075_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaressg2125p_firmwareipq6005_firmwareqca6310_firmwareqca6574_firmwaresm4125_firmwaresm7325p_firmwaresdx57m_firmwareqru1032_firmwareqcn9160_firmwaresnapdragon_xr2_5g_platform_firmwarewsa8845_firmwareqca6574a_firmwarefastconnect_6200_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareaqt1000_firmwareqcm4490_firmwaresnapdragon_690_5g_mobile_platform_firmwaresnapdragon_845_mobile_platform_firmwareqcn6274_firmwaresnapdragon_x35_5g_modem-rf_system_firmwarecsrb31024_firmwareipq5300_firmwareqcm6490_firmwareipq9570_firmwareqcn9070_firmwarewsa8832_firmwaresrv1h_firmwareipq6028_firmwareqcn6432_firmwareipq5312_firmwaresa8155p_firmwareqcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwaresdx20m_firmwareipq5332_firmwaresnapdragon_8_gen_1_mobile_platform_firmwaresrv1m_firmwareqcn9013_firmwaresd835_firmwareqam8650p_firmwareqca6564_firmwareipq6010_firmwareqcn9022_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwareqcn9072_firmwareipq6000_firmwaresw5100_firmwareqcn9074_firmwareqcs410_firmwaresdx61_firmwaresnapdragon_xr1_platform_firmwareqts110_firmware
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9988
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.31% / 53.80%
||
7 Day CHG~0.00%
Published-18 Apr, 2018 | 14:00
Updated-16 Sep, 2024 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear SD 820A, IPQ4019, MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, SD 845, SD 450, and SD 850, lack of input validation for message length causes buffer over read in drm_app_encapsulate_save_keys.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_820asd_412sd_808_firmwaresd_415sd_616sd_425sd_430_firmwaremdm9607_firmwaresd_615mdm9650sd_650_firmwaresd_625sd_615_firmwaremsm8909w_firmwaremdm9607sd_210sd_820_firmwaresd_650sd_820sd_808sd_450_firmwaresd_845_firmwaresd_410sd_617sd_820a_firmwareipq4019_firmwaremdm9206sd_652sd_425_firmwaresd_212_firmwaresd_850_firmwaresd_625_firmwaresd_450sd_412_firmwaresd_845mdm9206_firmwaresd_430ipq4019sd_810sd_835_firmwaremdm9650_firmwaresd_410_firmwaresd_835sd_205sd_210_firmwaresd_415_firmwaresd_652_firmwaremsm8909wsd_810_firmwaresd_616_firmwaresd_205_firmwaresd_212sd_617_firmwareSnapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-10045
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.28% / 51.05%
||
7 Day CHG~0.00%
Published-18 Apr, 2018 | 14:00
Updated-16 Sep, 2024 | 21:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 820, and SDX20, buffer overflow vulnerability exist in Sahara boot when program header are parsing.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9635m_firmwaremdm9640_firmwaresd_412sd_400sdx20sd_415sd_616mdm9607_firmwaresd_615mdm9650mdm9655_firmwaresd_615_firmwaremsm8909w_firmwaremdm9607sd_210sd_820_firmwaresd_820mdm9625_firmwaresd_410sd_400_firmwareipq4019_firmwaremdm9206sd_212_firmwaremdm9655sd_412_firmwaremdm9635mmdm9615mdm9625mdm9206_firmwareipq4019mdm9615_firmwaremdm9650_firmwaresdx20_firmwaresd_410_firmwaresd_205sd_210_firmwaresd_415_firmwaremsm8909wsd_616_firmwaresd_205_firmwaresd_212mdm9640Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-10052
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.22% / 44.32%
||
7 Day CHG~0.00%
Published-18 Apr, 2018 | 14:00
Updated-16 Sep, 2024 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, SD 810, SD 835, and SDX20, the reserved memory of TZ subsystem (like TZ apps and some PIL image subsystem) is not cleared after being used.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9635m_firmwarefsm9055mdm9640_firmwaresd_412sd_617_firmwaresd_808_firmwaresd_400sdx20sd_415sd_616mdm9607_firmwaresd_615mdm9655_firmwaremdm9650sd_650_firmwaresd_615_firmwaremsm8909w_firmwaremdm9607sd_210mdm9645mdm9645_firmwaresd_650mdm9625_firmwaresd_808fsm9055_firmwaresd_800sd_410sd_617sd_400_firmwareipq4019_firmwaremdm9206sd_652sd_212_firmwaresd_800_firmwaremdm9655sd_412_firmwaremdm9635mmdm9625mdm9206_firmwareipq4019sd_810sd_835_firmwaremdm9650_firmwaresdx20_firmwaresd_410_firmwaresd_835sd_205sd_210_firmwaresd_415_firmwaresd_652_firmwaremsm8909wsd_810_firmwaresd_616_firmwaresd_205_firmwaresd_212mdm9640Snapdragon Mobile, Snapdragon Wear, Small Cell SoC
