Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2014-10039

Summary
Assigner-qualcomm
Assigner Org ID-2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At-18 Apr, 2018 | 14:00
Updated At-17 Sep, 2024 | 00:30
Rejected At-
Credits

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, SD 400, and SD 800, calling qsee_app_entry_return() without first calling qsee_app_entry() will cause the stack to be restored to an older state resulting in a return to an unexpected location.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:qualcomm
Assigner Org ID:2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At:18 Apr, 2018 | 14:00
Updated At:17 Sep, 2024 | 00:30
Rejected At:
â–¼CVE Numbering Authority (CNA)

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, SD 400, and SD 800, calling qsee_app_entry_return() without first calling qsee_app_entry() will cause the stack to be restored to an older state resulting in a return to an unexpected location.

Affected Products
Vendor
Qualcomm Technologies, Inc.Qualcomm, Inc.
Product
Snapdragon Mobile
Versions
Affected
  • MDM9625, SD 400, SD 800
Problem Types
TypeCWE IDDescription
textN/ALack of enforcement of proper sequence of calls in QTEE
Type: text
CWE ID: N/A
Description: Lack of enforcement of proper sequence of calls in QTEE
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://source.android.com/security/bulletin/2018-04-01
x_refsource_CONFIRM
http://www.securityfocus.com/bid/103671
vdb-entry
x_refsource_BID
Hyperlink: https://source.android.com/security/bulletin/2018-04-01
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/bid/103671
Resource:
vdb-entry
x_refsource_BID
â–¼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://source.android.com/security/bulletin/2018-04-01
x_refsource_CONFIRM
x_transferred
http://www.securityfocus.com/bid/103671
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: https://source.android.com/security/bulletin/2018-04-01
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/bid/103671
Resource:
vdb-entry
x_refsource_BID
x_transferred
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:product-security@qualcomm.com
Published At:18 Apr, 2018 | 14:29
Updated At:09 May, 2018 | 20:50

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, SD 400, and SD 800, calling qsee_app_entry_return() without first calling qsee_app_entry() will cause the stack to be restored to an older state resulting in a return to an unexpected location.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.09.8CRITICAL
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary2.010.0HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 3.0
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 10.0
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
Qualcomm Technologies, Inc.
qualcomm
>>mdm9625_firmware>>-
cpe:2.3:o:qualcomm:mdm9625_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9625>>-
cpe:2.3:h:qualcomm:mdm9625:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_400_firmware>>-
cpe:2.3:o:qualcomm:sd_400_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_400>>-
cpe:2.3:h:qualcomm:sd_400:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_800_firmware>>-
cpe:2.3:o:qualcomm:sd_800_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_800>>-
cpe:2.3:h:qualcomm:sd_800:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-19Primarynvd@nist.gov
CWE ID: CWE-19
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.securityfocus.com/bid/103671product-security@qualcomm.com
Third Party Advisory
VDB Entry
https://source.android.com/security/bulletin/2018-04-01product-security@qualcomm.com
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/103671
Source: product-security@qualcomm.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://source.android.com/security/bulletin/2018-04-01
Source: product-security@qualcomm.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

489Records found
CVE-2015-9108
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.30% / 52.68%
||
7 Day CHG~0.00%
Published-18 Apr, 2018 | 14:00
Updated-16 Sep, 2024 | 19:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, no address argument validation performed on calls to a QSEE syscall may lead to arbitrary read/write or NULL Pointer exception when calling a downstream function.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_652sd_425_firmwaresd_820asd_625_firmwaresd_450mdm9625sd_425sd_430_firmwaresd_430sd_625sd_820_firmwaresd_820sd_650mdm9625_firmwaresd_450_firmwaresd_652_firmwaresd_820a_firmwaresd_650_firmwareSnapdragon Automobile, Snapdragon Mobile
CWE ID-CWE-20
Improper Input Validation
CVE-2021-35104
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 55.18%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 10:11
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow due to improper parsing of headers while playing the FLAC audio clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarefsm10055sa6150p_firmwaresm6250p_firmwareqcs610qcn5550qca8337ipq8173_firmwarewcd9360_firmwaresdx65qcn5124qca4024_firmwarewcn3950_firmwareipq8078asa8150p_firmwareqcs2290qca6595au_firmwaresa6155qcn5064csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaresa415mwcn3998qam8295pwcn3950ipq8076asd720gmdm9628mdm9206_firmwareqsw8573_firmwaresd_8_gen1_5g_firmwaresm6375_firmwaresd460_firmwaresm7315_firmwareqca6428qca6574au_firmwareqcn5164_firmwareipq8071wcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwaresdx12_firmwaremsm8909wapq8009w_firmwarewcd9360qca6438_firmwareipq8070_firmwareqca9367_firmwareipq8078a_firmwarewcn3999qrb5165_firmwareqrb5165m_firmwareipq8072_firmwaresa4155p_firmwareqcs6125sa8155_firmwareipq6010sd662_firmwareqcs405sd765gsw5100fsm10056_firmwareqca6436wcn6851sa6155pqcs603_firmwaremdm9250_firmwareqca6696_firmwaresd870_firmwaresd750gwcn3910_firmwaresxr2150p_firmwaresa8150pwsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwarewcn3988qca6438sd660_firmwaresa8195p_firmwaresm8475qcn5022_firmwarewcn6750_firmwaresa8295p_firmwarewcn3610qca6428_firmwaresm6375wcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwareipq8072asdm429wsw5100pmsm8996au_firmwarewcd9330ipq8076a_firmwareqca6564ausdx55m_firmwareipq8173wcn6856_firmwareqcn5164qca6574csr8811_firmwarewcd9380qcs410qcn5024sd690_5g_firmwaresdx24_firmwareqcn9012_firmwareqcn5052_firmwaresd439_firmwareipq6018_firmwareqsw8573qcs605wcn6850wcn3910qca6426_firmwareipq6028sd730qcn5550_firmwarewcd9330_firmwaresdx55msa8295pwcn6740_firmwareqcn5064_firmwaresd678_firmwareapq8064au_firmwarear8031_firmwareqrb5165wcn6851_firmwareqcs603ipq8070qca6564a_firmwareipq8174_firmwareapq8009wqcm4290_firmwaresd480sd870wcn6855sw5100p_firmwaresd210_firmwareqcs610_firmwareqsm8250sa6145pipq6018sdxr1ar8031apq8096auqcs405_firmwaresa8145pqca6391_firmwaresa4150p_firmwareqca4024wcd9370_firmwaresd780g_firmwaresdx55sd888_firmwaresa8155pcsra6640sd675sd439sa4155psxr2150par8035_firmwareqsm8250_firmwareqcm2290qcn5024_firmwarewcn3991_firmwaremdm9150_firmwarewsa8830sd678sa8145p_firmwareqcs2290_firmwarefsm10056csrb31024mdm9628_firmwarecsra6620fsm10055_firmwareqcs4290mdm9250sd765g_firmwareqca6390_firmwaresd690_5gipq6000sd730_firmwarewcd9370sd675_firmwareipq8072qcn5152_firmwareqca6564qca6426qca6584au_firmwareqrb5165n_firmwareqcn9000_firmwareqca9377sdw2500_firmwarewcd9385_firmwaresdxr2_5g_firmwareipq8074asd662qcn5124_firmwareqam8295p_firmwareqcn9011_firmwaresa8155qcn5122_firmwaresdx55_firmwareqca6595auwcn3999_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwareqrb5165nqca6564au_firmwareqca6584ausd778gsa6155p_firmwareipq8174sd429sa515m_firmwareqcs6490sdxr2_5gqcn5052qca9367mdm9607_firmwaresa415m_firmwarewcn3988_firmwareqcn9074sd205sd429_firmwaresa6145p_firmwaresd778g_firmwaresm6250sa8195papq8017_firmwaresd765_firmwareqca8081ipq8071aqca6174a_firmwareipq8071a_firmwareqcs4290_firmwarewcd9385qcs6490_firmwareqca6390wcd9375sd750g_firmwareaqt1000ar8035csr8811sm6250_firmwareapq8064ausda429wsd210wcn3620_firmwaresdx20_firmwareipq8074a_firmwaresd888_5g_firmwareqcm6490wcn6850_firmwarewsa8835_firmwarewcn3620apq8017qcx315qca6564asa4150pqcm6125_firmwareqcm2290_firmwareqcn9000sd_675sd780gsd865_5gsdx24qcn9012sd888msm8909w_firmwareqcx315_firmwarewsa8835msm8996ausdm429w_firmwaresd665_firmwaresd888_5gsm6250pqca8075_firmwareqca6574amdm9206wcn6855_firmwareqca9889qca6174asm7325pipq8074wcn6750ipq8070a_firmwareipq8076_firmwaresa515mqca6574_firmwaresd855sm7325p_firmwaresd665ipq8076sd765qca6574a_firmwareqcn5152sd768g_firmwareqrb5165msm7315sd460qca6391sdxr1_firmwareaqt1000_firmwaresdx65_firmwareqcm4290csrb31024_firmwareqcm6490_firmwaresdx20sd480_firmwareipq6028_firmwareipq8072a_firmwareqcn9011ipq8074_firmwareqca6574auqca9889_firmwaresa8155p_firmwaremdm9607qcn5122sd205_firmwareqcm6125mdm9150wcn6856qcn5022qca6564_firmwaresd768gipq6010_firmwarewcn6740qca6696sdw2500sa6150pqca8075apq8096au_firmwareipq8070asm7250pipq6000_firmwaresd720g_firmwaresdx12ipq8071_firmwareqcs410_firmwareqcn9074_firmwaresw5100_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2018-13925
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.46% / 64.07%
||
7 Day CHG~0.00%
Published-24 May, 2019 | 16:44
Updated-05 Aug, 2024 | 09:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Error in parsing PMT table frees the memory allocated for the map section but does not reset the context map section reference causing heap use after free issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_632sd_820amsm8996au_firmwaresd_439sd_670_firmwaresd_429sdm439mdm9650sd_636sd_615_firmwaresnapdragon_high_med_2016_firmwaremsm8909w_firmwaremsm8996ausd_820sd_650sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaremdm9206sd_652sd_425_firmwaresd_625_firmwaresd_450sd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sxr1130_firmwaresd_210_firmwaresd_600sd_652_firmwaresd_415_firmwaresxr1130msm8909wsd_616_firmwaresd_205_firmwaresd_415sd_212sd_650_firmwaresd_427_firmwaresd_712sd_855sdx20sd_616sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_615sd_710_firmwaresdm630sd_625qm215sd_820_firmwaresd_210mdm9607sd_636_firmwaresd_439_firmwaresd_429_firmwaresnapdragon_high_med_2016sd_212_firmwaresd_850_firmwaresdm439_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwareqm215_firmwaresd_430sd_427sd_670sd_435_firmwaresdx20_firmwaresd_710sd_600_firmwaresd_205sdm660_firmwaresd_855_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2015-9196
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.21% / 42.90%
||
7 Day CHG~0.00%
Published-18 Apr, 2018 | 14:00
Updated-16 Sep, 2024 | 20:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Small Cell SoC FSM9055, MDM9635M, SD 400, and SD 800, improper input validation in tzbsp_ocmem can cause privilege escalation.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9635m_firmwaresd_800_firmwarefsm9055mdm9635mfsm9055_firmwaresd_800sd_400sd_400_firmwareSnapdragon Mobile, Small Cell SoC
CWE ID-CWE-264
Not Available
CWE ID-CWE-20
Improper Input Validation
CVE-2021-35081
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.27% / 50.37%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 10:11
