Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2018-13908

Summary
Assigner-qualcomm
Assigner Org ID-2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At-14 Jun, 2019 | 17:02
Updated At-05 Aug, 2024 | 09:14
Rejected At-
Credits

Truncated access authentication token leads to weakened access control for stored secure application data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9150, MDM9206, MDM9607, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCA8081, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:qualcomm
Assigner Org ID:2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At:14 Jun, 2019 | 17:02
Updated At:05 Aug, 2024 | 09:14
Rejected At:
▼CVE Numbering Authority (CNA)

Truncated access authentication token leads to weakened access control for stored secure application data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9150, MDM9206, MDM9607, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCA8081, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130

Affected Products
Vendor
Qualcomm Technologies, Inc.Qualcomm, Inc.
Product
Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
Versions
Affected
  • IPQ8074, MDM9150, MDM9206, MDM9607, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCA8081, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130
Problem Types
TypeCWE IDDescription
textN/AImproper Authentication For Secure Application Data
Type: text
CWE ID: N/A
Description: Improper Authentication For Secure Application Data
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.qualcomm.com/company/product-security/bulletins
x_refsource_CONFIRM
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.qualcomm.com/company/product-security/bulletins
x_refsource_CONFIRM
x_transferred
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:product-security@qualcomm.com
Published At:14 Jun, 2019 | 17:29
Updated At:17 Jun, 2019 | 21:10

Truncated access authentication token leads to weakened access control for stored secure application data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9150, MDM9206, MDM9607, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCA8081, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.07.8HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary2.04.6MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.0
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 4.6
Base severity: MEDIUM
Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
Qualcomm Technologies, Inc.
qualcomm
>>ipq8074_firmware>>-
cpe:2.3:o:qualcomm:ipq8074_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>ipq8074>>-
cpe:2.3:h:qualcomm:ipq8074:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9150_firmware>>-
cpe:2.3:o:qualcomm:mdm9150_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9150>>-
cpe:2.3:h:qualcomm:mdm9150:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9206_firmware>>-
cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9206>>-
cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9607_firmware>>-
cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9607>>-
cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9650_firmware>>-
cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9650>>-
cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9655_firmware>>-
cpe:2.3:o:qualcomm:mdm9655_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9655>>-
cpe:2.3:h:qualcomm:mdm9655:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8909w_firmware>>-
cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8909w>>-
cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8996au_firmware>>-
cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8996au>>-
cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca8081_firmware>>-
cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca8081>>-
cpe:2.3:h:qualcomm:qca8081:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcs405_firmware>>-
cpe:2.3:o:qualcomm:qcs405_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcs405>>-
cpe:2.3:h:qualcomm:qcs405:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qm215_firmware>>-
cpe:2.3:o:qualcomm:qm215_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qm215>>-
cpe:2.3:h:qualcomm:qm215:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_210_firmware>>-
cpe:2.3:o:qualcomm:sd_210_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_210>>-
cpe:2.3:h:qualcomm:sd_210:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_212_firmware>>-
cpe:2.3:o:qualcomm:sd_212_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_212>>-
cpe:2.3:h:qualcomm:sd_212:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_205_firmware>>-
cpe:2.3:o:qualcomm:sd_205_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_205>>-
cpe:2.3:h:qualcomm:sd_205:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_410_firmware>>-
cpe:2.3:o:qualcomm:sd_410_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_410>>-
cpe:2.3:h:qualcomm:sd_410:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_412_firmware>>-
cpe:2.3:o:qualcomm:sd_412_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_412>>-
cpe:2.3:h:qualcomm:sd_412:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_425_firmware>>-
cpe:2.3:o:qualcomm:sd_425_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_425>>-
cpe:2.3:h:qualcomm:sd_425:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_427_firmware>>-
cpe:2.3:o:qualcomm:sd_427_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_427>>-
cpe:2.3:h:qualcomm:sd_427:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_430_firmware>>-
cpe:2.3:o:qualcomm:sd_430_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_430>>-
cpe:2.3:h:qualcomm:sd_430:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_435_firmware>>-
cpe:2.3:o:qualcomm:sd_435_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_435>>-
cpe:2.3:h:qualcomm:sd_435:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_439_firmware>>-
cpe:2.3:o:qualcomm:sd_439_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_439>>-
cpe:2.3:h:qualcomm:sd_439:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_429_firmware>>-
cpe:2.3:o:qualcomm:sd_429_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_429>>-
cpe:2.3:h:qualcomm:sd_429:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_450_firmware>>-
cpe:2.3:o:qualcomm:sd_450_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_450>>-
cpe:2.3:h:qualcomm:sd_450:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_615_firmware>>-
cpe:2.3:o:qualcomm:sd_615_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_615>>-
cpe:2.3:h:qualcomm:sd_615:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_616_firmware>>-
cpe:2.3:o:qualcomm:sd_616_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd_616>>-
cpe:2.3:h:qualcomm:sd_616:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-285Primarynvd@nist.gov
CWE ID: CWE-285
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.qualcomm.com/company/product-security/bulletinsproduct-security@qualcomm.com
Vendor Advisory
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins
Source: product-security@qualcomm.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

489Records found
CVE-2021-30260
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.05% / 16.79%
||
7 Day CHG~0.00%
Published-17 Sep, 2021 | 07:05
Updated-03 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible Integer overflow to buffer overflow issue can occur due to improper validation of input parameters when extscan hostlist configuration command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresm7250mdm9640_firmwaresm6250p_firmwareipq4028_firmwareqca1023qca8337ar9380ipq8173_firmwareqcn5124mdm9645msm8992_firmwarewcn3950_firmwaresc8180x\+sdx55qca6595au_firmwaresa6155mdm8215sd_455_firmwareapq8076qcs6125_firmwaresa415mwcn3998wcd9371_firmwarewcn3950qcn6024_firmwaresd720gsm4125mdm9206_firmwarewcn3660bqsm8350_firmwareqsm8350sd460_firmwareqca8081_firmwarewcn3998_firmwareqca6420apq8053_firmwareipq8070_firmwareqca9367_firmwareipq8078a_firmwareipq8072_firmwareqca0000sa8155_firmwareqca6430wcd9340sdm830_firmwaresd765gmdm9250_firmwareqca9888_firmwareqcn6122qca6696_firmwarewcd9371sd870_firmwareqca1062qcn5154_firmwaremdm8215_firmwaresd_8cxsa8150pqca9992_firmwaresd660sd865_5g_firmwaresd712sd660_firmwareqcn5121qcn5022_firmwareqcn7606_firmwarewcn6750_firmwareqca6428_firmwarewcn3991ipq4018_firmwareqca4531_firmwareqca9980_firmwareipq8078sdx55m_firmwareipq8173msm8976_firmwareqca6574sd670_firmwarecsr8811_firmwarewcd9380qcs410qcn5024sd690_5g_firmwareqca9379_firmwaresdx24_firmwareqcn9012_firmwareipq6018_firmwarewcd9340_firmwarewsa8815wcn6850pmp8074_firmwareqca6584_firmwaresd_8c_firmwaremdm9215_firmwareipq6028ipq8064sd835pmp8074qca1990wcn3980_firmwarewcn6745_firmwaresd730qca2062_firmwarewcn6740_firmwareqcn5064_firmwaresd678_firmwareapq8064au_firmwareipq8078_firmwareqca6234qcn5054qcs603qca9994qca9980sd670qcn9024_firmwareipq8174_firmwareqcm4290_firmwarewcn6855qcn7605_firmwareqcs610_firmwaresa6145pqca9886_firmwarear8031qca1023_firmwaresdm630_firmwaresd820_firmwareqca6391_firmwareqca4024wcd9370_firmwaresdx55apq8053qcn5021_firmwarecsra6640qca9379qca6234_firmwareqcn7606wsa8830qca1062_firmwarecsrb31024mdm9628_firmwaremdm9650sd_636qca9378aqca9992qcs4290mdm9250qca6420_firmwareapq8009_firmwareqca2064_firmwaresd690_5gmdm9310_firmwaresd675_firmwareipq8072qca6564qca6426wcn3990_firmwareqca9984_firmwareqca9377qca4531wcd9385_firmwaresdxr2_5g_firmwarewhs9410wcd9326_firmwarewcn3615_firmwareipq8074aapq8094sa8155qca6584qcn5122_firmwaresdx55_firmwarewcn3615qcn6023_firmwarewcn3610_firmwareqca6584ausd778gipq8174qcn5052qca9367apq8092sdm630mdm9607_firmwaresa415m_firmwarewcn3988_firmwareqcn9074qca6421sd778g_firmwaresa8195pqca6694wcd9326wcd9335qcn6023qcs4290_firmwareqca6390qca9898_firmwaresd750g_firmwareaqt1000msm8976wcd9375sc8180x\+sdx55_firmwaresm6250_firmwaremsm8994apq8092_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwaresdx20_firmwarewsa8815_firmwareapq8017qcm6125_firmwaresd780gsd865_5gqca6595sd665_firmwareqcn5154qca8075_firmwareipq6005_firmwaremdm9206wcn6855_firmwareqca9888qca6310_firmwaresm7325apq8094_firmwareipq8070a_firmwaremdm9615qca6574_firmwareqca9886sd665qca6175asd765qca6574a_firmwaresd850_firmwareapq8009mdm9310csrb31024_firmwareqcn9070_firmwaresd480_firmwareipq6028_firmwareipq8072a_firmwaremdm9626_firmwareqca9889_firmwaresd710mdm9607qcn5122mdm9645_firmwaresdx20m_firmwareqcn5022qca6564_firmwaresd768gqca1064_firmwarewcn6740qca8075apq8096au_firmwareqcn6024qcn9022sd845mdm9615_firmwaresdm830ipq6000_firmwaresdx12qcs410_firmwareqca6175a_firmwaresm7325_firmwareqca2066sa6150p_firmwareqcs610qcn5550qca6431_firmwarewcd9360_firmwareqca4024_firmwareipq8078aipq5028_firmwaresa8150p_firmwareqcs2290qca6335qca2062qcn5064csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareipq8076amdm9628sd710_firmwareqca4020qca6428qca6574au_firmwareqcn5164_firmwareipq8071wcd9375_firmwaresa6155_firmwaresdx12_firmwarewcd9360sdx20mqca6438_firmwarewhs9410_firmwarewcn3999qrb5165_firmwareipq5028ipq4029_firmwareqcs6125ipq6010sd662_firmwareqcs405sc8280xp_firmwareqca1990_firmwareqca4020_firmwareqca6436wcn6851sa6155pqcs603_firmwarewcd9341qca2066_firmwareqca6431sd750gwcn3910_firmwarewsa8830_firmwaresd855_firmwarewcn3988qca6438sa8195p_firmwareqca9898ipq4028wcn3610mdm9640ipq5018_firmwareqca8337_firmwarewcd9380_firmwareipq8072awcd9330msm8996au_firmwarecsr6030ipq8076a_firmwareqca6564auwcn6856_firmwareqcn5164qcn5054_firmwaresdx50m_firmwareqca8072_firmwareqca6174qca6430_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqcs605sd7cwcn3910qca6320mdm9650_firmwareqca6426_firmwarewcn3660b_firmwareqca9984qcn9024qcn5550_firmwarewcd9330_firmwaresdx55mipq8064_firmwareqca6421_firmwaresd821_firmwarear8031_firmwareqrb5165wcn6851_firmwareipq8070sd_636_firmwareqca6564a_firmwaresd480sd870qcn5121_firmwaresd210_firmwareipq6018sdxr1apq8096auqca6595_firmwareqcs405_firmwaresa8145pqca2064sd780g_firmwaresd888_firmwaresc8280xpsa8155psd675qca9378a_firmwarear8035_firmwareqcm2290qcn5024_firmwarewcn3991_firmwaresd678qcn9070sa8145p_firmwareqcs2290_firmwaresm7250_firmwaresd7c_firmwarecsra6620qcn9072sd765g_firmwareipq8069_firmwareqca6390_firmwareipq6000qca6174_firmwaresd730_firmwarewcd9370qcn5152_firmwareqca0000_firmwareqca6584au_firmwareapq8076_firmwareqcn9000_firmwareipq5018sd_8cx_firmwareqcn7605wcn6745qca2065sd662qcn5124_firmwareqca1064qca6320_firmwarewcn3680b_firmwareqca6595auwcn3999_firmwareqca6436_firmwareipq5010qca6564au_firmwaresa6155p_firmwareqca6310sa515m_firmwareqca9990sdxr2_5gsd821msm8994_firmwaresa6145p_firmwaremsm8992sm6250sd712_firmwareapq8017_firmwarewsa8810_firmwaresd765_firmwareqca8081ipq8071aqca6174a_firmwareipq8071a_firmwarewcd9385qca2065_firmwarear8035csr8811apq8064auqca6694_firmwareqcn9100_firmwaresd210sd820wcn6850_firmwarewsa8835_firmwarecsr6030_firmwareqca6564aqca8072qcm2290_firmwarewcn3990qcn9000sd_675ar9380_firmwaresdx24qcn9012sd888qcn6122_firmwarewsa8835msm8996ausd888_5gsm6250pipq4018qca6574aqca9889qca6174aipq8074qca9994_firmwarewcn6750ipq8076_firmwaresa515msd855sm4125_firmwareipq8076qcn5021ipq8069qcn5152sd768g_firmwaresd460qca6391sdxr1_firmwareipq6005aqt1000_firmwareqcn9100mdm9626qcm4290sdx50msdx20mdm9215sd_455ipq8074_firmwareqca6574ausa8155p_firmwarewcd9341_firmwareqcm6125wsa8810wcn6856sd_8cwcn3680bsd835_firmwareipq6010_firmwareqca6696sd845_firmwaresa6150pqcn9022_firmwareqca9990_firmwareipq8070aqcn9072_firmwaresd720g_firmwareipq8071_firmwareqcn9074_firmwareipq4029sd850Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-30324
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 13.72%
||
7 Day CHG~0.00%
Published-11 Feb, 2022 | 10:40
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound write due to lack of boundary check for the maximum size of buffer when sending a DCI packet to remote process in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa6150p_firmwareqcs610ipq4028_firmwareqcn5550qca8337ar9380ipq8173_firmwareqcn5124qca4024_firmwarewcn3950_firmwareipq8078aipq5028_firmwaresa8150p_firmwareqca6595au_firmwaresa6155qcn5064csra6620_firmwareqcs605_firmwarecsra6640_firmwarewcn3998wcn3950ipq8076aqcn6024_firmwarewcn3660bsd460_firmwareqca6428qca6574au_firmwareqcn5164_firmwareipq8071wcd9375_firmwareqca8081_firmwaresa6155_firmwarewcn3998_firmwareqca6438_firmwareipq8070_firmwareipq8065ipq8078a_firmwarewcn3999qrb5165_firmwareipq5028qca7500ipq4029_firmwareipq8072_firmwareqrb5165m_firmwaresa8155_firmwareipq6010sd662_firmwareipq8068qcs405wcd9340qcn6132qualcomm215_firmwaresd765gqca6436wcn6851sa6155pqcs603_firmwareqca9888_firmwareqcn6122ipq8068_firmwarewcd9341qca6696_firmwaresd750gsd870_firmwareqcn5154_firmwaresa8150pwsa8830_firmwareqca9992_firmwaresd865_5g_firmwarewcn3988qca6438sa8195p_firmwareqca9898qcn5022_firmwareipq4028wcn3610qca6428_firmwareipq5018_firmwareqca9985_firmwarewcn3991ipq4018_firmwareqca8337_firmwaresda429w_firmwarewcd9380_firmwareipq8072aqca7500_firmwareqca9980_firmwareipq8076a_firmwareipq8078qca6564ausdx55m_firmwareipq8173qcn5164qca6574csr8811_firmwarewcd9380qcn5054_firmwarequalcomm215qcs410ipq4019_firmwareqcn5024sd690_5g_firmwareqca8072_firmwareqca9985qcn9012_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980ipq6018_firmwareqcs605wcd9340_firmwarewsa8815wcn6850pmp8074_firmwareqca6426_firmwarewcn3660b_firmwareqca9984ipq6028ipq8064qcn9024pmp8074wcn3980_firmwareqcn5550_firmwaresdx55mipq8064_firmwareqcn5064_firmwarear8031_firmwareipq8078_firmwareqcn5054qrb5165wcn6851_firmwareqcs603ipq8070qca9994qca9980qca6564a_firmwareipq8174_firmwareqcn9024_firmwareqca9880sd870sd210_firmwareqcs610_firmwareipq6018sa6145pqca9886_firmwareapq8096auar8031qcs405_firmwaresa8145pqca6391_firmwareqca4024wcd9370_firmwaresdx55qcn5021_firmwaresa8155pcsra6640ar8035_firmwareqcn5024_firmwarewcn3991_firmwaremdm9150_firmwarewsa8830qcn9070sa8145p_firmwarecsra6620qcn9072qca9880_firmwareqca9992sd765g_firmwareqca6390_firmwareipq6000sd690_5gwcd9370ipq8072qcn5152_firmwareqca6564qca6426wcn3990_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwareipq5018wcd9385_firmwaresdxr2_5g_firmwareipq8074asd662qcn5124_firmwaresa8155qcn5122_firmwaresdx55_firmwareqca6595auqcn6023_firmwarewcn3999_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwareqrb5165nipq5010qca6564au_firmwaresa6155p_firmwaresm6225ipq8174qca9990sdxr2_5gqcn5052wcn3988_firmwareqcn9074sa6145p_firmwaresd205sa8195pwsa8810_firmwaresd765_firmwarewcd9335qca8081ipq8071aqcn6023ipq8071a_firmwarewcd9385ar8035csr8811qca6390qca9898_firmwareipq4019sd750g_firmwarewcd9375qcn9100_firmwaresda429wsd210wcn3620_firmwareipq5010_firmwareipq8074a_firmwarewcn6850_firmwarewsa8815_firmwarewcn3620wsa8835_firmwareqca6564aqca8072wcn3990qcn9000sd865_5gar9380_firmwareqcn9012qcn6122_firmwareipq8065_firmwarewsa8835sd665_firmwareqcn5154qca8075_firmwareipq4018qca6574aqca9889qcn6132_firmwareipq8074qca9888qca9994_firmwareipq8070a_firmwareipq8076_firmwareqca6574_firmwareqca9886sd665ipq8076sd765qca6574a_firmwareqcn5021qcn5152sd768g_firmwareqrb5165msd460qca6391qcn9100qcn9070_firmwareipq6028_firmwareipq8072a_firmwaresm6225_firmwareipq8074_firmwareqca6574auqca9889_firmwaresa8155p_firmwareqcn5122sd205_firmwarewcd9341_firmwarewsa8810mdm9150qcn5022qca6564_firmwareipq6010_firmwaresd768gqca6696sa6150pqca8075qcn9022_firmwareapq8096au_firmwareqcn6024qcn9022qca9990_firmwareipq8070aqcn9072_firmwaresm7250pipq6000_firmwareipq8071_firmwareqcn9074_firmwareqcs410_firmwareipq4029Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-30309
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.18%
||
7 Day CHG~0.00%
Published-11 Feb, 2022 | 10:40
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper size validation of QXDM commands can lead to memory corruption in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwarewcn3991wsa8830wcd9380_firmwarewcn3990qcs610sd865_5gsdx55m_firmwaremdm9650wsa8835wcn3950_firmwaresd665_firmwarewcd9380sd765g_firmwareqca6390_firmwareqcs410sd690_5gsd730_firmwarewcd9370qcs605_firmwaresd690_5g_firmwareqcs6125_firmwareqca6174awcn3990_firmwarewcd9335_firmwareqca9377wcn3980wcn3998wcd9385_firmwarewcn3950wcd9326_firmwareqcs605wsa8815wcn6850sd665mdm9650_firmwaresd765sd768g_firmwarewcd9375_firmwaresdx12_firmwarewcn3998_firmwarewcn3980_firmwaresm7250p_firmwaresd730sdxr1_firmwareqca6391sdx55mqcs6125wcn6851_firmwareqcs603wcn3988_firmwarewsa8810_firmwaresd765gwcd9341_firmwareqcm6125wsa8810sd765_firmwaresd870wcd9326wcd9335wcn6851qcs603_firmwareqcs610_firmwareqca6174a_firmwarewcd9385wcd9341sdxr1sd768gsd870_firmwareqca6391_firmwareqca6390wcd9375wcd9370_firmwarewsa8830_firmwaresd660sd865_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwaresd660_firmwarewsa8835_firmwaresm7250psdx12qcs410_firmwareqcm6125_firmwareSnapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-30318
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.08% / 25.53%
||
7 Day CHG~0.00%
Published-11 Feb, 2022 | 10:40
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper validation of input when provisioning the HDCP key can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055qca9377_firmwaresa6150p_firmwaresm6250p_firmwareqcs610qca8337wcd9360_firmwaresdx65wcn3950_firmwaresa8150p_firmwareqcs2290qca6595au_firmwaresa6155csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaresa415mwcn3998wcn3950mdm9628sd720gmdm9206_firmwareqsw8573_firmwaresd_8_gen1_5g_firmwaresm6375_firmwarewcn3660bsd460_firmwaresm7315_firmwareqca6574au_firmwarewcd9375_firmwarewcn3998_firmwareqca8081_firmwaresa6155_firmwaresdx12_firmwaremsm8909wapq8009w_firmwarewcd9360qca9367_firmwarewcn3999qrb5165_firmwareqrb5165m_firmwareqcs6125sa8155_firmwaresd662_firmwareqcs405qualcomm215_firmwaresd765gfsm10056_firmwareqca6436wcn6851sa6155pqcs603_firmwaremdm9250_firmwareqca6696_firmwaresd750gsd870_firmwarewcn3910_firmwaresa8150pwsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwarewcn3988sd660_firmwaresa8195p_firmwaresm8475wcn6750_firmwarewcn3610sm6375wcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwaresdm429wmsm8996au_firmwarewcd9330qca6564ausdx55m_firmwarewcn6856_firmwareqca6574wcd9380qualcomm215qcs410sd690_5g_firmwaresdx24_firmwareqcn9012_firmwaresd439_firmwareqsw8573qcs605wcn6850wcn3910qca6426_firmwarewcn3660b_firmwaresd730wcd9330_firmwaresdx55mwcn6740_firmwaresd678_firmwarear8031_firmwareqrb5165wcn6851_firmwareqcs603qca6564a_firmwareapq8009wqcm4290_firmwaresd480sd870wcn6855sd210_firmwareqcs610_firmwaresa6145psdxr1apq8096auar8031qcs405_firmwaresa8145pqca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55sd888_firmwaresa8155pcsra6640sd675sd439qcs8155_firmwarear8035_firmwareqcm2290wcn3991_firmwaremdm9150_firmwarewsa8830sd678sa8145p_firmwareqcs2290_firmwarefsm10056csrb31024mdm9628_firmwarecsra6620fsm10055_firmwareqcs4290mdm9250sd765g_firmwareqca6390_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwareqca6564qca6426qca6584au_firmwareqrb5165n_firmwareqca9377sdw2500_firmwarewcd9385_firmwaresdxr2_5g_firmwaresd662qcn9011_firmwaresa8155sdx55_firmwareqca6595auwcn3999_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwareqrb5165nqca6564au_firmwareqca6584ausa6155p_firmwaresd778gqcs8155sm6225sa515m_firmwareqcs6490sd429sdxr2_5gqca9367mdm9607_firmwaresa415m_firmwarewcn3988_firmwaresa6145p_firmwaresd205sd429_firmwaresd778g_firmwaresm6250sa8195papq8017_firmwaresd765_firmwareqca8081qca6174a_firmwareqcs4290_firmwarewcd9385qcs6490_firmwarear8035qca6390sd750g_firmwareaqt1000wcd9375sm6250_firmwaresda429wsd210wcn3620_firmwaresdx20_firmwareqcm6490sd888_5g_firmwarewcn6850_firmwarewcn3620wsa8835_firmwareapq8017qcx315qca6564aqcm6125_firmwareqcm2290_firmwaresd_675sd780gsd865_5gsdx24qcn9012sd888msm8909w_firmwareqcx315_firmwaremsm8996ausdm429w_firmwarewsa8835sd665_firmwaresd888_5gsm6250pqca6574amdm9206wcn6855_firmwareqca6174asm7325pwcn6750sa515mqca6574_firmwaresd855sm7325p_firmwaresd665sd765qca6574a_firmwaresd768g_firmwareqrb5165msm7315sd460qca6391sdxr1_firmwareaqt1000_firmwaresdx65_firmwareqcm4290csrb31024_firmwareqcm6490_firmwaresdx20sd480_firmwareqcn9011sm6225_firmwareqca6574ausa8155p_firmwaremdm9607sd205_firmwareqcm6125mdm9150wcn6856qca6564_firmwaresd768gwcn6740qca6696sa6150psdw2500apq8096au_firmwaresm7250psd720g_firmwaresdx12qcs410_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2017-11026
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.90%
||
7 Day CHG~0.00%
Published-16 Nov, 2017 | 22:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while flashing FRP partition using reference FRP unlock, authentication method can be compromised for static keys.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-798
Use of Hard-coded Credentials
CVE-2005-3098
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.13% / 32.76%
||
7 Day CHG~0.00%
Published-28 Sep, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

poppassd in Qualcomm qpopper 4.0.8 allows local users to modify arbitrary files and gain privileges via the -t (trace file) command line argument.

Action-Not Available
Vendor-n/aQualcomm Technologies, Inc.
