Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2018-11891

Summary
Assigner-qualcomm
Assigner Org ID-2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At-19 Sep, 2018 | 14:00
Updated At-05 Aug, 2024 | 08:24
Rejected At-
Credits

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check on the length of array while accessing can lead to an out of bound read in WLAN HOST function.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:qualcomm
Assigner Org ID:2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At:19 Sep, 2018 | 14:00
Updated At:05 Aug, 2024 | 08:24
Rejected At:
▼CVE Numbering Authority (CNA)

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check on the length of array while accessing can lead to an out of bound read in WLAN HOST function.

Affected Products
Vendor
Qualcomm Technologies, Inc.Qualcomm, Inc.
Product
Android for MSM, Firefox OS for MSM, QRD Android
Versions
Affected
  • All Android releases from CAF using the Linux kernel
Problem Types
TypeCWE IDDescription
textN/ABuffer Over-read in WLAN
Type: text
CWE ID: N/A
Description: Buffer Over-read in WLAN
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin
x_refsource_CONFIRM
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=2fc3e8a2ae8233690872d313fbfb4c74d0c61daa
x_refsource_CONFIRM
http://www.securityfocus.com/bid/107770
vdb-entry
x_refsource_BID
Hyperlink: https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin
Resource:
x_refsource_CONFIRM
Hyperlink: https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=2fc3e8a2ae8233690872d313fbfb4c74d0c61daa
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/bid/107770
Resource:
vdb-entry
x_refsource_BID
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin
x_refsource_CONFIRM
x_transferred
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=2fc3e8a2ae8233690872d313fbfb4c74d0c61daa
x_refsource_CONFIRM
x_transferred
http://www.securityfocus.com/bid/107770
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=2fc3e8a2ae8233690872d313fbfb4c74d0c61daa
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/bid/107770
Resource:
vdb-entry
x_refsource_BID
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:product-security@qualcomm.com
Published At:19 Sep, 2018 | 14:29
Updated At:18 Apr, 2019 | 13:00

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check on the length of array while accessing can lead to an out of bound read in WLAN HOST function.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.08.8HIGH
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary2.08.3HIGH
AV:A/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 3.0
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 8.3
Base severity: HIGH
Vector:
AV:A/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
Google LLC
google
>>android>>-
cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-129Primarynvd@nist.gov
CWE ID: CWE-129
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.securityfocus.com/bid/107770product-security@qualcomm.com
Third Party Advisory
VDB Entry
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=2fc3e8a2ae8233690872d313fbfb4c74d0c61daaproduct-security@qualcomm.com
Patch
Third Party Advisory
https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletinproduct-security@qualcomm.com
Patch
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/107770
Source: product-security@qualcomm.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=2fc3e8a2ae8233690872d313fbfb4c74d0c61daa
Source: product-security@qualcomm.com
Resource:
Patch
Third Party Advisory
Hyperlink: https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin
Source: product-security@qualcomm.com
Resource:
Patch
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

197Records found
CVE-2024-49843
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.79%
||
7 Day CHG~0.00%
Published-03 Feb, 2025 | 16:51
Updated-05 Feb, 2025 | 16:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Validation of Array Index in Graphics_Linux