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-10043
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.23% / 45.47%
||
7 Day CHG~0.00%
Published-18 Apr, 2018 | 14:00
Updated-17 Sep, 2024 | 03:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, and SD 800, while reading PlayReady rights string information from command buffer (which is sent from non-secure side), if length of rights string is very large, a buffer over read occurs, exposing TZ App memory to non-secure side.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_212_firmwaresd_800_firmwaresd_412sd_412_firmwaresd_400sd_210msm8909w_firmwaresd_410_firmwaresd_205sd_800sd_210_firmwaresd_410msm8909wsd_400_firmwaresd_205_firmwaresd_212Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-13914
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.10% / 28.65%
||
7 Day CHG~0.00%
Published-25 Feb, 2019 | 23:00
Updated-05 Aug, 2024 | 09:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of input validation for data received from user space can lead to an out of bound array issue in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in version MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 636, SD 820A, SD 835, SDM630, SDM660, SDX20.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_consumer_internet_of_things_firmwaremdm9150_firmwaresd_820amsm8996au_firmwaresdx20sdm660sdm630mdm9607_firmwaremdm9650sd_636msm8909w_firmwaremdm9607msm8996ausd_210sd_212sd_636_firmwaresd_820a_firmwaremdm9150mdm9206snapdragon_industrial_internet_of_things_firmwaresd_212_firmwaresnapdragon_auto_firmwaresdm630_firmwaresnapdragon_consumer_internet_of_thingsmdm9206_firmwaresnapdragon_autosd_835_firmwaremdm9650_firmwaresdx20_firmwaresd_835sd_205sd_210_firmwaremsm8909wsd_205_firmwaresdm660_firmwaresnapdragon_industrial_internet_of_thingsSnapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-10056
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.23% / 46.18%
||
7 Day CHG~0.00%
Published-18 Apr, 2018 | 14:00
Updated-16 Sep, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, A buffer overflow can potentially occur in any OpenCL application that calls clBuildProgram() with a device of type CL_DEVICE_TYPE_CPU in its device_list argument.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_212_firmwaresd_210sd_205sd_210_firmwaresd_205_firmwaresd_212Snapdragon Mobile
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-13907
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.39% / 58.92%
||
7 Day CHG~0.00%
Published-14 Jun, 2019 | 17:02
Updated-05 Aug, 2024 | 09:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While deserializing any key blob during key operations, buffer overflow could occur, exposing partial key information if any key operations are invoked in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8074, MDM9150, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCA8081, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632mdm9635m_firmwaremdm9640_firmwaresd_820amsm8996au_firmwaresd_439sd_670_firmwaresd_429sdm439mdm9650sd_636sd_615_firmwaresnapdragon_high_med_2016_firmwaremsm8909w_firmwaremsm8996ausd_820sd_650sd_450_firmwaresd_845_firmwaresd_410sd_820a_firmwareqcs605_firmwaremdm9206sd_652sd_425_firmwaresd_625_firmwareipq8074sd_450mdm9635msd_8cx_firmwaresd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sxr1130_firmwaresd_210_firmwaresd_415_firmwaresd_652_firmwareqca8081