Product-qpoppern/a
CVE-2019-14099
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.97%
||
7 Day CHG~0.00%
Published-30 Jul, 2020 | 11:40
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Device misbehavior may be observed when incorrect offset, length or number of buffers is passed by user space in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8053, MDM9206, MDM9207C, MDM9607, MSM8909W, MSM8917, MSM8953, Nicobar, QCM2150, QCS405, QCS605, QM215, Saipan, SC8180X, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm2150_firmwaremsm8953sdm450sdm429wsdm632_firmwaresdm450_firmwaresdm632qcm2150sdx24sdm439mdm9607_firmwaresm8250_firmwaresc8180x_firmwaresdm429qcs405sm7150_firmwaresm6150msm8909w_firmwaremdm9607qm215sdm429w_firmwaresm7150msm8917sxr2130qcs605_firmwaremdm9207c_firmwaresc8180xmdm9206mdm9207csm8150_firmwaresdx24_firmwaresxr2130_firmwaresdm439_firmwareqcs405_firmwaresda845_firmwaremdm9206_firmwareqcs605qm215_firmwaresdx55msm8953_firmwareapq8053saipan_firmwaresm6150_firmwaresm8250msm8917_firmwaresdm429_firmwaresm8150sxr1130_firmwaresdx55_firmwarenicobar_firmwaremsm8909wsaipansxr1130apq8053_firmwaresda845nicobarSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-11294
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.04% / 11.20%
||
7 Day CHG~0.00%
Published-07 May, 2021 | 09:10
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound write in logger due to prefix size is not validated while prepended to logging string in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qpm5679_firmwaresa6150p_firmwareqca8337qca6431_firmwareqfs2608_firmwareqfs2530qpm8870_firmwareqpa8802wcd9360_firmwareqpm6585_firmwarepm6125qat3519qbt2000_firmwareqat5522_firmwarewcn3950_firmwarepm8150aqtc800hqdm5670sa8150p_firmwareqca6595au_firmwaresdr8250_firmwareqpa5581_firmwaresa6155pm7150lqpa8821pm8998_firmwareqcs605_firmwaresmr546_firmwareqdm5671wtr5975_firmwareqpm4650_firmwareqcs6125_firmwareqat3518qpa5580_firmwaresdr425_firmwarewcn3998smr526_firmwarewcn3950qpa5460pm640a_firmwareqsw8573_firmwarewcn3660bwgr7640_firmwareqdm2305_firmwareqpm5670_firmwareqsw8574_firmwaresd460_firmwareqdm5652qca6574au_firmwareqpa4360_firmwareqpm8870wcd9375_firmwarewcn3998_firmwareqpm5679qbt2000sa6155_firmwarewcd9360pm6150aqpm6670_firmwaresdr735gqpa5460_firmwarepm8150bqdm3301_firmwareqsm7250qcs6125sa8155_firmwaresd662_firmwareqat3522pmr735awcd9340sdm830_firmwaresd765gqualcomm215_firmwaresdr660qca6436wcn6851sa6155pqpa6560qfs2630_firmwaresdr865qdm5620_firmwarewcd9341smr545qdm4643_firmwareqca6696_firmwareqca6431qln5020sd870_firmwarepmm855au_firmwaresa8150ppm6350qdm5621qtc800sqpm5875_firmwarewsa8830_firmwaresd855_firmwareqet6105qdm5650wcn3988pm640p_firmwarewtr3925sa8195p_firmwaresmb1390wcn6750_firmwareqat5516_firmwarepm6150lsd8885gpm855l_firmwarewcn3610qpa8686_firmwareqpm6585qtc410swcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwaresmb1355qln4650qpa8801sdm429wsdr735g_firmwarewgr7640qat5568qet5100qdm5671_firmwareqpa8801_firmwareqca6564aupm8150l_firmwareqat5533_firmwaresdx55m_firmwareqtm527_firmwarepm8005_firmwaresdxr25gqpa8673_firmwarepm6150qet4101_firmwaresmb1354_firmwareqca6574pm7250bqln4642_firmwareqfs2630qpa8842wcd9380smb1355_firmwarepm7250b_firmwarequalcomm215qet4200aq_firmwarepmk8350_firmwaresmb1381sdr735pm7250wtr4905smb1395qpa8803smr526wtr5975wcn3980pmk8003qtc801s_firmwareqat3522_firmwaresdxr25g_firmwareqdm2301qsw8573qcs605wcd9340_firmwarewsa8815wcn6850qdm5621_firmwareqdm2301_firmwareqca6426_firmwarepm8350_firmwarewcn3660b_firmwarewcn3680pm8009wcn3980_firmwaresdx55mqca6421_firmwarepm8008pm8350b_firmwareqtm525_firmwareqat3518_firmwareqsw8574pmi8998wcn3680_firmwareqpm5621_firmwarepm855lqln1021aq_firmwarewcn6851_firmwareqdm5670_firmwareqpa6560_firmwaresd8655gqpa8802_firmwarepm7150a_firmwarepm8150b_firmwareqpm5621qpm6582smr545_firmwarepm8009_firmwareqca6564a_firmwareqfs2580_firmwareqcm4290_firmwaresd480sd870sd8885g_firmwarepm670pm8150lpmi8998_firmwaresd210_firmwareqdm5677pm8005sa6145ppm855_firmwarepm215qdm2302pmm6155aupm855b_firmwareqca6595_firmwareqpm6582_firmwarewtr2965sa2150pqca6391_firmwarepm640l_firmwarewcd9370_firmwareqln4650_firmwareqat3516_firmwareqpm5875sdx55qet5100msd888_firmwaresa8155psd675qet4101qat3555_firmwareqat3516pm670lqpa8803_firmwareqpm5658pm855bar8035_firmwareqln1031qpm5658_firmwareqpm5870pm8909wcn3991_firmwarewsa8830qdm5652_firmwarepmm8155au_firmwareqet6110_firmwareqln5030pm6125_firmwareqbt1500qpa5581pmi632qpa2625_firmwarepm8350bh_firmwarepmr735b_firmwareqbt1500_firmwareqet5100_firmwareqpm5870_firmwareqpm4621qet6100_firmwareqcs4290qet6100pmm855aupm670l_firmwaresdr660gsd765g_firmwareqpa8686qca6390_firmwaresmb1396pm7150awcd9370sd675_firmwarepm8350qpa5461_firmwareqpa4361_firmwarepm8350c_firmwaresdr425qca6426pmr525_firmwareqca6584au_firmwarewcn3990_firmwareqpm5641pmi632_firmwarewcd9385_firmwareqdm5650_firmwarewcd9326_firmwareqat5516wcn3615_firmwarepm7250_firmwareqdm5620qln1021aqsd662qpa8821_firmwaresdr660g_firmwarepm8350bhpmk8002_firmwareqsw6310_firmwarepm3003asa8155qln1031_firmwareqdm4650_firmwaresdx55_firmwarepmm6155au_firmwareqat5533wcn3615qca6595ausm7250p_firmwarewcn3610_firmwareqca6436_firmwareqsm7250_firmwareqpm6670smb1354pm7150l_firmwareqca6564au_firmwareqca6584auqdm2305sa6155p_firmwareqpm8820qpm4641qat5515_firmwareqln5020_firmwaresa515m_firmwarepm855sd429pm8250smb1398qdm4643qfs2530_firmwarewcn3988_firmwarepmx55qpm4641_firmwaresd205sd429_firmwarepm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresa8195psdr735_firmwaresa6145p_firmwareqpm5677qat5515wsa8810_firmwaresd765_firmwarewcd9326qdm5677_firmwareqet4200aqpm6350_firmwareqcs4290_firmwarewcd9385qtc800h_firmwareqdm2302_firmwareqat3550_firmwarepmm8155auqln5040_firmwareqpm4630qca6390wcd9375ar8035qpa8673pmm8195auqln5030_firmwareqln4642sda429wsd210qpm5677_firmwarewcn3620_firmwarewsa8815_firmwarewtr3925_firmwaresmr525_firmwarepm8998smb1396_firmwarewcn6850_firmwareqpm8820_firmwarewcn3620wsa8835_firmwareqpm6621_firmwareqca6564asmr546qcm6125_firmwareqet6110qln5040qpm8895qpm5670wcn3990pmx55_firmwareqtm527qca6595pmk8350smb1398_firmwaresd888pm8350bqat5522wsa8835sdm429w_firmwarepm8150cpmr735bsd665_firmwareqpa4360pmk8003_firmwaresdr660_firmwarepm8909_firmwareqpa4361qca6574aqpm4640_firmwaresmb1390_firmwareqdm5679_firmwarepm8350csmr525qpm4640wcn6750pm6150l_firmwarepmr525pm8150a_firmwareqet5100m_firmwareqpm4650qtm525qca6574_firmwaresa515msa2150p_firmwareqln1036aq_firmwaresd855sd665pm6150a_firmwarepm6150_firmwareqca6175asd765pm640pqca6574a_firmwareqpm4630_firmwaresd768g_firmwaresdr865_firmwareqat3555pm8250_firmwaresd460qca6391qpa5461pm215_firmwareqpm8895_firmwarewtr2965_firmwarepm670_firmwareqcm4290pm640aqfs2608sd480_firmwareqln1036aqqtc801ssmb1395_firmwareqdm4650qca6574auqpm5641_firmwaresa8155p_firmwaresd205_firmwareqsw6310qet6105_firmwarepm8008_firmwaresd8655g_firmwarewcd9341_firmwareqcm6125qpm6621wsa8810qtc410s_firmwarepmr735a_firmwareqat5568_firmwarepmw3100wtr4905_firmwareqat3550qdm5679sdr8250sd768gpm3003a_firmwareqca6696qtc800s_firmwaresmb1381_firmwarepmw3100_firmwareqpa2625pm640lpmk8002sa6150ppmm8195au_firmwaresm7250psdm830qpm4621_firmwareqca6175a_firmwareqpa5580Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2020-11146
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.52%
||
7 Day CHG~0.00%
Published-21 Jan, 2021 | 09:41
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound write while copying data using IOCTL due to lack of check of array index received from user in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qpm5579qfs2580qca8337qdm5579qdm2307qfs2530qpa8802qln1030pm6125qat3519pm8150aqtc800hqdm5670sa6155qca6335pm7150lqpa8821qln1020apq8076qdm5671pmc1000hqat3518sd8cwcn3998wcn3950sm4125sd720gwcn3660bqca4020qdm5652sd6905gqpm8870qpm5679qbt2000pm855pqca6420pm6150asdr735gwcn3999pm8150bqsm7250qcs405qca6430qat3522pmr735awcd9340sd765gsdr660qca6436wcn6851sa6155pqpa6560msm8937sdr865wcd9341pmi8952smr545qca6431qln5020wcd9371sd750gqdm3302sa8150ppm6350qdm5621qtc800sqdm5650wcn3988wtr3925smb1390pm6150lsd8885gqet4100wcn3610qpm6585qtc410swcn3991smb1355qln4650qpa8801sdm429wwgr7640qat5568qet5100qca6564ausdxr25gpm6150qca6574pm7250bqfs2630qpa8842wcd9380qualcomm215qln4640smb1381sdr735pm7250wtr4905smb1395pm660lqpa8803smr526wtr5975wcn3980pmk8003qdm2301qsw8573qcs605wsa8815wcn6850wcn3910qpm6375smb1394wcn3680pm8009qpa8675sd730sdx55mpm8008qsw8574pmi8998pm855lsd8655gqpm5621qpm6582sd670pm670pm8150lqdm5677pm8005sa6145ppm215qdm2302pmm6155ausdxr1ar8031qpm5577wtr2965pm8150qpm5875sdx55qet5100msa8155pcsra6640pm8350bhssd675qet4101pm8952qat3516pm670lqpm5658qca9379pm855bsmb2351qln1031qpm5870pm8909wsa8830pm660qln5030qpm6325pm4125qbt1500qpa5581pmi632pm456csra6620qpm4621qcs4290qet6100pmm855ausdr660gqpa8686smb1396pm7150awcd9370pm8350qca6564sdr425qca6426qpm5641qpm5541qat5516wtr2955qdm5620qln1021aqsd662smb1380pm8350bhpm3003asa8155qat5533wcn3615qca6595ausm7350qpm6670smb1354wcd9306qca6584auqdm2305qca6310qpm8820qpm4641pm8937qpm2630pm855sd429pm8250smb1398qdm4643pmx55sd205sdr675qca6421sm6250qdm3301sa8195pqpm5677qat5515qat3514wcd9326wcd9335qet4200aqwcd9385pmm8155auqpm4630qca6390wcd9375ar8035aqt1000qpa8673qdm2310pmm8195auqln4642sda429wsd210pmi8937pm8998pmk7350wcn3620qca6564asmr546qet6110qln5040qpm8895qpm5670wcn3990qtm527qca6595pmk8350qpm8830pm8350bqat5522wsa8835pm8150cpmr735bsm6250pqpa4360qpa4361qca6574aqca6174apm8350csmr525qpm4640wcn6750pmr525pm7350cqpm4650qtm525wtr6955sd855sd8cxsd665qca6175asd765pm640pqat3555sd460qca6391smb1351qpa5461qcm4290pm640asdr8150qfs2608pm8916qln1036aqqtc801sqdm4650pmd9655qca6574ausd710qsw6310qpm6621wsa8810qdm2308pmw3100qat3550wcn6856qdm5679wcn3680bsdr8250sd768gwcn6740qca6696pm8004pm640lpmk8002qpa2625sd845sm7250ppm8956pm6250qpa5580Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2020-11130
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.79%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 10:00