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow due to improper validation of SSID length received from beacon or probe response during an IBSS session in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830sa6150p_firmwaresa8145p_firmwareqcs610qcs2290_firmwareqca8337sdx65qcs4290wcn3950_firmwaresa8150p_firmwaresd765g_firmwareqcs2290qca6390_firmwaresd690_5gwcd9370qca6564qcs6125_firmwareqrb5165n_firmwarewcn3998qcn7605wcd9385_firmwarewcn3950wcd9326_firmwaresm6375_firmwaresd662sd460_firmwaresdx55_firmwarewcd9375_firmwareqca8081_firmwarewcn3998_firmwaresm7250p_firmwareqrb5165nqca6564au_firmwaresd778gsa6155p_firmwareqcs6490qrb5165_firmwareqrb5165m_firmwareqcs6125sd662_firmwarewcn3988_firmwaresa6145p_firmwaresd778g_firmwaresa8195pwsa8810_firmwaresd765gsd765_firmwarewcd9326wcn6851sa6155pqca8081qcs4290_firmwarewcd9385wcd9341qcs6490_firmwaresd750gsd870_firmwareqca6390ar8035sd750g_firmwareaqt1000sa8150pwcd9375wcn3910_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwareqcn7606_firmwarewcn6750_firmwareqcm6125_firmwareqcm2290_firmwaresm6375wcn3991qca8337_firmwarewcd9380_firmwaresd780gsd865_5gqca6564ausdx55m_firmwarewcn6856_firmwarewsa8835wcd9380sd888_5gqca6574asd690_5g_firmwarewcn6855_firmwaresm7325pwcn3980wcn6750sd855wsa8815sm7325p_firmwarewcn6850wcn3910sd765qca6574a_firmwaresd768g_firmwareqrb5165mwcn3980_firmwaresd460qca6391sdx55msdxr1_firmwareaqt1000_firmwarewcn6740_firmwaresdx65_firmwareqcm4290qcm6490_firmwareqrb5165sd480_firmwarewcn6851_firmwaresa8155p_firmwarewcd9341_firmwareqcm6125qcm4290_firmwaresd480sd870wcn6855qcn7605_firmwarewsa8810qcs610_firmwarewcn6856sa6145pqca6564_firmwaresdxr1sd768gsa8145pwcn6740qca6391_firmwaresd780g_firmwarewcd9370_firmwaresa6150psdx55sa8155psm7250par8035_firmwareqcm2290qcn7606Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-1972
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.36% / 57.59%
||
7 Day CHG~0.00%
Published-08 Sep, 2021 | 11:25
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresm7250mdm9640_firmwaresm6250p_firmwareipq4028_firmwareqca8337ar9380ipq8173_firmwareqcn5124wcn3950_firmwareqca6595au_firmwaresa6155mdm8215sd_455_firmwareapq8076qcs6125_firmwaresa415mwcn3998wcd9371_firmwarewcn3950qcn6024_firmwaresd720gsm4125mdm9206_firmwarewcn3660bsd450_firmwaresd460_firmwaremdm9230_firmwaremdm8215mqca8081_firmwarewcn3998_firmwareapq8009w_firmwareqca6420apq8053_firmwareqca9986ipq8070_firmwareqca9367_firmwareipq8065ipq8078a_firmwareipq8072_firmwaresa8155_firmwareipq8068mdm9615mqca6430wcd9306_firmwarewcd9340sdm830_firmwaresd765gmdm9250_firmwareqca9888_firmwareqcn6122qca6696_firmwarewcd9371sd870_firmwareqcn5154_firmwaremdm8215_firmwaresd_8cxsa8150par7420_firmwaremdm9330_firmwareqca9992_firmwaresd660sd865_5g_firmwaresd660_firmwareqcn5121qcn5022_firmwarewcn6750_firmwaresd450qca6428_firmwareqca9985_firmwarewcn3991ipq4018_firmwareqca9980_firmwaresdm429wipq8078sdx55m_firmwareipq8173sd670_firmwareqca6574sd632_firmwarecsr8811_firmwarewcd9380qualcomm215qcs410qcn5024sd690_5g_firmwareqca9379_firmwaresdx24_firmwareqca9985qcn9012_firmwaresd439_firmwareipq6018_firmwarewcd9340_firmwarewsa8815wcn6850pmp8074_firmwareqca6584_firmwaresd_8c_firmwaremdm9215_firmwareipq6028ipq8064sd835pmp8074wcn3980_firmwaresd730wcn6740_firmwarear6003_firmwareqcn5064_firmwaresd678_firmwareapq8064au_firmwareipq8078_firmwareqcn5054qcs603qca9994qca9980sd670qcn9024_firmwareipq8174_firmwareapq8009wqcm4290_firmwareqcs610_firmwaresa6145pqca9886_firmwarear8031sdm630_firmwareqca6391_firmwareqca4024wcd9370_firmwaresdx55apq8053qcn5021_firmwarecsra6640wcn3660qca9379mdm9150_firmwareqcn5500wsa8830qca9561csrb31024qca9563_firmwaremdm9628_firmwaremdm9650sd_636fsm10055_firmwareqca9992qcs4290mdm9250qca6420_firmwareapq8009_firmwaresd690_5gmdm9310_firmwaresd675_firmwareipq8072qca6564qca6426wcn3990_firmwareqca9984_firmwareqca9377sdw2500_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwaremdm9615m_firmwarewcn3615_firmwareipq8074aqca9982sa8155qca6584qcn5122_firmwaresdx55_firmwarewcn3615qcn6023_firmwarewcn3610_firmwarewcd9306qca6584ausd778gqfe1952ipq8174sd429qcn5052qca9367sdm630mdm9607_firmwaresa415m_firmwarewcn3988_firmwareqcn9074sd205sd429_firmwareqca6421sd778g_firmwaresa8195pqca6694qca7550wcd9326wcd9335qca9982_firmwareqcn6023qcs4290_firmwareqca6390qca9898_firmwaresd750g_firmwareaqt1000wcd9375sm6250_firmwaremsm8917_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwaresdx20_firmwarewsa8815_firmwareapq8017qcx315ar6003mdm9630_firmwareqcm6125_firmwareqca9882sd780gsd865_5gqca6595qca9896_firmwareipq8065_firmwareqcx315_firmwaresd665_firmwareqcn5154qca8075_firmwareipq6005_firmwaremdm9206qca9888qca6310_firmwaresm7325ipq8070a_firmwaremdm9615qca6574_firmwareqca9886qcn5502_firmwaresd665sd765qca6574a_firmwareapq8009mdm9310csrb31024_firmwareqcn9070_firmwaresd480_firmwareipq6028_firmwareipq8072a_firmwaremdm9626_firmwareqca9531qca9889_firmwaremdm8215m_firmwaremdm9607qcn5122sd710sdx20m_firmwareqcn5022qca6564_firmwaresd768gwcn6740sdw2500qca8075apq8096au_firmwareqcn6024qcn9022sd845mdm9615_firmwaresdm830ipq6000_firmwaresdx12qcs410_firmwaremdm9330sm7325_firmwarefsm10055sa6150p_firmwareqcs610qcn5550qca6431_firmwareqca9561_firmwareqca4024_firmwareipq8078aipq5028_firmwaresa8150p_firmwareqcs2290qca6335msm8917qcn5064csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwaremdm8615m_firmwareqca9987_firmwaresd632ipq8076amdm9628sd710_firmwareqca4020qca6428qca6574au_firmwareqcn5164_firmwareipq8071mdm9630wcd9375_firmwaresa6155_firmwaresdx12_firmwaremsm8909wsdx20mqca6438_firmwarewcn3999qrb5165_firmwareipq5028qca7500ipq4029_firmwareqcs6125ipq6010sd662_firmwareqcs405qualcomm215_firmwarefsm10056_firmwareqca4020_firmwareqca6436wcn6851qcn3018_firmwaresa6155pqcs603_firmwarewcn3660_firmwarewcd9341ipq8068_firmwareqca6431sd750gqca9988_firmwarewcn3910_firmwareqfe1922wsa8830_firmwaresd855_firmwarewcn3988qca6438sa8195p_firmwareqca9898ipq4028wcn3610mdm9640ipq5018_firmwareqca8337_firmwarewcd9380_firmwareipq8072aqca7500_firmwarewcd9330msm8996au_firmwarecsr6030ipq8076a_firmwareqca7550_firmwareqca6564auipq4029wcn6856_firmwareqcn5164qca9558qca7520_firmwaremdm9230qcn5054_firmwareipq4019_firmwaresdx50m_firmwareqca8072_firmwareqca6174qca6430_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqcs605wcn3910qca6320mdm9650_firmwareqca9986_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680qca9984qcn9024qcn5550_firmwarewcd9330_firmwaresdx55mipq8064_firmwareqca6421_firmwaremsm8953ar8031_firmwarewcn3680_firmwareqrb5165wcn6851_firmwareipq8070qcn5502qca9887_firmwaresd_636_firmwareqca6564a_firmwareqca9880sd480sd870qcn5121_firmwaresd210_firmwareipq6018qcn3018sdxr1apq8096auqca6595_firmwareqcs405_firmwaresa8145psd780g_firmwaresd888_firmwaresa8155psd675sd439qca9531_firmwarear8035_firmwareqcm2290qcn5024_firmwarewcn3991_firmwaresd678qcn9070sa8145p_firmwareqca7520qcs2290_firmwarefsm10056sm7250_firmwarecsra6620qca9987qcn9072qca9880_firmwaresd765g_firmwareipq8069_firmwareqca6390_firmwareipq6000qca6174_firmwaresd730_firmwarewcd9370qcn5152_firmwareqca6584au_firmwareapq8076_firmwareqcn9000_firmwareipq5018sd_8cx_firmwareqca9563sd662qcn5124_firmwareqfe1952_firmwareqca6320_firmwarewcn3680b_firmwareqca6595auwcn3999_firmwareqca6436_firmwareipq5010qca6564au_firmwaresa6155p_firmwareqca6310sa515m_firmwareqca9990sdxr2_5gsa6145p_firmwaresm6250apq8017_firmwarewsa8810_firmwaresd765_firmwareqca8081ipq8071aqca6174a_firmwareipq8071a_firmwarewcd9385mdm8615mar8035csr8811apq8064auipq4019qca6694_firmwaremsm8953_firmwareqcn9100_firmwaresd210wcn3620_firmwarewcn6850_firmwarewsa8835_firmwarewcn3620csr6030_firmwareqca6564aqca9988qca8072qcm2290_firmwarewcn3990qcn9000sd_675ar9380_firmwaresdx24qcn9012sd888qca9558_firmwaremsm8909w_firmwareqcn6122_firmwaremsm8996ausdm429w_firmwarewsa8835sd888_5gsm6250pipq4018qca6574aqca9889qca6174aipq8074qca9994_firmwarewcn6750ipq8076_firmwaresa515mar7420sd855sm4125_firmwareipq8076qfe1922_firmwareqca9887qcn5021ipq8069qcn5152sd768g_firmwaresd460qca6391sdxr1_firmwareipq6005aqt1000_firmwareqcn9100mdm9626qcm4290sdx50mqca9882_firmwaresdx20mdm9215sd_455ipq8074_firmwareqca6574ausa8155p_firmwaresd205_firmwarewcd9341_firmwareqcm6125wsa8810qcn5500_firmwaremdm9150wcn6856sd_8cwcn3680bsd835_firmwareipq6010_firmwareqca6696sd845_firmwaresa6150pqcn9022_firmwareqca9990_firmwareipq8070aqcn9072_firmwaresd720g_firmwareipq8071_firmwareqcn9074_firmwareqca9896Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-30341
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.22% / 44.34%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 10:10
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer size validation of DSM packet received can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwarewsa8830sd678mdm9640_firmwaresm6250p_firmwarewcn3998_firmwareqcs610qcs2290_firmwareqca8337sd7c_firmwarecsrb31024mdm9628_firmwarewcd9360_firmwaresdx65qcs4290wcn3950_firmwaremdm9250sd765g_firmwareqca6420_firmwareqca6595au_firmwareqcs2290qca6390_firmwaresd690_5gsd730_firmwarewcd9370sd_675_firmwaresd675_firmwareqcs6125_firmwareqca6426qca9377sa415mwcn3998sdw2500_firmwarewcd9385_firmwaresdxr2_5g_firmwaresd_8cx_gen2_firmwarewcn3950mdm9628sd720gmdm9206_firmwareqsw8573_firmwaresd_8_gen1_5g_firmwaresm6375_firmwaresd662sd460_firmwaresm7315_firmwareqca6574au_firmwaresdx55_firmwareqca6595auqca8081_firmwaresdx12_firmwarewcd9375_firmwaremsm8909wsm7250p_firmwareapq8009w_firmwareqca6420qca6436_firmwarewcd9360wcn3610_firmwaremdm9207qca6564au_firmwaresd680_firmwaresd778gqca9367_firmwarewcd9306mdm8207sd_8cx_gen2sa515m_firmwareqcs6490sd429sdxr2_5gqca9367qcs6125qca4004_firmwaremdm9607_firmwaresd662_firmwaresa415m_firmwarewcn3988_firmwareqca6430sd205sd429_firmwaresm6250sd778g_firmwarewcd9306_firmwaresd765gsw5100sd765_firmwareqca6436sd680wcn6851qca8081qca6174a_firmwaremdm9250_firmwareqcs4290_firmwarewcd9385qca6696_firmwareqcs6490_firmwaresd750gsd870_firmwarear8035qca6390sd750g_firmwareaqt1000wcd9375wcn3910_firmwaresm6250_firmwaremdm9207_firmwareqca4004wsa8830_firmwaresda429wsd210sd855_firmwaresd660sd865_5g_firmwaresdx20_firmwareqcm6490sd888_5g_firmwarewcn3620_firmwaresd660_firmwarewcn3620wcn3988wcn6850_firmwarewsa8835_firmwareqcx315sm8475qca6564awcn6750_firmwarewcn3610qcm6125_firmwaremdm9640qcm2290_firmwaresm6375wcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwaresd_675sdm429wmsm8996au_firmwaresd780gsw5100pwcd9330sd865_5gqca6564ausdx24sdx55m_firmwarewcn6856_firmwaresd888msm8909w_firmwareqca6574msm8996auqcx315_firmwaresdm429w_firmwaresd665_firmwarewsa8835wcd9380sd888_5gsd850sm6250pqcs410qca6574asd690_5g_firmwaremdm9206wcn6855_firmwareqca9379_firmwareqca6174asm7325psdx24_firmwareqca6430_firmwarewcn6750qsw8573mdm9205sa515mqca6574_firmwaresd855sm7325p_firmwaresd665sd7cwcn3910wcn6850sd765qca6426_firmwareqca6574a_firmwaresd768g_firmwaresd850_firmwaresm7315sd460qca6391sd730sdx55msdxr1_firmwarewcd9330_firmwareaqt1000_firmwarewcn6740_firmwaresdx65_firmwaresd678_firmwareqcm4290csrb31024_firmwareqcm6490_firmwaresdx20sd480_firmwarewcn6851_firmwareqca6574aumdm9607sd205_firmwareqca6564a_firmwareapq8009wqcm6125qcm4290_firmwaresd480sd870wcn6855sw5100p_firmwaresd210_firmwareqcs610_firmwarewcn6856sdxr1sd768gapq8096aumdm8207_firmwareqca6696wcn6740mdm9205_firmwareqca6391_firmwaresd780g_firmwarewcd9370_firmwaresdw2500sd888_firmwaresdx55apq8096au_firmwaresd675sm7250psd720g_firmwaresdx12sw5100_firmwareqcs410_firmwareqca9379ar8035_firmwareqcm2290Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-30321
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.27% / 50.37%
||
7 Day CHG~0.00%
Published-12 Nov, 2021 | 06:16