_firmwaresxr1130msm8909wsd_616_firmwaresd_205_firmwaresd_415sd_212sd_650_firmwaresd_427_firmwaresd_712sd_855sd_412qualcomm_215sdx20sd_616sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435mdm9655_firmwaresd_615sd_710_firmwareqcs405sdm630sd_625ipq8074_firmwaresd_820_firmwaresd_210mdm9607sd_636_firmwaresd_439_firmwarepq4019qca8081qualcomm_215_firmwaremdm9150sd_429_firmwaresnapdragon_high_med_2016sd_212_firmwarepq4019_firmwaresd_850_firmwaremdm9655sdm439_firmwareqcs405_firmwaresd_712_firmwaresd_412_firmwaresd_855_firmwaresdm630_firmwaresda660_firmwaresd_8cxsd_430sd_427sd_670sd_435_firmwaresdx20_firmwaresd_710sd_410_firmwaresd_205sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-13888
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 30.16%
||
7 Day CHG~0.00%
Published-11 Feb, 2019 | 15:00
Updated-05 Aug, 2024 | 09:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is potential for memory corruption in the RIL daemon due to de reference of memory outside the allocated array length in RIL in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in versions MDM9206, MDM9607, MDM9635M, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDM439, SDM630, SDM660, ZZ_QCS605.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9635m_firmwaresd_820asd_675sd_439sd_670_firmwaresd_429sdm439mdm9650sd_636msm8909w_firmwaresd_650sd_450_firmwaresd_845_firmwaresd_820a_firmwaresd_675_firmwaremdm9206sd_652sd_425_firmwaresd_625_firmwaresd_450mdm9635msd_845mdm9206_firmwaresd_835_firmwaremdm9650_firmwaresd_835sd_210_firmwaresd_652_firmwaremsm8909wsd_205_firmwaresd_650_firmwaresd_212sd_427_firmwaresd_712sd_855zz_qcs605_firmwarezz_qcs605sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_710_firmwaresdm630sd_625sd_210mdm9607sd_636_firmwaresd_439_firmwaresd_429_firmwaresd_212_firmwaresd_850_firmwaresdm439_firmwaresd_712_firmwaresdm630_firmwaresd_427sd_430sd_670sd_435_firmwaresd_710sd_205sdm660_firmwaresd_855_firmwareSnapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-18124
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 6.68%
||
7 Day CHG~0.00%
Published-26 Oct, 2018 | 13:00
Updated-05 Aug, 2024 | 21:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

During secure boot, addition is performed on uint8 ptrs which led to overflow issue in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDX20

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9635m_firmwaremdm9640_firmwaresd_820amsm8996au_firmwaremdm9650sd_615_firmwaremsm8909w_firmwaremsm8996aumdm9645sd_650sd_820sd_450_firmwaresd_845_firmwaresd_410sd_820a_firmwareipq4019_firmwaremdm9206sd_652sd_425_firmwaresd_800_firmwaresd_625_firmwaresd_450mdm9635msd_845mdm9206_firmwaremdm9640sd_835_firmwaremdm9650_firmwaresd_835sda660sd_210_firmwaresd_415_firmwaresd_652_firmwaremsm8909wsd_616_firmwaresd_205_firmwaresd_415sd_650_firmwaresd_212fsm9055sd_412sdx20sd_616sd_425sd_430_firmwaremdm9607_firmwaresd_615mdm9655_firmwaresd_625sd_210mdm9607sd_820_firmwaremdm9645_firmwaremdm9625_firmwarefsm9055_firmwaresd_800sd_617sd_212_firmwaresd_850_firmwaremdm9655sd_412_firmwaresda660_firmwaremdm9625sd_430ipq4019sd_810sdx20_firmwaresd_410_firmwaresd_205sd_810_firmwaresd_617_firmwareSmall Cell SoC, Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2013-4738
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.11% / 30.26%
||
7 Day CHG~0.00%
Published-03 Feb, 2014 | 02:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple stack-based buffer overflows in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to gain privileges via (1) a crafted VIDIOC_MSM_VPE_DEQUEUE_STREAM_BUFF_INFO ioctl call, related to drivers/media/platform/msm/camera_v2/pproc/vpe/msm_vpe.c, or (2) a crafted VIDIOC_MSM_CPP_DEQUEUE_STREAM_BUFF_INFO ioctl call, related to drivers/media/platform/msm/camera_v2/pproc/cpp/msm_cpp.c.