Updated-04 Aug, 2024 | 11:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Possible buffer overflow in WIFI hal process due to copying data without checking the buffer length' in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile in QCM4290, QCS4290, QM215, QSM8350, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SC8180X, SC8180XP, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6250, SM6350, SM7125, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm6350sm7125sm4250p_firmwaresa6155p_firmwaresm6115_firmwaresm7250sxr2130p_firmwaresm6125qcm4290sm7250_firmwaresm8350_firmwaresa8155_firmwaresdx55m_firmwaresm8250_firmwaresc8180x_firmwaresm6115p_firmwaresm6350_firmwaresa6145p_firmwareqm215sa8155p_firmwaresm4250_firmwaresm6250qcs4290qcm4290_firmwaresa6155sa6155psm8350sxr2130sc8180xsa6145psm6115sm8350p_firmwareqcs4290_firmwaresm8350psm4250psm8150_firmwaresxr2130_firmwaresxr2130psm4250sc8180xpsm7225qm215_firmwaresc8180xp_firmwaresm6115psm7125_firmwaresdx55sm6250_firmwareqsm8350_firmwaresa8155psm8250qsm8350sm8150p_firmwaresm7225_firmwaresm8150sa8155sm7250psdx55_firmwaresa6155_firmwaresm7250p_firmwaresm6125_firmwaresdx55msm8150pSnapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-10508
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.82%
||
7 Day CHG~0.00%
Published-30 Sep, 2019 | 15:40
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of input validation for data received from user space can lead to OOB access in WLAN in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, SD 210/SD 212/SD 205, SD 425, SD 430, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 650/52, SD 820A, SDX20

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaremdm9150_firmwaresd_632mdm9640_firmwaresd_820amsm8996au_firmwaresdx20sd_415sd_616sd_425sd_430_firmwaremdm9607_firmwaresd_615mdm9650sd_650_firmwaresd_625qca6574ausd_615_firmwaremsm8909w_firmwaremdm9607msm8996ausd_210sd_650sd_820a_firmwaremdm9150mdm9206sd_652qca6174a_firmwareqca6174aqca9379_firmwaresd_212_firmwaresd_425_firmwaresd_625_firmwareqca9377mdm9206_firmwaresd_430sd_632_firmwaremdm9650_firmwaresdx20_firmwaresd_600_firmwaresd_205qca6574au_firmwaresd_210_firmwaresd_600sd_415_firmwaresd_652_firmwaremsm8909wqca9379sd_616_firmwaresd_205_firmwaresd_212mdm9640Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-10555
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.79%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 08:30
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow can occur due to usage of wrong datatype and missing length check before copying into buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCN7605, QCS405, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausm7150msm8917sdm670qcs605_firmwaremdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwareapq8098qcn7605mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaresda660msm8909wmsm8909_firmwareapq8053_firmwaresda845nicobarmsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660msm8920_firmwaresdm630mdm9607_firmwareqcs405sdm710qm215mdm9607apq8017_firmwaresdm710_firmwareqcn7605_firmwaremsm8937mdm9207c_firmwaremdm9207csm8150_firmwaremsm8909apq8096ausdm439_firmwareqcs405_firmwaresdm630_firmwaresda660_firmwareqm215_firmwaremsm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaremsm8998sm8150sdx20_firmwareapq8017nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-11160
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 13.72%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 05:00
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Resource leakage issue during dci client registration due to reference count is not decremented if dci client registration fails in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qpm5579qfs2580qcs610qca8337qfs2530qln1030pm6125qat3519qbt2000_firmwarewcn3950_firmwarepm8150aqtc800hsdr8250_firmwareqca6595au_firmwareqpm5541_firmwarecsra6620_firmwarecsra6640_firmwarepmc1000hwtr5975_firmwaresdr425_firmwarewcn3998smr526_firmwarewcn3950pm640a_firmwareqsw8573_firmwarewcn3660bwgr7640_firmwareqsw8574_firmwaresd460_firmwareqca4020smb2351_firmwareqca6574au_firmwareqpa4360_firmwarewcd9375_firmwarewcn3998_firmwareqbt2000pm855pqca6420wcn3999pm8150bsa8155_firmwaresd662_firmwareqcs405qca6430qat3522wcd9340qualcomm215_firmwareqca4020_firmwaresdr660wcn6851sa6155pqpa6560sdr865wcd9341qca6696_firmwareqet4100_firmwarepmm855au_firmwaresd_8cxsd855_firmwaresd865_5g_firmwarewcn3988wtr3925pm640p_firmwaresmb1390pm6150lpm855l_firmwareqet4100wcn3610qtc410sqca8337_firmwaresda429w_firmwarewcd9380_firmwaresmb1355sdm429wwgr7640qca6564aupm8150l_firmwareqtm527_firmwaresdx55m_firmwareqpa8673_firmwarepm6150qet4101_firmwaresmb1354_firmwareqca6574pmm8996auwcd9380smb1355_firmwaresmb1351_firmwarepmd9655_firmwarequalcomm215qcs410qpm5579_firmwaresmb1381pm855p_firmwareqca9379_firmwaresmr526wtr5975qca6430_firmwarewcd9335_firmwareqtc801s_firmwarewcn3980qat3522_firmwareqdm2301qsw8573wcd9340_firmwarewsa8815wcn6850qpm6375qdm2301_firmwaremdm9650_firmwaresd_8c_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680pm8009wcn3980_firmwaresdx55mpm8008qtm525_firmwareqsw8574ar8031_firmwarewcn3680_firmwarepm855lwcn6851_firmwareqpa6560_firmwarepm8150b_firmwarepmc1000h_firmwareqca6564a_firmwarepm8009_firmwareqfs2580_firmwarepm8150lqcs610_firmwarepm855_firmwaresa6145ppm215qdm2302pmm6155aupm855b_firmwareapq8096auar8031qcs405_firmwareqpm5577qpm6375_firmwarewtr2965pm640l_firmwareqca6391_firmwarepm8150wcd9370_firmwaresdx55sa8155pcsra6640sd675qet4101qat3555_firmwareqca9379pm855bsmb2351ar8035_firmwarepmm8155au_firmwareqpm6325pm6125_firmwareqbt1500pmi632mdm9650csra6620qbt1500_firmwarepmm855auqca6420_firmwareqca6390_firmwarewcd9370sd675_firmwareqpa4361_firmwaresdr425pmr525_firmwareqca6426qca6584au_firmwarepmi632_firmwaresd_8cx_firmwarewcd9385_firmwareqpm5541wcd9326_firmwarewcn3615_firmwaresd662pmk8002_firmwarepm3003aqsw6310_firmwaresa8155wcn3680b_firmwaresdx55_firmwarepmm6155au_firmwareqca6595auwcn3615wcn3999_firmwarewcn3610_firmwaresmb1354qca6564au_firmwareqca6584ausa6155p_firmwarepm855pm8250qfs2530_firmwarewcn3988_firmwarepmx55sa6145p_firmwarepm8150c_firmwareqat3519_firmwarewsa8810_firmwarewcd9326wcd9335qca6174a_firmwaresdr8150_firmwarewcd9385qpm6325_firmwareqtc800h_firmwareqdm2302_firmwareqat3550_firmwarepmm8155auar8035qca6390wcd9375aqt1000qpa8673sda429wwcn3620_firmwarewsa8815_firmwarewcn6850_firmwaresmr525_firmwarewcn3620wtr3925_firmwareqca6564apmx55_firmwareqtm527sd865_5gpm8150_firmwarepmm8996au_firmwaresdm429w_firmwarepm8150csd665_firmwareqpa4360sdr660_firmwareqca6574aqpa4361qpm5577_firmwarepm8916_firmwaresmb1390_firmwareqca6174asmr525pm6150l_firmwarepmr525pm8150a_firmwareqtm525qca6574_firmwaresd855sd665pm6150_firmwarepm640pqca6574a_firmwaresdr865_firmwareqat3555pm8250_firmwaresd460qca6391smb1351aqt1000_firmwarepm215_firmwarewtr2965_firmwarepm640asdr8150pm8916qtc801spmd9655qca6574ausa8155p_firmwareqsw6310pm8008_firmwarewcd9341_firmwarewsa8810qtc410s_firmwareqat3550sd_8cwcn3680bsdr8250pm3003a_firmwareqln1030_firmwareqca6696smb1381_firmwarepm640lpmk8002apq8096au_firmwareqcs410_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-11282
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.01%
||
7 Day CHG~0.00%
Published-22 Feb, 2021 | 06:26
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control when using mmap with the kgsl driver with a special offset value that can be provided to map the memstore of the GPU to user space in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100qfs2580qpm5579fsm10055qfe2550qcs610pmi8996qca8337qdm5579qdm2307qfs2530qpa8802qln1030pm6125qat3519pm8150aqtc800hqdm5670sa6155qca6335msm8917pm7150lqpa8821mdm8215qln1020apq8076wtr3905qdm5671pmc1000hqat3518sd632sa415mwcn3998wcn3950sm4125sd720gwtr1605qpa5460wcn3660bqfe4320qca4020qdm5652qpm8870qpm5679qbt2000msm8909wpm855pqca6420pm6150asdx20msdr735gwcn3999pm8150bqsm7250pm8996qcs6125qfe2101qcc1110qca6430qcs405qat3522smb1360pmr735awcd9340sd765gsdr660qca6436wcn6851sa6155pqpa6560msm8937sdr865smb1358wcd9341pmi8952smr545mdm9655qca6431qln5020wcd9371smb1350sd750gqdm3302sd_8cxwtr3950sa8150pqpm5657pm6350qdm5621qfe3340qtc800ssd660qdm5650wcn3988wtr3925sdr052smb1390pm6150lsd450qet4100wcn3610qpm6585qtc410swcn3991smb1355qln4650qpa8801sdm429wwcd9330wgr7640qat5568qet5100qca6564aupm6150qca6574pm7250bqfs2630qpa8842pmm8996auwcd9380qualcomm215qln4640qcs410smb1381sdr735pm7250wtr4905smb1395pm660lqpa8803ar8151smr526wtr5975qca6174pmk8003wcn3980qdm2301qsw8573qcs605wsa8815wcn6850qbt1000wcn3910qca6320qpm6375smb1394wcn3680qfe4309sd835pm8009qpa8675sd730sdx55mpm670aqfe4373fcpm8008msm8953qsw8574pmi8998qfe2520pme605pm855lqcs603rsw8577qfe4302qpm5621qpm6582sd670apq8009wqfe4303pm670pm8150lwtr1605lqdm5677pm8005sa6145ppm215qdm2302pmm6155ausdxr1ar8031apq8096auqpm5577wtr2965pm8150qpm5875sdx55qet5100mapq8053sa8155pcsra6640pm8350bhssd675sd439qet4101pm8952pmi8994qat3516pm670lwcn3660qpm5658qca9379pm855bsmb2351qln1031qpm5870pm8909wsa8830sdr051pm660qln5030qpm6325pm4125qbt1500fsm10056qpa5581pmi632pm456csrb31024mdm9650sd_636csra6620qpa5373qpm4621pmk8001qcs4290qet6100pmm855ausdr660gmdm9250qpa8686sd690_5gsmb1396pm7150awcd9370pm8350qca6564sdr425qca6426qca9377qpm5641qpm5541qat5516wtr2955qdm5620qln1021aqsd662smb1380qfe4308pm8350bhapq8037pm3003asa8155qca6584qat5533wcn3615qca6595ausm7350qtc800tpm8940qpm6670smb1354wcd9306qca6584auqdm2305qca6310qpm8820qpm4641pm8937qpm2630pm855sd429sdxr2_5gpm8250qca9367smb1398sdm630sd821qdm4643pmx55sd205sdr675qca6421sm6250qdm3301sa8195ppm8953qat5515qpm5677smb231qat3514wcd9326wcd9335qet4200aqwcd9385pm439qpm5620pmm8155auqpm4630qca6390wcd9375ar8035aqt1000apq8064auqpa8673qdm2310pmm8195auqln4642sda429wsd210sd820pmi8937pm8998pmk7350sdw3100wcn3620apq8017ar6003qca6564asmr546pmx24qet6110qln5040qpm8895sdr845qpm5670wcn3990sd_675qtm527sd865_5gqca6595pmk8350sdx24qpm8830pm8350bqat5522wsa8835msm8996aupm8150cpmr735bsd888_5gsm6250prgr7640auqpa4360pm855aqpa4361qca6574amdm9206qca6174apm8350csmr525qpm4640wcn6750pmr525mdm9615pm7350cqpm4650qtm525sa515mwtr6955sd855sd665qfe4305sd765pm640ppmx20pmd9607qat3555apq8009sd460qca6391smb1351qpa5461mdm9310msm8920pm660aqpa4340qcm4290sdx50mpm640asdr8150qfs2608sdx20pm8916qln1036aqqtc801sqdm4650mdm9215sd_455pmd9655qca6574ausd710qsw6310qcm6125qpm6621wsa8810qdm2308pmw3100pmx50pm8018qat3550wcn6856qdm5679sd_8cwcn3680bsdr8250sd768gwcn6740qca6696qfe4301sm4350pm8004pm640lmsm8940pmk8002sdw2500qpa2625sd845sa6150psm7250psdm830smb1357pm8956pm6250qpa5580Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11305