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow due to lack of parameter length check during MBSSID scan IE parse in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-aqt1000_firmwareqca2066wcd9380_firmwarewsa8830qca1062_firmwarewcn6851_firmwarewcn6856_firmwaresc8280xp_firmwareqca6430wsa8835wcd9340wsa8810_firmwarewcd9380wcd9341_firmwareqca6420_firmwarewsa8810wcn6855wcn6851wcn6856wcn6855_firmwarewcd9385wcd9341qca2066_firmwareqca6430_firmwareqca1064_firmwarewcn3998qca1062sd_8cx_firmwareqca6391_firmwarewcd9385_firmwaresd_8cxaqt1000wcd9340_firmwarewsa8815sc8280xpwcn6850qca6320wsa8830_firmwareqca1064wsa8815_firmwarewcn6850_firmwarewsa8835_firmwareqca6320_firmwarewcn3998_firmwareqca6391qca6420Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2015-9067
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.15% / 35.98%
||
7 Day CHG~0.00%
Published-18 Aug, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all Qualcomm products with Android releases from CAF using the Linux kernel, a potential compiler optimization of memset() is addressed.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAll Qualcomm products
CVE-2015-9164
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.21% / 42.90%
||
7 Day CHG~0.00%
Published-18 Apr, 2018 | 14:00
Updated-16 Sep, 2024 | 17:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, and SD 820A, a buffer overread in Playready may occur due to lack of input validation of the buffer size provided by HLOS.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_820asd_412sd_808_firmwaresd_400sd_415sd_616sd_425sd_430_firmwaresd_615sd_650_firmwaresd_625sd_615_firmwaresd_210msm8909w_firmwaresd_820_firmwaresd_820sd_650sd_808sd_450_firmwaresd_800sd_410sd_617sd_400_firmwaresd_820a_firmwaresd_652sd_425_firmwaresd_212_firmwaresd_800_firmwaresd_625_firmwaresd_450sd_412_firmwaresd_430sd_810sd_410_firmwaresd_205sd_210_firmwaresd_415_firmwaresd_652_firmwaremsm8909wsd_810_firmwaresd_616_firmwaresd_205_firmwaresd_212sd_617_firmwareSnapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-1919
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 55.66%
||
7 Day CHG~0.00%
Published-08 Sep, 2021 | 11:25
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer underflow can occur when the RTCP length is lesser than than the actual blocks present in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresm7250mdm9640_firmwaresm6250p_firmwareqcs610qca6431_firmwarewcd9360_firmwaremdm9645wcn3950_firmwareqca6595au_firmwareqca6335msm8917sd_455_firmwareqcs605_firmwaresd_675_firmwareqcs6125_firmwaresd632msm8108sa415mwcn3998wcd9371_firmwaremsm8108_firmwarewcn3950sd720gmdm9628mdm9206_firmwareqsw8573_firmwarewcn3660bsd450_firmwareqca6574au_firmwarewcd9375_firmwarewcn3998_firmwaresdx12_firmwaremsm8909wapq8009w_firmwareqca6420apq8053_firmwarewcd9360qca9367_firmwarewhs9410_firmwaremdm8207qcs6125sa8155_firmwareqca6430wcd9306_firmwarewcd9340mdm9625_firmwaresd765gqualcomm215_firmwareqca6436wcn6851qcs603_firmwaremsm8937msm8209_firmwaremdm9250_firmwarewcn3660_firmwaremdm9655qca6696_firmwareqca6431wcd9371sd870_firmwaresd750gwcn3910_firmwaresd_8cxmdm9207_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwaresd712wcn3988msm8208_firmwarewcn6750_firmwaresd450wcn3610msm8608mdm9640wcn3991wcd9380_firmwarewcd9330msm8996au_firmwarecsr6030qca6564ausdx55m_firmwarewcn6856_firmwaremsm8940_firmwaremsm8976_firmwareqca6574sd632_firmwaresd670_firmwarewcd9380qualcomm215qcs410sd690_5g_firmwaresdx50m_firmwareqca9379_firmwaresdx24_firmwareqca6430_firmwaresd439_firmwareqca6335_firmwareqsw8573qcs605wcd9340_firmwarewsa8815wcn6850wcn3910qca6320msm8937_firmwaremdm9650_firmwaresd_8c_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680sd835sd730wcd9330_firmwaresdx55mqca6421_firmwaremsm8953sd821_firmwaresd678_firmwarewcn3680_firmwarewcn6851_firmwareqcs603sd670sd_636_firmwareqca6564a_firmwareapq8009wqca6694au_firmwaremsm8976sg_firmwareqcm4290_firmwaresd480sd870wcn6855sd210_firmwareqcs610_firmwareapq8084_firmwaresdxr1apq8096aumdm8207_firmwaresdm630_firmwaresd820_firmwareqca6391_firmwarewcd9370_firmwaresdx55apq8053sa8155psd675sd439wcn3660qca9379wcn3991_firmwaremdm9150_firmwarewsa8830sd678sm7250_firmwarecsrb31024mdm9628_firmwaremdm9650sd_636qcs4290mdm9250sd765g_firmwareqca6420_firmwareqca6390_firmwareapq8009_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwareqca6426qca6584au_firmwareqca9377sdw2500_firmwaresd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewhs9410wcn3615_firmwareapq8037sa8155qca6320_firmwarewcn3680b_firmwaresdx55_firmwarewcn3615qca6595auwcn3610_firmwareqca6436_firmwaremdm9207wcd9306qca6584ausd778gqca6564au_firmwaremsm8208qca6310sa515m_firmwaresd429sdxr2_5gqca9367apq8084sdm630mdm9607_firmwaresd821mdm9655_firmwaremsm8976sgsa415m_firmwarewcn3988_firmwaresd205sd429_firmwareqca6421sd778g_firmwaresm6250sd712_firmwareapq8017_firmwarewsa8810_firmwareqca6694sd765_firmwareqca6174a_firmwareqcs4290_firmwarewcd9385mdm9625qca6390wcd9375sd750g_firmwareaqt1000msm8976qca6694_firmwaresm6250_firmwaremsm8953_firmwareqca6694aumsm8917_firmwaresd210wcn3620_firmwaresdx20_firmwarewsa8815_firmwaresd888_5g_firmwaresd820wcn6850_firmwarewsa8835_firmwarewcn3620apq8017qcx315csr6030_firmwareqca6564aqcm6125_firmwaremdm9635m_firmwaresd_675sd865_5gsdx24msm8909w_firmwareqcx315_firmwarewsa8835msm8996ausd665_firmwaresd888_5gsm6250psc8180xqca6574amdm9206wcn6855_firmwareqca6174aqca6310_firmwarewcn6750mdm9635msa515mqca6574_firmwaresd855sd665sd765qca6574a_firmwaresd768g_firmwaremsm8209sd850_firmwareapq8009qca6391sdxr1_firmwareaqt1000_firmwaremsm8920qcm4290csrb31024_firmwaresdx50msdx20sd480_firmwaremsm8920_firmwaresd_455sc8180x_firmwareqca6574ausa8155p_firmwaremdm9607sd205_firmwaremdm9645_firmwareqcm6125wsa8810mdm9150wcn6856sd_8cwcn3680bsd835_firmwaresd768gqca6696sd845_firmwaremsm8608_firmwaresdw2500msm8940apq8096au_firmwaresd845apq8037_firmwaresd720g_firmwaresdx12qcs410_firmwaresd850Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CVE-2021-1946
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.22% / 44.04%
||
7 Day CHG~0.00%
Published-09 Sep, 2021 | 07:35
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Null Pointer Dereference may occur due to improper validation while processing crafted SDP body in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwarewsa8830sd678sm7250sm6250p_firmwareqcs610qca8337sm7250_firmwareqca6431_firmwarewcd9360_firmwareqcs4290wcn3950_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqca6390_firmwaremsm8917sd690_5gsd730_firmwarewcd9370sd_675_firmwaresd675_firmwareqcs6125_firmwareqca6426sd632wcn3990_firmwareqca9377wcn3998sd_8cx_firmwarewcd9371_firmwaresdxr2_5g_firmwarewcd9385_firmwarewcn3950sd720gwhs9410wcn3660bsd450_firmwareqsm8350_firmwareqsm8350sa8155qca6574au_firmwaresdx55_firmwareqca6595ausdx12_firmwarewcd9375_firmwarewcn3998_firmwarewcn3610_firmwareqca6420qca6436_firmwareapq8053_firmwarewcd9360sd778gwhs9410_firmwareqcs6490sd429sdxr2_5gqcs6125sa8155_firmwarewcn3988_firmwareqca6430sd205sd429_firmwareqca6421sd778g_firmwaresm6250wcd9340apq8017_firmwarequalcomm215_firmwaresd765gsd765_firmwareqca6436wcn6851wcd9335qca6174a_firmwareqcs4290_firmwarewcd9385wcd9341wcn3660_firmwareqca6431qca6696_firmwareqcs6490_firmwarewcd9371sd750gsd870_firmwarear8035qca6390sd_8cxaqt1000sd750g_firmwarewcd9375sm6250_firmwarewcn3910_firmwaremsm8953_firmwarewsa8830_firmwaremsm8917_firmwaresd210sd855_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwareapq8017wcn6750_firmwaresd450wcn3610qcm6125_firmwarewcn3991qca8337_firmwarewcd9380_firmwarewcn3990sd_675sd780gsd865_5gsdx55m_firmwarewcn6856_firmwaremsm8940_firmwarewsa8835sd632_firmwaresd665_firmwarewcd9380sd888_5gsm6250pqualcomm215qcs410qca6574asd690_5g_firmwarewcn6855_firmwareqca6174asm7325qca6430_firmwarewcd9335_firmwarewcn3980wcn6750wcd9340_firmwaresd855wsa8815wcn6850sd665wcn3910sd_8c_firmwaresd765qca6426_firmwarewcn3660b_firmwarewcn3680qca6574a_firmwaresd768g_firmwarewcn3980_firmwaresd730qca6391sdx55mqca6421_firmwareaqt1000_firmwarewcn6740_firmwaremsm8920msm8953sd678_firmwareqcm4290qcm6490_firmwarewcn3680_firmwaresd480_firmwarewcn6851_firmwaremsm8920_firmwareqca6574ausa8155p_firmwaresd205_firmwarewcd9341_firmwareqcm6125qcm4290_firmwaresd480sd870wcn6855sd210_firmwareqcs610_firmwarewcn6856sd_8csd768gwcn6740qca6696qca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55msm8940apq8053sa8155psd675sd720g_firmwaresdx12qcs410_firmwarewcn3660ar8035_firmwaresm7325_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-1910
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.3||HIGH
EPSS-0.23% / 45.82%
||
7 Day CHG~0.00%
Published-07 May, 2021 | 09:10
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Double free in video due to lack of input buffer length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qca9377_firmwareqpm5679_firmwaresm6250p_firmwarepmd9607_firmwareqdm5579qfs2608_firmwareqfs2530qpm8870_firmwareqln1030pm6125qat5522_firmwarewcn3950_firmwarepm8150aqdm5670qca6595au_firmwareqpa5581_firmwaresa6155pm7150lqpa8821pm8998_firmwarewtr5975_firmwareqcs6125_firmwarepm456_firmwareqpa5580_firmwarewcn3998wcd9371_firmwarewcn3950sm4125sd720gmdm9206_firmwareqsw8573_firmwarewcn3660bsd450_firmwareqfe4320qsw8574_firmwaresd460_firmwarepm8953_firmwaresd6905gqpa4360_firmwarewcn3998_firmwareqfe2520_firmwareapq8009w_firmwarepm855papq8053_firmwareqca6420pm6150aqpm6670_firmwareqca9367_firmwarepm660_firmwarepm8150bsa8155_firmwareqfe2101qca6430qat3522pmr735awcd9340sdm830_firmwaresd765gsdr660qfs2630_firmwaresdr865qdm5620_firmwaresmb1358smr545qca6696_firmwareqln5020wcd9371sd870_firmwaresmb1350pmm855au_firmwaresa8150ppm6350qdm5621qfe3340qtc800sqat3514_firmwaresd660qet6105pm640p_firmwaresd660_firmwarewcn6750_firmwareqat5516_firmwarepm6150lsd450sd8885gpm855l_firmwareqtc410swcn3991qpa8801sdm429wpm8150l_firmwareqat5533_firmwaresdx55m_firmwaresdxr25gqpa8673_firmwarepm6150smb1354_firmwaresd670_firmwareqca6574sd632_firmwareqfs2630qpa8842sdr052_firmwarepmm8996auwcd9380qualcomm215qln4640qcs410smb1380_firmwareqfe4309_firmwarepmk8350_firmwaresmb1381pm855p_firmwarepm7250qca9379_firmwarewtr4905qpa8803sd439_firmwaresdxr25g_firmwareqdm2301wcd9340_firmwarewsa8815wcn6850qfe2101_firmwareqdm5621_firmwareqdm2301_firmwaresd835wcn3980_firmwaresd730pm660l_firmwarepm6250_firmwarewcn6740_firmwarepm8008pm8350b_firmwareqtm525_firmwarepme605_firmwarepme605sd678_firmwareapq8064au_firmwareqpm5621_firmwareqcs603rsw8577qpa6560_firmwareqpa8802_firmwareqln4640_firmwareqfe4308_firmwareqpm5621qpm6582sd670pm8009_firmwareapq8009wqfe4303qfs2580_firmwareqcm4290_firmwarewcn6855pm8150lpmi8998_firmwareqcs610_firmwaresa6145ppm660a_firmwarepm215pm4250ar8031wtr2965sdm630_firmwareqca6391_firmwarepmx20_firmwarepmi8937_firmwarewcd9370_firmwareqat3516_firmwaresdx55apq8053csra6640pm8350bhsqat3555_firmwareqpa8803_firmwarewcn3660qca9379pm855bqpm5870pm8909wsa8830pm660qet6110_firmwareqdm5579_firmwarepm6125_firmwareqbt1500qpa5581mdm9650fsm10055_firmwareqbt1500_firmwareqpm5870_firmwareqcs4290qet6100pmm855auqca6420_firmwaresmb1394_firmwareapq8009_firmwaresmb1396pm7150asd675_firmwarepm8350qca6564qpa4361_firmwarepm8350c_firmwareqpa5461_firmwareqca6426wcn3990_firmwareqca9377qpm5641qpa5373_firmwaresdw2500_firmwarewcd9385_firmwareqdm5650_firmwareqpa4340_firmwarewcd9326_firmwarewcn3615_firmwarewtr2955rgr7640au_firmwarepm7250_firmwaresdr845_firmwareqdm5620smb1380pmk8002_firmwareqsw6310_firmwaresa8155qdm4650_firmwaresdx55_firmwarepmm6155au_firmwareqat5533wcn3615sm7250p_firmwarewcn3610_firmwareqsm7250_firmwareqpm6670pm7150l_firmwareqpm4641qat5515_firmwarepm855qpm8830_firmwaresd429pm8250qca9367sdm630qdm4643qfs2530_firmwarewcn3988_firmwarepmx55qpm4641_firmwaresd205sd429_firmwarepm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresa8195psdr735_firmwarepm8953qat5515qpm5677qat3514wcd9326wcd9335pm6350_firmwarepm8004_firmwaresdr8150_firmwareqcs4290_firmwarepm439qtc800h_firmwarepmk7350_firmwareqpm5620qpm4630qca6390wcd9375sd750g_firmwareaqt1000sm6250_firmwarepmm8195auqln4642msm8917_firmwareqpm5677_firmwaresdx20_firmwarewsa8815_firmwarewtr3925_firmwarepmi8937pm8998pmk7350smr525_firmwareqpm8820_firmwareqfe4301_firmwareapq8017qln1020_firmwareqpm6621_firmwarepm670a_firmwareqcm6125_firmwarepmx55_firmwarewtr2955_firmwareqfe4373fc_firmwaresmb1398_firmwareqpm8830pmm8996au_firmwareqat5522pm8150cpmr735bsd665_firmwareqpa4360pmk8003_firmwareqpa4361qpm4640_firmwaremdm9206wcn6855_firmwareqdm5679_firmwarepm8350csmr525qca6310_firmwareqfe4305_firmwarepm6150l_firmwarepmr525pm8150a_firmwareqca6574_firmwaresd665pm6150a_firmwarepm6150_firmwaresd765pmx20pmd9607qca6574a_firmwareqpm4630_firmwareqat3555apq8009qpa5461wtr2965_firmwarepm670_firmwareqfs2608sd480_firmwareqtc801sqpm5641_firmwaresd710pm8008_firmwaresdx20m_firmwareqpm6621pmr735a_firmwarepmw3100pmx50qca6564_firmwaresdr8250sd768gqln1030_firmwaresmb1350_firmwarewcn6740pmw3100_firmwarepm8004pm640lpmk8002sdw2500apq8096au_firmwaresd845sd455_firmwaresdm830smb1357qcs410_firmwareqpa5580fsm10055qfe2550sa6150p_firmwareqcs610qpm5620_firmwareqdm2307qca6431_firmwareqpa8802qpm6585_firmwareqat3519qbt2000_firmwareqtc800hsa8150p_firmwareqcs2290sdr8250_firmwareqca6335msm8917csra6620_firmwareqcs605_firmwareqln1020smr546_firmwareqdm5671csra6640_firmwareqpm4650_firmwareqat3518sd632sdr425_firmwaresmr526_firmwareqpa5460pm640a_firmwarewgr7640_firmwareqdm2305_firmwareqpm5670_firmwaresd710_firmwareqca4020qdm5652qca6574au_firmwareqpm8870wcd9375_firmwareqpm5679qbt2000sa6155_firmwaremsm8909wsdx20mpmx50_firmwareqpa8675_firmwaresdr735gqpa5460_firmwarewcn3999qdm3301_firmwareqsm7250qcs6125sd662_firmwaresmb1360qcs405qualcomm215_firmwarersw8577_firmwareqdm2308_firmwarefsm10056_firmwarepm439_firmwareqca4020_firmwareqca6436sa6155pwcn6851qcs603_firmwareqpa6560sdr675_firmwarewcn3660_firmwarewcd9341pmi8952qdm4643_firmwarepm8937_firmwareqca6431sm7350_firmwareqet4100_firmwaresd750gqfe4320_firmwareqdm3302wcn3910_firmwareqpm5657qpm5875_firmwarewsa8830_firmwaresd855_firmwareqdm5650wcn3988wtr3925sdr052sa8195p_firmwaresmb1390qet4100wcn3610qpa8686_firmwareqpm6585sda429w_firmwarewcd9380_firmwaresmb1355qln4650wcd9330msm8996au_firmwaresdr735g_firmwarepm8350bhs_firmwarewgr7640qat5568qet5100qdm5671_firmwareqpa8801_firmwareqca6564ausd636wcn6856_firmwarepm8005_firmwareqet4101_firmwarepm7250bqln4642_firmwaresmb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwaresdx50m_firmwaresdr735smb1395pm660lar8151smr526wtr5975qca6430_firmwarepmk8003qtc801s_firmwarewcd9335_firmwareqat3522_firmwarewcn3980pm7350c_firmwareqca6335_firmwareqsw8573qcs605wcn3910qca6320mdm9650_firmwaresmb1394qca6426_firmwarepm8350_firmwarewcn3660b_firmwarewcn3680qfe4309pm8009qpa8675sdr051_firmwarewcd9330_firmwaresdx55mpm670aqca6421_firmwareqfe4373fcmsm8953qat3518_firmwarepmi8998qfe2520qsw8574sd6905g_firmwarear8031_firmwarewcn3680_firmwarepm855lwcn6851_firmwareqdm5670_firmwaresd8655gpm7150a_firmwarepm8150b_firmwareqfe4302smr545_firmwareqca6564a_firmwareqdm2310_firmwarepm4250_firmwaresd480sd870sd8885g_firmwarepm670sd210_firmwareqdm5677pm8005pm855_firmwareqdm2302pmm6155ausdxr1pm855b_firmwareapq8096auqcs405_firmwareqpm6582_firmwarepm640l_firmwareqln4650_firmwareqpm5875qet5100msd888_firmwaresa8155psd675sd439qet4101qat3516pm670lqpm5658qcm2290qpm5658_firmwarewcn3991_firmwareqdm5652_firmwarepmm8155au_firmwaresd678sdr051qln5030qcs2290_firmwarepm4125fsm10056pmi632qpa2625_firmwarepm456pm8350bh_firmwarecsra6620pmr735b_firmwareqet5100_firmwareqpa5373qpm4621smb1360_firmwareqet6100_firmwarepm670l_firmwaresdr660gsd455sd765g_firmwareqpa8686smb1358_firmwareqca6390_firmwaresd730_firmwarewcd9370sdr425pmr525_firmwareqfe3340_firmwarear8151_firmwarepmi632_firmwareqat5516sd662qpa8821_firmwareqfe4308sdr660g_firmwarepm8350bhpm3003aqca6320_firmwarewcn3680b_firmwareqca6595auwcn3999_firmwareqca6436_firmwaresm7350smb1354qca6564au_firmwareqdm2305sa6155p_firmwareqca6310qpm8820pm8937qpm2630qln5020_firmwaresmb1398sa6145p_firmwaresdr675sm6250apq8017_firmwarewsa8810_firmwaresmb231sd765_firmwareqdm5677_firmwareqca6174a_firmwarewcd9385qdm2302_firmwareqat3550_firmwarepmm8155auqln5040_firmwarepm4125_firmwareapq8064auqpa8673qdm2310qfe2550_firmwaremsm8953_firmwareqln5030_firmwaresda429wsd210wcn3620_firmwareqfe4302_firmwaresmb1396_firmwarewcn6850_firmwarewcn3620wsa8835_firmwareqca6564asmr546qet6110pmi8952_firmwareqcm2290_firmwareqln5040qpm8895sdr845qpm5670wcn3990pmk8350qdm3302_firmwaresd888pm8350bqdm2307_firmwaremsm8909w_firmwarewsa8835msm8996ausdm429w_firmwareqpm5657_firmwaresm6250prgr7640ausdr660_firmwarepm8909_firmwareqca6574apm8916_firmwaresmb1390_firmwareqca6174aqfe4303_firmwareqpm4640wcn6750pm7350cqet5100m_firmwareqpm4650qtm525wtr6955sd855sm4125_firmwareqfe4305wtr6955_firmwarepm640psd768g_firmwaresdr865_firmwarepm8250_firmwaresd460qca6391sdxr1_firmwaresmb1351smb1357_firmwareaqt1000_firmwarepm215_firmwareqpm8895_firmwarepm660aqpa4340qcm4290sdx50mpm640asdr8150sdx20pm8916smb1395_firmwareqdm4650pmd9655qca6574ausa8155p_firmwaresd205_firmwareqsw6310qet6105_firmwaresd8655g_firmwarewcd9341_firmwareqcm6125wsa8810qtc410s_firmwareqpm2630_firmwaresmb231_firmwareqat5568_firmwareqdm2308qat3550wtr4905_firmwarewcn6856qdm5679wcn3680bsd835_firmwarepm3003a_firmwareqca6696qfe4301qtc800s_firmwaresmb1381_firmwaresd845_firmwareqpa2625sa6150ppmm8195au_firmwaresm7250psd720g_firmwareqpm4621_firmwaresd636_firmwarepm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-415
Double Free
CVE-2021-1933
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.25% / 48.29%
||
7 Day CHG~0.00%
Published-09 Sep, 2021 | 07:35
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

UE assertion is possible due to improper validation of invite message with SDP body in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwaresd678sm6250p_firmwareqcs610csrb31024wcd9360_firmwaresd_636qcs4290wcn3950_firmwaresc8180x\+sdx55qca6420_firmwareqca6595au_firmwareqca6390_firmwareqca6335msm8917sd730_firmwaresd_455_firmwarewcd9370qcs605_firmwaresd_675_firmwaresd675_firmwareqcs6125_firmwareqca6584au_firmwaresd632qca9377sa415mwcn3998sd_8cx_firmwarewcd9371_firmwarewhs9410wcn3950sd720gwcn3660bsd450_firmwaresa8155qca6574au_firmwaresdx55_firmwareqca6595auwcd9375_firmwarewcn3998_firmwarewcn3610_firmwareqca6420apq8053_firmwarewcd9360qca6564au_firmwareqca6584auqca6310whs9410_firmwaresd429qcs6125sa8155_firmwaresdm630sa415m_firmwarewcn3988_firmwareqca6430sd429_firmwaresm6250sd712_firmwarewcd9340apq8017_firmwarequalcomm215_firmwareqcs603_firmwareqca6174a_firmwareqcs4290_firmwarewcn3660_firmwareqca6696_firmwarewcd9371qca6390wcd9375sd_8cxaqt1000wcn3910_firmwaresc8180x\+sdx55_firmwaresm6250_firmwaremsm8953_firmwaresda429wmsm8917_firmwaresd855_firmwarewcn3620_firmwaresd712wcn3988wcn6850_firmwarewcn3620wsa8815_firmwareapq8017sd450wcn3610qcm6125_firmwarewcn3991sda429w_firmwarewcd9380_firmwaresd_675sdm429wqca6564ausdx24sdx55m_firmwaremsm8940_firmwaresd670_firmwaresd632_firmwaresdm429w_firmwaresd665_firmwarewcd9380sm6250pqualcomm215qcs410qca6574asdx50m_firmwareqca6174asdx24_firmwareqca6310_firmwareqca6430_firmwareqca6335_firmwareqcs605wcd9340_firmwaresd855wsa8815wcn6850sd665wcn3910sd_8c_firmwarewcn3660b_firmwarewcn3680qca6574a_firmwaresd850_firmwaresd730sdxr1_firmwaresdx55maqt1000_firmwaremsm8920msm8953sd678_firmwareqcm4290csrb31024_firmwaresdx50mwcn3680_firmwareqcs603msm8920_firmwaresd_455qca6574ausa8155p_firmwaresd_636_firmwaresd670qcm6125qcm4290_firmwareqcs610_firmwaresd_8csdxr1qca6696sdm630_firmwaresd845_firmwarewcd9370_firmwaresdx55msm8940apq8053sa8155psd675sd845sd720g_firmwareqcs410_firmwarewcn3660sd850Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2021-1916
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 55.66%
||
7 Day CHG~0.00%
Published-08 Sep, 2021 | 11:25
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer underflow due to lack of check for negative indices values when processing user provided input in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresm7250mdm9640_firmwaresm6250p_firmwaresa6150p_firmwareqcs610qca6431_firmwarewcd9360_firmwaremdm9645wcn3950_firmwaresa8150p_firmwareqca6595au_firmwaresa6155qca6335msm8917mdm8215sd_455_firmwareqcs605_firmwaresd_675_firmwareqcs6125_firmwaremdm8615m_firmwaresd632msm8108sa415mwcn3998wcd9371_firmwaremsm8108_firmwarewcn3950sd720gmdm9628mdm9206_firmwareqsw8573_firmwarewcn3660bsd450_firmwaremdm9230_firmwaremdm8215mqca6574au_firmwaremdm9630wcd9375_firmwarewcn3998_firmwaresa6155_firmwaresdx12_firmwaremsm8909wapq8009w_firmwareqca6420apq8053_firmwarewcd9360qca9367_firmwarewhs9410_firmwaremdm8207qcs6125sa8155_firmwareqca4004_firmwaremdm9615mqca6430wcd9306_firmwarewcd9340mdm9625_firmwaresd765gqca1990_firmwarequalcomm215_firmwareqca6436wcn6851sa6155pqcs603_firmwaremsm8937msm8209_firmwaremdm9250_firmwarewcn3660_firmwaremdm9655qca6696_firmwareqca6431wcd9371sd870_firmwaresd750gmdm8215_firmwarewcn3910_firmwaresd_8cxsa8150pmdm9207_firmwareqca4004wsa8830_firmwaremdm9330_firmwaresd855_firmwaresd865_5g_firmwaresd712wcn3988sa8195p_firmwaremsm8208_firmwarewcn6750_firmwaresd450wcn3610mdm9640msm8608wcn3991sda429w_firmwarewcd9380_firmwaresdm429wwcd9330msm8996au_firmwarecsr6030qca6564ausdx55m_firmwarewcn6856_firmwaremsm8940_firmwaremsm8976_firmwareqca6574sd632_firmwaresd670_firmwarewcd9380qualcomm215mdm9230qcs410sd690_5g_firmwaresdx50m_firmwareqca9379_firmwaresdx24_firmwareqca6174qca6430_firmwaresd439_firmwareqca6335_firmwareqsw8573qcs605wcd9340_firmwarewsa8815wcn6850wcn3910qca6320qca6584_firmwaremsm8937_firmwaremdm9650_firmwaresd_8c_firmwaremdm9215_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680sd835qca1990sd730wcd9330_firmwaresdx55mqca6421_firmwarewcn6740_firmwarear6003_firmwaremsm8953sd821_firmwaresd678_firmwarewcn3680_firmwarewcn6851_firmwareqcs603sd670sd_636_firmwareqca6564a_firmwareapq8009wqca6694au_firmwaremsm8976sg_firmwareqcm4290_firmwaresd480sd870wcn6855sd210_firmwareqcs610_firmwareapq8084_firmwaresa6145psdxr1apq8096ausa8145pmdm8207_firmwaresdm630_firmwaremdm9205_firmwareqca6391_firmwaresd820_firmwarewcd9370_firmwaresd780g_firmwaresdx55apq8053sa8155psd675sd439wcn3660qca9379wcn3991_firmwaremdm9150_firmwarewsa8830sd678sa8145p_firmwaresm7250_firmwarecsrb31024mdm9628_firmwaremdm9650sd_636qcs4290mdm9250sd765g_firmwareqca6420_firmwareqca6390_firmwareapq8009_firmwaresd690_5gqca6174_firmwaresd730_firmwaremdm9310_firmwarewcd9370sd675_firmwareqca6426qca6584au_firmwareqca9377sdw2500_firmwaresd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewhs9410mdm9615m_firmwarewcn3615_firmwareapq8037sa8155qca6320_firmwareqca6584wcn3680b_firmwaresdx55_firmwarewcn3615qca6595auwcn3610_firmwareqca6436_firmwaremdm9207wcd9306qca6584ausd778gqca6564au_firmwaremsm8208sa6155p_firmwareqca6310sa515m_firmwaresd429sdxr2_5gqca9367apq8084sdm630mdm9607_firmwaresd821mdm9655_firmwaremsm8976sgsa415m_firmwarewcn3988_firmwaresd205sd429_firmwareqca6421sd778g_firmwaresa6145p_firmwaresm6250sa8195psd712_firmwareapq8017_firmwarewsa8810_firmwareqca6694sd765_firmwareqca6174a_firmwareqcs4290_firmwarewcd9385mdm8615mmdm9625qca6390wcd9375sd750g_firmwareaqt1000msm8976qca6694_firmwaresm6250_firmwaremsm8953_firmwareqca6694ausda429wmsm8917_firmwaresd210wcn3620_firmwaresdx20_firmwarewsa8815_firmwaresd888_5g_firmwaresd820wcn6850_firmwarewsa8835_firmwarewcn3620apq8017qcx315ar6003csr6030_firmwareqca6564amdm9630_firmwareqcm6125_firmwaremdm9635m_firmwaresd_675sd780gsd865_5gsdx24msm8909w_firmwareqcx315_firmwarewsa8835msm8996ausdm429w_firmwaresd665_firmwaresd888_5gsm6250psc8180xqca6574amdm9206wcn6855_firmwareqca6174aqca6310_firmwarewcn6750mdm9635mmdm9615mdm9205sa515mqca6574_firmwaresd855sd665sd765qca6574a_firmwaresd768g_firmwaremsm8209sd850_firmwareapq8009qca6391sdxr1_firmwaremdm9310aqt1000_firmwaremsm8920qcm4290csrb31024_firmwaresdx50msdx20sd480_firmwaremsm8920_firmwaremdm9215sc8180x_firmwaresd_455qca6574ausa8155p_firmwaremdm8215m_firmwaremdm9607sd205_firmwaremdm9645_firmwareqcm6125wsa8810mdm9150wcn6856sd_8cwcn3680bsd835_firmwaresd768gwcn6740qca6696sd845_firmwaremsm8608_firmwaresdw2500sa6150pmsm8940apq8096au_firmwaresd845mdm9615_firmwareapq8037_firmwaresd720g_firmwaresdx12qcs410_firmwaremdm9330sd850Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-1975