Action-Not Available
Vendor-codeauroran/aQualcomm Technologies, Inc.
Product-quic_mobile_station_modem_kernelandroid-msmn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2024-23356
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.29%
||
7 Day CHG~0.00%
Published-05 Aug, 2024 | 14:21
Updated-26 Nov, 2024 | 16:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Restriction of Operations within the Bounds of a Memory Buffer in HLOS

Memory corruption during session sign renewal request calls in HLOS.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qam8255p_firmwaresnapdragon_8_gen_1_mobile_platformsa6150p_firmwareqca8337qfw7124sg8275p_firmwareqca6431_firmwareqam8775pqamsrv1mqru1052snapdragon_888_5g_mobile_platformwsa8840wcn3950_firmwaresa8150p_firmwareqcs2290qca6595au_firmwaresa6155snapdragon_480_5g_mobile_platformvideo_collaboration_vc3_platformsnapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)_firmwarecsra6620_firmwarecsra6640_firmwaresnapdragon_460_mobile_platform_firmwareqcs6125_firmwareqcm5430_firmwaresnapdragon_480_5g_mobile_platform_firmwareqep8111_firmwareqam8295pwcn3950sm4125qcn6024_firmwaresd_8_gen1_5g_firmwareqsm8350_firmwaresnapdragon_460_mobile_platformqsm8350qca6688aqsm7315_firmwaresnapdragon_695_5g_mobile_platform_firmwareqca6574au_firmwarewcd9375_firmwareqca8081_firmwaresa6155_firmwareqca6420snapdragon_xr2\+_gen_1_platformsnapdragon_auto_5g_modem-rf_firmwaresnapdragon_855\+\/860_mobile_platform_\(sm8150-ac\)_firmwareqca6678aq_firmwarewcn3999smart_audio_400_platform_firmwarewsa8840_firmwaresa4155p_firmwareqcs6125qca6698aqsa8155_firmwaresc8380xp_firmwareqca6430qru1062_firmwaresa7775p_firmwaresnapdragon_8\+_gen_1_mobile_platformwcd9340snapdragon_720g_mobile_platformsnapdragon_8cx_gen_3_compute_platform_\(sc8280xp-ab\)_firmwaresnapdragon_870_5g_mobile_platform_\(sm8250-ac\)sw5100snapdragon_780g_5g_mobile_platformqca6436sa6155pqdu1000_firmwaresnapdragon_690_5g_mobile_platformqca6698aq_firmwaresxr2250psnapdragon_480\+_5g_mobile_platform_\(sm4350-ac\)snapdragon_auto_5g_modem-rf_gen_2_firmwarewcd9341sa8255pqam8775p_firmwareqca6431qca6696_firmwareqca6797aqqru1052_firmwarewcn3910_firmwaresnapdragon_855_mobile_platform_firmwaresa8150pqcc710_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewcn3988snapdragon_780g_5g_mobile_platform_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwareqcn7606_firmwaresa8295p_firmwaresa8770psnapdragon_750g_5g_mobile_platform_firmwaresnapdragon_675_mobile_platform_firmwaresnapdragon_778g\+_5g_mobile_platform_\(sm7325-ae\)wcd9380_firmwareqca8337_firmwaressg2125psnapdragon_778g_5g_mobile_platform_firmwaresw5100psnapdragon_730_mobile_platform_\(sm7150-aa\)snapdragon_765_5g_mobile_platform_\(sm7250-aa\)snapdragon_w5\+_gen_1_wearable_platformqcm8550snapdragon_670_mobile_platform_firmwaresnapdragon_870_5g_mobile_platform_\(sm8250-ac\)_firmwaresd670_firmwareqca6574snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-bb\)_firmwareqdu1110_firmwaresnapdragon_7c\+_gen_3_computewcd9380snapdragon_x72_5g_modem-rf_system_firmwarefastconnect_6700snapdragon_782g_mobile_platform_\(sm7325-af\)sxr1230psnapdragon_480\+_5g_mobile_platform_\(sm4350-ac\)_firmwarevideo_collaboration_vc3_platform_firmwarec-v2x_9150_firmwaresg8275pwcn3980snapdragon_765g_5g_mobile_platform_\(sm7250-ab\)_firmwaresnapdragon_678_mobile_platform_\(sm6150-ac\)wcd9335_firmwaresm6370_firmwareqfw7114_firmwareqca6430_firmwarewsa8845qcm4325_firmwarewcd9340_firmwarewsa8815wcn3910snapdragon_4_gen_1_mobile_platformqca6426_firmwaresc8380xpsnapdragon_670_mobile_platformsnapdragon_x62_5g_modem-rf_system_firmwareqcn9024wcn3980_firmwaresd730snapdragon_xr2\+_gen_1_platform_firmwaresnapdragon_x50_5g_modem-rf_system_firmwaresa8295pqca6421_firmwarewcn6740_firmwareqcs4490_firmwaresnapdragon_xr2_5g_platformsnapdragon_x65_5g_modem-rf_systemqca6678aqar8031_firmwaresa8650p_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900fastconnect_6900_firmwaresnapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)qdu1010qca6797aq_firmwaresnapdragon_778g\+_5g_mobile_platform_\(sm7325-ae\)_firmwaresrv1lsd670qdx1011_firmwareqcn9024_firmwaresa7255p_firmwaresnapdragon_730g_mobile_platform_\(sm7150-ab\)_firmwaresnapdragon_8\+_gen_2_mobile_platformqcm4290_firmwaresa8620pwsa8832qdx1010_firmwaresw5100p_firmwaresa8540pqamsrv1m_firmwaresa6145pqcm5430snapdragon_678_mobile_platform_\(sm6150-ac\)_firmwareqcc710ar8031qcs4490qca6595_firmwarewcd9395sa8145psnapdragon_750g_5g_mobile_platformqcs5430_firmwareqca6391_firmwaresnapdragon_710_mobile_platform_firmwaresa4150p_firmwarewcd9370_firmwaresm8550p_firmwareqdx1010sd888_firmwaresa8155pcsra6640snapdragon_695_5g_mobile_platformvideo_collaboration_vc1_platformsrv1mssg2115p_firmwareqam8620p_firmwareqfw7124_firmwareqam8255psa4155pqdu1210_firmwaresnapdragon_685_4g_mobile_platform_\(sm6225-ad\)snapdragon_782g_mobile_platform_\(sm7325-af\)_firmwareqep8111qcn7606snapdragon_720g_mobile_platform_firmwaresnapdragon_855_mobile_platformqcm2290ar8035_firmwaretalynplus_firmwarewsa8830snapdragon_662_mobile_platform_firmwaresxr2230p_firmwaresa8145p_firmwareqcs2290_firmwareqam8650psnapdragon_865_5g_mobile_platformcsra6620qcn6224_firmwareqcs4290srv1l_firmwaresnapdragon_888_5g_mobile_platform_firmwareqca6420_firmwaresnapdragon_auto_4g_modem_firmwaresd730_firmwarewcd9370ssg2115pqca6426qdu1110wcn3990_firmwareqca6584au_firmwaresnapdragon_8_gen_2_mobile_platformqamsrv1hsa8530pwcd9385_firmwarewcd9326_firmwarefastconnect_6200talynplusqamsrv1h_firmwareqam8295p_firmwaresa8155snapdragon_x55_5g_modem-rf_systemsa9000p_firmwaresnapdragon_778g_5g_mobile_platformsnapdragon_4_gen_2_mobile_platformsa7255pwsa8845h_firmwaresnapdragon_8_gen_3_mobile_platformwcn3999_firmwareqfw7114sm7250p_firmwareqca6595auqca6436_firmwaresnapdragon_680_4g_mobile_platform_firmwaresnapdragon_w5\+_gen_1_wearable_platform_firmwareqca6584ausa8620p_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwaresnapdragon_x72_5g_modem-rf_systemsa8775p_firmwareqcs6490qcs8550_firmwarewcn3988_firmwareqcn9074srv1hsa6145p_firmwareqca6421sm6250c-v2x_9150fastconnect_6700_firmwaresa8195psxr1120wsa8810_firmwareqcn6224wsa8845hsnapdragon_x62_5g_modem-rf_systemwcd9395_firmwarewcd9335wcd9326snapdragon_x75_5g_modem-rf_systemsnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwaresnapdragon_8cx_gen_3_compute_platform_\(sc8280xp-ab\)sg4150pqca8081snapdragon_auto_5g_modem-rf_gen_2qcm4490snapdragon_x35_5g_modem-rf_systemsa7775pqcs5430qca6174a_firmwareqam8620pqcs4290_firmwaresa8770p_firmwaresxr2130_firmwarewcd9385qcs