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.04% / 13.09%
||
7 Day CHG~0.00%
Published-17 Mar, 2021 | 06:01
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in boot due to improper length check on arguments received in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarepm8909qca9367_firmwarewtr2965_firmwarepmd9607_firmwarewcd9330qca9367pm8916smb1360_firmwaresmb1360wsa8810_firmwarepm8953smb231smb1358_firmwarewsa8810apq8009_firmwarewcd9326smb231_firmwarepm8909_firmwaremdm9206wcn3680bpm8916_firmwaresmb1358pmi8952qca9377wtr2965wcd9326_firmwaremdm9206_firmwarewcn3660bwsa8815apq8053wsa8815_firmwarewcn3660b_firmwarepm8953_firmwarepmd9607wcn3680b_firmwareapq8009wcd9330_firmwareapq8053_firmwarepmi8952_firmwareSnapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-11147
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 14.38%
||
7 Day CHG~0.00%
Published-22 Feb, 2021 | 06:25
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free issue in audio modules while removing and freeing objects during list iteration due to incorrect usage of macro in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qpm5679_firmwareqpm5620_firmwareqdm5579qdm2307qfs2608_firmwareqfs2530qpm8870_firmwareqpa8802qpm6585_firmwarepm6125qat3519qbt2000_firmwareqat5522_firmwarewcn3950_firmwarepm8150aqtc800hqdm5670qpa5581_firmwarepm7150lqpa8821smr546_firmwaresd_675_firmwareqdm5671qpm4650_firmwareqat3518pm456_firmwareqpa5580_firmwaresdr425_firmwarewcn3998smr526_firmwarewcn3950sd720gwgr7640_firmwareqpm5670_firmwaresd710_firmwaresd460_firmwareqdm5652qpa4360_firmwareqpm8870wcd9375_firmwarewcn3998_firmwareqpm5679qbt2000pm855pqca6420pm6150aqpm6670_firmwarepmx50_firmwaresdr735gpm660_firmwarepm8150bqdm3301_firmwareqsm7250sd662_firmwareqca6430qat3522pmr735asd765grsw8577_firmwareqdm2308_firmwaresdr660wcn6851qpa6560qfs2630_firmwaresdr675_firmwaresdr865qdm5620_firmwarewcd9341sm7350_firmwaresmr545qdm4643_firmwareqln5020qet4100_firmwaresd750gqdm3302qpm5657pm6350qdm5621qtc800sqpm5875_firmwareqat3514_firmwarewsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwareqdm5650wcn3988wtr3925sd660_firmwaresdr052smb1390qat5516_firmwarepm6150lpm855l_firmwareqet4100qpa8686_firmwareqpm6585wcn3991wcd9380_firmwaresmb1355qln4650qpa8801sdr735g_firmwarepm8350bhs_firmwarewgr7640qat5568qet5100qdm5671_firmwareqpa8801_firmwarepm8150l_firmwareqat5533_firmwaresdx55m_firmwarewcn6856_firmwareqpa8673_firmwarepm6150qet4101_firmwaresmb1354_firmwaresd670_firmwarepm7250bqln4642_firmwareqfs2630qpa8842sdr052_firmwarewcd9380smb1355_firmwarepm7250b_firmwaresmb1351_firmwarepmk8350_firmwaresmb1381pm855p_firmwaresd690_5g_firmwaresdx50m_firmwaresdr735pm7250smb1395pm660lqpa8803smr526qca6430_firmwarepmk8003qtc801s_firmwarewcd9335_firmwareqat3522_firmwarewcn3980pm7350c_firmwarewsa8815wcn6850qdm5621_firmwaresmb1394pm8350_firmwarepm8009wcn3980_firmwaresd730sdr051_firmwarepm660l_firmwaresdx55mpm6250_firmwarewcn6740_firmwarepm8008pm8350b_firmwareqtm525_firmwareqat3518_firmwareqpm5621_firmwarepm855lwcn6851_firmwarersw8577qdm5670_firmwareqpa6560_firmwareqpa8802_firmwarepm7150a_firmwarepm8150b_firmwareqpm5621sd670smr545_firmwarepm8009_firmwareqdm2310_firmwareqfs2580_firmwarepm8150lqdm5677pm855_firmwarepm660a_firmwarepm855b_firmwarewtr2965qca6391_firmwarewcd9370_firmwareqln4650_firmwareqat3516_firmwareqpm5875sdx55qet5100msd675pm8350bhsqet4101qat3555_firmwareqat3516qpa8803_firmwareqpm5658pm855bqpm5658_firmwareqpm5870wcn3991_firmwareqdm5652_firmwarewsa8830sdr051pm660qet6110_firmwareqdm5579_firmwareqln5030pm6125_firmwareqbt1500qpa5581pmi632qpa2625_firmwarepm456pm8350bh_firmwarepmr735b_firmwareqbt1500_firmwareqet5100_firmwareqpm5870_firmwareqpm4621qet6100_firmwareqet6100sd765g_firmwareqpa8686qca6420_firmwaresmb1394_firmwareqca6390_firmwaresd690_5gsmb1396pm7150asd730_firmwarewcd9370sd675_firmwarepm8350qpa5461_firmwaresdr425pm8350c_firmwarepmr525_firmwarewcn3990_firmwareqpm5641pmi632_firmwarewcd9385_firmwareqdm5650_firmwareqpa4340_firmwarewcd9326_firmwareqat5516pm7250_firmwareqdm5620sd662qpa8821_firmwarepm8350bhpmk8002_firmwarepm3003aqdm4650_firmwaresdx55_firmwareqat5533sm7250p_firmwaresm7350qsm7250_firmwareqpm6670smb1354pm7150l_firmwareqpm8820qpm4641qat5515_firmwareqln5020_firmwarepm855pm8250smb1398qdm4643qfs2530_firmwarewcn3988_firmwarepmx55qpm4641_firmwaresdr675pm8150c_firmwareqpa8842_firmwareqdm3301sdr735_firmwareqat3519_firmwaresm6250wsa8810_firmwareqpm5677qat5515sd765_firmwareqat3514wcd9326wcd9335qdm5677_firmwarepm6350_firmwarepm8004_firmwaresdr8150_firmwarewcd9385qtc800h_firmwarepmk7350_firmwareqpm5620qat3550_firmwareqln5040_firmwareqpm4630qca6390wcd9375sd750g_firmwareaqt1000qpa8673sm6250_firmwareqdm2310qln5030_firmwareqln4642qpm5677_firmwarewsa8815_firmwaresd888_5g_firmwaresmr525_firmwarewtr3925_firmwarepmk7350smb1396_firmwareqpm8820_firmwarewcn6850_firmwarewsa8835_firmwareqpm6621_firmwaresmr546qet6110qln5040qpm8895qpm5670wcn3990sd_675pmx55_firmwaresd865_5gpmk8350smb1398_firmwareqdm3302_firmwarepm8350bqat5522qdm2307_firmwarewsa8835pm8150cpmr735bqpm5657_firmwaresd888_5gqpa4360pmk8003_firmwaresdr660_firmwareqpm4640_firmwaresmb1390_firmwareqdm5679_firmwarepm8350csmr525qpm4640pm6150l_firmwarepmr525pm7350cpm8150a_firmwareqet5100m_firmwareqpm4650qtm525sd855pm6150a_firmwarepm6150_firmwaresd765qpm4630_firmwaresd768g_firmwaresdr865_firmwareqat3555pm8250_firmwaresd460qca6391smb1351qpa5461aqt1000_firmwareqpm8895_firmwarewtr2965_firmwarepm660aqpa4340sdx50msdr8150qfs2608qtc801ssmb1395_firmwareqdm4650qpm5641_firmwaresd710pm8008_firmwarewcd9341_firmwareqpm6621wsa8810pmr735a_firmwareqat5568_firmwareqdm2308pmx50qat3550wcn6856qdm5679sd768gpm3003a_firmwarewcn6740qtc800s_firmwaresmb1381_firmwarepm8004pmk8002qpa2625sm7250psd720g_firmwareqpm4621_firmwarepm6250qpa5580Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-416
Use After Free
CVE-2020-11162
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.79%
||
7 Day CHG~0.00%
Published-02 Nov, 2020 | 06:21
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Possible buffer overflow in MHI driver due to lack of input parameter validation of EOT events received from MHI device side' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in Agatti, APQ8009, Bitra, IPQ4019, IPQ5018, IPQ6018, IPQ8064, IPQ8074, Kamorta, MDM9607, MSM8917, MSM8953, Nicobar, QCA6390, QCM2150, QCS404, QCS405, QCS605, QM215, QRB5165, Rennell, SA415M, SA515M, SA6155P, SA8155P, Saipan, SC8180X, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM710, SDM845, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-ipq5018_firmwarekamorta_firmwareqcm2150_firmwaresdm429wsdm632_firmwaresdm845sdm450_firmwaresdm632sdm439qcs404_firmwaresdm429sm7150_firmwaresm6150agatti_firmwaresdm429w_firmwaresm7150qca6390_firmwareapq8009_firmwaremsm8917sxr2130qcs605_firmwaresc8180xipq4019_firmwareqcs404ipq8074ipq5018sa415mbitraipq6018_firmwaresa515mqcs605bitra_firmwaresdm429_firmwareipq8064sdx55_firmwareapq8009agattiipq8064_firmwarenicobarsa6155p_firmwaremsm8953sdm450sa515m_firmwareqrb5165_firmwareqrb5165qcm2150mdm9607_firmwaresm8250_firmwaresc8180x_firmwaresa415m_firmwareqcs405ipq8074_firmwaresa8155p_firmwareqm215sdm710mdm9607sdm710_firmwaresa6155pipq6018sm8150_firmwaresxr2130_firmwaresdm439_firmwareqcs405_firmwarerennellrennell_firmwareqca6390qm215_firmwareipq4019sdx55msm8953_firmwaresaipan_firmwaresm6150_firmwaresa8155pmsm8917_firmwaresm8250sm8150kamortasaipannicobar_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-10566
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.79%
||
7 Day CHG~0.00%
Published-21 Nov, 2019 | 14:38
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow can occur in wlan module if supported rates or extended rates element length is greater than max rate set length in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8905, MSM8996AU, Nicobar, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS405, QCS605, SDA845, SDM670, SDM710, SDM845, SDX20, SM6150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaremsm8996au_firmwaresdm845sdx20mdm9607_firmwaresm8250_firmwaremdm9650qcs405qca6574ausdm710sm6150mdm9607msm8996auapq8017_firmwaresdm710_firmwareqcn7605_firmwaresdm670sxr2130qcs605_firmwaremdm9207c_firmwaremdm9206msm8905mdm9207cqca6174a_firmwareqca6174aqca9379_firmwaresdm670_firmwaresm8150_firmwaresxr2130_firmwareapq8096auqcs405_firmwareqca9377sda845_firmwareqcn7605mdm9206_firmwareqcs605apq8053apq8096au_firmwaresm6150_firmwaresm8250mdm9650_firmwaresm8150sdx20_firmwaremsm8905_firmwareqca6574au_firmwareapq8017nicobar_firmwareqca9379apq8053_firmwaresda845nicobarsdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-11295
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.04% / 12.57%
||
7 Day CHG~0.00%
Published-07 May, 2021 | 09:10