Memory corruption while processing IOCTL from user space to handle GPU AHB bus error.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_7800_firmwaresm4635wsa8840wcn7860sm7675wsa8845h_firmwarewcn7881_firmwarevideo_collaboration_vc1_platform_firmwarewsa8845qcm6125wcn7881wcn6650_firmwarewcd9380_firmwaresxr2330pwcn6450qca6391_firmwarewcn3950_firmwareqca6391sm8750sm8635pwcn6650video_collaboration_vc5_platformwcn3980wcd9370_firmwaresm8635p_firmwaresnapdragon_480_5g_mobilewcn3950snapdragon_w5\+_gen_1_wearablesw5100wsa8845_firmwarewcd9370qcs7230_firmwarewcd9378sw5100p_firmwaresm7675_firmwarewcn6755_firmwarevideo_collaboration_vc5_platform_firmwaresm7635_firmwaresm8750pwsa8835sm8750p_firmwarewsa8845hsnapdragon_480_5g_mobile_firmwarefastconnect_7800wcn6450_firmwaresnapdragon_4_gen_1_mobileqcs8250_firmwaresnapdragon_695_5g_mobilewcn7880_firmwarewcn3988wcn7880wcd9395_firmwaresm4635_firmwareqcm6125_firmwarewcd9378_firmwareqcs6125sm7635qcs7230sm7675psw5100_firmwarewcn3988_firmwaresm6650_firmwareqcs8250wcd9375_firmwaresm7675p_firmwarewsa8810_firmwarewcd9385_firmwarewsa8810wsa8832wcd9390_firmwaresm8635snapdragon_695_5g_mobile_firmwaresnapdragon_8_gen_3_mobile_firmwarewcd9375sm8635_firmwaresnapdragon_8_gen_3_mobilesm6650wsa8815qcs6125_firmwaresnapdragon_w5\+_gen_1_wearable_firmwarefastconnect_6200_firmwarewcn7861sm8750_firmwarewcd9380wsa8830snapdragon_480\+_5g_mobile_firmwaresnapdragon_480\+_5g_mobilewsa8815_firmwarewsa8832_firmwarewcn7861_firmwarewcn7860_firmwaresw5100pfastconnect_6200wsa8830_firmwarewcn6755wcn3980_firmwarevideo_collaboration_vc1_platformsnapdragon_4_gen_1_mobile_firmwarewcd9390wcd9385wsa8840_firmwarewcd9395wsa8835_firmwaresxr2330p_firmwareSnapdragon
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2019-2346
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.69%
||
7 Day CHG~0.00%
Published-25 Jul, 2019 | 16:33
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Firmware is getting into loop of overwriting memory when scan command is given from host because of improper validation. in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ8074, QCA8081, QCS404, QCS405, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 820, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_427_firmwaresd_712sd_850sd_855sd_670_firmwaresd_425sdm660sd_430_firmwareqcs404_firmwaresd_435sd_636sd_710_firmwaresdm630qcs405sd_625ipq8074_firmwaresd_820_firmwaresd_636_firmwaresd_820sd_450_firmwaresd_845_firmwareqca8081qcs605_firmwaresd_425_firmwareqcs404sd_850_firmwaresd_625_firmwareipq8074sd_450qcs405_firmwaresd_712_firmwaresdm630_firmwaresd_8cx_firmwaresda660_firmwaresd_845sd_8cxqcs605sd_427sd_430sd_670sd_435_firmwaresd_835_firmwaresd_710sd_835sda660qca8081_firmwaresdm660_firmwaresd_855_firmwareSnapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2017-18309
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.1||HIGH
EPSS-0.05% / 15.44%
||
7 Day CHG~0.00%
Published-26 Oct, 2018 | 13:00
Updated-05 Aug, 2024 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A micro-core of QMP transportation may cause a macro-core to read from or write to arbitrary memory in Snapdragon Mobile in version SD 845, SD 850.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850_firmwaresd_845sd_850sd_845_firmwareSnapdragon Mobile
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2017-15861
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.59%
||
7 Day CHG~0.00%
Published-23 Feb, 2018 | 23:00
Updated-16 Sep, 2024 | 20:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all Qualcomm products with Android releases from CAF using the Linux kernel, in the function wma_roam_synch_event_handler, vdev_id is received from firmware and used to access an array without validation.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2020-11307
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.36% / 57.13%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 05:30
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in modem due to improper array index check before copying into it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830sd678sa6150p_firmwaresm6250p_firmwaresa8145p_firmwareqcs610wcn3998_firmwareqcs2290_firmwareqca6431_firmwaresd_636qcs4290wcn3950_firmwaresa8150p_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqcs2290qca6390_firmwaresa6155msm8917sd690_5gsd730_firmwaresd_455_firmwarewcd9370qcs605_firmwaresd_675_firmwaresd675_firmwareqca6564qcs6125_firmwareqca6426sd632wcn3998sdw2500_firmwarewcd9371_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcn3950sm4125sd720gwcn3615_firmwarewcn3660bsd450_firmwaresd662sd460_firmwaresa8155qca6320_firmwaresm7315_firmwareqca6574au_firmwaresdx55_firmwarewcn3680b_firmwareqca6595ausa6155_firmwarewcd9375_firmwarewcn3615msm8909wsm7250p_firmwareapq8009w_firmwareqca6420qca6436_firmwareapq8053_firmwarewcn3610_firmwareqca6564au_firmwaresd778gsa6155p_firmwarepm8937sd429sdxr2_5gqcs6125sa8155_firmwaresd662_firmwaresdm630wcn3988_firmwareqca6430sa6145p_firmwaresd205qca6421sd429_firmwaresd778g_firmwaresm6250sa8195papq8017_firmwaresdm830_firmwarequalcomm215_firmwaresd765gsd765_firmwareqca6436wcn6851wcd9335sa6155pqcs603_firmwaremsm8937qcs4290_firmwarewcd9385wcn3660_firmwarepm8937_firmwareqca6431qca6696_firmwarewcd9371sd750gsd870_firmwareqca6390wcd9375sd750g_firmwareaqt1000apq8064ausa8150psm6250_firmwarewcn3910_firmwaremsm8953_firmwarewsa8830_firmwaremsm8917_firmwaresd210sd660sd855_firmwaresd865_5g_firmwarewcn3620_firmwaresd888_5g_firmwarewcn3988sd660_firmwarewcn3620wcn6850_firmwaresa8195p_firmwarewsa8835_firmwareapq8017qca6564awcn6750_firmwaresd450wcn3610qcm6125_firmwareqcm2290_firmwarewcn3991wcd9380_firmwaresd_675sdm429wmsm8996au_firmwaresd780gsd865_5gqca6595qca6564ausdx55m_firmwarewcn6856_firmwaresd888msm8909w_firmwareqca6574msm8996ausd632_firmwaresd670_firmwaresd665_firmwaresdm429w_firmwarewsa8835wcd9380sd888_5gsm6250pqualcomm215qca6574asd690_5g_firmwaresdx50m_firmwaresm7325pqca6430_firmwarewcd9335_firmwarewcn6750sd439_firmwareqca6574_firmwareqcs605sd855sm4125_firmwaresm7325p_firmwaresd665wcn3910qca6320wcn6850msm8937_firmwaresd765qca6426_firmwarewcn3660b_firmwarewcn3680qca6574a_firmwaresd768g_firmwaresd835sm7315sd460qca6391sd730sdx55msdxr1_firmwareqca6421_firmwareaqt1000_firmwarewcn6740_firmwaremsm8953sd678_firmwareapq8064au_firmwareqcm4290sdx50mwcn3680_firmwaresd480_firmwareqcs603wcn6851_firmwaresd_455qca6574ausa8155p_firmwaresd_636_firmwaresd205_firmwareqca6564a_firmwaresd670apq8009wqcm6125qcm4290_firmwaresd480sd870sd210_firmwareqcs610_firmwarewcn6856sa6145pwcn3680bsd835_firmwareqca6564_firmwaresdxr1sd768gapq8096auqca6595_firmwaresa8145pwcn6740qca6696sdm630_firmwareqca6391_firmwaresd780g_firmwarewcd9370_firmwaresa6150psd888_firmwaresdw2500apq8053apq8096au_firmwaresa8155psd675sdx55sd439sm7250psdm830sd720g_firmwarewcn3660qcm2290Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2020-11187
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.39%
||
7 Day CHG~0.00%
Published-22 Feb, 2021 | 06:25
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible memory corruption in BSI module due to improper validation of parameter count in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwareqdm5652_firmwareqpm5679_firmwaresdr051qet6110_firmwareqln5030qca8337qpa2625_firmwarecsrb31024qpa8802qpm6585_firmwareqat3519pmx24_firmwareqbt2000_firmwareqet5100_firmwareqat5522_firmwaresd765g_firmwareqdm5670qpa8686qca6595au_firmwarepm7150lqpa8821pm7150aqdm5671qat3518qca6584au_firmwareqpa5580_firmwaresa415mwcn3998smr526_firmwarewcd9385_firmwareqdm5650_firmwarepm7250_firmwareqdm2305_firmwareqdm5620qln1021aqqpa8821_firmwareqpm5670_firmwarepmk8002_firmwareqdm5652qca6574au_firmwareqln1031_firmwaresdx55_firmwareqat5533qca6595auqpm5679qbt2000wcn3998_firmwaresm7250p_firmwarepm855ppm7150l_firmwarepmx50_firmwareqca6564au_firmwareqca6584auqdm2305qat5515_firmwareqln5020_firmwarepm855qdm3301_firmwareqpm8830_firmwaresa415m_firmwarepmx55qpa8842_firmwareqdm3301qat3519_firmwarewsa8810_firmwareqpm5677qat5515sd765gsd765_firmwareqdm5677_firmwareqpa6560pm8004_firmwaresdr865sdr8150_firmwareqdm5620_firmwarewcd9385wcd9341qca6696_firmwareqln5020qln5040_firmwareaqt1000qpa8673qdm5621qln5030_firmwareqln4642qpm5677_firmwareqdm5650wsa8815_firmwaresmr525_firmwaresdr052smb1390pmx24pm855l_firmwareqet6110qln5040qpa8686_firmwareqpm8895qpm6585wcn3991qca8337_firmwareqpm5670wcd9380_firmwaresmb1355qln4650qpa8801pmx55_firmwareqtm527qet5100qdm5671_firmwareqpa8801_firmwareqca6564auqat5533_firmwareqtm527_firmwareqpm8830qpa8673_firmwareqat5522qet4101_firmwarepm7250bqln4642_firmwareqpa8842sdr052_firmwarewcd9380smb1355_firmwarepm7250b_firmwareqca6574apm855p_firmwaresdx50m_firmwaresmb1390_firmwarepm7250qdm5679_firmwaresmr525qpa8803smr526qtc801s_firmwareqdm2301qtm525qln1036aq_firmwarewsa8815qdm5621_firmwareqdm2301_firmwaresd765qca6574a_firmwaresd768g_firmwaresdr865_firmwareqat3555sdr051_firmwareqca6391aqt1000_firmwarepm8008qpm8895_firmwareqat3518_firmwareqtm525_firmwarecsrb31024_firmwaresdx50msdr8150qpm5621_firmwarepm855lqln1021aq_firmwareqdm5670_firmwareqln1036aqqtc801sqpa6560_firmwareqpa8802_firmwarepm7150a_firmwareqca6574auqpm5621qpm6582pm8008_firmwarewcd9341_firmwarewsa8810pmx50qdm5677qdm5679pm855_firmwarepm855b_firmwaresd768gqpm6582_firmwareqca6696qca6391_firmwareqln4650_firmwareqat3516_firmwarepm8004pmk8002qpa2625sdx55qet4101qat3555_firmwareqat3516sm7250pqpa8803_firmwareqpm5658pm855bqln1031qpm5658_firmwareqpa5580Snapdragon Auto, Snapdragon Connectivity, Snapdragon Mobile
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2021-35072
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.15% / 35.56%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 09:50
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow due to improper validation of array index while processing external DIAG command in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaremdm9150_firmwarewsa8830mdm9640_firmwareqcs2290_firmwaremdm9628_firmwaremdm9650qcs4290wcn3950_firmwaremdm9250qcs2290apq8009_firmwaremsm8917wcd9370sd632wcn3990_firmwaremsm8108qca9377wcn3998sdw2500_firmwaremsm8108_firmwarewcn3950sm4125mdm9628wcd9326_firmwaremdm9206_firmwarewcn3615_firmwarewcn3660bsd450_firmwaresd662sd460_firmwareapq8037qca6320_firmwareqca6584qca6574au_firmwarewcn3680b_firmwarewcd9375_firmwaresdx12_firmwarewcn3615wcn3998_firmwaremsm8909wapq8009w_firmwarewcn3610_firmwareapq8053_firmwareqca6564au_firmwaresd680_firmwareqca6310msm8208qca9367_firmwaresd429qca9367sd662_firmwaremdm9607_firmwaresd821wcn3988_firmwaresd429_firmwarewcd9340apq8017_firmwarewsa8810_firmwarequalcomm215_firmwaresw5100sd680wcd9326wcd9335msm8937msm8209_firmwareqca6174a_firmwaremdm9250_firmwareqcs4290_firmwarewcd9341wcn3660_firmwarewcn3910_firmwarewcd9375msm8953_firmwarewsa8830_firmwaremsm8917_firmwaresd210wcn3620_firmwaresd820wcn3988wsa8815_firmwarewsa8835_firmwarewcn3620apq8017msm8208_firmwareqca6564asd450wcn3610msm8608qcm2290_firmwaremdm9640wcn3990sdm429wmsm8996au_firmwaresw5100pwcd9330qca6564aumsm8940_firmwaremsm8909w_firmwareqca6574msm8996ausd632_firmwaresdm429w_firmwarewsa8835qualcomm215qca6574amdm9206qca9379_firmwareqca6174aqca6310_firmwarewcd9335_firmwarewcn3980sd439_firmwareqca6574_firmwarewcd9340_firmwaresm4125_firmwarewsa8815wcn3910qca6320qca6584_firmwaremsm8937_firmwaremdm9650_firmwarewcn3660b_firmwarewcn3680qca6574a_firmwaresd835msm8209wcn3980_firmwareapq8009sd460wcd9330_firmwaremsm8920msm8953sd821_firmwareqcm4290wcn3680_firmwaremsm8920_firmwareqca6574aumdm9607qca6564a_firmwareapq8009wwcd9341_firmwareqcm4290_firmwarewsa8810sw5100p_firmwaresd210_firmwaremdm9150wcn3680bsd835_firmwareapq8096ausd820_firmwaremsm8608_firmwarewcd9370_firmwaresdw2500msm8940apq8053apq8096au_firmwareapq8037_firmwaresd439sdx12sw5100_firmwarewcn3660qca9379qcm2290Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2021-30311
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.10% / 29.13%
||
7 Day CHG~0.00%
Published-13 Jan, 2022 | 11:40
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible heap overflow due to lack of index validation before allocating and writing to heap buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830sd678qca8337wcd9360_firmwaresdx65wcn3950_firmwaresd765g_firmwareqca6595au_firmwareqca6390_firmwaresd690_5gsd730_firmwarewcd9370sd_675_firmwaresd675_firmwareqca6426wcn3998wcd9385_firmwaresdxr2_5g_firmwarewcn3950sd720gsd_8_gen1_5g_firmwaresm6375_firmwaresd662sd460_firmwaresm7315_firmwareqca6574au_firmwaresdx55_firmwareqca6595auqca8081_firmwarewcd9375_firmwarewcn3998_firmwaresm7250p_firmwarewcd9360qca6436_firmwaresd778gsm6225sa515m_firmwareqcs6490sdxr2_5gsd662_firmwarewcn3988_firmwaresm6250sd778g_firmwarewsa8810_firmwaresd765gsd765_firmwareqca6436wcn6851qca8081wcd9385wcd9341qca6696_firmwareqcs6490_firmwaresd750gsd870_firmwareqca6390ar8035sd750g_firmwarewcd9375sm6250_firmwarewsa8830_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwareqcx315sm8475wcn6750_firmwaresm6375wcn3991qca8337_firmwarewcd9380_firmwaresd_675sd780gsd865_5gsdx55m_firmwarewcn6856_firmwaresd888wsa8835qcx315_firmwaresd665_firmwarewcd9380sd888_5gqca6574asd690_5g_firmwarewcn6855_firmwaresm7325pwcn3980wcn6750sa515mwsa8815sm7325p_firmwaresd665wcn6850sd765qca6426_firmwareqca6574a_firmwaresd768g_firmwarewcn3980_firmwaresm7315sd730sd460qca6391sdx55mwcn6740_firmwaresdx65_firmwaresd678_firmwareqcm6490_firmwaresd480_firmwarewcn6851_firmwaresm6225_firmwareqca6574auwcd9341_firmwaresd480sd870wsa8810wcn6855wcn6856sd768gwcn6740qca6696qca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55sd888_firmwaresd675sm7250psd720g_firmwarear8035_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2017-14889
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.56%
||
7 Day CHG~0.00%
Published-16 Mar, 2018 | 22:00
Updated-16 Sep, 2024 | 17:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, due to the lack of a range check on the array index into the WMI descriptor pool, arbitrary address execution may potentially occur in the process mgmt completion handler.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidn/a
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2021-30282
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.03% / 7.69%
||
7 Day CHG~0.00%
Published-03 Jan, 2022 | 07:25
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound write in RAM partition table due to improper validation on number of partitions provided in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055qca9377_firmwaremdm9150_firmwarewcn3991_firmwaresd678qcn9070sa6150p_firmwaresa8145p_firmwareqcs610sm6250p_firmwarewsa8830qcs2290_firmwarefsm10056qca8337sd7c_firmwarecsrb31024csra6620fsm10055_firmwareqcn9072qcs4290wcn3950_firmwaresa8150p_firmwaresd765g_firmwareqcs2290qca6595au_firmwareqca6390_firmwaresa6155ipq6000sd690_5gsd730_firmwarecsra6620_firmwareqcs605_firmwaresd_675_firmwaresd675_firmwarewcd9370csra6640_firmwareqcn5152_firmwareqca6564qca6426qrb5165n_firmwareqcn9000_firmwareqca9984_firmwareqca9377sa415msd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcn3950qcn6024_firmwaresd720gsm6375_firmwaresd662sd460_firmwaresa8155qca6574au_firmwareqcn5122_firmwaresdx55_firmwareqca6595auqca8081_firmwareqcn6023_firmwaresa6155_firmwaresm7250p_firmwarewcd9375_firmwarewcn3999_firmwareqca6436_firmwareqrb5165nqca6564au_firmwaresd778gsa6155p_firmwarewcd9306sm6225wcn3999sa515m_firmwareqcs6490qrb5165_firmwaresdxr2_5gqcn5052sa8155_firmwareipq6010qca4004_firmwaresd662_firmwaresa415m_firmwareqcs405wcn3988_firmwareqcn9074sa6145p_firmwaresm6250sd778g_firmwarewcd9306_firmwarewcd9340sa8195psd765gsd765_firmwarefsm10056_firmwareqca6436wcn6851wcd9335sa6155pqca8081qcs603_firmwareqcn6023qca6174a_firmwareqcs4290_firmwarewcd9385qca6696_firmwareqcs6490_firmwaresd750gsd870_firmwarear8035csr8811qca6390sd_8cxsa8150psd750g_firmwaresm6250_firmwarewcd9375wcn3910_firmwareqca4004wsa8830_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewsa8835_firmwaresa8195p_firmwareqcn5121qcx315qcn5022_firmwareqca6564awcn6750_firmwareqca8072qcm2290_firmwaresm6375wcn3991qca8337_firmwarewcd9380_firmwareqcn9000sd_675sd865_5gqca6564ausdx24sdx55m_firmwarewcn6856_firmwarewsa8835qca6574qcx315_firmwaresd665_firmwarecsr8811_firmwarewcd9380sd888_5gsm6250pqcs410qca8075_firmwareqca6574asd690_5g_firmwareipq6005_firmwarewcn6855_firmwareqca6174asm7325psdx24_firmwareqca8072_firmwarewcd9335_firmwareqcn5052_firmwarewcn6750ipq6018_firmwaremdm9205sa515mqca6574_firmwareqcs605wcd9340_firmwaresm7325p_firmwaresd665sd7cwcn3910wcn6850sd765qca6426_firmwareqca6574a_firmwareqca9984ipq6028qcn5021qcn5152qcn9024sd768g_firmwaresd460qca6391sd730sdx55msdxr1_firmwareipq6005sd678_firmwarear8031_firmwarecsrb31024_firmwareqcm4290qcm6490_firmwareqcn9070_firmwareqrb5165sd480_firmwareqcs603wcn6851_firmwareipq6028_firmwaresm6225_firmwareqca6574ausa8155p_firmwareqcn5122qca6564a_firmwareqcn9024_firmwareqcm4290_firmwaresd480sd870qcn5121_firmwarewcn6855qcs610_firmwaremdm9150wcn6856qsm8250ipq6018qcn5022sa6145pqca6564_firmwaresdxr1ipq6010_firmwarear8031sd768gqcs405_firmwaresa8145pqca6696mdm9205_firmwareqca6391_firmwarewcd9370_firmwaresa6150psdx55qca8075qcn5021_firmwareqcn9022_firmwarecsra6640qcn6024qcn9022sa8155psd675qcn9072_firmwaresm7250pipq6000_firmwaresd720g_firmwareqcn9074_firmwareqcs410_firmwarear8035_firmwareqcm2290qsm8250_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2021-30255
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.39%
||
7 Day CHG~0.00%
Published-12 Nov, 2021 | 06:15
Updated-03 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow due to improper input validation in PDM DIAG command in FTM in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresm7250mdm9640_firmwaresm6250p_firmwareqcs610qca8337qca6431_firmwarewcd9360_firmwaresdx65wcn3950_firmwaresc8180x\+sdx55qcs2290qca6595au_firmwareqca6335msm8917sd_455_firmwareqcs605_firmwaresd_675_firmwareqcs6125_firmwaresd632msm8108sa415mwcn3998wcd9371_firmwaremsm8108_firmwarewcn3950sm4125sd720gmdm9628mdm9206_firmwareqsw8573_firmwaresm6375_firmwarewcn3660bsd450_firmwareqsm8350_firmwaresd710_firmwareqsm8350sd460_firmwaremdm9230_firmwarewcn7850qca6574au_firmwaremdm9630wcd9375_firmwareqca8081_firmwarewcn3998_firmwaresdx12_firmwaremsm8909wapq8009w_firmwareqca6420apq8053_firmwarewcd9360qca9367_firmwarewhs9410_firmwaremdm8207qcs6125sa8155_firmwareqca4004_firmwaresd662_firmwareqca6430wcd9306_firmwarewcd9340sd765gqualcomm215_firmwarefsm10056_firmwareqca6436wcn6851qcs603_firmwarewcn7851_firmwaremsm8937msm8209_firmwaremdm9250_firmwarewcn3660_firmwarewcd9341qca6431qca6696_firmwarewcd9371sd870_firmwaresd750gwcn3910_firmwaresd_8cxmdm9207_firmwareqca4004wsa8830_firmwaremdm9330_firmwaresd855_firmwaresd660sd865_5g_firmwaresd712wcn3988sd660_firmwarewcn7850_firmwaremsm8208_firmwarewcn6750_firmwaresd450wcn3610msm8608mdm9640sm6375wcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwaresdm429wwcd9330msm8996au_firmwarecsr6030qca6564ausdx55m_firmwarewcn6856_firmwaremsm8940_firmwareqet4101_firmwaremsm8976_firmwareqca6574sd632_firmwaresd670_firmwarewcd9380qualcomm215mdm9230qcs410sd690_5g_firmwaresdx50m_firmwareqca9379_firmwaresdx24_firmwareqca6174qca6430_firmwarewcd9335_firmwaresd439_firmwarewcn3980qca6335_firmwareqsw8573qcs605wcd9340_firmwarewsa8815wcn6850sd7cwcn3910qca6320qca6584_firmwaremsm8937_firmwaremdm9650_firmwaresd_8c_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680sd835wcn3980_firmwaresd730wcd9330_firmwaresdx55mqca6421_firmwaremsm8953sd821_firmwaresd678_firmwarewcn3680_firmwarewcn6851_firmwareqcs603sd670sd_636_firmwareqca6564a_firmwareapq8009wqca6694au_firmwaremsm8976sg_firmwareqcm4290_firmwaresd480sd870wcn6855sd210_firmwareqcs610_firmwaresdxr1apq8096aumdm8207_firmwaresdm630_firmwaremdm9205_firmwareqca6391_firmwaresd820_firmwarewcd9370_firmwaresdx55apq8053sa8155psd675sd439qet4101wcn3660qca9379ar8035_firmwareqcm2290wcn3991_firmwaremdm9150_firmwarewsa8830sd678qcs2290_firmwarefsm10056sm7250_firmwaresd7c_firmwarecsrb31024mdm9628_firmwaremdm9650sd_636qcs4290mdm9250sd765g_firmwareqca6420_firmwareqca6390_firmwareapq8009_firmwaresd690_5gqca6174_firmwaresd730_firmwarewcd9370sd675_firmwareqca6426qca6584au_firmwarewcn3990_firmwaresm8450qca9377sdw2500_firmwaresd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewhs9410wcd9326_firmwarewcn3615_firmwaresd662apq8037sa8155qca6320_firmwareqca6584wcn3680b_firmwaresdx55_firmwarewcn3615qca6595auwcn3610_firmwareqca6436_firmwaremdm9207wcd9306qca6584ausd778gqca6564au_firmwaremsm8208qca6310sm6225wcn7851sd429sa515m_firmwareqcs6490sdxr2_5gqca9367sdm630mdm9607_firmwaresd821msm8976sgsa415m_firmwarewcn3988_firmwaresd205sd429_firmwareqca6421sd778g_firmwaresm6250sd712_firmwareapq8017_firmwarewsa8810_firmwareqca6694sm8450_firmwaresd765_firmwarewcd9326wcd9335qca8081qca6174a_firmwareqcs4290_firmwarewcd9385qcs6490_firmwareqca6390wcd9375sd750g_firmwareaqt1000msm8976ar8035sm6250_firmwaresc8180x\+sdx55_firmwareqca6694_firmwaremsm8953_firmwareqca6694ausda429wmsm8917_firmwaresd210wcn3620_firmwaresdx20_firmwarewsa8815_firmwaresd888_5g_firmwaresd820qcm6490wcn6850_firmwarewsa8835_firmwarewcn3620apq8017qcx315csr6030_firmwareqca6564amdm9630_firmwareqcm6125_firmwareqcm2290_firmwarewcn3990sd_675sd865_5gsdx24sm8450p_firmwaremsm8909w_firmwareqcx315_firmwarewsa8835msm8996ausdm429w_firmwaresd665_firmwaresd888_5gsm6250pqca6574amdm9206wcn6855_firmwareqca6174aqca6310_firmwaresm7325wcn6750mdm9205sa515mqca6574_firmwaresd855sm4125_firmwaresd665sd765qca6574a_firmwaresd768g_firmwaremsm8209sd850_firmwareapq8009sd460qca6391sdxr1_firmwareaqt1000_firmwaremsm8920sdx65_firmwareqcm4290csrb31024_firmwareqcm6490_firmwaresdx50msdx20sd480_firmwaremsm8920_firmwaresd_455sm6225_firmwareqca6574ausd710sa8155p_firmwaremdm9607sd205_firmwarewcd9341_firmwareqcm6125wsa8810sm8450pmdm9150wcn6856sd_8cwcn3680bsd835_firmwaresd768gqca6696sd845_firmwaremsm8608_firmwaresdw2500msm8940apq8096au_firmwaresd845apq8037_firmwaresd720g_firmwaresdx12qcs410_firmwaremdm9330sd850sm7325_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2021-30325
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 13.69%
||
7 Day CHG~0.00%
Published-11 Feb, 2022 | 10:40
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound access of DCI resources due to lack of validation process and resource allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresa6150p_firmwareqcs610ipq4028_firmwareqcn5550qca8337ar9380ipq8173_firmwareqcn5124qca4024_firmwarewcn3950_firmwareipq8078aipq5028_firmwaresa8150p_firmwareqca6595au_firmwaresa6155qcn5064csra6620_firmwareqcs605_firmwarecsra6640_firmwarewcn3998wcn3950qcn6024_firmwareipq8076amdm9206_firmwarewcn3660bsd460_firmwareqca6428qca6574au_firmwareqcn5164_firmwareipq8071wcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwareqca6438_firmwareqca9986ipq8070_firmwareqca9367_firmwareipq8065ipq8078a_firmwarewcn3999qrb5165_firmwareipq5028qca7500ipq8072_firmwareipq4029_firmwareqrb5165m_firmwaresa8155_firmwareipq6010sd662_firmwareipq8068qcs405wcd9340qcn6132sd765gqualcomm215_firmwareqca6436wcn6851sa6155pqcs603_firmwareqca9888_firmwareqcn6122wcd9341ipq8068_firmwareqca6696_firmwaresd870_firmwareqca9988_firmwareqcn5154_firmwaresa8150pqca9992_firmwaresd865_5g_firmwarewcn3988qca6438sa8195p_firmwareqcn5121qcn5022_firmwareqca9898ipq4028wcn3610qca6428_firmwareipq5018_firmwareqca9985_firmwarewcn3991ipq4018_firmwareqca8337_firmwaresda429w_firmwarewcd9380_firmwareipq8072aqca7500_firmwareqca9980_firmwarewcd9330ipq8076a_firmwareipq8078qca6564ausdx55m_firmwareipq8173qcn5164qca9558qca6574csr8811_firmwarewcd9380qualcomm215qcn5054_firmwareqcs410qcn5024ipq4019_firmwareqca8072_firmwareqca9985qcn9012_firmwarewcd9335_firmwareqcn5052_firmwarewcn3980ipq6018_firmwareqcs605wcd9340_firmwarewsa8815wcn6850pmp8074_firmwareqca9986_firmwareqca6426_firmwarewcn3660b_firmwareqca9984ipq6028ipq8064qcn9024pmp8074wcn3980_firmwareqcn5550_firmwarewcd9330_firmwaresdx55mipq8064_firmwareqcn5064_firmwarear8031_firmwareipq8078_firmwareqcn5054qrb5165wcn6851_firmwareqcs603ipq8070qcn5502qca9994qca9980qcn9024_firmwareipq8174_firmwareqca6564a_firmwareqca9880sd870qcn5121_firmwaresd210_firmwareqcs610_firmwaresa6145pipq6018qca9886_firmwarear8031apq8096auqcs405_firmwaresa8145pqca6391_firmwareqca4024wcd9370_firmwaresdx55qcn5021_firmwaresa8155pcsra6640qca9531_firmwarear8035_firmwareqcn5024_firmwarewcn3991_firmwaremdm9150_firmwareqcn9070sa8145p_firmwareqca9563_firmwarecsra6620qcn9072qca9880_firmwareqca9992sd765g_firmwareqca6390_firmwareipq6000wcd9370ipq8072qcn5152_firmwareqca6564qca6426wcn3990_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwareqca9377ipq5018wcd9385_firmwaresdxr2_5g_firmwareqca9563ipq8074asd662qcn5124_firmwaresa8155qcn5122_firmwaresdx55_firmwareqca6595auqcn6023_firmwarewcn3999_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwareqrb5165nipq5010qca6564au_firmwaresa6155p_firmwaresm6225ipq8174qca9990sdxr2_5gqcn5052qca9367wcn3988_firmwareqcn9074sd205sa6145p_firmwaresa8195pwsa8810_firmwaresd765_firmwarewcd9335qca8081qcn6023ipq8071aipq8071a_firmwarewcd9385qca6390qca9898_firmwarewcd9375ar8035csr8811ipq4019qcn9100_firmwaresda429wsd210wcn3620_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwarewcn6850_firmwarewcn3620qca6564aqca9988qca8072wcn3990qcn9000sd865_5gar9380_firmwareqcn9012qca9558_firmwareqcn6122_firmwareipq8065_firmwaresd665_firmwareqcn5154qca8075_firmwareipq4018qca6574aipq6005_firmwaremdm9206qca9889qcn6132_firmwareqca9888ipq8074qca9994_firmwareipq8070a_firmwareipq8076_firmwareqca6574_firmwareqca9886qcn5502_firmwaresd665ipq8076sd765qca6574a_firmwareqcn5021qcn5152sd768g_firmwareqrb5165msd460qca6391ipq6005qcn9100qcn9070_firmwareipq6028_firmwareipq8072a_firmwaresm6225_firmwareqca9531ipq8074_firmwareqca6574auqca9889_firmwaresa8155p_firmwareqcn5122sd205_firmwarewcd9341_firmwarewsa8810mdm9150qcn5022qca6564_firmwaresd768gipq6010_firmwareqca6696sa6150pqca8075qcn9022_firmwareapq8096au_firmwareqcn6024qcn9022qca9990_firmwareipq8070aqcn9072_firmwaresm7250pipq6000_firmwareipq8071_firmwareqcn9074_firmwareqcs410_firmwareipq4029Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2024-33044
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.03% / 6.59%
||
7 Day CHG~0.00%
Published-02 Dec, 2024 | 10:18
Updated-12 Dec, 2024 | 15:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Validation of Array Index in Hypervisor