6490_firmwaresnapdragon_665_mobile_platform_firmwarear8035wcd9375aqt1000snapdragon_768g_5g_mobile_platform_\(sm7250-ac\)sm6250_firmwarewcd9390snapdragon_662_mobile_platformwsa8815_firmwareqcm6490wsa8835_firmwaresxr1120_firmwaresxr2250p_firmwaresnapdragon_730g_mobile_platform_\(sm7150-ab\)snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-bb\)sg4150p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwaresa4150pqcm6125_firmwareqca6688aq_firmwareqcm4325qcm2290_firmwarewcn3990snapdragon_732g_mobile_platform_\(sm7150-ac\)sd865_5gfastconnect_6800qca6595qru1032qdu1010_firmwaresd888sa8530p_firmwareqdx1011qdu1000wsa8835sxr1230p_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwaresa8540p_firmwaresnapdragon_auto_5g_modem-rfqcn6274sd_8_gen1_5gsnapdragon_685_4g_mobile_platform_\(sm6225-ad\)_firmwaresnapdragon_730_mobile_platform_\(sm7150-aa\)_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaresxr2130snapdragon_4_gen_2_mobile_platform_firmwaressg2125p_firmwaresmart_audio_400_platformqca6574aqca6174asm7325pqru1062sa8650psa9000pqca6574_firmwaresm4125_firmwaresd855sm7325p_firmwaresxr2230pwsa8845_firmwaresnapdragon_xr2_5g_platform_firmwareqru1032_firmwaresnapdragon_665_mobile_platformsa8775pqca6574a_firmwaresnapdragon_768g_5g_mobile_platform_\(sm7250-ac\)_firmwarefastconnect_6200_firmwaresnapdragon_765g_5g_mobile_platform_\(sm7250-ab\)snapdragon_x55_5g_modem-rf_system_firmwaresm7315qca6391snapdragon_710_mobile_platformsnapdragon_888\+_5g_mobile_platform_\(sm8350-ac\)fastconnect_7800aqt1000_firmwaresnapdragon_x35_5g_modem-rf_system_firmwaresnapdragon_690_5g_mobile_platform_firmwareqcm4490_firmwareqcn6274_firmwaresnapdragon_auto_4g_modemqcm4290qcm6490_firmwarewsa8832_firmwaresnapdragon_xr1_platformsrv1h_firmwaresnapdragon_765_5g_mobile_platform_\(sm7250-aa\)_firmwarevideo_collaboration_vc1_platform_firmwareqca6574ausnapdragon_888\+_5g_mobile_platform_\(sm8350-ac\)_firmwaresa8155p_firmwarewcd9341_firmwareqcm6125wsa8810fastconnect_7800_firmwaresnapdragon_8_gen_1_mobile_platform_firmwaresm8550psnapdragon_680_4g_mobile_platformsm6370srv1m_firmwaresnapdragon_ar2_gen_1_platformqam8650p_firmwaresnapdragon_675_mobile_platformwcn6740qca6696qcs8550snapdragon_x50_5g_modem-rf_systemsa6150psnapdragon_8_gen_3_mobile_platform_firmwaresnapdragon_732g_mobile_platform_\(sm7150-ac\)_firmwarewcd9390_firmwareqcn6024qdu1210sm7250psnapdragon_8\+_gen_1_mobile_platform_firmwaresw5100_firmwaresnapdragon_855\+\/860_mobile_platform_\(sm8150-ac\)qcn9074_firmwaresnapdragon_xr1_platform_firmwareSnapdragonqam8255p_firmwaretalynplus_firmwaresnapdragon_662_mobile_platform_firmwaresa6150p_firmwaresa8145p_firmwaresxr2230p_firmwareqcs2290_firmwaresg8275p_firmwareqca6431_firmwareqcn6224_firmwarewcn3950_firmwaresrv1l_firmwaresnapdragon_888_5g_mobile_platform_firmwaresa8150p_firmwareqca6420_firmwareqca6595au_firmwaresd730_firmwaresnapdragon_auto_4g_modem_firmwarecsra6620_firmwarecsra6640_firmwareqcm5430_firmwareqcs6125_firmwaresnapdragon_460_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwareqca6584au_firmwareqep8111_firmwarewcn3990_firmwarequalcomm_video_collaboration_vc3_platform_firmwarewcd9385_firmwareqcn6024_firmwarewcd9326_firmwareqamsrv1h_firmwaresd_8_gen1_5g_firmwareqsm8350_firmwareqam8295p_firmwaresa9000p_