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in camera If the threadmanager is being cleaned up while the worker thread is processing objects in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580fsm10055qpm5679_firmwaresa6150p_firmwareqcs610qca6431_firmwareqfs2608_firmwareqfs2530qpm8870_firmwareqpa8802qpm6585_firmwarepm6125qat3519qbt2000_firmwareqat5522_firmwarewcn3950_firmwarepm8150aqtc800hqdm5670sa8150p_firmwareqca6595au_firmwaresdr8250_firmwareqpa5581_firmwaresa6155qpa8821smr546_firmwareqdm5671qpm4650_firmwareqat3518qpa5580_firmwaresdr425_firmwaresmr526_firmwarewcn3950wgr7640_firmwareqpm5670_firmwaresd710_firmwaresd460_firmwareqca6574au_firmwareqpm8870wcd9375_firmwareqpm5679qbt2000sa6155_firmwarepm6150aqpm6670_firmwaresdr735gpm660_firmwarepm8150bqdm3301_firmwaresa8155_firmwaresd662_firmwarepmr735afsm10056_firmwaresdr660qca6436wcn6851sa6155pqfs2630_firmwaresdr865qdm5620_firmwarewcd9341smr545qdm4643_firmwareqca6696_firmwareqca6431qln5020sd870_firmwarepmm855au_firmwaresa8150ppm6350qdm5621qtc800sqpm5875_firmwarewsa8830_firmwareqet6105wcn3988wtr3925sa8195p_firmwaresmb1390wcn6750_firmwareqat5516_firmwarepm6150lsd8885gqpm6585wcn3991wcd9380_firmwaresmb1355qln4650qpa8801sdr735g_firmwarewgr7640qat5568qet5100qdm5671_firmwareqpa8801_firmwareqca6564aupm8150l_firmwaresdx55m_firmwarewcn6856_firmwaresdxr25gpm6150smb1354_firmwaresd670_firmwareqca6574pm7250bqln4642_firmwareqfs2630qpa8842wcd9380smb1355_firmwarepm7250b_firmwaresmb1351_firmwareqcs410pmk8350_firmwaresdr735pm660lqpa8803smr526wcn3980pmk8003qtc801s_firmwaresdxr25g_firmwarewsa8815wcn6850qdm5621_firmwareqca6426_firmwarepm8350_firmwarepm8009wcn3980_firmwarepm660l_firmwaresdx55mqca6421_firmwarepm8008pm8350b_firmwareqtm525_firmwareqat3518_firmwareqpm5621_firmwarewcn6851_firmwareqdm5670_firmwaresd8655gqpa8802_firmwarepm8150b_firmwareqpm5621sd670smr545_firmwarepm8009_firmwareqca6564a_firmwareqfs2580_firmwareqcm4290_firmwaresd480sd870wcn6855sd8885g_firmwarepm8150lqcs610_firmwaresa6145ppmm6155ausdxr1qca6595_firmwarewtr2965qca6391_firmwarewcd9370_firmwareqln4650_firmwareqat3516_firmwareqpm5875qet5100msd888_firmwaresa8155pqat3555_firmwareqat3516qpa8803_firmwareqpm5870wcn3991_firmwarewsa8830pmm8155au_firmwarepm660qet6110_firmwareqln5030pm6125_firmwareqbt1500fsm10056qpa5581pmi632qpa2625_firmwarepm8350bh_firmwarepmr735b_firmwarefsm10055_firmwareqbt1500_firmwareqpm5870_firmwareqet5100_firmwareqpm4621qet6100_firmwareqcs4290qet6100pmm855ausdr660gqca6390_firmwaresmb1396wcd9370pm8350qpa5461_firmwaresdr425pm8350c_firmwarepmr525_firmwareqca6426wcn3990_firmwareqpm5641pmi632_firmwarewcd9385_firmwarewcd9326_firmwareqat5516qdm5620sd662qpa8821_firmwaresdr660g_firmwarepm8350bhpmk8002_firmwarepm3003asa8155qdm4650_firmwarepmm6155au_firmwareqca6595auqca6436_firmwareqpm6670smb1354qca6564au_firmwaresa6155p_firmwareqpm8820qpm4641qat5515_firmwareqln5020_firmwarepm8250smb1398qdm4643qfs2530_firmwarewcn3988_firmwarepmx55qpm4641_firmwaresa6145p_firmwarepm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresa8195psdr735_firmwarewsa8810_firmwareqpm5677qat5515wcd9326pm6350_firmwareqcs4290_firmwarewcd9385qtc800h_firmwarepmm8155auqln5040_firmwareqpm4630qca6390wcd9375pmm8195auqln5030_firmwareqln4642qpm5677_firmwarewsa8815_firmwarewtr3925_firmwaresmr525_firmwaresmb1396_firmwarewcn6850_firmwarewsa8835_firmwareqpm8820_firmwareqpm6621_firmwareqca6564asmr546qet6110qln5040qpm5670wcn3990pmx55_firmwareqca6595pmk8350smb1398_firmwaresd888pm8350bqat5522wsa8835pm8150cpmr735bpmk8003_firmwaresdr660_firmwareqca6574aqpm4640_firmwarewcn6855_firmwaresmb1390_firmwarepm8350csmr525qpm4640wcn6750pm6150l_firmwarepmr525pm8150a_firmwareqet5100m_firmwareqpm4650qtm525qca6574_firmwarepm6150a_firmwarepm6150_firmwareqca6574a_firmwareqpm4630_firmwaresdr865_firmwareqat3555pm8250_firmwaresd460qca6391sdxr1_firmwaresmb1351qpa5461wtr2965_firmwareqcm4290qfs2608sd480_firmwareqtc801sqdm4650qca6574auqpm5641_firmwaresd710sa8155p_firmwareqet6105_firmwarepm8008_firmwaresd8655g_firmwarewcd9341_firmwareqpm6621wsa8810pmr735a_firmwareqat5568_firmwarewcn6856sdr8250pm3003a_firmwareqca6696qtc800s_firmwareqpa2625pmk8002sa6150ppmm8195au_firmwareqpm4621_firmwareqcs410_firmwareqpa5580Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-416
Use After Free
CVE-2020-11120
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.57%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-04 Aug, 2024 | 11:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Calling thread may free the data buffer pointer that was passed to the callback and later when event loop executes the callback, data buffer may not be valid and will lead to use after free scenario' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8096AU, APQ8098, Bitra, Kamorta, MSM8917, MSM8953, MSM8998, QCM2150, QCS405, QCS605, QM215, Rennell, Saipan, SDM429, SDM439, SDM450, SDM632, SM6150, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-kamorta_firmwareqcm2150_firmwaremsm8953sdm450sdm632_firmwareapq8098_firmwaresdm450_firmwaremsm8998_firmwaresdm632qcm2150sdm439sm8250_firmwaresdm429qcs405sm7150_firmwaresm6150qm215sm7150msm8917sxr2130qcs605_firmwaresm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwarerennellbitraapq8098rennell_firmwareqm215_firmwareqcs605msm8953_firmwareapq8096au_firmwaresaipan_firmwaresm6150_firmwaremsm8917_firmwarebitra_firmwaremsm8998sdm429_firmwaresm8150sm8250kamortasaipanSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2020-11228
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.01%
||
7 Day CHG~0.00%
Published-17 Mar, 2021 | 06:00
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Part of RPM region was not protected from xblSec itself due to improper policy and leads to unprivileged access in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9360_firmwarepm6125qat3519qbt2000_firmwarepm855a_firmwarewcn3950_firmwareqtc800hsdr8250_firmwareqcs2290pm8998_firmwaresmr546_firmwarewtr5975_firmwaresdr425_firmwarewcn3998smr526_firmwarewcn3950sm4125qpa5460pm640a_firmwareqsw8573_firmwarewgr7640_firmwareqsw8574_firmwaresd460_firmwareqca6574au_firmwareqpa4360_firmwarewcd9375_firmwarewcn3998_firmwareqbt2000pm855pqca6420wcd9360pm6150apmx50_firmwarewhs9410_firmwaresdr735gqpa5460_firmwarewcn3999sa8155_firmwaresd662_firmwareqcs405qca6430qat3522wcd9340sdm830_firmwaresdr660sa6155pqpa6560sdr865wcd9341smr545qca6696_firmwarepmm855au_firmwarewcn3910_firmwaresd_8cxpm6350qtc800ssd855_firmwarewcn3988wtr3925pm640p_firmwaresdr052sa8195p_firmwaresmb1390qat5516_firmwarepm6150lpm855l_firmwareqtc410swcn3991smb1355sdr735g_firmwarewgr7640qet5100sdx55m_firmwarepm8005_firmwareqpa8673_firmwarepm6150qet4101_firmwaresmb1354_firmwarepm7250bsdr052_firmwaresmb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwaresmb1381pm855p_firmwaresdx50m_firmwaresdr735sdx24_firmwaresmr526wtr5975qca6430_firmwarepmk8003qtc801s_firmwarewcn3980qat3522_firmwareqdm2301qsw8573wcd9340_firmwarewsa8815wcn6850wcn3910qdm2301_firmwaresd_8c_firmwarepm8350_firmwareqca9984wcn3980_firmwaresdr051_firmwaresdx55mpm8008qtm525_firmwareqsw8574pmi8998pm855lqpa6560_firmwaresmr545_firmwarepm4250_firmwareqcm4290_firmwaresd480pmi8998_firmwarepm8005pm855_firmwarepm4250qdm2302pm855b_firmwareqca6595_firmwareqcs405_firmwarewtr2965pm640l_firmwarewcd9370_firmwaresdx55sa8155psd675qet4101qat3555_firmwarepm855bar8035_firmwareqcm2290wcn3991_firmwaresdr051pm6125_firmwarepm4125qbt1500qcs2290_firmwarepmi632pmx24_firmwareqbt1500_firmwareqet5100_firmwareqcs4290sdr660gpmm855auqca6420_firmwareqca6390_firmwaresmb1396wcd9370sd675_firmwarepm8350qpa4361_firmwaresdr425wcn3990_firmwareqca9984_firmwarepmi632_firmwaresd_8cx_firmwarewcd9385_firmwarewhs9410qat5516sd662sdr660g_firmwarepmk8002_firmwareqsw6310_firmwaresa8155sdx55_firmwarewcn3999_firmwaresmb1354sa6155p_firmwareqat5515_firmwarepm855wcn3988_firmwarepmx55sdr735_firmwareqat3519_firmwaresa8195pwsa8810_firmwareqat5515pm6350_firmwarepm8004_firmwaresdr8150_firmwareqcs4290_firmwarewcd9385qtc800h_firmwareqdm2302_firmwareqat3550_firmwarepm4125_firmwarear8035qca6390wcd9375aqt1000qpa8673pmm8195auwtr3925_firmwaresd888_5g_firmwaresmb1396_firmwarepm8998wcn6850_firmwarewsa8815_firmwaresmr546pmx24qcm2290_firmwarewcn3990pmx55_firmwareqca6595sdx24sd665_firmwaresd888_5gqpa4360pm855apmk8003_firmwaresdr660_firmwareqca6574aqpa4361smb1390_firmwarepm6150l_firmwareqtm525sd855sm4125_firmwaresd665pm6150a_firmwarepm6150_firmwarepm640pqca6574a_firmwaresdr865_firmwareqat3555sd460smb1351aqt1000_firmwarewtr2965_firmwareqcm4290sdx50mpm640asdr8150sd480_firmwareqtc801spmd9655qca6574ausa8155p_firmwareqsw6310pm8008_firmwarewcd9341_firmwarewsa8810qtc410s_firmwareqat3550pmx50sd_8csdr8250qca6696qtc800s_firmwaresmb1381_firmwarepm8004pm640lpmk8002pmm8195au_firmwaresdm830Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CVE-2020-11231
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 13.72%
||
7 Day CHG~0.00%
Published-07 Apr, 2021 | 07:55
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Two threads call one or both functions concurrently leading to corruption of pointers and reference counters which in turn can lead to heap corruption in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qfe2550qpm5679_firmwareqcs610qdm5579qdm2307qca6431_firmwareqfs2608_firmwareqfs2530qpm8870_firmwareqpa8802qpm6585_firmwarepm6125qat3519qbt2000_firmwareqat5522_firmwarewcn3950_firmwarepm8150aqtc800hqdm5670sdr8250_firmwareqpa5581_firmwaremsm8917pm7150lqpa8821smr546_firmwareqdm5671qpm4650_firmwareqcs6125_firmwareqat3518sd632qpa5580_firmwarewcn3998smr526_firmwarewcn3950qsw8573_firmwarewcn3660bwgr7640_firmwareqdm2305_firmwareqfe4320qpm5670_firmwareqsw8574_firmwarepm8953_firmwareqdm5652qpa4360_firmwareqpm8870wcd9375_firmwarewcn3998_firmwareqpm5679qbt2000apq8053_firmwareqpm6670_firmwaresdr735gpm8150bqdm3301_firmwareqsm7250qcs6125qfe2101qat3522pmr735asd765gqualcomm215_firmwareqdm2308_firmwaresdr660pm439_firmwareqca6436wcn6851qpa6560qfs2630_firmwaresdr865qdm5620_firmwaresmb1358wcd9341pmi8952smr545qdm4643_firmwarepm8937_firmwareqca6431qln5020sm7350_firmwaresd870_firmwareqfe4320_firmwareqdm3302qdm5621qpm5875_firmwareqat3514_firmwarewsa8830_firmwaresd855_firmwareqdm5650wcn3988wtr3925smb1390qat5516_firmwarepm6150lsd8885gpm855l_firmwareqpa8686_firmwareqpm6585wcn3991wcd9380_firmwaresmb1355qln4650qpa8801sdr735g_firmwarepm8350bhs_firmwarewgr7640qat5568qet5100qdm5671_firmwareqpa8801_firmwarepm8150l_firmwareqat5533_firmwaresdx55m_firmwarewcn6856_firmwaresdxr25gqpa8673_firmwarepm6150qet4101_firmwaresd632_firmwarepm7250bqln4642_firmwareqfs2630qpa8842wcd9380smb1355_firmwarepm7250b_firmwarequalcomm215qfe4309_firmwarepmk8350_firmwaresmb1381sdr735pm7250smb1395qpa8803smr526wcn3980qtc801s_firmwaresd439_firmwareqat3522_firmwaresdxr25g_firmwarepm7350c_firmwareqdm2301qsw8573wsa8815wcn6850qfe2101_firmwareqdm5621_firmwareqdm2301_firmwaresmb1394qca6426_firmwarepm8350_firmwarewcn3660b_firmwarewcn3680qfe4309pm8009wcn3980_firmwaresdx55mqca6421_firmwarewcn6740_firmwareqfe4373fcpm8008pm8350b_firmwareqtm525_firmwaremsm8953qat3518_firmwareqsw8574wcn3680_firmwareqpm5621_firmwarepm855lwcn6851_firmwareqdm5670_firmwareqpa6560_firmwaresd8655gqpa8802_firmwarepm7150a_firmwarepm8150b_firmwareqfe4308_firmwareqfe4302qpm5621qpm6582smr545_firmwarepm8009_firmwareqdm2310_firmwareqfe4303qfs2580_firmwareqcm4290_firmwaresd870sd8885g_firmwarepm8150lqcs610_firmwareqdm5677pm855_firmwarepm215qdm2302pm855b_firmwareqpm6582_firmwarewtr2965qca6391_firmwarepmi8937_firmwarewcd9370_firmwareqat3516_firmwareqln4650_firmwaresdx55qpm5875qet5100mapq8053pm8350bhssd439qet4101qat3555_firmwareqat3516qpa8803_firmwareqpm5658pm855