Memory corruption while Configuring the SMR/S2CR register in Bypass mode.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwareqam8255p_firmwaresnapdragon_850_mobile_compute_platform_firmwaresnapdragon_8_gen_1_mobile_platformsa6150p_firmwaresm6250p_firmwareqcs610315_5g_iot_modem_firmwareqca8337qfw7124qca6431_firmwareqam8775psnapdragon_778g\+_5g_mobile_platformqamsrv1mqru1052snapdragon_888_5g_mobile_platformsnapdragon_870_5g_mobile_platform_firmwarewcd9360_firmwarewsa8840wcn3950_firmwaresa8150p_firmwareqca6595au_firmwaresa6155video_collaboration_vc3_platformqca6335sd_675_firmwareqcm5430_firmwareqep8111_firmwarewcd9371_firmwareqam8295pwcn3950sd_8_gen1_5g_firmwarewcn3660bqsm8350_firmwareqca6688aqqsm8350sm7315_firmwaresnapdragon_429_mobile_platform_firmwareqca6574au_firmwaresnapdragon_778g\+_5g_mobile_platform_firmwareqca8081_firmwaresa6155_firmwarewcd9375_firmwareqca6420wcd9360snapdragon_xr2\+_gen_1_platformsnapdragon_782g_mobile_platform_firmwaresnapdragon_auto_5g_modem-rf_firmwareqca6678aq_firmwareqrb5165m_firmwarewsa8840_firmwareqca6698aqsa4155p_firmwaresa8155_firmwarerobotics_rb3_platform_firmwaresc8380xp_firmwaresnapdragon_765g_5g_mobile_platformqca6430qru1062_firmwaresnapdragon_678_mobile_platform_firmwarerobotics_rb3_platformsa7775p_firmwaresnapdragon_855\+wcd9340snapdragon_8cx_compute_platformsnapdragon_720g_mobile_platformsnapdragon_780g_5g_mobile_platformqca6436sa6155pqdu1000_firmwaresnapdragon_765_5g_mobile_platform_firmwareqca6698aq_firmwaresnapdragon_690_5g_mobile_platformsnapdragon_auto_5g_modem-rf_gen_2_firmwarewcd9341qam8775p_firmwaresa8255pqca6431qca6696_firmwarewcd9371qca6797aqqru1052_firmwaresd_8cxsnapdragon_855_mobile_platform_firmwaresa8150pqcc710_firmwarerobotics_rb5_platformwsa8830_firmwaresd855_firmwaresd865_5g_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewcn3988snapdragon_780g_5g_mobile_platform_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwaresnapdragon_7c_gen_2_compute_platform_firmwaresa8295p_firmwaresa8770psnapdragon_730_mobile_platform_firmwaresnapdragon_750g_5g_mobile_platform_firmwaresnapdragon_675_mobile_platform_firmwareqca8337_firmwarewcd9380_firmwaresnapdragon_778g_5g_mobile_platform_firmwaressg2125psdm429wsnapdragon_8cx_gen_2_5g_compute_platformqcm8550qca6564ausnapdragon_670_mobile_platform_firmwaresd670_firmwareqca6574qdu1110_firmwaresnapdragon_7c\+_gen_3_computewcd9380snapdragon_782g_mobile_platformsnapdragon_wear_4100\+_platform_firmwaresnapdragon_x72_5g_modem-rf_system_firmwarefastconnect_6700qcs410sxr1230pvideo_collaboration_vc3_platform_firmwareqcn9012_firmwareqca6430_firmwareqcn9274_firmwarewcn3980qfw7114_firmwaresnapdragon_732g_mobile_platform_firmwarewsa8845qca6335_firmwarewcd9340_firmwarewsa8815snapdragon_865\+_5g_mobile_platformqcs8250qca6426_firmwarewcn3660b_firmwaresc8380xpsnapdragon_670_mobile_platformsnapdragon_x62_5g_modem-rf_system_firmwarewcn3980_firmwaresd730snapdragon_xr2\+_gen_1_platform_firmwaresnapdragon_x50_5g_modem-rf_system_firmwaresa8295pqca6421_firmwarewcn6740_firmwaresnapdragon_8cx_compute_platform_firmwaresnapdragon_xr2_5g_platformqca6678aqsnapdragon_x65_5g_modem-rf_systemsa8650p_firmwarefastconnect_6900snapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwareqca6797aq_firmwareqdu1010srv1lsd670qdx1011_firmwareqca6564a_firmwaresa7255p_firmwaresdx57msa8620psnapdragon_x24_lte_modemwsa8832qdx1010_firmwaresa8540psnapdragon_8cx_gen_3_compute_platformqcs610_firmwareqsm8250qamsrv1m_firmwareqcm5430sa6145psnapdragon_730_mobile_platformqcc710qca6595_firmwaresa8145pwcd9395qcs5430_firmwaresnapdragon_750g_5g_mobile_platformsnapdragon_888\+_5g_mobile_platform_firmwareqca6391_firmwaresa4150p_firmwarewcd9370_firmwareqdx1010sdx55sd888_firmwaresa8155psd675video_collaboration_vc1_platformsrv1msnapdragon_860_mobile_platformssg2115p_firmwareqcs8155_firmwareqam8620p_firmwareqfw7124_firmwareqam8255psa4155pqdu1210_firmwareqep8111snapdragon_720g_mobile_platform_firmwaresnapdragon_855_mobile_platformqsm8250_firmwarear8035_firmwarewsa8830sa8145p_firmwaresnapdragon_850_mobile_compute_platformsnapdragon_x24_lte_modem_firmwareqam8650pcsrb31024flight_rb5_5g_platformsnapdragon_865_5g_mobile_platformflight_rb5_5g_platform_firmwareqcn6224_firmwaresnapdragon_860_mobile_platform_firmwaresrv1l_firmwaresnapdragon_888_5g_mobile_platform_firmwareqca6420_firmwaresnapdragon_auto_4g_modem_firmwaresd730_firmwarewcd9370sd675_firmwaressg2115pqca6564qca6426qca6584au_firmwarewcn3990_firmwareqrb5165n_firmwareqdu1110qca9377qamsrv1hsa8530psd_8cx_firmwarewcd9385_firmwarewcd9326_firmwarefastconnect_6200qamsrv1h_firmwaresnapdragon_7c_gen_2_compute_platformqam8295p_firmwareqcn9011_firmwaresa8155snapdragon_x55_5g_modem-rf_systemsa9000p_firmwarewcn3680b_firmwaresdx55_firmwaresa7255psnapdragon_778g_5g_mobile_platformwsa8845h_firmwaresnapdragon_8_gen_3_mobile_platformqca6595auqfw7114sm7250p_firmwaresnapdragon_429_mobile_platformqca6436_firmwareqrb5165nqca6564au_firmwareqca6584ausa8620p_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwaresnapdragon_870_5g_mobile_platformqca6310snapdragon_x72_5g_modem-rf_systemqcn9274qcs8155snapdragon_855\+_firmwaresa8775p_firmwareqcs6490video_collaboration_vc5_platformqcs8550_firmwarevision_intelligence_300_platform_firmwarewcn3988_firmware315_5g_iot_modemsrv1hsa6145p_firmwareqca6421sm6250fastconnect_6700_firmwaresa8195pwsa8810_firmwareqcn6224vision_intelligence_400_platformwsa8845hsnapdragon_x62_5g_modem-rf_systemwcd9326snapdragon_x75_5g_modem-rf_systemwcd9395_firmwaresnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwareqcs7230qca8081snapdragon_x35_5g_modem-rf_systemsnapdragon_auto_5g_modem-rf_gen_2snapdragon_888\+_5g_mobile_platformsa7775pqam8620pqca6174a_firmwareqcs5430sa8770p_firmwaresxr2130_firmwarewcd9385qcs6490_firmwarear8035wcd9375aqt1000sm6250_firmwarewcd9390vision_intelligence_400_platform_firmwaresnapdragon_768g_5g_mobile_platform_firmwarewcn3620_firmwarewsa8815_firmwareqcm6490wsa8835_firmwarewcn3620video_collaboration_vc5_platform_firmwareqca6564asa4150pqca6688aq_firmwarerobotics_rb5_platform_firmwaresnapdragon_845_mobile_platformwcn3990sd_675sd865_5gfastconnect_6800qca6595qru1032qcs7230_firmwareqdu1010_firmwareqcn9012snapdragon_8c_compute_platformsd888sa8530p_firmwareqdx1011qdu1000wsa8835sxr1230p_firmwaresdm429w_firmwaresa8540p_firmwaresnapdragon_auto_5g_modem-rfsd_8_gen1_5gqcn6274sm6250psnapdragon_678_mobile_platformsxr2130sc8180xsnapdragon_wear_4100\+_platformssg2125p_firmwareqca6574aqca6174asm7325pqca6310_firmwareqru1062sa8650psa9000pqca6574_firmwaresd855sm7325p_firmwaresdx57m_firmwareqru1032_firmwaresnapdragon_xr2_5g_platform_firmwarewsa8845_firmwareqca6574a_firmwaresa8775psnapdragon_730g_mobile_platformfastconnect_6200_firmwareqcs9100_firmwareqrb5165mvision_intelligence_300_platformsm7315snapdragon_x55_5g_modem-rf_system_firmwareqca6391snapdragon_8cx_gen_3_compute_platform_firmwarefastconnect_7800snapdragon_7c_compute_platform_firmwareaqt1000_firmwaresnapdragon_865\+_5g_mobile_platform_firmwaresnapdragon_x35_5g_modem-rf_system_firmwaresnapdragon_690_5g_mobile_platform_firmwaresnapdragon_845_mobile_platform_firmwareqcn6274_firmwaresnapdragon_auto_4g_modemcsrb31024_firmwareqcm6490_firmwarewsa8832_firmwaresrv1h_firmwareqcn9011sc8180x_firmwarevideo_collaboration_vc1_platform_firmwareqca6574ausa8155p_firmwareqcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwarewsa8810snapdragon_765g_5g_mobile_platform_firmwaresnapdragon_730g_mobile_platform_firmwaresnapdragon_8_gen_1_mobile_platform_firmwaresrv1m_firmwaresnapdragon_ar2_gen_1_platformsnapdragon_8c_compute_platform_firmwarewcn3680bqca6564_firmwareqam8650p_firmwaresnapdragon_675_mobile_platformwcn6740qca6696snapdragon_732g_mobile_platformqcs8550snapdragon_x50_5g_modem-rf_systemsa6150psnapdragon_8_gen_3_mobile_platform_firmwareqcs9100wcd9390_firmwaresnapdragon_768g_5g_mobile_platformqdu1210snapdragon_765_5g_mobile_platformsm7250pqcs410_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_firmwaresnapdragon_7c_compute_platformSnapdragonqam8255p_firmwareqca9377_firmwaresnapdragon_850_mobile_compute_platform_firmwaresa6150p_firmwaresm6250p_firmwaresa8145p_firmware315_5g_iot_modem_firmwaresnapdragon_x24_lte_modem_firmwareqca6431_firmwarewcd9360_firmwareflight_rb5_5g_platform_firmwareqcn6224_firmwarewcn3950_firmwaresrv1l_firmwaresnapdragon_888_5g_mobile_platform_firmwaresa8150p_firmwareqca6420_firmwareqca6595au_firmwaresd730_firmwaresnapdragon_auto_4g_modem_firmwaresd_675_firmwaresd675_firmwareqcm5430_firmwareqca6584au_firmwareqep8111_firmwareqrb5165n_firmwarewcn3990_firmwarequalcomm_video_collaboration_vc3_platform_firmwaresd_8cx_firmwarewcd9371_firmwarewcd9385_firmwarewcd9326_firmwareqamsrv1h_firmwaresd_8_gen1_5g_firmwareqsm8350_firmwareqam8295p_firmwareqcn9011_firmwaresa9000p_firmwaresm7315_firmwaresnapdragon_429_mobile_platform_firmwareqca6574au_firmwaresdx55_firmwarewcn3680b_firmwarewcd9375_firmwareqca8081_firmwaresa6155_firmwarewsa8845h_firmwaresm7250p_firmwareqca6436_firmwareqca6564au_firmwaresa8620p_firmwaresa6155p_firmwaresnapdragon_auto_5g_modem-rf_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareqca6678aq_firmwaresa8775p_firmwareqrb5165m_firmwarewsa8840_firmwaresa4155p_firmwaresa8155_firmwarerobotics_rb3_platform_firmwareqcs8550_firmwaresc8380xp_firmwarevision_intelligence_300_platform_firmwarewcn3988_firmwareqru1062_firmwaresa6145p_firmwaresa7775p_firmwarefastconnect_6700_firmwarewsa8810_firmwaresnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwarewcd9395_firmwareqdu1000_firmwareqca6698aq_firmwareqca6174a_firmwaresa8770p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqam8775p_firmwaresxr2130_firmwareqca6696_firmwareqcs6490_firmwareqru1052_firmwaresnapdragon_855_mobile_platform_firmwaresm6250_firmwareqcc710_firmwarevision_intelligence_400_platform_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewcn3620_firmwarewsa8815_firmwarewsa8835_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwaresa8295p_firmwareqca6688aq_firmwaresnapdragon_750g_5g_mobile_platform_firmwaresnapdragon_675_mobile_platform_firmwarequalcomm_video_collaboration_vc1_platform_firmwarerobotics_rb5_platform_firmwareqca8337_firmwarewcd9380_firmwaresnapdragon_778g_5g_mobile_platform_firmwareqcs7230_firmwareqdu1010_firmwaresnapdragon_670_mobile_platform_firmwaresa8530p_firmwaresd670_firmwaresxr1230p_firmwareqdu1110_firmwaresdm429w_firmwaresa8540p_firmwaresnapdragon_x72_5g_modem-rf_system_firmwaressg2125p_firmwareqca6310_firmwareqca6430_firmwareqcn9012_firmwareqcn9274_firmwareqfw7114_firmwareqca6335_firmwareqca6574_firmwarewcd9340_firmwaresm7325p_firmwaresdx57m_firmwareqru1032_firmwaresnapdragon_xr2_5g_platform_firmwarewsa8845_firmwareqca6426_firmwarewcn3660b_firmwareqca6574a_firmwarefastconnect_6200_firmwareqcs9100_firmwaresnapdragon_x62_5g_modem-rf_system_firmwarewcn3980_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresnapdragon_x50_5g_modem-rf_system_firmwareqca6421_firmwareaqt1000_firmwarewcn6740_firmwaresnapdragon_x35_5g_modem-rf_system_firmwaresnapdragon_690_5g_mobile_platform_firmwaresnapdragon_845_mobile_platform_firmwareqcn6274_firmwarecsrb31024_firmwareqcm6490_firmwaresa8650p_firmwarewsa8832_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwaresrv1h_firmwareqca6797aq_firmwaresa8155p_firmwareqdx1011_firmwareqca6564a_firmwaresa7255p_firmwareqcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwareqdx1010_firmwareqcs610_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqamsrv1m_firmwaresrv1m_firmwareqam8650p_firmwareqca6564_firmwareqca6595_firmwaresnapdragon_720g_mobile_platform_firmwareqcs5430_firmwareqca6391_firmwaresa4150p_firmwarewcd9370_firmwarequalcomm_video_collaboration_vc5_platform_firmwaresd888_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwaressg2115p_firmwareqcs8155_firmwareqam8620p_firmwareqcs410_firmwareqfw7124_firmwareqdu1210_firmwarear8035_firmwareqsm8250_firmware
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2021-1933
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.25% / 48.31%
||
7 Day CHG~0.00%
Published-09 Sep, 2021 | 07:35
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

UE assertion is possible due to improper validation of invite message with SDP body in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwaresd678sm6250p_firmwareqcs610csrb31024wcd9360_firmwaresd_636qcs4290wcn3950_firmwaresc8180x\+sdx55qca6420_firmwareqca6595au_firmwareqca6390_firmwareqca6335msm8917sd730_firmwaresd_455_firmwarewcd9370qcs605_firmwaresd_675_firmwaresd675_firmwareqcs6125_firmwareqca6584au_firmwaresd632qca9377sa415mwcn3998sd_8cx_firmwarewcd9371_firmwarewhs9410wcn3950sd720gwcn3660bsd450_firmwaresa8155qca6574au_firmwaresdx55_firmwareqca6595auwcd9375_firmwarewcn3998_firmwarewcn3610_firmwareqca6420apq8053_firmwarewcd9360qca6564au_firmwareqca6584auqca6310whs9410_firmwaresd429qcs6125sa8155_firmwaresdm630sa415m_firmwarewcn3988_firmwareqca6430sd429_firmwaresm6250sd712_firmwarewcd9340apq8017_firmwarequalcomm215_firmwareqcs603_firmwareqca6174a_firmwareqcs4290_firmwarewcn3660_firmwareqca6696_firmwarewcd9371qca6390wcd9375sd_8cxaqt1000wcn3910_firmwaresc8180x\+sdx55_firmwaresm6250_firmwaremsm8953_firmwaresda429wmsm8917_firmwaresd855_firmwarewcn3620_firmwaresd712wcn3988wcn6850_firmwarewcn3620wsa8815_firmwareapq8017sd450wcn3610qcm6125_firmwarewcn3991sda429w_firmwarewcd9380_firmwaresd_675sdm429wqca6564ausdx24sdx55m_firmwaremsm8940_firmwaresd670_firmwaresd632_firmwaresdm429w_firmwaresd665_firmwarewcd9380sm6250pqualcomm215qcs410qca6574asdx50m_firmwareqca6174asdx24_firmwareqca6310_firmwareqca6430_firmwareqca6335_firmwareqcs605wcd9340_firmwaresd855wsa8815wcn6850sd665wcn3910sd_8c_firmwarewcn3660b_firmwarewcn3680qca6574a_firmwaresd850_firmwaresd730sdxr1_firmwaresdx55maqt1000_firmwaremsm8920msm8953sd678_firmwareqcm4290csrb31024_firmwaresdx50mwcn3680_firmwareqcs603msm8920_firmwaresd_455qca6574ausa8155p_firmwaresd_636_firmwaresd670qcm6125qcm4290_firmwareqcs610_firmwaresd_8csdxr1qca6696sdm630_firmwaresd845_firmwarewcd9370_firmwaresdx55msm8940apq8053sa8155psd675sd845sd720g_firmwareqcs410_firmwarewcn3660sd850Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2024-45574
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.58%
||
7 Day CHG~0.00%
Published-06 May, 2025 | 08:32
Updated-09 May, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Validation of Array Index in Camera Driver