firmwaresm7315_firmwaresnapdragon_695_5g_mobile_platform_firmwareqca6574au_firmwarewcd9375_firmwareqca8081_firmwaresa6155_firmwarewcn3999_firmwaresm7250p_firmwarewsa8845h_firmwareqca6436_firmwaresnapdragon_680_4g_mobile_platform_firmwaresa8620p_firmwaresa6155p_firmwaresnapdragon_auto_5g_modem-rf_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareqca6678aq_firmwaresmart_audio_400_platform_firmwaresa8775p_firmwarewsa8840_firmwaresa4155p_firmwaresa8155_firmwareqcs8550_firmwaresc8380xp_firmwarewcn3988_firmwareqru1062_firmwaresa6145p_firmwaresa7775p_firmwarefastconnect_6700_firmwarewsa8810_firmwaresnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwarewcd9395_firmwareqdu1000_firmwareqca6698aq_firmwareqca6174a_firmwareqcs4290_firmwaresa8770p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqam8775p_firmwaresxr2130_firmwareqca6696_firmwareqcs6490_firmwaresnapdragon_665_mobile_platform_firmwareqru1052_firmwarewcn3910_firmwaresnapdragon_855_mobile_platform_firmwaresm6250_firmwareqcc710_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewsa8815_firmwarewsa8835_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwaresxr1120_firmwareqcn7606_firmwaresa8295p_firmwaresxr2250p_firmwaresg4150p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqca6688aq_firmwareqcm6125_firmwaresnapdragon_675_mobile_platform_firmwareqcm2290_firmwaresnapdragon_750g_5g_mobile_platform_firmwarequalcomm_video_collaboration_vc1_platform_firmwareqca8337_firmwarewcd9380_firmwaresnapdragon_778g_5g_mobile_platform_firmwareqdu1010_firmwaresnapdragon_670_mobile_platform_firmwaresa8530p_firmwaresd670_firmwaresxr1230p_firmwareqdu1110_firmwaresa8540p_firmwaresnapdragon_x72_5g_modem-rf_system_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaressg2125p_firmwarec-v2x_9150_firmwareqca6430_firmwaresm6370_firmwareqfw7114_firmwarewcd9335_firmwareqcm4325_firmwareqca6574_firmwarewcd9340_firmwaresm4125_firmwaresm7325p_firmwareqru1032_firmwaresnapdragon_xr2_5g_platform_firmwarewsa8845_firmwareqca6426_firmwareqca6574a_firmwarefastconnect_6200_firmwaresnapdragon_x62_5g_modem-rf_system_firmwarewcn3980_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresnapdragon_x50_5g_modem-rf_system_firmwareqca6421_firmwareaqt1000_firmwarewcn6740_firmwareqcm4490_firmwaresnapdragon_690_5g_mobile_platform_firmwaresnapdragon_x35_5g_modem-rf_system_firmwareqcn6274_firmwareqcs4490_firmwarear8031_firmwareqcm6490_firmwaresa8650p_firmwarewsa8832_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwaresrv1h_firmwareqca6797aq_firmwaresa8155p_firmwareqdx1011_firmwareqcn9024_firmwaresa7255p_firmwarewcd9341_firmwarefastconnect_7800_firmwareqcm4290_firmwareqdx1010_firmwaresw5100p_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqamsrv1m_firmwaresrv1m_firmwareqam8650p_firmwareqca6595_firmwaresnapdragon_720g_mobile_platform_firmwareqcs5430_firmwareqca6391_firmwaresnapdragon_710_mobile_platform_firmwaresa4150p_firmwarewcd9370_firmwaresm8550p_firmwaresd888_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwaressg2115p_firmwaresw5100_firmwareqcn9074_firmwareqam8620p_firmwareqfw7124_firmwareqdu1210_firmwarear8035_firmwaresnapdragon_xr1_platform_firmware
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-11940