bqpm5658_firmwareqpm5870wcn3991_firmwareqdm5652_firmwarewsa8830qet6110_firmwareqdm5579_firmwareqln5030pm6125_firmwareqbt1500qpa5581pmi632qpa2625_firmwarepm8350bh_firmwarepmr735b_firmwareqbt1500_firmwareqet5100_firmwareqpm5870_firmwareqpm4621qet6100_firmwareqcs4290qet6100sd765g_firmwareqpa8686smb1358_firmwaresmb1394_firmwareqca6390_firmwaresmb1396pm7150awcd9370pm8350qpa5461_firmwareqpa4361_firmwarepm8350c_firmwarepmr525_firmwareqca6426wcn3990_firmwareqpm5641pmi632_firmwarewcd9385_firmwareqdm5650_firmwarewcd9326_firmwareqat5516wcn3615_firmwarewtr2955pm7250_firmwareqdm5620qpa8821_firmwareqfe4308pm8350bhpmk8002_firmwareqsw6310_firmwarepm3003aqdm4650_firmwaresdx55_firmwarewcn3680b_firmwareqat5533wcn3615sm7250p_firmwareqca6436_firmwaresm7350qsm7250_firmwareqpm6670pm7150l_firmwareqdm2305qpm8820qpm4641pm8937qat5515_firmwareqln5020_firmwarepm855qpm8830_firmwaresd429pm8250smb1398qdm4643qfs2530_firmwarewcn3988_firmwarepmx55qpm4641_firmwaresd429_firmwarepm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresdr735_firmwareapq8017_firmwarewsa8810_firmwarepm8953qat5515qpm5677sd765_firmwareqat3514wcd9326qdm5677_firmwaresdr8150_firmwareqcs4290_firmwarewcd9385pm439qtc800h_firmwareqdm2302_firmwarepmk7350_firmwareqln5040_firmwareqpm4630qca6390wcd9375aqt1000qpa8673qdm2310qfe2550_firmwaremsm8953_firmwareqln5030_firmwareqln4642msm8917_firmwareqpm5677_firmwareqfe4302_firmwarewsa8815_firmwarewtr3925_firmwarepmi8937smr525_firmwarepmk7350smb1396_firmwareqpm8820_firmwarewcn6850_firmwarewsa8835_firmwareqfe4301_firmwareapq8017qpm6621_firmwaresmr546qcm6125_firmwareqet6110pmi8952_firmwareqln5040qpm8895qpm5670wcn3990pmx55_firmwarewtr2955_firmwareqfe4373fc_firmwarepmk8350smb1398_firmwareqpm8830qdm3302_firmwarepm8350bqat5522qdm2307_firmwarewsa8835pm8150cpmr735bsd665_firmwareqpa4360sdr660_firmwareqpa4361qpm4640_firmwaresmb1390_firmwareqdm5679_firmwarepm8350csmr525qfe4305_firmwareqfe4303_firmwareqpm4640pm6150l_firmwarepmr525pm7350cpm8150a_firmwareqet5100m_firmwareqpm4650qtm525sd855sd665qfe4305pm6150_firmwaresd765qpm4630_firmwaresd768g_firmwaresdr865_firmwareqat3555pm8250_firmwareqca6391qpa5461aqt1000_firmwarepm215_firmwareqpm8895_firmwarewtr2965_firmwareqcm4290sdr8150qfs2608qtc801ssmb1395_firmwareqdm4650qpm5641_firmwareqsw6310pm8008_firmwaresd8655g_firmwarewcd9341_firmwareqcm6125qpm6621wsa8810pmr735a_firmwareqat5568_firmwareqdm2308wcn6856qdm5679wcn3680bsdr8250sd768gpm3003a_firmwarewcn6740qfe4301smb1381_firmwareqpa2625pmk8002sm7250pqpm4621_firmwareqpa5580Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-415
Double Free
CVE-2020-11267
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.04% / 12.01%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 06:20
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack out-of-bounds write occurs while setting up a cipher device if the provided IV length exceeds the max limit value in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaremdm9640_firmwaresm6250p_firmwareipq4028_firmwareqca8337ar9380ipq8173_firmwareqcn5124wcn3950_firmwareqca6595au_firmwaresa6155sd_455_firmwareapq8076qcs6125_firmwaresa415mwcn3998wcd9371_firmwarewcn3950qcn6024_firmwaresd720gsm4125mdm9206_firmwareqsw8573_firmwarewcn3660bsd450_firmwaresd460_firmwaremdm9230_firmwareqca8081_firmwarewcn3998_firmwareapq8009w_firmwareqca6420apq8053_firmwareqca9986ipq8070_firmwareqca9367_firmwareipq8065ipq8078a_firmwareipq8072_firmwaresa8155_firmwareipq8068qca6430wcd9306_firmwarewcd9340sdm830_firmwaresd765gmdm9250_firmwareqca9888_firmwareqca6696_firmwarewcd9371sd870_firmwareqcn5154_firmwaresd_8cxqcn5501_firmwaresa8150par7420_firmwaremdm9330_firmwareqca9992_firmwaresd660sd865_5g_firmwaresd660_firmwareqcn5121qcn5022_firmwarewcn6750_firmwaresd450qca6428_firmwareqca9985_firmwarewcn3991ipq4018_firmwareqca9980_firmwaresdm429wipq8078sdx55m_firmwareipq8173sd670_firmwareqca6574sd632_firmwarecsr8811_firmwarewcd9380qualcomm215qcs410qcn5024sd690_5g_firmwareqca9379_firmwaresdx24_firmwareqca9985qcn9012_firmwaresd439_firmwareipq6018_firmwarewcd9340_firmwarewsa8815wcn6850pmp8074_firmwareqca6584_firmwaremsm8937_firmwaresd_8c_firmwareipq6028ipq8064sd835pmp8074wcn3980_firmwaresd730wcn6740_firmwareqcn5064_firmwaresd678_firmwareapq8064au_firmwareipq8078_firmwareqcn5054qcs603qca9994qca9980sd670qcn9024_firmwareipq8174_firmwareapq8009wqcm4290_firmwarewcn6855qcs610_firmwaresa6145pqca9886_firmwarear8031sdm630_firmwaresd820_firmwareqca6391_firmwareqca4024wcd9370_firmwaresdx55apq8053qcn5021_firmwarecsra6640wcn3660qca9379qcn5500wsa8830qca9561csrb31024qca9563_firmwaremdm9628_firmwaremdm9650sd_636fsm10055_firmwareqca9992qcs4290mdm9250qca6420_firmwareapq8009_firmwaresd690_5gsd675_firmwareipq8072qca6564qca6426wcn3990_firmwareqca9984_firmwareqca9377sdw2500_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwareipq8074aqca9982sa8155qca6584qcn5122_firmwaresdx55_firmwarewcn3615qcn6023_firmwaresm7250p_firmwarewcn3610_firmwarewcd9306qca6584ausd778gqfe1952ipq8174sd429qcn5052qca9367sdm630mdm9607_firmwaresa415m_firmwarewcn3988_firmwareqcn9074sd205sd429_firmwareqca6421sd778g_firmwaresa8195pqca6694qca7550wcd9326wcd9335qca9982_firmwareqcn6023qcs4290_firmwareqca6390qca9898_firmwaresd750g_firmwareaqt1000wcd9375sm6250_firmwaremsm8917_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwaresdx20_firmwarewsa8815_firmwareapq8017mdm9630_firmwareqcm6125_firmwareqca9882sd780gsd865_5gqca6595qca9896_firmwareipq8065_firmwaresd665_firmwareqcn5154qca8075_firmwareipq6005_firmwaremdm9206wcn6855_firmwareqca9888qca6310_firmwareipq8070a_firmwareqca6574_firmwareqca9886qcn5502_firmwaresm7325p_firmwaresd665sd765qca6574a_firmwareapq8009csrb31024_firmwareqcn9070_firmwaresd480_firmwareipq6028_firmwareipq8072a_firmwaremdm9626_firmwareqca9531qca9889_firmwaresd710mdm9607qcn5122sdx20m_firmwareqcn5022qca6564_firmwaresd768gwcn6740sdw2500qca8075apq8096au_firmwareqcn6024qcn9022sd845sdm830ipq6000_firmwareqcs410_firmwaremdm9330fsm10055sa6150p_firmwareqcs610qcn5550qca6431_firmwareqca9561_firmwareqca4024_firmwareipq8078asa8150p_firmwareqcs2290qca6335msm8917qcn5064csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqca9987_firmwaresd632ipq8076amdm9628sd710_firmwareqca4020qca6428qca6574au_firmwareqcn5164_firmwareipq8071mdm9630wcd9375_firmwaresa6155_firmwaremsm8909wsdx20mqca6438_firmwarewcn3999qca7500ipq4029_firmwareqcs6125ipq6010sd662_firmwareqcs405qualcomm215_firmwarefsm10056_firmwareqca4020_firmwareqca6436wcn6851qcn3018_firmwaresa6155pqcs603_firmwaremsm8937wcn3660_firmwarewcd9341ipq8068_firmwarepm8937_firmwareqca6431sd750gqca9988_firmwarewcn3910_firmwareqfe1922wsa8830_firmwaresd855_firmwarewcn3988qca6438sa8195p_firmwareqca9898ipq4028wcn3610mdm9640ipq5018_firmwareqca8337_firmwaresda429w_firmwarewcd9380_firmwareipq8072aqca7500_firmwarewcd9330msm8996au_firmwarecsr6030ipq8076a_firmwareqca7550_firmwareqca6564auipq4029wcn6856_firmwareqcn5164qca9558qet4101_firmwareqca7520_firmwaremdm9230qcn5054_firmwareipq4019_firmwaresdx50m_firmwareqca8072_firmwareqca6174qca6430_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqsw8573qcs605wcn3910qca6320mdm9650_firmwareqca9986_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680qca9984qcn9024qcn5550_firmwarewcd9330_firmwaresdx55mipq8064_firmwareqca6421_firmwaremsm8953ar8031_firmwarewcn3680_firmwarewcn6851_firmwareipq8070qcn5502qca9887_firmwaresd_636_firmwareqca6564a_firmwareqca9880sd480sd870qcn5121_firmwaresd210_firmwareipq6018qcn3018sdxr1apq8096auqca6595_firmwareqcs405_firmwaresa8145psd780g_firmwaresd888_firmwaresa8155psd675sd439qet4101qca9531_firmwarear8035_firmwareqcm2290qcn5024_firmwarewcn3991_firmwaresd678qcn9070sa8145p_firmwareqca7520qcs2290_firmwarefsm10056csra6620qca9987qcn9072qca9880_firmwaresd765g_firmwareipq8069_firmwareqca6390_firmwareipq6000qca6174_firmwaresd730_firmwarewcd9370qcn5152_firmwareqca6584au_firmwareapq8076_firmwareqcn9000_firmwareipq5018sd_8cx_firmwareqca9563sd662qcn5124_firmwareqfe1952_firmwareqca6320_firmwarewcn3680b_firmwareqca6595auwcn3999_firmwareqca6436_firmwareipq5010qca6564au_firmwaresa6155p_firmwareqca6310pm8937sa515m_firmwareqca9990sdxr2_5gqcn5501sa6145p_firmwaresm6250apq8017_firmwarewsa8810_firmwaresd765_firmwareqca8081ipq8071aqca6174a_firmwareipq8071a_firmwarewcd9385ar8035csr8811apq8064auipq4019qca6694_firmwaremsm8953_firmwareqcn9100_firmwaresda429wsd210wcn3620_firmwaresd820wcn6850_firmwarewsa8835_firmwarewcn3620csr6030_firmwareqca6564aqca9988qca8072qcm2290_firmwarewcn3990qcn9000sd_675ar9380_firmwaresdx24qcn9012sd888qca9558_firmwaremsm8909w_firmwarewsa8835msm8996ausdm429w_firmwaresd888_5gsm6250pipq4018qca6574aqca9889qca6174asm7325pipq8074qca9994_firmwarewcn6750ipq8076_firmwaresa515mar7420sd855sm4125_firmwareipq8076qfe1922_firmwareqca9887qcn5021ipq8069qcn5152sd768g_firmwaresd460qca6391sdxr1_firmwareipq6005aqt1000_firmwareqcn9100mdm9626qcm4290sdx50mqca9882_firmwaresdx20sd_455ipq8074_firmwareqca6574ausa8155p_firmwaresd205_firmwarewcd9341_firmwareqcm6125wsa8810qcn5500_firmwarewcn6856sd_8cwcn3680bsd835_firmwareipq6010_firmwareqca6696sd845_firmwaresa6150pqcn9022_firmwareqca9990_firmwareipq8070aqcn9072_firmwaresm7250psd720g_firmwareipq8071_firmwareqcn9074_firmwareqca9896Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-11306
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.01%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 06:20