Memory corruption during array access in Camera kernel due to invalid index from invalid command data.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_429_mobile_firmwarewcn3620_firmwaresdm429wwcn3620sdm429w_firmwarewcn3660b_firmwaresnapdragon_429_mobilewcn3660bSnapdragon
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2014-10048
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.22% / 44.33%
||
7 Day CHG~0.00%
Published-18 Apr, 2018 | 14:00
Updated-16 Sep, 2024 | 23:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, while setting the offsets, time-services allows the user to set bases greater than valid base value which will lead to array index out-of-bound.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_412sd_808_firmwaresd_400sdx20sd_415sd_616sd_425sd_430_firmwaremdm9607_firmwaresd_615mdm9650sd_650_firmwaresd_625sd_615_firmwaremsm8909w_firmwaremdm9607sd_210sd_820_firmwaresd_650sd_820sd_808sd_450_firmwaresd_800sd_410sd_617sd_400_firmwaremdm9206sd_652sd_425_firmwaresd_212_firmwaresd_800_firmwaresd_625_firmwaresd_450sd_412_firmwaremdm9206_firmwaresd_430sd_810sd_835_firmwaremdm9650_firmwaresdx20_firmwaresd_410_firmwaresd_835sd_205sd_600_firmwaresd_210_firmwaresd_415_firmwaresd_652_firmwaresd_600msm8909wsd_810_firmwaresd_616_firmwaresd_205_firmwaresd_212sd_617_firmwareSnapdragon Mobile, Snapdragon Wear
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2019-2320
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 55.32%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 08:30
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bounds write in a MT SMS/SS scenario due to improper validation of array index in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9635m_firmwareqcm2150_firmwaremdm9640_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresnapdragon_high_med_2016_firmwaresm6150msm8909w_firmwaremsm8976_firmwaremsm8996ausm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaremdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwaremdm9635mapq8098mdm9615mdm9205mdm9206_firmwaremsm8939qcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwaremdm9655_firmwaresdm660sdm710qm215mdm9607apq8017_firmwaremdm9625_firmwaresdm710_firmwaremsm8939_firmwaremdm9150msm8937msm8905snapdragon_high_med_2016sm8150_firmwaremsm8909sxr2130_firmwaremdm9655apq8096ausdm439_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwaremdm9625qm215_firmwaremsm8976sdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250msm8998sm8150sdx20_firmwaresdm850mdm9615_firmwareapq8017nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-129
Improper Validation of Array Index
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-2325
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 55.32%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 17:11
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of boundary access due to token received from ADSP and is used without validation as an index into the array in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632mdm9640_firmwaresd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdx24sdm439mdm9650sd_636sd_615_firmwaremsm8909w_firmwaremsm8996ausd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_425_firmwaresd_665sdx24_firmwaresd_625_firmwaresd_450sd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sd_210_firmwaresd_415_firmwaremsm8909wsd_665_firmwaresd_616_firmwaresd_205_firmwaresd_415sd_212sd_427_firmwaresd_712sd_855sd_730_firmwarequalcomm_215sdx20sd_616sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_615sd_710_firmwaresdm630qcs405sd_625sd_820_firmwaresd_210mdm9607sd_636_firmwaresd_439_firmwarequalcomm_215_firmwaremdm9150sd_429_firmwaresd_730sd_212_firmwaresd_850_firmwaresd_855_firmwaresdm439_firmwareqcs405_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_430sd_427sd_670sd_435_firmwaresdx20_firmwaresd_710sd_205sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2019-2239
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 12.48%
||
7 Day CHG~0.00%
Published-25 Jul, 2019 | 16:33
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Sanity checks are missing in layout which can lead to SUI Corruption or can lead to Denial of Service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in MDM9150, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8996AU, QCS404, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24, Snapdragon_High_Med_2016, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632mdm9635m_firmwaremdm9640_firmwaresd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdx24sdm439qcs404_firmwaremdm9650sd_636sd_615_firmwaresnapdragon_high_med_2016_firmwaremsm8996ausd_820sd_650sd_450_firmwaresd_845_firmwaresd_410sd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_652sd_425_firmwareqcs404sdx24_firmwaresd_625_firmwaresd_450mdm9635msd_8cx_firmwaresd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sxr1130_firmwaresd_210_firmwaresd_415_firmwaresd_652_firmwaresxr1130sd_616_firmwaresd_205_firmwaresd_415sd_212sd_650_firmwaresd_427_firmwaresd_712sd_730_firmwaresd_412qualcomm_215sdx20sd_616sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435mdm9655_firmwaresd_615sd_710_firmwaresdm630sd_625sd_820_firmwaresd_210mdm9607sd_636_firmwaresd_439_firmwarequalcomm_215_firmwaremdm9150sd_429_firmwaresd_730snapdragon_high_med_2016sd_212_firmwaresd_850_firmwaremdm9655sdm439_firmwaresd_412_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_8cxsd_430sd_427sd_670sd_435_firmwaresdx20_firmwaresd_710sd_410_firmwaresd_205sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2019-2326
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.49%
||
7 Day CHG~0.00%
Published-25 Jul, 2019 | 16:33
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Data token is received from ADSP and is used without validation as an index into the array leads to out of bound access in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632mdm9640_firmwaresd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdx24sdm439mdm9650sd_636msm8909w_firmwaremsm8996ausd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_425_firmwaresd_665sdx24_firmwaresd_625_firmwaresd_450sd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sd_210_firmwaremsm8909wsd_665_firmwaresd_205_firmwaresd_212sd_427_firmwaresd_712sd_855sd_730_firmwarequalcomm_215sdx20sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_710_firmwaresdm630qcs405sd_625sd_820_firmwaresd_210mdm9607sd_636_firmwaresd_439_firmwarequalcomm_215_firmwaremdm9150sd_429_firmwaresd_730sd_212_firmwaresd_850_firmwaresd_855_firmwaresdm439_firmwareqcs405_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_430sd_427sd_670sd_435_firmwaresdx20_firmwaresd_710sd_205sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2019-2339
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 27.25%
||
7 Day CHG~0.00%
Published-21 Nov, 2019 | 14:38
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound access due to lack of check of whiltelist array size while reading the image elf segments. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in MDM9205, QCS404, QCS605, SDA845, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm850_firmwaresdm670_firmwareqcs404sdx24_firmwaresm8150_firmwaresxr2130_firmwaresda845_firmwaresdm845mdm9205_firmwaresdx24mdm9205qcs404_firmwareqcs605sdx55sm7150_firmwaresm6150_firmwaresdm710sm6150sm8150sdm850sdm710_firmwaresxr1130_firmwaresdx55_firmwaresm7150sxr1130sdm670sxr2130qcs605_firmwaresda845sdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2019-2258
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.25% / 48.31%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 17:11
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper validation of array index causes OOB write and then leads to memory corruption in MMCP in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632mdm9635m_firmwaremdm9640_firmwaresd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdm439mdm9650sd_636sd_615_firmwaresnapdragon_high_med_2016_firmwaremsm8909w_firmwaremsm8996ausd_820sd_650sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaresd_652sd_425_firmwaresd_665sd_625_firmwaresd_450mdm9635msd_8cx_firmwaremdm9615sd_845qcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sxr1130_firmwaresd_210_firmwaresd_415_firmwaresd_652_firmwaresxr1130msm8909wsd_665_firmwaresd_616_firmwaresd_205_firmwaresd_415sd_212sd_650_firmwaresd_427_firmwaresd_712sd_855sd_730_firmwarequalcomm_215sdx20sd_616sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435mdm9655_firmwaresd_615sd_710_firmwaresdm630sd_625sd_820_firmwaresd_210mdm9607sd_636_firmwaremdm9625_firmwaresd_439_firmwarequalcomm_215_firmwaremdm9150sd_429_firmwaresd_730snapdragon_high_med_2016sd_212_firmwaresd_850_firmwaremdm9655sdm439_firmwaresd_855_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaremdm9625sd_8cxsd_430sd_427sd_670sd_435_firmwaremdm9615_firmwaresdx20_firmwaresd_710sd_205sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-129
Improper Validation of Array Index
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-0716
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.21% / 43.74%
||
7 Day CHG~0.00%
Published-09 Aug, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37203196.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2019-14093
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.98%
||
7 Day CHG~0.00%
Published-30 Jul, 2020 | 11:40
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Array out of bound access can occur in display module due to lack of bound check on input parcel received in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, QCM2150, QCS405, QCS605, QM215, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM636, SDM660, SDX20

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-msm8920qcm2150_firmwaremsm8953sdm450sdm636_firmwaresdm429wmsm8996au_firmwaresdm632_firmwareapq8098_firmwaresdm450_firmwaresdm632sdx20qcm2150msm8920_firmwaresdm439mdm9607_firmwaresdm660mdm9650sdm429msm8940_firmwareqcs405msm8909w_firmwaremdm9607msm8996auqm215sdm429w_firmwareapq8017_firmwareapq8009_firmwaremsm8909wmsm8917msm8937mdm9207c_firmwaremsm8996_firmwareqcs605_firmwaremdm9206mdm9207capq8096ausdm439_firmwareqcs405_firmwaresda845_firmwaresdm636apq8098sda660_firmwaremdm9206_firmwareqcs605qm215_firmwaremsm8940apq8053apq8096au_firmwaremsm8953_firmwaremsm8917_firmwaremsm8937_firmwaremdm9650_firmwaresdm429_firmwaresdx20_firmwaresda660apq8017msm8996apq8009apq8053_firmwaresdm660_firmwaresda845Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2017-0805
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.09% / 26.04%
||
7 Day CHG~0.00%
Published-24 Aug, 2017 | 00:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A elevation of privilege vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37237701.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2019-14080
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.37% / 58.01%
||
7 Day CHG~0.00%
Published-22 Jun, 2020 | 07:10
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound write can happen due to lack of check of array index value while parsing SDP attribute for SAR in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096AU, Kamorta, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, Nicobar, QCM2150, QCS605, QM215, Rennell, SA415M, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-kamorta_firmwareqcm2150_firmwaremdm9640_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8996ausm7150msm8917sdm670qcs605_firmwaresc8180xsdm670_firmwaresdx24_firmwaresdm636sda845_firmwaresa415mqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sxr1130_firmwaresxr1130msm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresdm660sc8180x_firmwaresa415m_firmwaresdm710qm215sc7180_firmwaremdm9607sdm710_firmwaremsm8937msm8905sm8150_firmwaremsm8909apq8096ausdm439_firmwarerennellsc7180sdm630_firmwaresda660_firmwarerennell_firmwareqm215_firmwaremsm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8150sdm850kamortanicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-129
Improper Validation of Array Index
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-33111
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 13.80%
||
7 Day CHG+0.01%
Published-01 Apr, 2024 | 15:05
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Validation of Array Index in Audio

Information disclosure when VI calibration state set by ADSP is greater than MAX_FBSP_STATE in the response payload to AFE calibration command.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcs410_firmwaresa6150p_firmwaresd865_5gqcs610_firmwaresxr2130_firmwaresrv1mqca8081_firmwarewcd9370ar8035_firmwareqca6696snapdragon_778g\+_5g_mobilewcd9340_firmwarewcd9341_firmwaresd888_firmwareqcc710_firmwareqca6426wcn6740_firmwarefastconnect_6700wcn3610snapdragon_780g_5g_mobileqcn9074snapdragon_782g_mobile_firmwarewsa8815_firmwaresnapdragon_wear_4100\+_firmwaresa8195p_firmwareqca8337_firmwareqca8337qca6426_firmwareqca9377_firmwareqca6574au_firmwareqam8295pwcd9341qca6574ausa8620p_firmwaresnapdragon_888\+_5g_mobile_firmwarewcn3950wsa8810_firmwaresnapdragon_870_5g_mobile_firmwaresnapdragon_778g_5g_mobile_firmwaresa9000p_firmwaresrv1hsnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_7c\+_gen_3_computewcn3660b_firmwarefastconnect_6800_firmwaresnapdragon_778g\+_5g_mobile_firmwaresa8295p_firmwaresnapdragon_870_5g_mobilevideo_collaboration_vc1_platform_firmwaresa8770pc-v2x_9150qca6584auqcn6274_firmwaresd888qcc710snapdragon_xr2_5g_firmwarewcn6740snapdragon_780g_5g_mobile_firmwarefastconnect_6800qfw7114_firmwaresnapdragon_wear_4100\+fastconnect_7800_firmwarefastconnect_6900video_collaboration_vc1_platformsnapdragon_865_5g_mobile_firmwaresa7255pqfw7114wcd9385_firmwarefastconnect_6900_firmwareqam8255p_firmwarewcd9380sa6145p_firmwareqam8255psnapdragon_xr2_5gsa8150psa6155pwsa8810qam8650psa9000psrv1h_firmwaresnapdragon_888_5g_mobile_firmwarevideo_collaboration_vc3_platformsnapdragon_888_5g_mobilesm7315_firmwarec-v2x_9150_firmwaresa6155p_firmwareqam8295p_firmwaresrv1m_firmwaresnapdragon_782g_mobilesm7315snapdragon_x55_5g_modem-rfqfw7124_firmwareqca6698aq_firmwareqca6436_firmwaresnapdragon_888\+_5g_mobilewcd9385qca9367_firmwaresnapdragon_x55_5g_modem-rf_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewcn3610_firmwaresa8255psnapdragon_865\+_5g_mobilewcd9370_firmwareqca9367sa7255p_firmwarewcn3660bsxr2130sa8195pwcd9340qamsrv1msnapdragon_auto_5g_modem-rf_gen_2sm7325pqam8650p_firmwareqca6584au_firmwarewcn3980_firmwareqcn6274qca6436qfw7124sa8775pwsa8835qca6391_firmwaresa8775p_firmwareqamsrv1hqca6696_firmwarewcd9380_firmwaresa6150pqcs410sa8155p_firmwareqca8081wsa8815sa8155pwsa8830qam8775pqca9377sa6145psnapdragon_x75_5g_modem-rfqcn9074_firmwaresa8620psa8255p_firmwarear8035qamsrv1m_firmwaresa8650p_firmwaresnapdragon_865_5g_mobilewcd9375_firmwareqca6391qcn6224snapdragon_865\+_5g_mobile_firmwareqca6698aqwcn3950_firmwaresa8770p_firmwaresa8295pfastconnect_7800sa8145p_firmwaresa8650pqam8775p_firmwaresd865_5g_firmwaresm7325p_firmwarewcn3680bwcd9375sa8150p_firmwarefastconnect_6700_firmwareqamsrv1h_firmwarevideo_collaboration_vc3_platform_firmwaresa8145psnapdragon_x75_5g_modem-rf_firmwarewsa8835_firmwarewcn3980snapdragon_778g_5g_mobilewsa8830_firmwarewcn3680b_firmwareqcn6224_firmwareqcs610Snapdragon
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2019-10512
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.79%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 17:11
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Payload size is not checked before using it as array index in audio in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632mdm9640_firmwaresd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdx24sdm439mdm9650sd_636sd_615_firmwaremsm8909w_firmwaremsm8996ausd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwareipq4019_firmwaremdm9206sd_425_firmwaresd_665sdx24_firmwaresd_625_firmwareipq8074sd_450sd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660ipq8064sd_210_firmwaresxr1130_firmwaresd_415_firmwaresxr1130msm8909wsd_665_firmwaresd_616_firmwaresd_205_firmwaresd_415sd_212ipq8064_firmwaresd_427_firmwaresd_712sd_855sd_730_firmwarequalcomm_215sdx20sd_616sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_615sd_710_firmwaresdm630qcs405sd_625ipq8074_firmwaresd_820_firmwaresd_210mdm9607sd_636_firmwaresd_439_firmwarequalcomm_215_firmwaremdm9150sd_429_firmwaresd_730sd_212_firmwaresd_850_firmwaresd_855_firmwaresdm439_firmwareqcs405_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_430ipq4019sd_427sd_670sd_435_firmwaresdx20_firmwaresd_710sd_205sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2019-10527
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.39%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'SMEM partition can be manipulated in case of any compromise on HLOS, thus resulting in access to memory outside of SMEM address range which could lead to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Bitra, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA4531, QCA6574AU, QCA8081, QCM2150, QCN7605, QCN7606, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SA415M, SA515M, SA6155P, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9640_firmwareqcs610sdm450_firmwaresdm632qcs404_firmwaremdm9650apq8009_firmwaremsm8917sdm670qcs605_firmwaresda845_firmwaresa415mqca4531bitraapq8098qcn7605mdm9206_firmwarebitra_firmwaremsm8905_firmwareqca6574au_firmwaresda660sdx55_firmwareqca8081_firmwaresxr1130msm8909wapq8053_firmwaresda845sa6155p_firmwaresdm450sdm636_firmwaresa515m_firmwareapq8098_firmwaremsm8998_firmwaresdm630mdm9607_firmwaresm8250_firmwaresa415m_firmwareqcs405qm215sc7180_firmwareapq8017_firmwaresdm710_firmwaresa6155pqca8081msm8937msm8905sm8150_firmwaremsm8909sxr2130_firmwarerennellsc7180msm8953_firmwaresaipan_firmwaresm6150_firmwaremsm8917_firmwaremsm8998sm8150sdx20_firmwaresdm850kamortaapq8017msm8996saipanqcn7606_firmwaremdm9640kamorta_firmwareqca4531_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdx24sdm439sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150sxr2130sc8180xmdm9206sdm670_firmwareqcs404sdx24_firmwareipq8074sdm636ipq6018_firmwaremdm9205sa515mqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaresxr1130_firmwareapq8009msm8909_firmwarenicobarsdm850_firmwaremsm8920msm8953sdx20qcm2150msm8920_firmwaresdm660sc8180x_firmwareipq8074_firmwareqca6574ausdm710mdm9607qcn7605_firmwareqcs610_firmwaremdm9150mdm9207c_firmwaremsm8996_firmwareipq6018mdm9207capq8096ausdm439_firmwareqcs405_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwareqm215_firmwaresdx55msm8940apq8053apq8096au_firmwaresm8250nicobar_firmwaresdm660_firmwareqcn7606sdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-129
Improper Validation of Array Index
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-10590
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.40% / 59.57%
||
7 Day CHG~0.00%
Published-07 Feb, 2020 | 05:00
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound access while parsing dts atom, which is non-standard as it does not have valid number of tracks in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCS405, QCS605, QM215, Rennell, SA6155P, Saipan, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdm439sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaremdm9206sdm670_firmwaresdm636sda845_firmwareapq8098mdm9206_firmwaremsm8939qcs605msm8937_firmwaresdm429_firmwaremsm8905_firmwaresda660sxr1130_firmwareapq8064_firmwaresxr1130msm8909wapq8009apq8053_firmwaresda845nicobarsa6155p_firmwaremsm8920msm8953sdm450sdm636_firmwareapq8064apq8098_firmwaresdx20msm8998_firmwaresdm660msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwareqcs405sdm710qm215mdm9607apq8017_firmwaresdm710_firmwaremsm8939_firmwaresa6155pmsm8937mdm9207c_firmwaremsm8996_firmwaremsm8905mdm9207csm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwarerennellsdm630_firmwaresda660_firmwarerennell_firmwareqm215_firmwaremsm8953_firmwaremsm8940saipan_firmwaresm6150_firmwareapq8053msm8917_firmwareapq8096au_firmwaremsm8998sm8150sdx20_firmwaresm8250apq8017msm8996saipannicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2017-0737
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.09% / 26.83%
||
7 Day CHG~0.00%
Published-09 Aug, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A elevation of privilege vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37563942.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2019-10594
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.36% / 57.13%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack overflow can occur when SDP is received with multiple payload types in the FMTP attribute of a video M line in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8076, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9635m_firmwareapq8096_firmwaremdm9640_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632apq8096sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996aumdm9645sdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670qcs605_firmwareapq8076sc8180xmdm9206sdm670_firmwaresdx24_firmwareapq8076_firmwaresdm636sda845_firmwaremdm9635mapq8098mdm9615mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresdm660mdm9655_firmwaresc8180x_firmwaresdm710qm215mdm9607mdm9645_firmwareapq8017_firmwaremdm9625_firmwaresdm710_firmwaremdm9150msm8937msm8905sm8150_firmwaremsm8909mdm9655apq8096ausdm439_firmwarerennellsdm630_firmwaresda660_firmwaremdm9625rennell_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaremdm9615_firmwaremsm8998sm8150sdx20_firmwaresdm850apq8017nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-129
Improper Validation of Array Index
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-10503
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.98%
||
7 Day CHG~0.00%
Published-21 Nov, 2019 | 14:38
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds access can occur in camera driver due to improper validation of array index in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, QCN7605, SDA660, SDM450, SDM630, SDM636, SDM660, SDX20