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.27% / 49.77%
||
7 Day CHG~0.00%
Published-24 May, 2019 | 16:36
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of check in length before using memcpy in WLAN function can lead to OOB access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCS605, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_712sd_850mdm9150_firmwaresd_855mdm9640_firmwaresd_820amsm8996au_firmwaresdx20sd_670_firmwaresdm660sdx24sdm630mdm9607_firmwaresd_710_firmwaresd_636mdm9650sd_625sd_820_firmwaremdm9607msm8996ausd_636_firmwaresd_820sd_845_firmwaresd_820a_firmwaremdm9150qcs605_firmwaremdm9206sd_850_firmwaresdx24_firmwaresd_625_firmwaresd_855_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_845mdm9206_firmwareqcs605sd_670sd_835_firmwaremdm9650_firmwaresd_710sdx20_firmwaresd_835sda660sxr1130_firmwaresxr1130sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-11880
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.73%
||
7 Day CHG~0.00%
Published-29 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect bound check can lead to potential buffer overwrite in WLAN function in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_835_firmwaresd_850_firmwaresd_835sda660sd_845_firmwaresda660_firmwaresd_845Snapdragon Mobile
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-11850
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.04%
||
7 Day CHG~0.00%
Published-26 Oct, 2018 | 13:00
Updated-05 Aug, 2024 | 08:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of check on remaining length parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9379, SD 210/SD 212/SD 205, SD 425, SD 625, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDX20

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwareqca6584ausd_850mdm9640_firmwaresd_820amsm8996au_firmwaresdx20sd_425mdm9607_firmwaremdm9650sd_625qca6574ausd_210mdm9607msm8996ausd_820_firmwaresd_820sd_845_firmwaresd_820a_firmwaremdm9206qca6174a_firmwareqca6174aqca9379_firmwaresd_212_firmwaresd_425_firmwaresd_850_firmwareqca6584au_firmwaresd_625_firmwareqca9377sda660_firmwaresd_845mdm9206_firmwareqca6584_firmwaresd_810sd_835_firmwaremdm9650_firmwaresdx20_firmwaresd_835qca6584qca6574au_firmwaresd_205sd_210_firmwaresda660qca9379sd_810_firmwaresd_205_firmwaresd_212mdm9640Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-11874
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.43%
||
7 Day CHG~0.00%
Published-29 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow if the length of passphrase is more than 32 when setting up secure NDP connection in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_835_firmwaresd_850_firmwaresd_835sda660sd_845_firmwaresda660_firmwaresd_845Snapdragon Mobile
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-11867
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.96%
||
7 Day CHG~0.00%
Published-29 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of buffer length check before copying in WLAN function while processing FIPS event, can lead to a buffer overflow in Snapdragon Mobile in version SD 845.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_845sd_845_firmwareSnapdragon Mobile
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 33
  • 34
  • Next
Details not found