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 55.18%
||
7 Day CHG~0.00%
Published-12 Nov, 2021 | 06:15
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible heap overflow due to improper length check of domain while parsing the DNS response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarefsm10055sm7250mdm9640_firmwaresm6250p_firmwaresa6150p_firmwareqcs610qca8337qca6431_firmwarewcd9360_firmwaresdx65wcn3950_firmwaresc8180x\+sdx55sa8150p_firmwareqca6595au_firmwaresa6155qca6335msm8917mdm8215sd_455_firmwareqcs605_firmwaresd_675_firmwareqcs6125_firmwaremdm8615m_firmwaresd632msm8108sa415mwcd9371_firmwaremsm8108_firmwarewcn3950sd720gmdm9628mdm9206_firmwareqsw8573_firmwaresm6375_firmwarewcn3660bsd450_firmwareqsm8350_firmwareqsm8350sd460_firmwaremdm9230_firmwarewcn7850mdm8215mqca6574au_firmwaremdm9630wcd9375_firmwareqca8081_firmwaresa6155_firmwaresdx12_firmwaremsm8909wapq8009w_firmwarewcd9360qca9367_firmwarewhs9410_firmwaremdm8207qcs6125sa8155_firmwareqca4004_firmwaresd662_firmwaremdm9615mwcd9306_firmwaresd765gqualcomm215_firmwarefsm10056_firmwareqca6436wcn6851sa6155pqcs603_firmwarewcn7851_firmwaremsm8937msm8209_firmwaremdm9250_firmwarewcn3660_firmwareqca6431qca6696_firmwarewcd9371sd870_firmwaresd750gmdm8215_firmwarewcn3910_firmwaresd_8cxsa8150pmdm9207_firmwareqca4004wsa8830_firmwaremdm9330_firmwaresd865_5g_firmwaresd712wcn3988wcn7850_firmwaresa8195p_firmwaremsm8208_firmwarewcn6750_firmwaresd450wcn3610msm8608mdm9640sm6375wcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwaresdm429wwcd9330msm8996au_firmwarecsr6030qca6564ausdx55m_firmwarewcn6856_firmwaremsm8940_firmwaremsm8976_firmwareqca6574sd632_firmwarewcd9380qualcomm215mdm9230qcs410sd690_5g_firmwaresdx50m_firmwareqca9379_firmwaresdx24_firmwareqca6174sd439_firmwareqca6335_firmwareqsw8573qcs605wcn6850sd7cwcn3910qca6320qca6584_firmwaremsm8937_firmwaremdm9650_firmwaresd_8c_firmwaremdm9215_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680sd730wcd9330_firmwaresdx55mqca6421_firmwarewcn6740_firmwarear6003_firmwaresd821_firmwaresd678_firmwarewcn3680_firmwarewcn6851_firmwareqcs603sd_636_firmwareqca6564a_firmwareapq8009wqca6694au_firmwaremsm8976sg_firmwareqcm4290_firmwaresd480sd870wcn6855sd210_firmwareqcs610_firmwaresa6145psdxr1apq8096auqca6595_firmwaresa8145pmdm8207_firmwaresdm630_firmwaremdm9205_firmwareqca6391_firmwaresd820_firmwarewcd9370_firmwaresd780g_firmwaresdx55sa8155psd675sd439wcn3660qca9379ar8035_firmwarewcn3991_firmwaremdm9150_firmwarewsa8830sd678sa8145p_firmwarefsm10056sm7250_firmwaresd7c_firmwarecsrb31024mdm9628_firmwaremdm9650sd_636fsm10055_firmwareqcs4290mdm9250sd765g_firmwareqca6390_firmwareapq8009_firmwaresd690_5gqca6174_firmwaresd730_firmwaremdm9310_firmwarewcd9370sd675_firmwareqca6426qca6584au_firmwaresm8450qca9377sdw2500_firmwaresd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewhs9410mdm9615m_firmwaresd662apq8037sa8155qca6320_firmwareqca6584sdx55_firmwareqca6595auwcn3610_firmwareqca6436_firmwaremdm9207wcd9306qca6584ausd778gqca6564au_firmwaremsm8208sa6155p_firmwareqca6310sm6225wcn7851sd429qcs6490sdxr2_5gqca9367sdm630mdm9607_firmwaresd821msm8976sgsa415m_firmwarewcn3988_firmwaresd205sd429_firmwareqca6421sd778g_firmwaresa6145p_firmwaresm6250sa8195psd712_firmwareapq8017_firmwareqca6694sm8450_firmwaresd765_firmwareqca8081qca6174a_firmwareqcs4290_firmwarewcd9385mdm8615mqcs6490_firmwareqca6390wcd9375sd750g_firmwarear8035msm8976qca6694_firmwaresc8180x\+sdx55_firmwaresm6250_firmwareqca6694ausda429wmsm8917_firmwaresd210wcn3620_firmwaresdx20_firmwaresd820sd888_5g_firmwareqcm6490wcn6850_firmwarewsa8835_firmwarewcn3620apq8017qcx315ar6003csr6030_firmwareqca6564amdm9630_firmwareqcm6125_firmwaresd_675sd780gsd865_5gqca6595sdx24sm8450p_firmwaremsm8909w_firmwareqcx315_firmwarewsa8835msm8996ausdm429w_firmwaresd665_firmwaresd888_5gsm6250pqca6574amdm9206wcn6855_firmwareqca6174aqca6310_firmwaresm7325wcn6750mdm9615mdm9205qca6574_firmwaresd665sd765qca6574a_firmwaresd768g_firmwaremsm8209sd850_firmwareapq8009sd460qca6391sdxr1_firmwaremdm9310msm8920sdx65_firmwareqcm4290csrb31024_firmwareqcm6490_firmwaresdx50msdx20sd480_firmwaremsm8920_firmwaremdm9215sd_455sm6225_firmwareqca6574ausa8155p_firmwaremdm8215m_firmwaremdm9607sd205_firmwareqcm6125sm8450pmdm9150wcn6856sd_8csd768gwcn6740qca6696msm8608_firmwaresdw2500sa6150pmsm8940apq8096au_firmwaremdm9615_firmwareapq8037_firmwaresd720g_firmwaresdx12qcs410_firmwaremdm9330sd850sm7325_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-1976
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.39% / 59.54%
||
7 Day CHG~0.00%
Published-17 Sep, 2021 | 07:05
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use after free can occur due to improper validation of P2P device address in PD Request frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarefsm10055sm7250mdm9640_firmwaresm6250p_firmwaresa6150p_firmwareqcs610ipq4028_firmwareqcn5550qca8337ar9380ipq8173_firmwareqca9561_firmwareqcn5124qca4024_firmwarewcn3950_firmwareipq8078aipq5028_firmwaresa8150p_firmwareqcs2290qca6595au_firmwaresa6155qca6335msm8917qcn5064sd_455_firmwarecsra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwareqca9987_firmwaresd632sa415mwcn3998wcd9371_firmwarewcn3950qcn6024_firmwaresd720gsm4125mdm9206_firmwareipq8076amdm9628wcn3660bsd450_firmwaresd460_firmwareqca6428qca6574au_firmwareqcn5164_firmwareipq8071wcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwaresdx12_firmwaremsm8909wapq8009w_firmwareqca6420apq8053_firmwaresdx20mqca6438_firmwareqca9986ipq8070_firmwareqca9367_firmwareipq8065ipq8078a_firmwarewcn3999qrb5165_firmwareipq5028qca7500ipq8072_firmwareipq4029_firmwareqcs6125sa8155_firmwareipq6010sd662_firmwareipq8068qcs405qca6430wcd9340sdm830_firmwaresd765gqualcomm215_firmwarefsm10056_firmwareqca6436wcn6851qcn3018_firmwaresa6155pqcs603_firmwaremdm9250_firmwarewcn3660_firmwareqca9888_firmwareqcn6122ipq8068_firmwareqca6696_firmwarewcd9371sd870_firmwaresd750gqca9988_firmwareqcn5154_firmwarewcn3910_firmwaresa8150par7420_firmwarewsa8830_firmwareqca9992_firmwaresd865_5g_firmwaresd855_firmwarewcn3988qca6438sa8195p_firmwareqcn5121qcn5022_firmwarewcn6750_firmwareqca9898sd450ipq4028wcn3610mdm9640qca6428_firmwareipq5018_firmwareqca9985_firmwarewcn3991ipq4018_firmwareqca8337_firmwarewcd9380_firmwareipq8072aqca7500_firmwareqca9980_firmwaresdm429wwcd9330msm8996au_firmwareipq8076a_firmwareqca7550_firmwareipq8078qca6564ausdx55m_firmwareipq8173wcn6856_firmwareqcn5164qca9558sd670_firmwareqca6574sd632_firmwarecsr8811_firmwareqca7520_firmwarewcd9380qualcomm215qcn5054_firmwareqcs410qcn5024sd690_5g_firmwareipq4019_firmwaresdx50m_firmwaresdx24_firmwareqca8072_firmwareqca9985qcn9012_firmwareqca6174qca6430_firmwaresd439_firmwareqcn5052_firmwareqca6335_firmwareipq6018_firmwareqcs605wcd9340_firmwarewsa8815wcn6850pmp8074_firmwarewcn3910qca6320mdm9650_firmwareqca9986_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680qca9984ipq6028ipq8064sd835pmp8074qcn9024sd730qcn5550_firmwarewcd9330_firmwaresdx55mipq8064_firmwarewcn6740_firmwaremsm8953qcn5064_firmwaresd678_firmwareapq8064au_firmwarear8031_firmwarewcn3680_firmwareipq8078_firmwareqcn5054qrb5165wcn6851_firmwareqcs603ipq8070qca9896qcn5502qca9994qca9887_firmwareqca9980sd670qcn9024_firmwareipq8174_firmwareapq8009wsd_636_firmwareqca6564a_firmwareqca9880qcm4290_firmwaresd480sd870qcn5121_firmwaresd210_firmwareqcs610_firmwaresa6145pipq6018qcn3018qca9886_firmwaresdxr1ar8031apq8096auqca6595_firmwareqcs405_firmwaresa8145psdm630_firmwareqca6391_firmwareqca4024wcd9370_firmwaresd780g_firmwaresdx55sd888_firmwareapq8053qcn5021_firmwarecsra6640sa8155psd675sd439qca9531_firmwarewcn3660ar8035_firmwareqcm2290qcn5024_firmwarewcn3991_firmwaremdm9150_firmwareqcn5500wsa8830qca9561sd678qcn9070sa8145p_firmwareqca7520qcs2290_firmwarefsm10056sm7250_firmwarecsrb31024qca9563_firmwaremdm9628_firmwaremdm9650sd_636csra6620fsm10055_firmwareqca9987qcn9072qca9880_firmwareqca9992qcs4290mdm9250sd765g_firmwareqca6420_firmwareipq8069_firmwareapq8009_firmwareqca6390_firmwaresd690_5gipq6000qca6174_firmwaresd730_firmwarewcd9370sd675_firmwareipq8072qcn5152_firmwareqca6564qca6426qca6584au_firmwareqcn9000_firmwareqca9984_firmwareqca9377ipq5018sdw2500_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcn3615_firmwareqca9563ipq8074asd662qcn5124_firmwareqca9982sa8155qca6320_firmwarewcn3680b_firmwareqcn5122_firmwaresdx55_firmwarewcn3615qcn6023_firmwareqca6595auwcn3999_firmwarewcn3610_firmwareqca6436_firmwareipq5010qca6564au_firmwareqca6584ausd778gsa6155p_firmwareqca6310ipq8174sd429sa515m_firmwareqca9990sdxr2_5gqcn5052qca9367sdm630mdm9607_firmwaresa415m_firmwarewcn3988_firmwareqcn9074sd205sd429_firmwaresa6145p_firmwaresd778g_firmwaresm6250sa8195papq8017_firmwarewsa8810_firmwareqca6694qca7550sd765_firmwareqca8081qca9982_firmwareqcn6023ipq8071aqca6174a_firmwareipq8071a_firmwareqcs4290_firmwarewcd9385qca6390qca9898_firmwaresd750g_firmwareaqt1000wcd9375ar8035sm6250_firmwarecsr8811apq8064auipq4019qca6694_firmwaremsm8953_firmwareqcn9100_firmwaremsm8917_firmwaresd210wcn3620_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwaresdx20_firmwarewsa8815_firmwarewcn6850_firmwarewsa8835_firmwarewcn3620apq8017qcx315qca6564aqca9988qcm6125_firmwareqca9882qca8072qcm2290_firmwareqcn9000sd_675sd780gsd865_5gqca6595ar9380_firmwaresdx24qcn9012sd888qca9558_firmwareqca9896_firmwaremsm8909w_firmwareipq8065_firmwareqcx315_firmwareqcn6122_firmwaremsm8996ausd665_firmwaresdm429w_firmwarewsa8835sd888_5gsm6250pqcn5154qca8075_firmwareipq4018qca6574aipq6005_firmwaremdm9206qca9889qca6174aqca9888qca6310_firmwaresm7325ipq8074qca9994_firmwarewcn6750ipq8070a_firmwareipq8076_firmwaresa515mqca6574_firmwareqca9886qcn5502_firmwarear7420sd855sm4125_firmwaresd665ipq8076sd765qca9887qca6574a_firmwareqcn5021ipq8069qcn5152sd768g_firmwareapq8009sd460qca6391sdxr1_firmwareipq6005aqt1000_firmwareqcn9100mdm9626qcm4290csrb31024_firmwaresdx50mqca9882_firmwareqcn9070_firmwaresdx20sd480_firmwareipq6028_firmwareipq8072a_firmwaresd_455mdm9626_firmwareqca9531ipq8074_firmwareqca6574auqca9889_firmwaresa8155p_firmwaremdm9607qcn5122sd205_firmwaresdx20m_firmwareqcm6125wsa8810qcn5500_firmwaremdm9150wcn6856qcn5022wcn3680bsd835_firmwareqca6564_firmwaresd768gipq6010_firmwarewcn6740qca6696sd845_firmwaresdw2500sa6150pqca8075qcn9022_firmwareapq8096au_firmwareqcn6024qcn9022sd845qca9990_firmwareipq8070aqcn9072_firmwaresdm830ipq6000_firmwaresd720g_firmwaresdx12ipq8071_firmwareqcs410_firmwareqcn9074_firmwareipq4029sm7325_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-416
Use After Free
CVE-2021-1965