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-msm8920mdm9640_firmwaremsm8953sdm450sdm636_firmwaremsm8996au_firmwareapq8098_firmwaresdm450_firmwaremsm8998_firmwaresdx20sdm660msm8920_firmwaresdm630mdm9607_firmwaremdm9650msm8940_firmwaremsm8909w_firmwaremdm9607msm8996auapq8017_firmwareapq8009_firmwareqcn7605_firmwaremsm8909wmsm8917msm8937mdm9207c_firmwaremdm9206msm8905mdm9207cmsm8909apq8096ausdm636sdm630_firmwareapq8098qcn7605sda660_firmwaremdm9206_firmwaremsm8940apq8053apq8096au_firmwaremsm8953_firmwaremsm8917_firmwaremsm8937_firmwaremdm9650_firmwaremsm8998sdx20_firmwaremsm8905_firmwaresda660apq8017apq8009msm8909_firmwareapq8053_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2017-0836
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.96% / 75.55%
||
7 Day CHG~0.00%
Published-16 Nov, 2017 | 23:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-64893226.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2019-10611
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.43% / 61.53%
||
7 Day CHG~0.00%
Published-21 Jan, 2020 | 06:30
Updated-04 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow can occur while processing clip due to lack of check of object size before parsing in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, Nicobar, QCS605, QM215, SA6155P, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm429wsdm632_firmwaresdm845sdm450_firmwaresdm632sdm439sdm429msm8940_firmwaresm6150msm8909w_firmwaresdm429w_firmwareapq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaremdm9206sdm670_firmwaresda845_firmwareapq8098mdm9206_firmwaremsm8939qcs605msm8937_firmwaresdm429_firmwaremsm8905_firmwaresda660sxr1130_firmwareapq8064_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarsa6155p_firmwaremsm8920msm8953sdm450apq8064apq8098_firmwaresdx20sdm660msm8920_firmwaremdm9607_firmwaresm8250_firmwaresdm710qm215mdm9607apq8017_firmwaresdm710_firmwaremsm8939_firmwaresa6155pmsm8937mdm9207c_firmwaremsm8996_firmwaremsm8905mdm9207csm8150_firmwaremsm8909sxr2130_firmwareapq8096ausdm439_firmwaresda660_firmwareqm215_firmwaremsm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250sm8150sdx20_firmwareapq8017msm8996nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2019-10499
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.49%
||
7 Day CHG~0.00%
Published-30 Sep, 2019 | 15:40
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper validation of read and write index of tx and rx fifo`s before using for data copy from fifo can lead to out-of-bound access. in Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, IPQ8074, QCS405, SD 665, SD 675, SD 730, SD 855

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_730sd_855sd_665sd_730_firmwareipq8074sd_675qcs405_firmwareipq4019_firmwareipq4019qcs405ipq8074_firmwareipq8064sd_665_firmwareipq8064_firmwaresd_675_firmwaresd_855_firmwareSnapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2019-10481
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.69%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 05:25
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound access occurs while handling the WMI FW event due to lack of check of buffer argument which comes directly from the WLAN FW in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8096AU, IPQ4019, IPQ8064, IPQ8074, MDM9607, MSM8996AU, QCA6574AU, QCA8081, QCN7605, SDX55, SM6150, SM7150, SM8150

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm8150_firmwareipq8074apq8096aumsm8996au_firmwareqcn7605mdm9607_firmwareipq4019sdx55sm7150_firmwareipq8074_firmwareqca6574ausm6150apq8096au_firmwaremdm9607msm8996ausm6150_firmwaresm8150ipq8064qca6574au_firmwaresm7150sdx55_firmwareqca8081_firmwareqcn7605_firmwareqca8081ipq8064_firmwareipq4019_firmwareSnapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2023-28558
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 6.78%
||
7 Day CHG~0.00%
Published-05 Sep, 2023 | 06:24
Updated-02 Aug, 2024 | 13:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Validation of Array Index in WLAN HAL

Memory corruption in WLAN handler while processing PhyID in Tx status handler.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_850_mobile_compute_platform_firmwareqca2066sa6150p_firmwaresm6250p_firmwareqcs610ipq4028_firmware315_5g_iot_modem_firmwareqca8337ar9380qca6431_firmwaresnapdragon_870_5g_mobile_platform_firmwarewcd9360_firmwaresnapdragon_888_5g_mobile_platformwcn3950_firmwaresc8180x\+sdx55sa8150p_firmwaresm4450_firmwareqca6595au_firmwaresa6155snapdragon_480_5g_mobile_platformqca6335qca2062sd_455_firmwarecsra6620_firmwaresd_675_firmwarecsra6640_firmwaresnapdragon_460_mobile_platform_firmwareqcs6125_firmwaresnapdragon_480_5g_mobile_platform_firmwareqca6554a_firmwarewcd9371_firmwareqam8295pwcn3950qcn6024_firmwaresm4125sd_8_gen1_5g_firmwareqsm8350_firmwaresnapdragon_730_mobile_platform_snapdragon_460_mobile_platformqsm8350sd460_firmwaresnapdragon_660_mobile_platform_firmwareqca6428qualcomm_robotics_rb3_platform_firmwaresnapdragon_695_5g_mobile_platform_firmwareqca6574au_firmwaresnapdragon_636_mobile_platformwcd9375_firmwareqca8081_firmwaresa6155_firmwareqca6420wcd9360snapdragon_xr2\+_gen_1_platformqca6438_firmwaresnapdragon_auto_5g_modem-rf_firmwareqca6678aq_firmwaresmart_audio_400_platform_firmwarewcn3999ipq4029_firmwareqca6698aqqcs6125sa8155_firmwaresd662_firmwaresnapdragon_765g_5g_mobile_platformqca6430snapdragon_630_mobile_platformsnapdragon_678_mobile_platform_firmwarewcd9340snapdragon_8cx_compute_platformsnapdragon_720g_mobile_platformsnapdragon_780g_5g_mobile_platformsw5100qca6436sa6155pqca6698aq_firmwaresnapdragon_690_5g_mobile_platformqca9888_firmwarewcd9341qca2066_firmwareqca6431qca6696_firmwarewcd9371qca1062wcn3910_firmwaresd_8cxsnapdragon_855_mobile_platform_firmwaresa8150pwsa8830_firmwareqca9992_firmwaresd660sd865_5g_firmwaresd855_firmwarewcn3988qca6438sd660_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresnapdragon_685_4g_mobile_platform_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwaresnapdragon_7c_gen_2_compute_platform_firmwareqcn7606_firmwareqca9898sa8295p_firmwareipq4028snapdragon_750g_5g_mobile_platform_firmwaresnapdragon_675_mobile_platform_firmwareqca6428_firmwareipq4018_firmwareqca8337_firmwaressg2125pwcd9380_firmwareqca9980_firmwaresw5100psnapdragon_8cx_gen_2_5g_compute_platformsnapdragon_w5\+_gen_1_wearable_platformqca6564ausnapdragon_670_mobile_platform_firmwaresd670_firmwareqca6574csr8811_firmwarewcd9380fastconnect_6700qcs410sxr1230psnapdragon_765_5g_mobile_platform_qca6430_firmwarewcd9335_firmwarewcn3980snapdragon_732g_mobile_platform_firmwareqca6335_firmwareqcm4325_firmwarewcd9340_firmwarewsa8815wcn3910snapdragon_865\+_5g_mobile_platformqca6320snapdragon_630_mobile_platform_firmwaresnapdragon_4_gen_1_mobile_platformqca6426_firmwaresm4450qca9984ipq8064sd835snapdragon_670_mobile_platformqcn9024wcn3980_firmwaresd730snapdragon_xr2\+_gen_1_platform_firmwareipq8064_firmwaresnapdragon_x50_5g_modem-rf_system_firmwaresa8295pqca6421_firmwareqca2062_firmwarewcn6740_firmwaresnapdragon_8cx_compute_platform_firmwareqcs4490_firmwaresnapdragon_xr2_5g_platformqca6678aqsnapdragon_x65_5g_modem-rf_systemar8031_firmwarefastconnect_6900fastconnect_6900_firmwaresnapdragon_660_mobile_platformqca9994qca9980sd670qcn9024_firmwareqca6564a_firmwarewsa8832qcn7605_firmwaresw5100p_firmwaresnapdragon_8cx_gen_3_compute_platformqcs610_firmwareqsm8250sa6145psnapdragon_765_5g_mobile_platform__firmwaresnapdragon_8_gen_mobile_platform_firmwarear8031qcs4490qca6595_firmwaresa8145psnapdragon_750g_5g_mobile_platformsnapdragon_888\+_5g_mobile_platform_firmwareqca6391_firmwaresnapdragon_710_mobile_platform_firmwaresa4150p_firmwareqca2064wcd9370_firmwaresdx55sd888_firmwaresa8155pcsra6640sd675snapdragon_695_5g_mobile_platformsnapdragon_860_mobile_platformssg2115p_firmwaresnapdragon_720g_mobile_platform_firmwaresnapdragon_855_mobile_platformar8035_firmwareqsm8250_firmwaresnapdragon_480\+_5g_mobile_platformqcn7606wsa8830snapdragon_662_mobile_platform_firmwaresxr2230p_firmwaresa8145p_firmwaresnapdragon_855\+_mobile_platform_firmwareqca1062_firmwaresnapdragon_850_mobile_compute_platformcsrb31024snapdragon_865_5g_mobile_platformcsra6620qca9992snapdragon_860_mobile_platform_firmwaresnapdragon_888_5g_mobile_platform_firmwareqca6420_firmwareipq8069_firmwaresnapdragon_855\+_mobile_platformqca2064_firmwaresnapdragon_auto_4g_modem_firmwaresd730_firmwarewcd9370sd675_firmwaressg2115psnapdragon_480\+_5g_mobile_platform_firmwareqca6426qca6584au_firmwarewcn3990_firmwareqca9984_firmwarequalcomm_robotics_rb3_platformsd_8cx_firmwarewcd9385_firmwareqcn7605wcd9326_firmwarefastconnect_6200snapdragon_7c_gen_2_compute_platformqca2065sd662qam8295p_firmwareqca1064sa8155snapdragon_x55_5g_modem-rf_systemqca6320_firmwaresnapdragon_835_mobile_pc_platform_firmwaresdx55_firmwareqca6595auwcn3999_firmwaresm7250p_firmwareqca6436_firmwaresnapdragon_680_4g_mobile_platform_firmwaresnapdragon_w5\+_gen_1_wearable_platform_firmwareqca6564au_firmwareqca6584ausa6155p_firmwareqca6310snapdragon_x65_5g_modem-rf_system_firmwaresnapdragon_870_5g_mobile_platformqca9990qcs6490vision_intelligence_300_platform_firmwarewcn3988_firmware315_5g_iot_modemqcn9074sa6145p_firmwareqca6421sm6250fastconnect_6700_firmwaresa8195psxr1120wsa8810_firmwarevision_intelligence_400_platformwcd9326wcd9335snapdragon_ar2_gen_1_platform_firmwaresg4150pqca8081qcm4490snapdragon_888\+_5g_mobile_platformwcd9385sxr2130_firmwareqcs6490_firmwareqca2065_firmwaresnapdragon_665_mobile_platform_firmwareqca9898_firmwarewcd9375ar8035aqt1000csr8811sc8180x\+sdx55_firmwaresm6250_firmwaresnapdragon_712_mobile_platform_firmwarevision_intelligence_400_platform_firmwaresnapdragon_662_mobile_platformsnapdragon_685_4g_mobile_platformsnapdragon_768g_5g_mobile_platform_firmwarewsa8815_firmwareqcm6490wsa8835_firmwaresnapdragon_636_mobile_platform_firmwaresxr1120_firmwareqca6564asa4150psg4150p_firmwaresnapdragon_730_mobile_platform__firmwareqcm6125_firmwareqcm4325snapdragon_845_mobile_platformwcn3990sd_675qca6554asd865_5gfastconnect_6800qca6595ar9380_firmwaresnapdragon_835_mobile_pc_platformsnapdragon_8c_compute_platformsd888wsa8835sxr1230p_firmwaresnapdragon_auto_5g_modem-rfsd_8_gen1_5gsm6250psnapdragon_678_mobile_platformsnapdragon_4_gen_1_mobile_platform_firmwaresxr2130ssg2125p_firmwareipq4018smart_audio_400_platformqca6574aqca9889qca9888qca6310_firmwareipq8074qca9994_firmwareqca6574_firmwaresd855sm4125_firmwaresxr2230psnapdragon_8_gen_mobile_platformsnapdragon_xr2_5g_platform_firmwareqca6574a_firmwaresnapdragon_665_mobile_platformsnapdragon_730g_mobile_platformfastconnect_6200_firmwareipq8069vision_intelligence_300_platformsnapdragon_x55_5g_modem-rf_system_firmwaresd460qca6391snapdragon_8cx_gen_3_compute_platform_firmwaresnapdragon_710_mobile_platformfastconnect_7800snapdragon_7c_compute_platform_firmwareaqt1000_firmwaresnapdragon_865\+_5g_mobile_platform_firmwareqcm4490_firmwaresnapdragon_690_5g_mobile_platform_firmwaresnapdragon_845_mobile_platform_firmwaresnapdragon_auto_4g_modemcsrb31024_firmwareqcm6490_firmwarewsa8832_firmwaresnapdragon_xr1_platformsd_455ipq8074_firmwareqca6574auqca9889_firmwaresa8155p_firmwarewcd9341_firmwarefastconnect_7800_firmwareqcm6125wsa8810snapdragon_765g_5g_mobile_platform_firmwaresnapdragon_712_mobile_platformsnapdragon_730g_mobile_platform_firmwaresnapdragon_680_4g_mobile_platformsnapdragon_ar2_gen_1_platformsnapdragon_8c_compute_platform_firmwaresd835_firmwaresnapdragon_675_mobile_platformqca1064_firmwarewcn6740qca6696snapdragon_732g_mobile_platformsnapdragon_x50_5g_modem-rf_systemsa6150psnapdragon_768g_5g_mobile_platformqcn6024qca9990_firmwaresm7250psw5100_firmwareqcn9074_firmwareqcs410_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_firmwareipq4029snapdragon_7c_compute_platformsnapdragon_xr1_platform_firmwareSnapdragonsnapdragon_850_mobile_compute_platform_firmwaresnapdragon_662_mobile_platform_firmwaresa6150p_firmwaresm6250p_firmwaresa8145p_firmwaresxr2230p_firmwareipq4028_firmwareqca1062_firmware315_5g_iot_modem_firmwareqca6431_firmwarewcd9360_firmwarewcn3950_firmwaresnapdragon_888_5g_mobile_platform_firmwaresa8150p_firmwaresm4450_firmwareqca6420_firmwareqca6595au_firmwareipq8069_firmwareqca2064_firmwaresnapdragon_xr1_platform_firmwaresd730_firmwaresnapdragon_auto_4g_modem_firmwaresd_455_firmwarecsra6620_firmwaresd_675_firmwaresd675_firmwarecsra6640_firmwaresnapdragon_460_mobile_platform_firmwareqcs6125_firmwaresnapdragon_480_5g_mobile_platform_firmwareqca6584au_firmwarewcn3990_firmwareqca9984_firmwareqca6554a_firmwaresd_8cx_firmwarewcd9371_firmwarewcd9385_firmwareqcn6024_firmwarewcd9326_firmwaresd_8_gen1_5g_firmwareqsm8350_firmwaresnapdragon_660_mobile_platform_firmwaresd460_firmwareqam8295p_firmwarequalcomm_robotics_rb3_platform_firmwareqca6320_firmwaresnapdragon_695_5g_mobile_platform_firmwareqca6574au_firmwaresdx55_firmwaresnapdragon_835_mobile_pc_platform_firmwarewcd9375_firmwareqca8081_firmwaresa6155_firmwarewcn3999_firmwaresm7250p_firmwareqca6436_firmwaresnapdragon_680_4g_mobile_platform_firmwareqca6438_firmwareqca6564au_firmwaresnapdragon_auto_5g_modem-rf_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqca6678aq_firmwaresmart_audio_400_platform_firmwareipq4029_firmwaresa8155_firmwaresd662_firmwarevision_intelligence_300_platform_firmwarewcn3988_firmwaresa6145p_firmwarefastconnect_6700_firmwarewsa8810_firmwaresnapdragon_ar2_gen_1_platform_firmwareqca6698aq_firmwareqca9888_firmwaresxr2130_firmwareqca2066_firmwareqca6696_firmwareqca2065_firmwareqcs6490_firmwaresnapdragon_665_mobile_platform_firmwareqca9898_firmwarewcn3910_firmwaresnapdragon_855_mobile_platform_firmwaresm6250_firmwaresnapdragon_712_mobile_platform_firmwarevision_intelligence_400_platform_firmwarewsa8830_firmwareqca9992_firmwaresd855_firmwaresd865_5g_firmwarewsa8815_firmwarewsa8835_firmwaresd660_firmwaresnapdragon_636_mobile_platform_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwaresxr1120_firmwareqcn7606_firmwaresa8295p_firmwaresg4150p_firmwaresnapdragon_750g_5g_mobile_platform_firmwareqcm6125_firmwaresnapdragon_675_mobile_platform_firmwareqca6428_firmwareqca8337_firmwareipq4018_firmwarewcd9380_firmwareqca9980_firmwarear9380_firmwaresnapdragon_670_mobile_platform_firmwaresd670_firmwaresxr1230p_firmwarecsr8811_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaressg2125p_firmwareqca6310_firmwareqca6430_firmwareqca9994_firmwarewcd9335_firmwareqca6335_firmwareqcm4325_firmwareqca6574_firmwarewcd9340_firmwaresm4125_firmwaresnapdragon_630_mobile_platform_firmwaresnapdragon_xr2_5g_platform_firmwareqca6426_firmwareqca6574a_firmwarefastconnect_6200_firmwarewcn3980_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareipq8064_firmwaresnapdragon_x50_5g_modem-rf_system_firmwareqca6421_firmwareqca2062_firmwareaqt1000_firmwarewcn6740_firmwareqcm4490_firmwaresnapdragon_690_5g_mobile_platform_firmwaresnapdragon_845_mobile_platform_firmwareqcs4490_firmwarear8031_firmwareqcm6490_firmwarecsrb31024_firmwarewsa8832_firmwarefastconnect_6900_firmwareipq8074_firmwareqca9889_firmwaresa8155p_firmwareqca6564a_firmwareqcn9024_firmwarewcd9341_firmwarefastconnect_7800_firmwareqcn7605_firmwaresw5100p_firmwareqcs610_firmwaresnapdragon_8_gen_1_mobile_platform_firmwaresd835_firmwareqca6595_firmwareqca1064_firmwareqca6391_firmwaresnapdragon_710_mobile_platform_firmwaresa4150p_firmwarewcd9370_firmwaresd888_firmwareqca9990_firmwaressg2115p_firmwaresw5100_firmwareqcn9074_firmwareqcs410_firmwaresnapdragon_720g_mobile_platform_firmwarear8035_firmwareqsm8250_firmware
CWE ID-CWE-129
Improper Validation of Array Index
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-28557
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 13.13%
||
7 Day CHG~0.00%
Published-05 Sep, 2023 | 06:24
Updated-02 Aug, 2024 | 13:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Validation of Array Index in WLAN HAL

Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_850_mobile_compute_platform_firmwaresnapdragon_888\+_5g_mobile_platform_sm6250p_firmwareipq4028_firmwareqca8337ar9380ipq8173_firmwaresnapdragon_888_5g_mobile_platformqcn5124wcn3950_firmwaresc8180x\+sdx55sm4450_firmwareqca6595au_firmwaresa6155snapdragon_480_5g_mobile_platformsd_455_firmwaresnapdragon_460_mobile_platform_firmwareqcs6125_firmwaresnapdragon_480_5g_mobile_platform_firmwarewcd9371_firmwarewcn3950qcn6024_firmwaresm4125immersive_home_316_platform_firmwareqsm8350_firmwaresnapdragon_460_mobile_platformqsm8350sd460_firmwaresnapdragon_660_mobile_platform_firmwaresm7315_firmwaresnapdragon_695_5g_mobile_platform_firmwaresnapdragon_636_mobile_platformqca8081_firmwareqca6420qcn9002qca9986snapdragon_auto_5g_modem-rf_firmwareipq8070_firmwareipq8065ipq8078a_firmwaresa8155_firmwaresnapdragon_855\+860_mobile_platform_firmwareipq8068qca6430snapdragon_630_mobile_platformsnapdragon_678_mobile_platform_firmwarewcd9340snapdragon_8cx_compute_platformqca6698aq_firmwaresnapdragon_690_5g_mobile_platformqca9888_firmwareqcn6122qca6696_firmwarewcd9371qca1062qcn5154_firmwaresd_8cxsa8150pqca9992_firmwaresd660sd865_5g_firmwaresd660_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwareqcn5022_firmwareqcn7606_firmwareimmersive_home_216_platform_firmwaresnapdragon_730_mobile_platform_firmwaresnapdragon_750g_5g_mobile_platform_firmwaresnapdragon_675_mobile_platform_firmwareqca6428_firmwareqca9985_firmwareipq4018_firmwaresnapdragon_778g_5g_mobile_platform_firmwaressg2125pqca9980_firmwareipq8078qca8084qcn9001_firmwareipq8173snapdragon_670_mobile_platform_firmwaresd670_firmwareqca6574csr8811_firmwaresnapdragon_7c\+_gen_3_computewcd9380qcs410qcn5024sxr1230psnapdragon_765_5g_mobile_platform_qca9985qcn9012_firmwareqcn9274_firmwareipq6018_firmwareqcm4325_firmwarewcd9340_firmwarewsa8815pmp8074_firmwareqcn6112snapdragon_865\+_5g_mobile_platformsnapdragon_630_mobile_platform_firmwareqcs8250ipq6028ipq8064sd835pmp8074ipq9574_firmwarewcn3980_firmwaresd730sa8295pqca2062_firmwarewcn6740_firmwaresnapdragon_8cx_compute_platform_firmwareqcs4490_firmwareqca6678aqsnapdragon_x65_5g_modem-rf_systemipq8078_firmwarefastconnect_6900qcn5054fastconnect_6900_firmwaresnapdragon_660_mobile_platformqca9994qca9980sd670qcn9024_firmwareipq8174_firmwarequalcomm_robotics_rb5_platform_firmwareqcm4290_firmwareqcn7605_firmwaresw5100p_firmwareqcs610_firmwaresa6145pqca9886_firmwarear8031immersive_home_214_platformsnapdragon_750g_5g_mobile_platformqca6391_firmwaresa4150p_firmwareqca4024wcd9370_firmwaresdx55qcn5021_firmwaresnapdragon_870_5g_mobile_platform_csra6640snapdragon_888\+_5g_mobile_platform__firmwaresnapdragon_695_5g_mobile_platformssg2115p_firmwareqsm8250_firmwareqcn7606wsa8830sxr2230p_firmwareqca1062_firmwaresnapdragon_850_mobile_compute_platformcsrb31024flight_rb5_5g_platformsnapdragon_865_5g_mobile_platformflight_rb5_5g_platform_firmwareqca8082qca9992qcs4290snapdragon_7c_compute_platform__firmwaresnapdragon_480\+_5g_mobile_platform_qca6420_firmwareqca2064_firmwaresnapdragon_auto_4g_modem_firmwaresd675_firmwareqca6426wcn3990_firmwareqrb5165n_firmwareqca9984_firmwarequalcomm_robotics_rb3_platformwcd9385_firmwarewcd9326_firmwarefastconnect_6200ipq8074aqcn6102_firmwareqcn9011_firmwaresa8155snapdragon_x55_5g_modem-rf_systemsnapdragon_835_mobile_pc_platform_firmwareqcn5122_firmwaresdx55_firmwareqcn6023_firmwaresm7250p_firmwareqrb5165nsnapdragon_7c_gen_2_compute_platform_qca6584ausnapdragon_x65_5g_modem-rf_system_firmwareipq8174qcn5052qcn6112_firmwarewcn3988_firmware315_5g_iot_modemqcn9074qca6421qca8085fastconnect_6700_firmwaresa8195psxr1120wcd9326wcd9335qcm4490qcn6023qcs4290_firmwareqca8085_firmwaresxr2130_firmwareqcs6490_firmwareqca9898_firmwarewcd9375aqt1000sc8180x\+sdx55_firmwaresm6250_firmwaresnapdragon_712_mobile_platform_firmwaresnapdragon_662_mobile_platformsnapdragon_685_4g_mobile_platformipq5010_firmwareipq8074a_firmwarewsa8815_firmwaresnapdragon_636_mobile_platform_firmwaresxr1120_firmwareqcm6125_firmwaresd865_5gqca6595ipq8065_firmwaresxr1230p_firmwareqcn5154qca8075_firmwaresxr2130smart_audio_400_platformqcn6132_firmwareqcn9003_firmwareqca9888qca6310_firmwareipq8070a_firmwareqca6574_firmwareqca9886sm7325p_firmwaresxr2230psnapdragon_xr2_5g_platform_firmwareqca6574a_firmwaresnapdragon_665_mobile_platformsnapdragon_730g_mobile_platformqrb5165msm7315snapdragon_x55_5g_modem-rf_system_firmwaresnapdragon_8cx_gen_3_compute_platform_firmwareqcn6102snapdragon_855\+860_mobile_platformsnapdragon_865\+_5g_mobile_platform_firmwaresnapdragon_690_5g_mobile_platform_firmwaresnapdragon_auto_4g_modemcsrb31024_firmwareqcm6490_firmwarewsa8832_firmwaresnapdragon_xr1_platformqcn9070_firmwareipq6028_firmwareipq8072a_firmwareqca9889_firmwareqcn5122qcs8250_firmwaresnapdragon_765g_5g_mobile_platform_firmwaresnapdragon_712_mobile_platformsnapdragon_8_gen_1_mobile_platform_firmwareqcn5022snapdragon_8c_compute_platform_firmwareqca1064_firmwarewcn6740snapdragon_732g_mobile_platformsnapdragon_x50_5g_modem-rf_systemqca8075qcn6024qcn9022qcn9002_firmwareipq6000_firmwareqcs410_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_firmwaresnapdragon_8_gen_1_mobile_platformqca2066sa6150p_firmwareqcs610315_5g_iot_modem_firmwareqca6431_firmwaresnapdragon_778g\+_5g_mobile_platformwcd9360_firmwareqca4024_firmwareimmersive_home_318_platform_firmwareipq8078aipq5028_firmwaresa8150p_firmwareqcs2290qca6335qca2062csra6620_firmwaresd_675_firmwarecsra6640_firmwareqca6554a_firmwareqam8295pipq8076aqca8386_firmwaresd_8_gen1_5g_firmwareqca8084_firmwareqca6428qualcomm_robotics_rb3_platform_firmwareqca6574au_firmwareqcn5164_firmwaresnapdragon_778g\+_5g_mobile_platform_firmwaresa6155_firmwarewcd9375_firmwarewcd9360snapdragon_xr2\+_gen_1_platformsnapdragon_782g_mobile_platform_firmwareqca6438_firmwareqca6678aq_firmwaresmart_audio_400_platform_firmwarewcn3999qrb5165m_firmwareipq5028ipq4029_firmwareqca6698aqqcs6125ipq6010sd662_firmwaresnapdragon_765g_5g_mobile_platformsnapdragon_8\+_gen_1_mobile_platformsnapdragon_720g_mobile_platformqcn6132snapdragon_780g_5g_mobile_platformsw5100qca6436sa6155pwcd9341ipq8068_firmwareqca2066_firmwareqca6431ipq9008_firmwarewcn3910_firmwaresnapdragon_855_mobile_platform_firmwarewsa8830_firmwaresd855_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewcn3988qca6438snapdragon_780g_5g_mobile_platform_firmwaresnapdragon_685_4g_mobile_platform_firmwaresa8195p_firmwareqca9898sa8295p_firmwaresnapdragon_480\+_5g_mobile_platform__firmwareipq4028qca8337_firmwarewcd9380_firmwareipq8072asw5100psnapdragon_8cx_gen_2_5g_compute_platformipq8076a_firmwaresnapdragon_w5\+_gen_1_wearable_platformqca6564auipq9008qcn5164snapdragon_782g_mobile_platformfastconnect_6700qcn5054_firmwareqca8072_firmwareqca6430_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980snapdragon_732g_mobile_platform_firmwareqca6335_firmwarewcn3910qca6320qca9986_firmwaresnapdragon_4_gen_1_mobile_platformqca6426_firmwaresm4450qca9984snapdragon_670_mobile_platformqcn9024snapdragon_xr2\+_gen_1_platform_firmwareipq8064_firmwaresnapdragon_x50_5g_modem-rf_system_firmwareqca6421_firmwaresnapdragon_xr2_5g_platformar8031_firmwaresnapdragon_7c_gen_2_compute_platform__firmwareipq8070qca6564a_firmwarewsa8832snapdragon_8cx_gen_3_compute_platformqsm8250ipq6018snapdragon_730_mobile_platformsnapdragon_765_5g_mobile_platform__firmwareqcs4490qca6595_firmwaresa8145psnapdragon_710_mobile_platform_firmwareimmersive_home_214_platform_firmwareqca2064sd888_firmwaresa8155psd675snapdragon_860_mobile_platformsnapdragon_720g_mobile_platform_firmwarear8035_firmwareqcm2290snapdragon_855_mobile_platformqcn5024_firmwaresnapdragon_662_mobile_platform_firmwareqcn9070sa8145p_firmwareqcs2290_firmwarecsra6620qcn9072qca8386snapdragon_860_mobile_platform_firmwaresnapdragon_888_5g_mobile_platform_firmwareipq8069_firmwareipq6000sd730_firmwaresnapdragon_870_5g_mobile_platform__firmwarewcd9370ssg2115pqcn5152_firmwareqca6584au_firmwareqcn9000_firmwaresd_8cx_firmwareqcn7605immersive_home_216_platformimmersive_home_316_platformimmersive_home_318_platformqca2065sd662qcn5124_firmwareqam8295p_firmwareqca1064qcn6100_firmwareqca8082_firmwareqca6320_firmwaresnapdragon_778g_5g_mobile_platformqca6595auwcn3999_firmwareqca6436_firmwaresnapdragon_680_4g_mobile_platform_firmwaresnapdragon_w5\+_gen_1_wearable_platform_firmwareipq5010qca6564au_firmwaresa6155p_firmwareqca6310qcn9274qcn9001qca9990qcs6490vision_intelligence_300_platform_firmwaresa6145p_firmwaresm6250wsa8810_firmwarevision_intelligence_400_platformsnapdragon_7c_compute_platform_snapdragon_ar2_gen_1_platform_firmwaresg4150pqca8081ipq8071aipq8071a_firmwarewcd9385qca2065_firmwaresnapdragon_665_mobile_platform_firmwarear8035csr8811qcn9100_firmwarevision_intelligence_400_platform_firmwaresnapdragon_768g_5g_mobile_platform_firmwareqcm6490wsa8835_firmwareqca6564asa4150psg4150p_firmwareqcm4325qca8072qcm2290_firmwaresnapdragon_845_mobile_platformwcn3990qcn9000sd_675qca6554afastconnect_6800ar9380_firmwaresnapdragon_835_mobile_pc_platformqcn9012snapdragon_8c_compute_platformsd888qcn6122_firmwarewsa8835snapdragon_auto_5g_modem-rfsd_8_gen1_5gsm6250psnapdragon_678_mobile_platformsnapdragon_4_gen_1_mobile_platform_firmwaressg2125p_firmwareipq4018qca6574aqca9889sm7325pipq8074qca9994_firmwareqcn9003ipq8076_firmwaresd855sm4125_firmwareipq8076fastconnect_6200_firmwareipq8069qcn5021qcn5152vision_intelligence_300_platformsd460qca6391snapdragon_710_mobile_platformfastconnect_7800aqt1000_firmwareqcn9100qcm4490_firmwaresnapdragon_845_mobile_platform_firmwareqcm4290qcn9011sd_455ipq8074_firmwareqca6574ausa8155p_firmwareipq9574wcd9341_firmwarefastconnect_7800_firmwareqcm6125wsa8810snapdragon_730g_mobile_platform_firmwaresnapdragon_680_4g_mobile_platformsnapdragon_ar2_gen_1_platformsd835_firmwaresnapdragon_675_mobile_platformipq6010_firmwareqca6696sa6150pqcn9022_firmwaresnapdragon_768g_5g_mobile_platformqca9990_firmwareipq8070aqualcomm_robotics_rb5_platformqcn6100qcn9072_firmwaresm7250psnapdragon_8\+_gen_1_mobile_platform_firmwaresw5100_firmwareqcn9074_firmwareipq4029snapdragon_xr1_platform_firmwareSnapdragonqcn5024_firmwareqca6428_firmwareqcm2290_firmwareqca9985_firmwareipq4018_firmwareqca8337_firmwareipq4028_firmwareqca1062_firmwareqca9980_firmware315_5g_iot_modem_firmwareipq8076a_firmwareipq8173_firmwareqca6431_firmwarear9380_firmwareflight_rb5_5g_platform_firmwareqca4024_firmwareipq8065_firmwareimmersive_home_318_platform_firmwarecsr8811_firmwareipq5028_firmwareqca6420_firmwareqca6595au_firmwareipq8069_firmwareqcn5054_firmwareqca2064_firmwarecsra6620_firmwareqca8075_firmwarecsra6640_firmwareqca6584au_firmwareqca6310_firmwareqca8072_firmwareqca9984_firmwareqca6430_firmwareqca9994_firmwareqcn5052_firmwareipq8070a_firmwareqca6554a_firmwareqca6335_firmwareqca8386_firmwareipq6018_firmwareimmersive_home_316_platform_firmwareipq8076_firmwareqcm4325_firmwareqca6574_firmwareqca8084_firmwarepmp8074_firmwareqam8295p_firmwareqca9986_firmwareqca6426_firmwareqca8082_firmwareqca6320_firmwareqca6574a_firmwareqca6574au_firmwareqcn5122_firmwarefastconnect_6200_firmwareqca8081_firmwareipq9574_firmwareqca6436_firmwareipq8064_firmwareqca6438_firmwareqca6421_firmwareaqt1000_firmwareqca6564au_firmwareqca2062_firmwareipq8070_firmwareqcm4490_firmwareipq8078a_firmwareqca6678aq_firmwarear8031_firmwarecsrb31024_firmwareqcm6490_firmwareipq8078_firmwareipq4029_firmwarefastconnect_6900_firmwareipq6028_firmwareipq8072a_firmwareipq8074_firmwareqca9889_firmwarefastconnect_6700_firmwareqca6564a_firmwareipq8174_firmwarefastconnect_7800_firmwareqcm4290_firmwareqca6698aq_firmwareqca9886_firmwareipq8071a_firmwareqca8085_firmwareqca9888_firmwareipq8068_firmwareqca2066_firmwareipq6010_firmwareqca6696_firmwareqca2065_firmwareqca6595_firmwareqca1064_firmwareipq9008_firmwareqca6391_firmwareimmersive_home_214_platform_firmwareqca9898_firmwareqcn5021_firmwareqca9992_firmwareqca9990_firmwareipq5010_firmwareipq8074a_firmwareipq6000_firmwarefastconnect_6800_firmwareqcn5022_firmwareimmersive_home_216_platform_firmwarear8035_firmwareqcm6125_firmware
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2023-28567
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.48%
||
7 Day CHG~0.00%
Published-05 Sep, 2023 | 06:24
Updated-27 Feb, 2025 | 21:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Validation of Array Index in WLAN HAL