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-27.45% / 96.34%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 05:31
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow due to lack of parameter length check during MBSSID scan IE parse in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn5024_firmwarewcn3991_firmwarewsa8830sd678qcn9070sa6150p_firmwaresa8145p_firmwareipq4028_firmwareqcn5550ar9380ipq8173_firmwareqcn5124qca4024_firmwareqcn9072qca9880_firmwareqca9992wcn3950_firmwareipq8078aipq5028_firmwaresa8150p_firmwareqca6420_firmwareqca6595au_firmwareqca6390_firmwareipq6000sd730_firmwarewcd9370sd_675_firmwaresd675_firmwareqcn5152_firmwareqca6426qcn9000_firmwareqca9984_firmwareipq5018wcn3998wcd9385_firmwaresdxr2_5g_firmwarewcn3950ipq8076aqcn6024_firmwaresd720gipq8074aqcn5124_firmwaresm7315_firmwareqca6574au_firmwareqcn5122_firmwareqcn5164_firmwaresdx55_firmwareqca6595auqca8081_firmwareqcn6023_firmwarewcd9375_firmwarewcn3998_firmwareqca6420qca6436_firmwareipq5010sd778gipq8070_firmwaresa6155p_firmwareipq8065ipq8078a_firmwareipq8174qca9990ipq5028qca7500ipq4029_firmwareqcn5052sdxr2_5gipq6010ipq8068wcn3988_firmwareqca6430qcn9074sa6145p_firmwaresm6250sd778g_firmwaresa8195pwsa8810_firmwareqca6436wcn6851sa6155pqca8081ipq8071aqcn6023ipq8071a_firmwarewcd9385qca9888_firmwareqcn6122ipq8068_firmwarewcd9341qca6696_firmwaresd870_firmwareqcn5154_firmwareqca6390csr8811qca9898_firmwareaqt1000ipq4019sa8150psm6250_firmwarewcd9375qcn9100_firmwarewcn3910_firmwarewsa8830_firmwareqca9992_firmwaresd855_firmwaresd865_5g_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwareqcn5121qca9898qcn5022_firmwarewcn6750_firmwareipq4028qca8072ipq5018_firmwareqca9985_firmwarewcn3991ipq4018_firmwarewcd9380_firmwareqcn9000ipq8072aqca7500_firmwareqca9980_firmwaresd_675sd780gipq8076a_firmwaresd865_5gar9380_firmwareipq8078sdx55m_firmwareipq8173wcn6856_firmwareqcn9012sd888qcn5164qcn6122_firmwareipq8065_firmwarewsa8835csr8811_firmwarewcd9380sd888_5gqcn5054_firmwareqcn5154qca8075_firmwareipq4019_firmwareipq4018ipq6005_firmwareqca6574aqcn5024sdx50m_firmwareqca9889wcn6855_firmwaresm7325pqca9888qca8072_firmwareqca9985qca6430_firmwareqca9994_firmwareqcn5052_firmwareqcn9012_firmwareipq8070a_firmwarewcn3980wcn6750ipq6018_firmwareipq8076_firmwareqca9886sd855wsa8815sm7325p_firmwarewcn6850pmp8074_firmwarewcn3910ipq8076qca6426_firmwareqca6574a_firmwareqca9984ipq6028ipq8064qcn5021pmp8074qcn5152qcn9024wcn3980_firmwaresm7315qcn5550_firmwareqca6391sd730sdx55mipq8064_firmwareipq6005aqt1000_firmwarewcn6740_firmwareqcn9100sd678_firmwaresdx50mipq8078_firmwareqcn5054qcn9070_firmwarewcn6851_firmwareipq8070ipq6028_firmwareipq8072a_firmwareqca9994qca6574auqca9889_firmwaresa8155p_firmwaresdx55qca9980qcn5122qcn9024_firmwareipq8174_firmwareqca9880wcd9341_firmwarewsa8810sd870qcn5121_firmwarewcn6855wcn6856ipq6018qcn5022sa6145pqca9886_firmwareipq6010_firmwaresa8145pwcn6740qca6696qca6391_firmwareqca4024sd780g_firmwarewcd9370_firmwaresa6150psd888_firmwareqca8075qcn5021_firmwareqcn9022_firmwareqcn6024qcn9022sa8155pqca9990_firmwareipq8070asd675qcn9072_firmwareipq6000_firmwaresd720g_firmwareqcn9074_firmwareipq4029Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-1920
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 55.66%
||
7 Day CHG~0.00%
Published-08 Sep, 2021 | 11:25
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer underflow can occur due to improper handling of incoming RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresm7250mdm9640_firmwaresm6250p_firmwareqcs610qca6431_firmwarewcd9360_firmwaremdm9645wcn3950_firmwareqca6595au_firmwareqca6335msm8917mdm8215sd_455_firmwareqcs605_firmwaresd_675_firmwareqcs6125_firmwaremdm8615m_firmwaresd632msm8108sa415mwcn3998wcd9371_firmwaremsm8108_firmwarewcn3950sd720gmdm9628mdm9206_firmwareqsw8573_firmwarewcn3660bsd450_firmwaremdm9230_firmwaremdm8215mqca6574au_firmwaremdm9630wcd9375_firmwarewcn3998_firmwaresdx12_firmwaremsm8909wapq8009w_firmwareqca6420apq8053_firmwarewcd9360qca9367_firmwarewhs9410_firmwaremdm8207qcs6125sa8155_firmwareqca4004_firmwaremdm9615mqca6430wcd9306_firmwarewcd9340mdm9625_firmwaresd765gqca1990_firmwarequalcomm215_firmwareqca6436wcn6851qcs603_firmwaremsm8937msm8209_firmwaremdm9250_firmwarewcn3660_firmwaremdm9655qca6696_firmwareqca6431wcd9371sd870_firmwaresd750gmdm8215_firmwarewcn3910_firmwaresd_8cxmdm9207_firmwareqca4004wsa8830_firmwaremdm9330_firmwaresd855_firmwaresd865_5g_firmwaresd712wcn3988msm8208_firmwarewcn6750_firmwaresd450wcn3610mdm9640msm8608wcn3991wcd9380_firmwarewcd9330msm8996au_firmwarecsr6030qca6564ausdx55m_firmwarewcn6856_firmwaremsm8940_firmwaremsm8976_firmwareqca6574sd632_firmwaresd670_firmwarewcd9380qualcomm215mdm9230qcs410sd690_5g_firmwaresdx50m_firmwareqca9379_firmwaresdx24_firmwareqca6174qca6430_firmwaresd439_firmwareqca6335_firmwareqsw8573qcs605wcd9340_firmwarewsa8815wcn6850wcn3910qca6320qca6584_firmwaremsm8937_firmwaremdm9650_firmwaresd_8c_firmwaremdm9215_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680sd835qca1990sd730wcd9330_firmwaresdx55mqca6421_firmwarear6003_firmwaremsm8953sd821_firmwaresd678_firmwarewcn3680_firmwarewcn6851_firmwareqcs603sd670sd_636_firmwareqca6564a_firmwareapq8009wqca6694au_firmwaremsm8976sg_firmwareqcm4290_firmwaresd480sd870wcn6855sd210_firmwareqcs610_firmwareapq8084_firmwaresdxr1apq8096aumdm8207_firmwaresdm630_firmwaremdm9205_firmwareqca6391_firmwaresd820_firmwarewcd9370_firmwaresdx55apq8053sa8155psd675sd439wcn3660qca9379wcn3991_firmwaremdm9150_firmwarewsa8830sd678sm7250_firmwarecsrb31024mdm9628_firmwaremdm9650sd_636qcs4290mdm9250sd765g_firmwareqca6420_firmwareqca6390_firmwareapq8009_firmwaresd690_5gqca6174_firmwaresd730_firmwaremdm9310_firmwarewcd9370sd675_firmwareqca6426qca6584au_firmwareqca9377sdw2500_firmwaresd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewhs9410mdm9615m_firmwarewcn3615_firmwareapq8037sa8155qca6320_firmwareqca6584wcn3680b_firmwaresdx55_firmwarewcn3615qca6595auwcn3610_firmwareqca6436_firmwaremdm9207wcd9306qca6584ausd778gqca6564au_firmwaremsm8208qca6310sa515m_firmwaresd429sdxr2_5gqca9367apq8084sdm630mdm9607_firmwaresd821mdm9655_firmwaremsm8976sgsa415m_firmwarewcn3988_firmwaresd205sd429_firmwareqca6421sd778g_firmwaresm6250sd712_firmwareapq8017_firmwarewsa8810_firmwareqca6694sd765_firmwareqca6174a_firmwareqcs4290_firmwarewcd9385mdm8615mmdm9625qca6390wcd9375sd750g_firmwareaqt1000msm8976qca6694_firmwaresm6250_firmwaremsm8953_firmwareqca6694aumsm8917_firmwaresd210wcn3620_firmwaresdx20_firmwarewsa8815_firmwaresd888_5g_firmwaresd820wcn6850_firmwarewsa8835_firmwarewcn3620apq8017qcx315ar6003csr6030_firmwareqca6564amdm9630_firmwareqcm6125_firmwaremdm9635m_firmwaresd_675sd865_5gsdx24msm8909w_firmwareqcx315_firmwarewsa8835msm8996ausd665_firmwaresd888_5gsm6250psc8180xqca6574amdm9206wcn6855_firmwareqca6174aqca6310_firmwarewcn6750mdm9635mmdm9615mdm9205sa515mqca6574_firmwaresd855sd665sd765qca6574a_firmwaresd768g_firmwaremsm8209sd850_firmwareapq8009qca6391sdxr1_firmwaremdm9310aqt1000_firmwaremsm8920qcm4290csrb31024_firmwaresdx50msdx20sd480_firmwaremsm8920_firmwaremdm9215sc8180x_firmwaresd_455qca6574ausa8155p_firmwaremdm8215m_firmwaremdm9607sd205_firmwaremdm9645_firmwareqcm6125wsa8810mdm9150wcn6856sd_8cwcn3680bsd835_firmwaresd768gqca6696sd845_firmwaremsm8608_firmwaresdw2500msm8940apq8096au_firmwaresd845mdm9615_firmwareapq8037_firmwaresd720g_firmwaresdx12qcs410_firmwaremdm9330sd850Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CVE-2020-3668
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.45% / 63.55%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-04 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Buffer overflow while parsing PMF enabled MCBC frames due to frame length being lesser than what is expected while parsing' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ6018, IPQ8074, Kamorta, Nicobar, QCA6390, QCA8081, QCN7605, QCS404, QCS405, QCS605, Rennell, SA415M, SC7180, SC8180X, SDA845, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm850_firmwarekamorta_firmwaresdm845qcs404_firmwaresc8180x_firmwaresa415m_firmwareqcs405sm7150_firmwareipq8074_firmwaresdm710sc7180_firmwaresm6150sdm710_firmwaresm7150qca6390_firmwareqcn7605_firmwaresdm670qca8081qcs605_firmwaresc8180xipq6018sdm670_firmwareqcs404sm8150_firmwareipq8074qcs405_firmwarerennellsa415msc7180sda845_firmwareqcn7605rennell_firmwareqca6390ipq6018_firmwareqcs605sm6150_firmwaresm8150sdm850sxr1130_firmwarekamortaqca8081_firmwarenicobar_firmwaresxr1130sda845nicobarsdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-3633
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 55.66%
||
7 Day CHG~0.00%
Published-02 Jun, 2020 | 15:05
Updated-04 Aug, 2024 | 07:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Array out of bound may occur while playing mp3 file as no check is there on offset if it is greater than the buffer allocated or not in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, APQ8098, Kamorta, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909W, MSM8917, MSM8953, MSM8996AU, MSM8998, QCS405, QCS605, QM215, Rennell, Saipan, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-kamorta_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdm439sdm429sm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaremdm9206sdm670_firmwaresdm636apq8098mdm9206_firmwareqcs605sdm429_firmwaremsm8905_firmwaresda660msm8909wapq8009apq8053_firmwaremsm8953sdm450sdm636_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660sdm630mdm9607_firmwaresm8250_firmwareqcs405sdm710qm215mdm9607sdm710_firmwaremdm9207c_firmwaremsm8905mdm9207csm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwarerennellsdm630_firmwaresda660_firmwarerennell_firmwareqm215_firmwaremsm8953_firmwareapq8053apq8096au_firmwaresaipan_firmwaresm6150_firmwaremsm8917_firmwaresm8250msm8998sm8150sdx20_firmwarekamortasaipansdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2020-3675
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.37% / 58.76%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-04 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Potential integer underflow while parsing Service Info and IPv6 link-local TLVs that comes as part of NDPE attribute' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ5018, IPQ6018, IPQ8074, Kamorta, Nicobar, QCA6390, QCN7605, QCS404, QCS405, Rennell, SA415M, Saipan, SC7180, SC8180X, SDX55, SM6150, SM7150, SM8150, SM8250

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-ipq5018_firmwarekamorta_firmwareqcs404_firmwaresm8250_firmwaresc8180x_firmwaresa415m_firmwareqcs405sm7150_firmwareipq8074_firmwaresm6150sc7180_firmwaresm7150qca6390_firmwareqcn7605_firmwaresc8180xipq6018qcs404sm8150_firmwareipq8074qcs405_firmwareipq5018rennellsa415msc7180qcn7605rennell_firmwareqca6390ipq6018_firmwaresdx55saipan_firmwaresm6150_firmwaresm8250sm8150kamortasdx55_firmwarenicobar_firmwaresaipannicobarSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CVE-2020-3654
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.36% / 57.59%
||
7 Day CHG~0.00%
Published-02 Nov, 2020 | 06:21
Updated-04 Aug, 2024 | 07:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Buffer overflow occurs while processing SIP message packet due to lack of check of index validation before copying into it' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in Agatti, APQ8053, APQ8096AU, APQ8098, Bitra, Kamorta, MSM8905, MSM8909W, MSM8917, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCA6390, QCA6574AU, QCM2150, QCS605, QM215, Rennell, SA6155P, SA8155P, Saipan, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-kamorta_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdm439sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwareagatti_firmwaremsm8996ausdm429w_firmwaresm7150qca6390_firmwaremsm8917sdm670sxr2130qcs605_firmwaresdm670_firmwaresdm636bitraapq8098qcs605bitra_firmwaresdm429_firmwaremsm8905_firmwareqca6574au_firmwaresda660sxr1130_firmwaresxr1130msm8909wapq8053_firmwareagattinicobarsa6155p_firmwaremsm8953sdm450sdm636_firmwareapq8098_firmwaremsm8998_firmwareqcm2150sdm660sdm630sm8250_firmwareqca6574ausa8155p_firmwareqm215sdm710sdm710_firmwaresa6155pmsm8905sm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwarerennellsdm630_firmwaresda660_firmwarerennell_firmwareqca6390qm215_firmwaremsm8953_firmwaremsm8940saipan_firmwaresm6150_firmwareapq8053msm8917_firmwareapq8096au_firmwaremsm8998sm8150sa8155psm8250kamortasaipannicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2020-3667
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.21% / 43.92%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-04 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Buffer Overflow in mic calculation for WPA due to copying data into buffer without validating the length of buffer' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8098, IPQ5018, IPQ6018, IPQ8074, Kamorta, MSM8998, Nicobar, QCA6390, QCA8081, QCS404, QCS405, QCS605, Rennell, SA415M, Saipan, SC7180, SC8180X, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SM8250, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-ipq5018_firmwaresdm850_firmwarekamorta_firmwaresdm636_firmwareapq8098_firmwaresdm845msm8998_firmwaresdm660sdm630qcs404_firmwaresm8250_firmwaresc8180x_firmwaresa415m_firmwareqcs405sm7150_firmwareipq8074_firmwaresdm710sc7180_firmwaresm6150sdm710_firmwaresm7150qca6390_firmwaresdm670qca8081qcs605_firmwaresc8180xipq6018sdm670_firmwareqcs404sm8150_firmwareipq8074sdm636qcs405_firmwareipq5018rennellsa415msc7180sda845_firmwareapq8098sdm630_firmwarerennell_firmwareqca6390ipq6018_firmwareqcs605saipan_firmwaresm6150_firmwaresm8250msm8998sm8150sdm850sxr1130_firmwarekamortaqca8081_firmwarenicobar_firmwaresaipansxr1130sdm660_firmwaresda845nicobarsdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-3691
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 55.66%
||
7 Day CHG~0.00%
Published-21 Jan, 2021 | 09:41
Updated-04 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound memory access in audio due to integer underflow while processing modified contents in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100qfs2580qfe2550msm8960qcs610pmi8996qdm5579qfe1045qdm2307qfs2530qpa8802qln1030pm6125qat3519mdm9645pm8917pm8150asc8180x\+sdx55qtc800hqdm5670qcs2290sa6155qca6335msm8917pm7150lqpa8821mdm8215qln1020apq8076wtr3905qdm5671pmc1000hqfe2330msm8630qat3518sd632msm8108sa415mwcn3998wcn3950sm4125sd720gwtr1605wtr2605mdm9628qpa5460wcn3660bwtr2655qfe4320qcc112qca4020mdm8215mqdm5652mdm9630qpm8870qpm5679qbt2000msm8909wpm855pqca6420wcd9360pm6150awtr1625lmsm8627sdr735gwcn3999pm8150bqsm7250pm8996qcs6125pm8922qfe2101mdm9615mqca6430qcc1110qat3522qfe4455fcpmr735awtr1625qcs405smb1360wcd9340wfr2600sd765gqfe3440fcwcd9320sdr660qca6436wcn6851sa6155pqpa6560qfe3345apq8052msm8937sdr865smb1358wcd9341pmi8952smr545mdm9655qca6431qln5020wcd9371smb1350sd750gqdm3302sd_8cxwtr3950sa8150pqpm5657pm6350qdm5621qfe3340qtc800smsm8226sd660qdm5650sd712wcn3988wtr3925qfe2080fcsdr052smb1390pm6150lsd450qet4100wcn3610msm8608mdm9640qpm6585qtc410swcn3991smb1355qln4650qpa8801sdm429wwcd9330wgr7640qat5568qet5100qca6564aumsm8230pm6150qca6574pm7250bqfs2630qpa8842pmm8996auwcd9380qualcomm215mdm9230qln4640qcs410smb1381sdr735pm7250wtr4905smb1395pm660lqpa8803ar8151smr526wtr5975qca6174pmk8003wcn3980pmd9645qdm2301qsw8573qcs605wsa8815wcn6850qbt1000wcn3910qca6320smb1394wcn3680qca9984pm8921sd835qfe4309qca1990pm8009qpa8675sd730sdx55mpm670aqfe4373fcpm8008msm8953qsw8574pmi8998mdm9225qfe2520apq8064pme605mdm9225mpm855lqcs603rsw8577pmd9635qfe4302qpm5621qpm6582sd670apq8009wqfe4303pm670pm8150lwtr1605lqdm5677pm8005qsm8250sa6145ppm215qdm2302msm8626pmm6155ausdxr1ar8031apq8096auwtr2965wfr1620pm8150qpm5875sdx55qet5100mapq8053sa8155pcsra6640pm8350bhssd675wtr4605sd439qet4101pm8952pmi8994qat3516pm670lwcd9310pm8226wcn3660qpm5658qca9379pm855bsmb2351qln1031qcm2290qpm5870pm8909qfe1040wsa8830qfe4465fcpm660rtr8600sdr051msm8960sgqln5030msm8930wcn2243pm4125qbt1500qpa5581pmi632pm456csrb31024mdm9650sd_636csra6620qpa5373qpm4621pmk8001qcs4290qet6100pmm855ausdr660gqfe2340qpa8686pm8110sd690_5gsmb1396pm7150awcd9370pm8350qca6564sdr425qca6426qpm5641whs9410qat5516wtr2955qdm5620qln1021aqsd662smb1380qfe4308pm8350bhmdm8635mapq8037pm3003asa8155qca6584qat5533wcn3615qca6595aumsm8227wtr2100sm7350qtc800tpm8940qpm6670smb1354wcd9306qca6584auqdm2305qca6310msm8208qpm8820qpm4641pm8937qpm2630qfe2081fcpm855sd429sdxr2_5gpm8250msm8962mpq8064smb1398apq8084sdm630sd821apq8062qdm4643msm8976sgpmx55sd205sdr675qca6421sm6250qdm3301sa8195ppm8953qat5515qca6694qpm5677smb231qfe1100qat3514wcd9326wcd9335wcn3660aqet4200aqwcd9385mdm8615mpm439qpm5620pmm8155aumdm9625qpm4630qca6390wcd9375ar8035aqt1000msm8956msm8976apq8064aupmm8195auqpa8673qdm2310qln4642qca6694auapq8056msm8952ar9374sda429wsd210sd820mdm9625mpmi8937pm8998pmk7350sdw3100wcn3620apq8017ar6003mdm9235mqca6564asmr546pmx24qet6110qfe1055qln5040qpm8895sdr845qpm5670wcn3990sd_675apq8030sd865_5gpm8019qca6595pmk8350rtr8601qpm8830pm8350bqat5522wsa8835msm8996auapq8060apm8150cpmr735bpmi8940sd888_5gsm6250prgr7640auqpa4360qln1035bdpm855aqpa4361qca6574amdm9206qca6174apm8350csmr525qpm4640wcn6750mdm9635mpmr525mdm9615pm7350cqpm4650qtm525wtr6955qfe3335pm8821sd855sd665qfe4305qca6175asd765pm640ppmd9607msm8209qat3555apq8009sd460qca6391smb1351qpa5461mdm9310qfe2082fcmsm8920qsc1215msm8610pm660aqpa4340qcm4290sdx50mpm640asdr8150qfs2608pm8916qln1036aqqtc801sqdm4650mdm9215sd_455pmd9655qca6574auqfe3320sd710mdm9607qsw6310qcm6125qpm6621wsa8810qdm2308pmw3100pmx50pm8018qat3550wcn6856qdm5679sd_8cwcn3680bsdr8250sd768gwcn6740qca6696qfe4301pm8004pm640lmsm8940pmk8002qpa2625sa6150psd845sm7250psdm830smb1357mdm9330pm8956sd850pm6250qpa5580Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CVE-2020-3641
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.31% / 54.12%
||
7 Day CHG~0.00%
Published-02 Jun, 2020 | 15:05
Updated-04 Aug, 2024 | 07:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow may occur if atom size is less than atom offset as there is improper validation of atom size in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, APQ8098, Kamorta, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909W, MSM8917, MSM8953, MSM8996AU, MSM8998, QCA6574AU, QCM2150, QCS405, QCS605, QM215, Rennell, SA6155P, Saipan, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-kamorta_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdm439sdm429sm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150apq8009_firmwaremsm8917sxr2130qcs605_firmwaremdm9206sdm636apq8098mdm9206_firmwareqcs605sdm429_firmwaremsm8905_firmwareqca6574au_firmwaresda660msm8909wapq8009apq8053_firmwaresa6155p_firmwaremsm8953sdm450sdm636_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150sdm660sdm630mdm9607_firmwaresm8250_firmwareqcs405qca6574auqm215mdm9607sa6155pmdm9207c_firmwaremsm8905mdm9207csm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwarerennellsdm630_firmwaresda660_firmwarerennell_firmwareqm215_firmwaremsm8953_firmwareapq8053apq8096au_firmwaresaipan_firmwaresm6150_firmwaremsm8917_firmwaresm8250msm8998sm8150sdx20_firmwarekamortasaipansdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2014-9998
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.30% / 52.68%
||
7 Day CHG~0.00%
Published-18 Apr, 2018 | 14:00
Updated-17 Sep, 2024 | 04:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, QCA4531, QCA6174A, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, QCA9558, QCA9880, QCA9886, QCA9980, SD 210/SD 212/SD 205, SD 425, SD 625, SD 808, SD 810, SD 820, and SDX20, while processing firmware image signature, the internal buffer may overflow if the firmware signature size is large.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwareqca6584aumdm9635m_firmwareqca4531_firmwaremdm9640_firmwaresd_808_firmwareqca9980_firmwaresdx20sd_425mdm9607_firmwareqca9378mdm9650qca9558qca9558_firmwareqca6574ausd_625sd_210mdm9607qca9980mdm9645mdm9645_firmwareqca9880_firmwaresd_820_firmwareqca9880sd_808sd_820ipq4019_firmwaremdm9206qca6174a_firmwareqca6174asd_212_firmwaresd_425_firmwareqca9379_firmwareqca9886_firmwareqca6584au_firmwaresd_625_firmwareqca9377mdm9635mqca4531mdm9206_firmwareipq4019qca9886qca6584_firmwaresd_810mdm9650_firmwaresdx20_firmwareqca9378_firmwaresd_205ipq8064qca6574au_firmwaresd_210_firmwareqca6584qca9379sd_810_firmwaresd_205_firmwareipq8064_firmwaresd_212mdm9640Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-0574
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.25% / 48.32%
||
7 Day CHG~0.00%
Published-18 Aug, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all Qualcomm products with Android releases from CAF using the Linux kernel, the validation of filesystem access was insufficient.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidSnapdragon Mobile, Snapdragon Wear
CWE ID-CWE-20
Improper Input Validation
CVE-2014-9987
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.21% / 42.90%
||
7 Day CHG~0.00%
Published-18 Apr, 2018 | 14:00
Updated-17 Sep, 2024 | 00:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, a buffer over-read can occur in a DRM API.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_820asd_412sd_808_firmwaresd_415sd_616sd_425sd_430_firmwaresd_615mdm9650sd_650_firmwaresd_625sd_615_firmwaresd_210sd_820_firmwaresd_820sd_650sd_808sd_450_firmwaresd_845_firmwaresd_410sd_617sd_820a_firmwaremdm9206sd_652sd_425_firmwaresd_212_firmwaresd_850_firmwaresd_625_firmwaresd_450sd_412_firmwaresd_845mdm9206_firmwaresd_430sd_810sd_835_firmwaremdm9650_firmwaresd_410_firmwaresd_835sd_205sd_210_firmwaresd_415_firmwaresd_652_firmwaresd_810_firmwaresd_616_firmwaresd_205_firmwaresd_212sd_617_firmwareSnapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9969
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.08% / 24.10%
||
7 Day CHG~0.00%
Published-18 Aug, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all Qualcomm products with Android releases from CAF using the Linux kernel, the GPS client may use an insecure cryptographic algorithm.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAll Qualcomm products
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2014-9996
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.22% / 44.75%
||
7 Day CHG~0.00%
Published-18 Apr, 2018 | 14:00
Updated-16 Sep, 2024 | 16:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, while verifying provisioning, a buffer overflow can occur.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_400_firmwaresd_400sd_800_firmwaresd_800Snapdragon Mobile
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9993
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.21% / 42.90%
||
7 Day CHG~0.00%
Published-18 Apr, 2018 | 14:00