Memory corruption in WLAN HAL while handling command through WMI interfaces.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm6250p_firmwareipq4028_firmwareqca8337snapdragon_7car9380ipq8173_firmwareqcn5124wcn3950_firmwaresnapdragon_8_gen_1sc8180x\+sdx55sm4450_firmwareqca6595au_firmwaresa6155sd_455_firmwaresnapdragon_xr2\+_gen_1qcs6125_firmwaresnapdragon_730g_firmwaresc8180xp-adwcd9371_firmwarewcn3950qcn6024_firmwaresm4125snapdragon_662qsm8350_firmwareqsm8350sd460_firmwaresm7315_firmwaresnapdragon_778g\+_5gsnapdragon_712_firmwareqca8081_firmwareqca6420qcn9002snapdragon_xr2_5gsnapdragon_w5\+_gen_1qca9986snapdragon_888_5gipq8070_firmwareipq8065ipq8078a_firmwareipq8072_firmwaresc8180xp-aa_firmwaresa8155_firmwaresnapdragon_765_5g_firmwareipq8068qca6430snapdragon_778g\+_5g_firmwarewcd9340snapdragon_850qca6698aq_firmwaresnapdragon_865\+_5g_firmwaresnapdragon_675_firmwareqca9888_firmwareqcn6122qca6696_firmwarewcd9371qca1062sc8180x-abqcn5154_firmwaresd_8cxsa8150psnapdragon_auto_4g_firmwaresnapdragon_765g_5g_firmwareqca9992_firmwaresd660sd865_5g_firmwaresnapdragon_4_gen_1snapdragon_768g_5g_firmwaresd660_firmwarefastconnect_6800_firmwareqcn5022_firmwareqcn7606_firmwaresnapdragon_865_5g_firmwareqca6428_firmwareqca9985_firmwareipq4018_firmwaressg2125pqca9980_firmwareipq8078qca8084qcn9001_firmwareipq8173snapdragon_8_gen_1_firmwaresnapdragon_ar2_gen_1sd670_firmwareqca6574csr8811_firmwarewcd9380snapdragon_720gqcs410qcn5024sxr1230psc8180xp-ad_firmwareqca9985qcn9012_firmwareqcn9274_firmwareipq6018_firmwareqcm4325_firmwarewcd9340_firmwarewsa8815pmp8074_firmwareqcn6112snapdragon_xr2\+_gen_1_firmwareqcs8250ipq6028ipq8064sd835pmp8074ipq9574_firmwarewcn3980_firmwaresd730snapdragon_888_5g_firmwaresa8295psnapdragon_765g_5gqca2062_firmwarewcn6740_firmwareqcn5064_firmwareqcs4490_firmwareqca6678aqipq8078_firmwarefastconnect_6900qcn5054fastconnect_6900_firmwaresmart_audio_400_firmwareqca9994snapdragon_750g_5gqca9980sd670qcn9024_firmwareipq8174_firmwaresnapdragon_8\+_gen_1_firmwareqcm4290_firmwareqcn7605_firmwaresw5100p_firmwareqcs610_firmwaresa6145pqca9886_firmwarear8031snapdragon_712sc8280xp-bbqca6391_firmware315_5g_iot_firmwaresa4150p_firmwareqca4024wcd9370_firmwaresdx55qcn5021_firmwarecsra6640snapdragon_690_5gsnapdragon_xr1_firmwaressg2115p_firmwareqsm8250_firmwareqcn7606wsa8830sxr2230p_firmwaresnapdragon_x65_5gqca1062_firmwarecsrb31024qca8082snapdragon_690_5g_firmwareqca9992qcs4290qca6420_firmwareqca2064_firmwaresnapdragon_765_5gimmersive_home_216sd675_firmwareipq8072qca6426sc8280xp-abwcn3990_firmwareqrb5165n_firmwareqca9984_firmwaresnapdragon_xr1wcd9385_firmwarewcd9326_firmwarefastconnect_6200snapdragon_780g_5g_firmwareipq8074aqcn6102_firmwareqcn9011_firmwaresa8155qcn5122_firmwaresdx55_firmwaresnapdragon_7c_firmwareqcn6023_firmwaresm7250p_firmwareqrb5165nqca6584ausnapdragon_695_5g_firmwareipq8174qcn5052snapdragon_850_firmwareqcn6112_firmwarewcn3988_firmwareqcn9074qca6421qca8085fastconnect_6700_firmwaresa8195psxr1120snapdragon_636_firmwarewcd9326wcd9335qcm4490qcn6023qcs4290_firmwareqca8085_firmwaresxr2130_firmwaresnapdragon_auto_4gvision_intelligence_300_firmwareqcs6490_firmwaresnapdragon_660immersive_home_316_firmwaresnapdragon_xr2_5g_firmwareqca9898_firmwarewcd9375aqt1000315_5g_iotsc8180x\+sdx55_firmwaresm6250_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwaresxr1120_firmwareqcm6125_firmwaresnapdragon_665_firmwaresnapdragon_865_5gsnapdragon_636sd865_5gqca6595snapdragon_685_4g_firmwareipq8065_firmwaresxr1230p_firmwaresnapdragon_auto_5g_firmwaresnapdragon_7c\+_gen_3snapdragon_865\+_5gqcn5154qca8075_firmwaresc8180xp-acsxr2130qcn6132_firmwareqcn9003_firmwareqca9888qca6310_firmwaresnapdragon_8\+_gen_1ipq8070a_firmwareqca6574_firmwareqca9886snapdragon_888\+_5g_firmwaresnapdragon_480\+_5g_firmwaresm7325p_firmwaresxr2230pqca6574a_firmwaresnapdragon_678qrb5165msm7315sc8280xp-ab_firmwareqcn6102csrb31024_firmwareqcm6490_firmwarewsa8832_firmwareqcn9070_firmwareipq6028_firmwareipq8072a_firmwaresc8180xp-af_firmwareqca9889_firmwaresnapdragon_460_firmwareqcn5122qcs8250_firmwarevision_intelligence_300sc8180x-aa_firmwarerobotics_rb5_firmwareqcn5022sc8180x-aasc8180x-af_firmwareqca1064_firmwarewcn6740qca8075snapdragon_870_5g_firmwareqcn6024qcn9022qcn9002_firmwareipq6000_firmwareqcs410_firmwaresnapdragon_860_firmwareqca2066sa6150p_firmwareqcs610qcn5550sc8180x-ab_firmwareqca6431_firmwarewcd9360_firmwaresmart_audio_400qca4024_firmwareipq8078aipq5028_firmwaresa8150p_firmwareqcs2290qca6335qca2062qcn5064snapdragon_x55_5gvision_intelligence_400csra6620_firmwaresd_675_firmwarecsra6640_firmwareqca6554a_firmwarerobotics_rb3qam8295pipq8076aqca8386_firmwaresd_8_gen1_5g_firmwareqca8084_firmwaresnapdragon_x65_5g_firmwaresnapdragon_768g_5gsnapdragon_730_firmwareqca6428snapdragon_x55_5g_firmwareqca6574au_firmwareqcn5164_firmwareipq8071snapdragon_845wcd9375_firmwaresa6155_firmwarewcd9360qca6438_firmwaresc8180xp-afqca6678aq_firmwarewcn3999qrb5165m_firmwareipq5028qca7500ipq4029_firmwareqca6698aqqcs6125ipq6010sd662_firmwaresnapdragon_870_5gsnapdragon_855\+qcn6132sw5100qca6436sa6155psnapdragon_710snapdragon_630wcd9341ipq8068_firmwareqca2066_firmwareqca6431sc8180xp-ab_firmwareipq9008_firmwarewcn3910_firmwarewsa8830_firmwaresd855_firmwaresnapdragon_778g_5gwcn3988qca6438snapdragon_662_firmwaresa8195p_firmwareqca9898sa8295p_firmwareipq4028immersive_home_216_firmwareqca8337_firmwarewcd9380_firmwarerobotics_rb3_firmwareipq8072aqca7500_firmwaresw5100psnapdragon_665immersive_home_214_firmwareipq8076a_firmwareqca6564auipq9008vision_intelligence_400_firmwareqcn5164sc8180xp-aasnapdragon_x50_5gfastconnect_6700qcn5054_firmwareipq4019_firmwaresnapdragon_auto_5gsnapdragon_480_5gqca8072_firmwaresc8180x-ac_firmwareqca6430_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980snapdragon_460qca6335_firmwaresnapdragon_680_4g_firmwarewcn3910qca6320qca9986_firmwareqca6426_firmwaresm4450qca9984sc8180x-adqcn9024qcn5550_firmwareipq8064_firmwareqca6421_firmwaresnapdragon_670_firmwaresnapdragon_730ar8031_firmwaresnapdragon_710_firmwareipq8070immersive_home_318qca6564a_firmwareqca9880wsa8832sc8180xp-ac_firmwareqsm8250ipq6018qcs4490qca6595_firmwaresa8145pqca2064snapdragon_730gsd888_firmwaresa8155psd675ar8035_firmwareqcm2290qcn5024_firmwareqcn9070sa8145p_firmwareimmersive_home_318_firmwareqcs2290_firmwaresnapdragon_845_firmwaresnapdragon_4_gen_1_firmwaresnapdragon_7c\+_gen_3_firmwarecsra6620qcn9072sc8280xp-bb_firmwareqca8386qca9880_firmwareipq6000sd730_firmwarewcd9370ssg2115pqcn5152_firmwaresnapdragon_835_firmwareqca6584au_firmwareqcn9000_firmwaresnapdragon_720g_firmwaresd_8cx_firmwareqcn7605snapdragon_782g_firmwaresnapdragon_732gqca2065sd662qcn5124_firmwareqam8295p_firmwareqca1064flight_rb5_5g_firmwareqcn6100_firmwareqca8082_firmwareqca6320_firmwareqca6595auwcn3999_firmwareqca6436_firmwaresnapdragon_888\+_5gipq5010immersive_home_214qca6564au_firmwaresa6155p_firmwareqca6310qcn9274snapdragon_855\+_firmwareqcn9001qca9990qcs6490snapdragon_732g_firmwaresnapdragon_778g_5g_firmwaresa6145p_firmwaresm6250wsa8810_firmwarerobotics_rb5sg4150psnapdragon_780g_5gqca8081snapdragon_630_firmwareipq8071aipq8071a_firmwarewcd9385qca2065_firmwaresc8180x-acar8035csr8811ipq4019qcn9100_firmwaresnapdragon_480_5g_firmwareqcm6490wsa8835_firmwaresnapdragon_695_5gqca6564asa4150psg4150p_firmwareqcm4325qca8072qcm2290_firmwarewcn3990qcn9000sd_675qca6554afastconnect_6800ar9380_firmwareqcn9012sd888snapdragon_855qcn6122_firmwarewsa8835snapdragon_860sd_8_gen1_5gsm6250psnapdragon_855_firmwaresnapdragon_670ssg2125p_firmwareipq4018qca6574aqca9889sc8180x-afsm7325pipq8074qca9994_firmwareqcn9003snapdragon_678_firmwareipq8076_firmwaresd855sm4125_firmwareipq8076snapdragon_782gfastconnect_6200_firmwareqcn5021qcn5152sd460qca6391snapdragon_w5\+_gen_1_firmwarefastconnect_7800aqt1000_firmwareqcn9100qcm4490_firmwaresnapdragon_685_4gsnapdragon_ar2_gen_1_firmwaresnapdragon_660_firmwareqcm4290snapdragon_675qcn9011sd_455ipq8074_firmwareimmersive_home_316qca6574ausa8155p_firmwaresnapdragon_680_4gipq9574snapdragon_x50_5g_firmwarewcd9341_firmwarefastconnect_7800_firmwareqcm6125wsa8810sd835_firmwaresnapdragon_835ipq6010_firmwareqca6696sc8180xp-absa6150pqcn9022_firmwareqca9990_firmwareflight_rb5_5gipq8070aqcn6100qcn9072_firmwaresc8180x-ad_firmwaresm7250pipq8071_firmwareqcn9074_firmwaresw5100_firmwareipq4029snapdragon_480\+_5gsnapdragon_750g_5g_firmwareSnapdragon
CWE ID-CWE-129
Improper Validation of Array Index
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-28573
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.77%
||
7 Day CHG~0.00%
Published-05 Sep, 2023 | 06:24
Updated-02 Aug, 2024 | 13:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Validation of Array Index in WLAN HAL