Updated-16 Sep, 2024 | 20:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 450, and SD 850, buffer overread vulnerability may occur while provisioning a content with a large message.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_820asd_412sd_808_firmwaresd_400sd_415sd_616sd_425sd_430_firmwaremdm9607_firmwaresd_615mdm9650sd_650_firmwaresd_625sd_615_firmwaremsm8909w_firmwaremdm9607sd_210sd_820_firmwaresd_650sd_820sd_808sd_800sd_845_firmwaresd_410sd_617sd_400_firmwaresd_820a_firmwaremdm9206sd_652sd_425_firmwaresd_212_firmwaresd_800_firmwaresd_850_firmwaresd_625_firmwaresd_412_firmwaresd_845mdm9206_firmwaresd_430sd_810sd_835_firmwaremdm9650_firmwaresd_410_firmwaresd_835sd_205sd_210_firmwaresd_415_firmwaresd_652_firmwaremsm8909wsd_810_firmwaresd_616_firmwaresd_205_firmwaresd_212sd_617_firmwareSnapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9997
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.30% / 52.68%
||
7 Day CHG~0.00%
Published-18 Apr, 2018 | 14:00
Updated-17 Sep, 2024 | 02:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9625, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 450, SD 625, SD 650/52, SD 808, and SD 810, lack of input validation in PRDiagMaintenanceHandler can leads to buffer over read.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9635m_firmwaresd_412sd_808_firmwaresd_400sd_415sd_616sd_425sd_430_firmwaresd_615sd_650_firmwaresd_625sd_615_firmwaremsm8909w_firmwaresd_210sd_650mdm9625_firmwaresd_808sd_450_firmwaresd_410sd_400_firmwaremdm9206sd_652sd_425_firmwaresd_212_firmwaresd_625_firmwaresd_450sd_412_firmwaremdm9635mmdm9625mdm9206_firmwaresd_430sd_810sd_410_firmwaresd_205sd_210_firmwaresd_415_firmwaresd_652_firmwaremsm8909wsd_810_firmwaresd_616_firmwaresd_205_firmwaresd_212Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9985
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.26% / 48.87%
||
7 Day CHG~0.00%
Published-18 Apr, 2018 | 14:00
Updated-17 Sep, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9635M, SD 400, and SD 800, TOCTOU condition may result in bypassing error condition checks, leading to undefined behavior.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9635m_firmwaresd_800_firmwaresd_800mdm9635msd_400sd_400_firmwareSnapdragon Mobile
CWE ID-CWE-388
Not Available
CVE-2014-9979
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.15% / 35.98%
||
7 Day CHG~0.00%
Published-18 Aug, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all Qualcomm products with Android releases from CAF using the Linux kernel, a variable is uninitialized in a TrustZone system call potentially leading to the compromise of secure memory.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAll Qualcomm products
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9995
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.22% / 44.75%
||
7 Day CHG~0.00%
Published-18 Apr, 2018 | 14:00
Updated-16 Sep, 2024 | 22:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, in drmprov_cmd_verify_key(), the variable feature_name_length is not validated. There is a check for feature_name_len + filePathLen but there might be an integer wrap when checking feature_name_len + filePathLen. This leads to a buffer overflow.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_400_firmwaresd_400sd_800_firmwaresd_800Snapdragon Mobile
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9978
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.19% / 40.74%
||
7 Day CHG~0.00%
Published-18 Aug, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a QTEE service.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAll Qualcomm products
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9994
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.22% / 44.75%
||
7 Day CHG~0.00%
Published-18 Apr, 2018 | 14:00
Updated-16 Sep, 2024 | 17:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, lack of validation of input could cause a integer overflow that could subsequently lead to a buffer overflow.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_400_firmwaresd_400sd_800_firmwaresd_800Snapdragon Mobile
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2014-9991
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.22% / 44.75%
||
7 Day CHG~0.00%
Published-18 Apr, 2018 | 14:00
Updated-16 Sep, 2024 | 22:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9625, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 625, SD 650/52, SD 808, SD 810, and SD 450, if a client or host sends more than 16k bytes of USB mass storage transfer, a buffer overflow occurs.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9635m_firmwaresd_412sd_808_firmwaresd_400sd_415sd_616sd_425sd_430_firmwaresd_615sd_650_firmwaresd_625sd_615_firmwaremsm8909w_firmwaresd_210sd_650mdm9625_firmwaresd_808sd_450_firmwaresd_410sd_400_firmwaremdm9206sd_652sd_425_firmwaresd_212_firmwaresd_625_firmwaresd_450sd_412_firmwaremdm9635mmdm9625mdm9206_firmwaresd_430sd_810sd_410_firmwaresd_205sd_210_firmwaresd_415_firmwaresd_652_firmwaremsm8909wsd_810_firmwaresd_616_firmwaresd_205_firmwaresd_212Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9975
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.04% / 13.51%
||
7 Day CHG~0.00%
Published-18 Aug, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all Qualcomm products with Android releases from CAF using the Linux kernel, a rollback vulnerability potentially exists in Full Disk Encryption.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAll Qualcomm products
CWE ID-CWE-326
Inadequate Encryption Strength
CVE-2014-9988
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.21% / 42.90%
||
7 Day CHG~0.00%
Published-18 Apr, 2018 | 14:00
Updated-16 Sep, 2024 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear SD 820A, IPQ4019, MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, SD 845, SD 450, and SD 850, lack of input validation for message length causes buffer over read in drm_app_encapsulate_save_keys.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_820asd_412sd_808_firmwaresd_415sd_616sd_425sd_430_firmwaremdm9607_firmwaresd_615mdm9650sd_650_firmwaresd_625sd_615_firmwaremsm8909w_firmwaremdm9607sd_210sd_820_firmwaresd_650sd_820sd_808sd_450_firmwaresd_845_firmwaresd_410sd_617sd_820a_firmwareipq4019_firmwaremdm9206sd_652sd_425_firmwaresd_212_firmwaresd_850_firmwaresd_625_firmwaresd_450sd_412_firmwaresd_845mdm9206_firmwaresd_430ipq4019sd_810sd_835_firmwaremdm9650_firmwaresd_410_firmwaresd_835sd_205sd_210_firmwaresd_415_firmwaresd_652_firmwaremsm8909wsd_810_firmwaresd_616_firmwaresd_205_firmwaresd_212sd_617_firmwareSnapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9968
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.19% / 40.74%
||
7 Day CHG~0.00%
Published-18 Aug, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the UIMDIAG interface.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAll Qualcomm products
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9973
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.15% / 35.98%
||
7 Day CHG~0.00%
Published-18 Aug, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all Qualcomm products with Android releases from CAF using the Linux kernel, validation of a buffer length was missing in a PlayReady DRM routine.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAll Qualcomm products
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9972
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.22% / 44.06%
||
7 Day CHG~0.00%
Published-18 Aug, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all Qualcomm products with Android releases from CAF using the Linux kernel, disabling asserts can potentially cause a NULL pointer dereference during an out-of-memory condition.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidSnapdragon Mobile
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2014-9411
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.15% / 35.98%
||
7 Day CHG~0.00%
Published-18 Aug, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all Qualcomm products with Android releases from CAF using the Linux kernel, the use of an out-of-range pointer offset is potentially possible in rollback protection.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAll Qualcomm products
CWE ID-CWE-118
Incorrect Access of Indexable Resource ('Range Error')
CVE-2014-9977
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.19% / 40.74%
||
7 Day CHG~0.00%
Published-18 Aug, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in PlayReady DRM.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAll Qualcomm products
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9974
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.15% / 35.98%
||
7 Day CHG~0.00%
Published-18 Aug, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all Qualcomm products with Android releases from CAF using the Linux kernel, validation of buffer lengths was missing in Keymaster.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAll Qualcomm products
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9976
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.25% / 47.78%
||
7 Day CHG~0.00%
Published-18 Aug, 2017 | 18:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in 1x call processing.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidSnapdragon Mobile, Snapdragon Wear
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9990
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.21% / 42.90%
||
7 Day CHG~0.00%
Published-18 Apr, 2018 | 14:00
Updated-17 Sep, 2024 | 02:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 600, SD 615/16/SD 415, SD 625, SD 650/52, SD 808, SD 810, and SD 450, lack of input validation could lead to an out of bound array access.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9635m_firmwaresd_808_firmwaresd_415sd_616sd_425sd_430_firmwaremdm9607_firmwaresd_615sd_650_firmwaresd_625sd_615_firmwaremsm8909w_firmwaremdm9607sd_210sd_650mdm9625_firmwaresd_808sd_450_firmwaremdm9206sd_652sd_425_firmwaresd_212_firmwaresd_625_firmwaresd_450mdm9635mmdm9615mdm9625mdm9206_firmwaresd_430sd_810mdm9615_firmwaresd_600_firmwaresd_205sd_210_firmwaresd_600sd_415_firmwaresd_652_firmwaremsm8909wsd_810_firmwaresd_616_firmwaresd_205_firmwaresd_212Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2014-10052
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.21% / 42.90%
||
7 Day CHG~0.00%
Published-18 Apr, 2018 | 14:00
Updated-16 Sep, 2024 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, SD 810, SD 835, and SDX20, the reserved memory of TZ subsystem (like TZ apps and some PIL image subsystem) is not cleared after being used.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9635m_firmwarefsm9055mdm9640_firmwaresd_412sd_617_firmwaresd_808_firmwaresd_400sdx20sd_415sd_616mdm9607_firmwaresd_615mdm9655_firmwaremdm9650sd_650_firmwaresd_615_firmwaremsm8909w_firmwaremdm9607sd_210mdm9645mdm9645_firmwaresd_650mdm9625_firmwaresd_808fsm9055_firmwaresd_800sd_410sd_617sd_400_firmwareipq4019_firmwaremdm9206sd_652sd_212_firmwaresd_800_firmwaremdm9655sd_412_firmwaremdm9635mmdm9625mdm9206_firmwareipq4019sd_810sd_835_firmwaremdm9650_firmwaresdx20_firmwaresd_410_firmwaresd_835sd_205sd_210_firmwaresd_415_firmwaresd_652_firmwaremsm8909wsd_810_firmwaresd_616_firmwaresd_205_firmwaresd_212mdm9640Snapdragon Mobile, Snapdragon Wear, Small Cell SoC
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
  • Previous
  • 1
  • 2
  • ...
  • 8
  • 9
  • 10
  • Next
Details not found