Memory corruption in WLAN HAL while parsing WMI command parameters.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qam8255p_firmwareqca2066sa6150p_firmwaresc8180x-ab_firmwareqca8337ar9380ipq8173_firmwareqca6431_firmwarewcd9360_firmwareqcn5124qca4024_firmwarewcn3950_firmwaresnapdragon_8_gen_1sc8180x\+sdx55ipq8078aipq5028_firmwaresa8150p_firmwareqca6595au_firmwaresa6155qca2062snapdragon_x55_5gsnapdragon_xr2\+_gen_1sc8180xp-adqca6554a_firmwareqam8295pwcn3950qcn6024_firmwareipq8076aqca8386_firmwaresd_8_gen1_5g_firmwareqca8084_firmwareqsm8350_firmwareqsm8350snapdragon_x65_5g_firmwaresm7315_firmwaresnapdragon_778g\+_5gsnapdragon_x55_5g_firmwareqca6574au_firmwareqcn5164_firmwareipq8071wcd9375_firmwareqca8081_firmwaresa6155_firmwareqca6420wcd9360qcn9002snapdragon_xr2_5gqca9986snapdragon_888_5gipq8070_firmwaresc8180xp-afipq8065ipq8078a_firmwareqca6678aq_firmwareqrb5165m_firmwareipq5028ipq8072_firmwaresc8180xp-aa_firmwareqca6698aqsa8155_firmwareipq6010ipq8068qca6430snapdragon_870_5gsnapdragon_778g\+_5g_firmwarewcd9340qcn6132qca6436sa6155pqca6698aq_firmwaresnapdragon_865\+_5g_firmwareqca9888_firmwareqcn6122wcd9341sa8255pipq8068_firmwareqca6696_firmwareqca2066_firmwareqca6431sc8180xp-ab_firmwareqca1062ipq9008_firmwaresc8180x-abqcn5154_firmwareqca6797aqsa8150psnapdragon_auto_4g_firmwarewsa8830_firmwareqca9992_firmwaresd865_5g_firmwaresnapdragon_778g_5gsa8195p_firmwarefastconnect_6800_firmwareqcn5022_firmwaresnapdragon_865_5g_firmwaresa8295p_firmwareqca9985_firmwareimmersive_home_216_firmwareqca8337_firmwarewcd9380_firmwaressg2125pipq8072aqca9980_firmwareimmersive_home_214_firmwareipq8076a_firmwareipq8078qca8084qcn9001_firmwareipq8173snapdragon_8_gen_1_firmwareqca6564auipq9008qcn5164snapdragon_ar2_gen_1qca6574csr8811_firmwarewcd9380sc8180xp-aafastconnect_6700qcn5054_firmwareqcn5024snapdragon_auto_5gsxr1230psc8180xp-ad_firmwareqca9985qcn9012_firmwareqca8072_firmwareqcn9274_firmwaresc8180x-ac_firmwareqca6430_firmwareqcn5052_firmwarewcn3980ipq6018_firmwarewcd9340_firmwarewsa8815pmp8074_firmwareqcn6112snapdragon_xr2\+_gen_1_firmwareqca9986_firmwareqcs8250qca6426_firmwareqca9984ipq6028ipq8064sc8180x-adpmp8074qcn9024ipq9574_firmwarewcn3980_firmwaresnapdragon_888_5g_firmwareipq8064_firmwaresa8295pqca6421_firmwareqca2062_firmwarewcn6740_firmwareqcs4490_firmwareqca6678aqipq8078_firmwarefastconnect_6900qcn5054fastconnect_6900_firmwareipq8070immersive_home_318qca9994qca6797aq_firmwareqca9980qcn9024_firmwareipq8174_firmwaresnapdragon_8\+_gen_1_firmwarewsa8832sc8180xp-ac_firmwareqsm8250sa6145pipq6018qca9886_firmwareqcs4490qca6595_firmwaresa8145psc8280xp-bbqca6391_firmware315_5g_iot_firmwaresa4150p_firmwareqca4024wcd9370_firmwareqca2064sdx55sd888_firmwareqcn5021_firmwaresa8155pssg2115p_firmwareqam8255par8035_firmwareqsm8250_firmwareqcn5024_firmwarewsa8830qcn9070sxr2230p_firmwaresa8145p_firmwaresnapdragon_x65_5gqca1062_firmwareimmersive_home_318_firmwarecsrb31024snapdragon_7c\+_gen_3_firmwareqca8082qcn9072sc8280xp-bb_firmwareqca8386qca9992qca6420_firmwareqca2064_firmwareipq6000wcd9370immersive_home_216ssg2115pipq8072qcn5152_firmwareqca6426sc8280xp-abqca6584au_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwarewcd9385_firmwaresnapdragon_782g_firmwarefastconnect_6200snapdragon_780g_5g_firmwareipq8074aqca2065qcn5124_firmwareqam8295p_firmwareqcn6102_firmwareqcn9011_firmwareqca1064sa8155flight_rb5_5g_firmwareqcn6100_firmwareqca8082_firmwareqcn5122_firmwaresdx55_firmwareqca6595auqcn6023_firmwareqca6436_firmwareqrb5165nsnapdragon_888\+_5gipq5010immersive_home_214qca6564au_firmwareqca6584ausa6155p_firmwareqcn9274ipq8174qcn9001qca9990qcs6490qcn5052qcs8550_firmwareqcn6112_firmwaresnapdragon_778g_5g_firmwareqcn9074sa6145p_firmwareqca6421qca8085fastconnect_6700_firmwaresa8195pwsa8810_firmwarerobotics_rb5sa8255p_firmwaresnapdragon_780g_5gqca8081qcm4490qcn6023ipq8071aipq8071a_firmwarewcd9385qca8085_firmwaresxr2130_firmwaresnapdragon_auto_4gqcs6490_firmwareqca2065_firmwareimmersive_home_316_firmwaresc8180x-acsnapdragon_xr2_5g_firmwarear8035wcd9375csr8811aqt1000315_5g_iotsc8180x\+sdx55_firmwareqcn9100_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwareqcm6490wsa8835_firmwaresa4150pqca8072snapdragon_865_5gqcn9000qca6554asd865_5gfastconnect_6800qca6595ar9380_firmwareqcn9012sd888qcn6122_firmwareipq8065_firmwaresxr1230p_firmwaresnapdragon_auto_5g_firmwarewsa8835sd_8_gen1_5gsnapdragon_7c\+_gen_3snapdragon_865\+_5gqcn5154qca8075_firmwaresc8180xp-acsxr2130ssg2125p_firmwareqca6574aqca9889sc8180x-afsm7325pqcn6132_firmwareqcn9003_firmwareqca9888ipq8074qca9994_firmwaresnapdragon_8\+_gen_1qcn9003ipq8070a_firmwareipq8076_firmwareqca6574_firmwareqca9886snapdragon_888\+_5g_firmwaresm7325p_firmwaresxr2230pipq8076snapdragon_782gqca6574a_firmwarefastconnect_6200_firmwareqcn5021qcn5152qrb5165msm7315qca6391sc8280xp-ab_firmwarefastconnect_7800aqt1000_firmwareqcn6102qcn9100qcm4490_firmwaresnapdragon_ar2_gen_1_firmwarecsrb31024_firmwareqcm6490_firmwarewsa8832_firmwareqcn9070_firmwareipq6028_firmwareipq8072a_firmwareqcn9011sc8180xp-af_firmwareipq8074_firmwareimmersive_home_316qca9889_firmwareqca6574ausa8155p_firmwareqcn5122ipq9574qcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwarewsa8810sc8180x-aa_firmwarerobotics_rb5_firmwareqcn5022sc8180x-aaipq6010_firmwaresc8180x-af_firmwareqca1064_firmwarewcn6740qca6696qcs8550sc8180xp-absa6150pqca8075qcn9022_firmwaresnapdragon_870_5g_firmwareqcn6024qcn9022qca9990_firmwareflight_rb5_5gqcn9002_firmwareipq8070aqcn6100qcn9072_firmwaresc8180x-ad_firmwareipq6000_firmwareipq8071_firmwareqcn9074_firmwareSnapdragon
CWE ID-CWE-129
Improper Validation of Array Index
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-35121
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 8.66%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 09:40
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An array index is improperly used to lock and unlock a mutex which can lead to a Use After Free condition In the Synx driver in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm2290_firmwarewcn3991_firmwarewcn3991wsa8830wcd9380_firmwareqcs2290_firmwaresd865_5gsdx55m_firmwarewsa8835qcs4290wcn3950_firmwarewcd9380sd765g_firmwareqcs2290qca6390_firmwaresd690_5gwcd9370sd690_5g_firmwareqca6426qrb5165n_firmwarewcn3998wcd9385_firmwaresdxr2_5g_firmwarewcn3950wcd9326_firmwarewcn3615_firmwarewsa8815wcn6850sd662wcn3910sd460_firmwaresd765qca6426_firmwarewcn3680b_firmwaresd768g_firmwarewcd9375_firmwarewcn3615wcn3998_firmwareqrb5165msm7250p_firmwaresd460qca6391sdx55mapq8053_firmwareqca6436_firmwareqrb5165nsd680_firmwaremsm8953qcm4290qrb5165_firmwareqrb5165m_firmwaresdxr2_5gqrb5165wcn6851_firmwaresd662_firmwarewcn3988_firmwarewsa8810_firmwaresd765gqcm4290_firmwaresd765_firmwaresd870qca6436sd680wcd9326wcn6851wsa8810wcn3680bqcs4290_firmwarewcd9385sd768gsd750gsd870_firmwareqca6391_firmwareqca6390wcd9375sd750g_firmwarewcn3910_firmwarewcd9370_firmwaremsm8953_firmwareapq8053wsa8830_firmwaresd865_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresm7250pqcm2290Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2018-5851
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.03%
||
7 Day CHG~0.00%
Published-12 Jun, 2018 | 20:00
Updated-16 Sep, 2024 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer over flow can occur while processing a HTT_T2H_MSG_TYPE_TX_COMPL_IND message with an out-of-range num_msdus value in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-129
Improper Validation of Array Index
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2019-14046
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.69%
||
7 Day CHG~0.00%
Published-07 Feb, 2020 | 05:00
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound access while allocating memory for an array in camera due to improper validation of elements parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in QCS605, SDM439, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdx24_firmwaresdm439_firmwaresdx24sdm439qcs605qcs605_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2018-5883
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.80%
||
7 Day CHG~0.00%
Published-14 Jun, 2019 | 17:02
Updated-05 Aug, 2024 | 05:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in WLAN driver event handlers due to improper validation of array index in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCS405, QCS605, SD 636, SD 675, SD 730, SD 820A, SD 835, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_855sd_730_firmwaremdm9640_firmwaresd_820asd_675msm8996au_firmwaresdx20sdm660sdx24sdm630mdm9607_firmwaresd_636mdm9650qcs405mdm9607msm8996ausd_636_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_730sdx24_firmwaresd_855_firmwareqcs405_firmwaresdm630_firmwaresda660_firmwaremdm9206_firmwareqcs605sd_835_firmwaremdm9650_firmwaresdx20_firmwaresd_835sda660sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2018-5838
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 5.45%
||
7 Day CHG~0.00%
Published-06 Jul, 2018 | 17:00
Updated-16 Sep, 2024 | 19:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper Validation of Array Index In the adreno OpenGL driver in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear, an out-of-bounds access can occur in SurfaceFlinger.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_820amsm8996au_firmwaresdx20sd_415sd_616sd_425sd_430_firmwaremdm9607_firmwaresd_615mdm9650sd_650_firmwaresd_625sd_615_firmwaremsm8909w_firmwaremdm9607msm8996ausd_210sd_650sd_820_firmwaresd_820sd_450_firmwaresd_800sd_845_firmwaresd_617sd_820a_firmwaremdm9206sd_652sd_425_firmwaresd_212_firmwaresd_800_firmwaresd_625_firmwaresd_450sd_845mdm9206_firmwaresd_430sd_810sd_835_firmwaremdm9650_firmwaresdx20_firmwaresd_600_firmwaresd_205sd_835sd_210_firmwaresd_600sd_415_firmwaresd_652_firmwaremsm8909wsd_810_firmwaresd_616_firmwaresd_205_firmwaresd_212sd_617_firmwareSnapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2023-24850
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 6.78%
||
7 Day CHG~0.00%
Published-03 Oct, 2023 | 05:00
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Validation of Array Index in HLOS

Memory Corruption in HLOS while importing a cryptographic key into KeyMaster Trusted Application.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1010_firmwaresdm429w_firmwareqcm8550_firmwareapq8017sd865_5gsa6150p_firmwaresw5100psnapdragon_429_mobile_platform_firmwaresxr1120qca6595snapdragon_xr1_platformwcd9335wcd9370qca8081_firmwaresm7250-absnapdragon_x50_5g_modem-rf_systemqca6696wcd9340_firmwarewcd9341_firmwaresnapdragon_626_mobile_platform_firmwarewcd9395_firmwareqcn6024qcc710_firmwareqca6426wcn6740_firmwarefastconnect_6700wcn3610sa4150psm7325-ae_firmwarewsa8832_firmwareqca8337qdu1110qca6426_firmwarewcd9395snapdragon_460_mobile_platformqca6574au_firmwareqcn7606_firmwareqam8295pwcd9341sd626_firmwaresnapdragon_435_mobile_platformqca6574auwcd9390wsa8810_firmwaresd730_firmwarewsa8845h_firmwarepm8937_firmwarecsra6640sa9000p_firmwaresrv1hwcn3660_firmwarewcn3660b_firmwaresd730fastconnect_6800_firmwaresm8150-acqcn6024_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaresm7150-acsnapdragon_695_5g_mobile_platformsnapdragon_4_gen_1_mobile_platform_firmwarevideo_collaboration_vc1_platform_firmwaresa4155pqcm6125_firmwaressg2115pqcc710snapdragon_625_mobile_platform_firmwaresa8540psm7250-aa_firmwaresxr1120_firmwaresnapdragon_695_5g_mobile_platform_firmwareqsm8350_firmwaresnapdragon_427_mobile_platformfastconnect_6900video_collaboration_vc1_platformqru1032_firmwareqfw7114wcd9385_firmwareqca6421snapdragon_x55_5g_modem-rf_systemsnapdragon_450_mobile_platformqam8255p_firmwaresa8155_firmwaresm7150-absnapdragon_888_5g_mobile_platform_firmwaresnapdragon_ar2_gen_1_platform_firmwareapq8053-aa_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqcs4490snapdragon_8\+_gen_2_mobile_platform_firmwarewsa8845sa6155pqca6421_firmwareqcm6125sm7150-ac_firmwarewsa8810qam8650pqdu1000_firmwaresa9000psrv1h_firmwaresnapdragon_8\+_gen_2_mobile_platformsm8350-acqca6595ausm7315_firmwareqdu1010wcd9326_firmwaresa6155p_firmwarewsa8840qcs8550_firmwaresnapdragon_632_mobile_platform_firmwareqdu1210_firmwareqfw7124_firmwareqca6436_firmwaresnapdragon_8\+_gen_1_mobile_platformqcs4490_firmwaresnapdragon_8_gen_2_mobile_platformwcn3910_firmwaresnapdragon_7c\+_gen_3_compute_firmwaresm4125_firmwaresm8250-ac_firmwareqca6420wcn3910wcd9370_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresnapdragon_750g_5g_mobile_platform_firmwareqdu1110_firmwareqdu1000wcn3660bqca6574asm7325-aewcn3620_firmwareqca6174asa8195pwcd9340qcm2290qdu1210sm6150-acqcm6490sa8540p_firmwaresm8150-ac_firmwaresm8550p_firmwareqcm8550wcn3988snapdragon_450_mobile_platform_firmwareqcn9024qca9379snapdragon_460_mobile_platform_firmwaresm7325-afqca6574snapdragon_x75_5g_modem-rf_systemsxr2230p_firmwarehome_hub_100_platformqca6430_firmwareqamsrv1hqcn9024_firmwarewsa8845hsa6150psm7250-aawcd9326qcm2290_firmwaresa8155p_firmwaresa8155pwsa8830snapdragon_675_mobile_platformsnapdragon_662_mobile_platformsm8550psa6145psnapdragon_8\+_gen_1_mobile_platform_firmwaresa8255p_firmwaresnapdragon_665_mobile_platformar8035snapdragon_626_mobile_platformsa6155sa8650p_firmwarewcn3620qcm4325snapdragon_427_mobile_platform_firmwareqcn6224sc8280xp-abqca6698aqwcn3950_firmwaressg2125p_firmwaresnapdragon_632_mobile_platformsm6250snapdragon_8_gen_1_mobile_platformsm7250-acfastconnect_6200snapdragon_710_mobile_platformsd670sm7325p_firmwarewcn3680bsa8145p_firmwareqdx1011smart_audio_400_platformsa8150p_firmwaresnapdragon_w5\+_gen_1_wearable_platformfastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwarewcn3990sd670_firmwaresnapdragon_680_4g_mobile_platform_firmwareqcs6490snapdragon_750g_5g_mobile_platformsc8280xp-bb_firmwarefastconnect_6200_firmwaresm7150-aawsa8830_firmwareqcn6224_firmwareqca6431wsa8845_firmwarewsa8832qca9379_firmwaresxr2130_firmwaresnapdragon_675_mobile_platform_firmwarear8035_firmwaresnapdragon_888_5g_mobile_platformsnapdragon_w5\+_gen_1_wearable_platform_firmwaresm8250-ab_firmwaresa4150p_firmwaresd888_firmwaresnapdragon_662_mobile_platform_firmwareqcs6125_firmwaresm7325-af_firmwarewsa8815_firmwaresm8250-absa8195p_firmwareqca8337_firmwareapq8053-ac_firmwareqcm4290snapdragon_680_4g_mobile_platformsg8275p_firmwareqcm6490_firmwaresm8350-ac_firmwaresm7250p_firmwaresm4125qcm4490_firmwaresnapdragon_855_mobile_platformqru1032wcn3950snapdragon_xr2_5g_platformsnapdragon_429_mobile_platformqcs6125apq5053-aa_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqca6797aq_firmwaresnapdragon_7c\+_gen_3_computesnapdragon_xr2\+_gen_1_platform_firmwaresnapdragon_670_mobile_platform_firmwaresnapdragon_439_mobile_platformsnapdragon_780g_5g_mobile_platformapq8037snapdragon_710_mobile_platform_firmwaresa8295p_firmwareapq5053-aasa4155p_firmwaresnapdragon_720g_mobile_platformsm7250psm6250_firmwaresa8155sm7150-aa_firmwaresnapdragon_780g_5g_mobile_platform_firmwareqcn6274_firmwaresd888qru1062_firmwaresnapdragon_4_gen_2_mobile_platformsw5100_firmwaresnapdragon_439_mobile_platform_firmwaresnapdragon_425_mobile_platformwcn6740qru1062sm6225-ad_firmwaresd626fastconnect_6800qfw7114_firmwaresc8280xp-ab_firmwareqca6595_firmwaresm8250-acfastconnect_7800_firmwarepm8937fastconnect_6900_firmwareapq8017_firmwarewcd9380sa6145p_firmwareqam8255psa6155_firmwaresxr2230psnapdragon_xr2_5g_platform_firmwaresnapdragon_4_gen_1_mobile_platformhome_hub_100_platform_firmwaresa8150psnapdragon_778g_5g_mobile_platformsnapdragon_665_mobile_platform_firmwaresxr1230psm6225-adwcn3660sm4350-acsw5100video_collaboration_vc3_platformsnapdragon_430_mobile_platform_firmwareaqt1000snapdragon_865_5g_mobile_platform_firmwareqam8295p_firmwaresd855qca6431_firmwarewcn3990_firmwaresm7315qca6698aq_firmwareqcs2290wcd9385qcn7606qsm8350qcs2290_firmwaresc8280xp-bbwcn3615wcn3610_firmwaresa8255psnapdragon_720g_mobile_platform_firmwareqcs4290sxr1230p_firmwarewcd9390_firmwaresnapdragon_690_5g_mobile_platformqca6430sg8275pqdx1011_firmwarewcn3615_firmwaresm7250-ab_firmwaressg2125pqru1052sxr2130qcm4490sm7150-ab_firmwarecsra6640_firmwaresnapdragon_435_mobile_platform_firmwaresnapdragon_xr2\+_gen_1_platformqca6174a_firmwaresm7325pqam8650p_firmwareapq8037_firmwaresnapdragon_855_mobile_platform_firmwareqca6420_firmwareaqt1000_firmwareqcs6490_firmwaresm6150-ac_firmwaresnapdragon_x65_5g_modem-rf_systemsdm429wsd855_firmwarewcd9335_firmwarewcn3980_firmwareqca6436qcn6274snapdragon_480_5g_mobile_platform_firmwarewsa8835wsa8840_firmwareqca6391_firmwareqfw7124qca6595au_firmwareqdu1010_firmwaresw5100p_firmwaresnapdragon_ar2_gen_1_platformqca6696_firmwareqcs4290_firmwaresnapdragon_865_5g_mobile_platformapq8053-acwcd9380_firmwareqca6574_firmwarecsra6620qca8081wsa8815sg4150psd_8_gen1_5gqam8775pqca6797aqqcm4325_firmwaresnapdragon_430_mobile_platformqca6574a_firmwareqcm4290_firmwaresd_8_gen1_5g_firmwarewcd9375_firmwaresnapdragon_425_mobile_platform_firmwareqca6391qualcomm_215_mobile_platformsmart_audio_400_platform_firmwaresnapdragon_778g_5g_mobile_platform_firmwaresg4150p_firmwaresnapdragon_480_5g_mobile_platformqru1052_firmwaresnapdragon_670_mobile_platformcsra6620_firmwaresnapdragon_8_gen_2_mobile_platform_firmwaresa8295psnapdragon_xr1_platform_firmwareqcs8550snapdragon_x50_5g_modem-rf_system_firmwaresnapdragon_625_mobile_platformfastconnect_7800sa8650pqam8775p_firmwaresd865_5g_firmwarequalcomm_215_mobile_platform_firmwarewcd9375wcn3988_firmwareqamsrv1h_firmwaresa8145psm4350-ac_firmwarewsa8835_firmwaressg2115p_firmwareapq8053-aasnapdragon_x75_5g_modem-rf_system_firmwarewcn3980sm7250-ac_firmwaresnapdragon_690_5g_mobile_platform_firmwareqdx1010wcn3680b_firmwareSnapdragon
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2019-14044
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.13%
||
7 Day CHG~0.00%
Published-07 Feb, 2020 | 05:00
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound access due to access of uninitialized memory segment in an array of pointers while normal camera open close in Snapdragon Consumer IOT, Snapdragon Mobile in QCS605, SDM439, SDM630, SDM636, SDM660, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdx24_firmwaresdm636_firmwaresdm439_firmwaresdm636sdm660_firmwaresdm630_firmwaresdx24sdm630sdm660sdm439qcs605qcs605_firmwareSnapdragon Consumer IOT, Snapdragon Mobile
CWE ID-CWE-129
Improper Validation of Array Index
CWE ID-CWE-908
Use of Uninitialized Resource
CVE-2018-3576
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.03%
||
7 Day CHG~0.00%
Published-12 Jun, 2018 | 20:00
Updated-16 Sep, 2024 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

improper validation of array index in WiFi driver function sapInterferenceRssiCount() leads to array out-of-bounds access in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2019-14036
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.39%
||
7 Day CHG~0.00%
Published-21 Jan, 2020 | 06:30
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow issue in error processing due to improper validation of array index value in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8064, APQ8096AU, IPQ4019, IPQ8064, IPQ8074, MDM9607, MDM9615, MDM9640, MSM8996AU, QCN7605

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwareipq8074apq8064apq8096aumsm8996au_firmwareqcn7605mdm9615mdm9607_firmwareipq4019ipq8074_firmwareapq8096au_firmwaremdm9607msm8996aumdm9615_firmwareipq8064apq8064_firmwareqcn7605_firmwareipq8064_firmwareipq4019_firmwaremdm9640Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-129
Improper Validation of Array Index
  • Previous
  • 1
  • 2
  • 3
  • 4
  • Next
Details not found