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible integer overflow in RPMB counter due to lack of length check on user provided data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830sd678sm6250p_firmwareqcs610qcs2290_firmwareqca6431_firmwaresd7c_firmwarewcd9360_firmwareqcs4290wcn3950_firmwaresd765g_firmwareqca6420_firmwareqcs2290qca6390_firmwaresd690_5gsd730_firmwarewcd9370sd_675_firmwaresd675_firmwareqca6426wcn3990_firmwareqca9984_firmwarewcn3998sd_8cx_firmwarewcd9371_firmwaresdxr2_5g_firmwarewcd9385_firmwaresm4125sd720gwcn3950whs9410qsm8350_firmwaresd662qsm8350sd460_firmwareqca6574au_firmwaresdx55_firmwarewcd9375_firmwarewcn3998_firmwarewcn3999_firmwaresm7250p_firmwareqca6420qca6436_firmwarewcd9360sd778gsa6155p_firmwarewhs9410_firmwarewcn3999sdxr2_5gsd662_firmwareqcs405qca6430wcn3988_firmwareqca6421sd778g_firmwaresm6250wcd9340sa8195psdm830_firmwarewsa8810_firmwaresd765gsd765_firmwareqca6436wcn6851sa6155pqcs4290_firmwarewcd9385wcd9341qca6431wcd9371sd750gsd870_firmwareqca6390ar8035sd_8cxaqt1000sd750g_firmwarewcd9375sm6250_firmwarewcn3910_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwarewcn6750_firmwareqcm2290_firmwarewcn3991wcd9380_firmwarewcn3990sd_675sd865_5gqca6595sdx24sdx55m_firmwarewcn6856_firmwaresd888wsa8835wcd9380sd888_5gsm6250pqcs410sd690_5g_firmwarewcn6855_firmwaresm7325psdx24_firmwareqca6430_firmwarewcn3980wcn6750wcd9340_firmwaresd855sm4125_firmwaresm7325p_firmwaresd7cwcn3910wcn6850wsa8815sd_8c_firmwaresd765qca6426_firmwareqca9984sd768g_firmwarewcn3980_firmwaresd730sd460qca6391sdx55mqca6421_firmwareaqt1000_firmwaresd678_firmwareqcm4290sd480_firmwarewcn6851_firmwareqca6574auwcd9341_firmwareqcm4290_firmwaresd480sd870wcn6855wsa8810qcs610_firmwarewcn6856qsm8250sd_8csd768gqca6595_firmwareqcs405_firmwareqca6391_firmwarewcd9370_firmwaresdx55sd888_firmwaresd675sm7250psdm830sd720g_firmwareqcs410_firmwarear8035_firmwareqcm2290qsm8250_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-11263
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.3||HIGH
EPSS-0.11% / 30.29%
||
7 Day CHG~0.00%
Published-03 Jan, 2022 | 07:25
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An integer overflow due to improper check performed after the address and size passed are aligned in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm2290_firmwarewcn3991_firmwaresm6375wcn3991wsa8830sd678qca8337_firmwaresm6250p_firmwarewcd9380_firmwareqcs610wcn3990sd_675qcs2290_firmwareqca8337sd865_5gsd7c_firmwaresdx55m_firmwarewsa8835qcx315_firmwareqcs4290wcn3950_firmwarewcd9380sd765g_firmwareqcs2290sm6250pqca6390_firmwareqcs410sd690_5gsd730_firmwarewcd9370sd675_firmwaresd_675_firmwaresd690_5g_firmwareqca6426wcn3990_firmwareqrb5165n_firmwareqca9984_firmwarewcn3980wcn3998wcd9385_firmwaresdxr2_5g_firmwarewcn3950sd720gsm6375_firmwarewsa8815wcn6850sd7csd662wcn3910sd460_firmwaresd765qca6426_firmwareqca9984sd768g_firmwaresdx55_firmwarewcd9375_firmwarewcn3998_firmwarewcn3999_firmwarewcn3980_firmwaresm7250p_firmwaresd730sd460qca6391qca6436_firmwaresdx55mqrb5165nsm6225wcn3999sd678_firmwareqcm4290qrb5165_firmwaresdxr2_5gqrb5165sd480_firmwarewcn6851_firmwaresd662_firmwaresm6225_firmwareqcs405wcn3988_firmwaresm6250wsa8810_firmwaresd765gwcd9341_firmwareqcm4290_firmwaresd765_firmwaresd480qca6436wcn6851sd870wsa8810qcs610_firmwareqsm8250qcs4290_firmwarewcd9385wcd9341sd768gqcs405_firmwaresd750gsd870_firmwareqca6391_firmwareqca6390ar8035sd750g_firmwarewcd9375wcn3910_firmwarewcd9370_firmwaresm6250_firmwaresdx55sd675wsa8830_firmwaresd865_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresm7250psd720g_firmwareqcx315qcs410_firmwarear8035_firmwareqcm2290qsm8250_firmwareSnapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-11217
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.01%
||
7 Day CHG~0.00%
Published-21 Jan, 2021 | 09:41
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A possible double free or invalid memory access in audio driver while reading Speaker Protection parameters in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qpm5870wsa8830pm660qln5030pm4125qdm5579pmi632qpa5581qdm2307qfs2530qpa8802pm6125qat3519qpm4621qcs4290qet6100pm8150aqtc800hqdm5670qcs2290qpa8686pm7150lqpa8821pm7150asmb1396wcd9370pm8350qdm5671sdr425qca6426qat3518qpm5641wcn3998wcn3950qat5516sm4125qdm5620sd662pm8350bhpm3003aqdm5652sd6905gqat5533qpm8870qpm5679qbt2000sm7350pm6150aqpm6670smb1354qdm2305qpm8820sdr735gqpm4641pm8150bqsm7250pm8250smb1398qdm4643pmx55qat3522pmr735aqca6421qdm3301qpm5677qat5515sd765gqat3514qca6436sdr660wcd9335wcn6851qpa6560sdr865wcd9385wcd9341smr545qca6431qln5020sd750gqpm5620qdm3302qpm4630qca6390wcd9375qpa8673qpm5657pm6350qdm2310qdm5621qtc800sqln4642sd660qdm5650wcn3988wtr3925pmk7350smb1390smr546pm6150lsd8885gqet4100qet6110qln5040qpm8895qpm6585wcn3991qpm5670wcn3990smb1355qln4650qpa8801wgr7640qat5568qet5100pmk8350qpm8830sdxr25gpm8350bqat5522wsa8835pm7250bpm8150cpmr735bqfs2630qpa8842wcd9380qpa4360sdr735pm7250smb1395pm660lpm8350cqpa8803smr525smr526qpm4640pmk8003wcn3980wcn6750pmr525qdm2301pm7350cqpm4650qtm525wsa8815wcn6850wcn3910sd765smb1394qat3555pm8009sd460qca6391sdx55msmb1351qpa5461pm8008pm660aqpa4340qcm4290qfs2608rsw8577qtc801sqdm4650sd8655gqpm5621qpm6582qpm6621wsa8810pm8150lqdm2308qat3550qdm5677wcn6856qdm5679sdr8250sd768gwcn6740wtr2965sm4350qpm5875qet5100mpmk8002qpa2625pm8350bhsqet4101qat3516sm7250pqpm5658qcm2290qpa5580Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-415
Double Free
CVE-2020-11133
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.01%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-04 Aug, 2024 | 11:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Possible out of bound array write in rxdco cal utility due to lack of array bound check' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MSM8998, QCS605, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm850_firmwaresdm670_firmwaresdm636_firmwaresdm636sda845_firmwaresdm660_firmwaresdm630_firmwaresdm845msm8998_firmwaresdm660sdm630qcs605sdm710msm8998sdm850sdm710_firmwaresxr1130_firmwaresxr1130sdm670qcs605_firmwaresda845sdm845_firmwareSnapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-11131
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.79%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 10:00
Updated-04 Aug, 2024 | 11:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Possible buffer overflow in WMA message processing due to integer overflow occurs when processing command received from user space' in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8009, APQ8053, APQ8096AU, MDM9206, MDM9250, MDM9628, MDM9640, MDM9650, MSM8996AU, QCS405, SDA845, SDX20, SDX20M, WCD9330

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9206mdm9250_firmwaremdm9640_firmwareapq8096auwcd9330msm8996au_firmwareqcs405_firmwaresda845_firmwaresdx20mdm9628mdm9206_firmwaremdm9628_firmwaremdm9650qcs405apq8053apq8096au_firmwaremsm8996aumdm9650_firmwaresdx20_firmwaremdm9250sdx20m_firmwareapq8009_firmwareapq8009wcd9330_firmwareapq8053_firmwaresda845sdx20mmdm9640Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-11164
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.01%
||
7 Day CHG~0.00%
Published-02 Nov, 2020 | 06:21
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Third-party app may also call the broadcasts in Perfdump and cause privilege escalation issue due to improper access control' in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in Agatti, APQ8096AU, APQ8098, Bitra, Kamorta, MSM8909W, MSM8917, MSM8940, Nicobar, QCA6390, QCM2150, QCS605, Rennell, SA6155P, SA8155P, Saipan, SDA660, SDM429W, SDM450, SDM630, SDM636, SDM660, SDM670, SDM710, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-kamorta_firmwaresa6155p_firmwareqcm2150_firmwaresdm450sdm636_firmwaresdm429wapq8098_firmwaresdm450_firmwareqcm2150sdm660sdm630sm8250_firmwaremsm8940_firmwaresm7150_firmwaresa8155p_firmwaremsm8909w_firmwaresdm710agatti_firmwaresdm429w_firmwaresm6150sdm710_firmwaresm7150qca6390_firmwaremsm8917sa6155psdm670sxr2130qcs605_firmwaresdm670_firmwaresm8150_firmwaresxr2130_firmwareapq8096ausdm636sdm660_firmwarerennellbitrasdm630_firmwareapq8098sda660_firmwarerennell_firmwareqca6390qcs605msm8940apq8096au_firmwaresa8155psaipan_firmwaremsm8917_firmwarebitra_firmwaresm6150_firmwaresm8150sm8250sda660kamortasxr1130_firmwarenicobar_firmwaremsm8909wsaipansxr1130agattinicobarSnapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CVE-2020-11125
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.01%
||
7 Day CHG~0.00%
Published-02 Nov, 2020 | 06:21
Updated-04 Aug, 2024 | 11:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Out of bound access can happen in MHI command process due to lack of check of channel id value received from MHI devices' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in Agatti, APQ8009, Bitra, IPQ4019, IPQ5018, IPQ6018, IPQ8064, IPQ8074, Kamorta, MDM9150, MDM9607, MDM9650, MSM8905, MSM8917, MSM8953, Nicobar, QCA6390, QCA9531, QCM2150, QCS404, QCS405, QCS605, QCS610, QM215, QRB5165, Rennell, SA415M, SA515M, SA6155P, SA8155P, Saipan, SC8180X, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM660, SDM670, SDM710, SDM845, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-ipq5018_firmwaremdm9150_firmwarekamorta_firmwareqcm2150_firmwareqcs610sdm429wsdm632_firmwaresdm845sdm450_firmwaresdm632sdm439qcs404_firmwaremdm9650sdm429sm7150_firmwaresm6150agatti_firmwaresdm429w_firmwaresm7150qca6390_firmwareapq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaresc8180xipq4019_firmwaresdm670_firmwareqcs404ipq8074ipq5018sa415mbitraipq6018_firmwaresa515mqcs605bitra_firmwaresdm429_firmwaremdm9650_firmwaremsm8905_firmwareipq8064sdx55_firmwaresxr1130_firmwaresxr1130apq8009agattiipq8064_firmwarenicobarsa6155p_firmwaremsm8953sdm450sa515m_firmwareqrb5165_firmwareqrb5165qcm2150sdm660mdm9607_firmwaresm8250_firmwaresc8180x_firmwaresa415m_firmwareqcs405qca9531ipq8074_firmwaresa8155p_firmwareqm215sdm710mdm9607sdm710_firmwaresa6155pqcs610_firmwaremdm9150msm8905ipq6018sm8150_firmwaresxr2130_firmwaresdm439_firmwareqcs405_firmwarerennellrennell_firmwareqca6390qm215_firmwareipq4019sdx55msm8953_firmwaresaipan_firmwaresm6150_firmwaresa8155pmsm8917_firmwaresm8250sm8150qca9531_firmwarekamortasaipannicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-11121
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.79%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 10:00
Updated-04 Aug, 2024 | 11:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Possible buffer overflow in WIFI hal process due to usage of memcpy without checking length of destination buffer' in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile in QCM4290, QCS4290, QM215, QSM8350, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SC8180X, SC8180XP, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6250, SM6350, SM7125, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm6350sm7125sm4250p_firmwaresa6155p_firmwaresm6115_firmwaresm7250sxr2130p_firmwaresm6125qcm4290sm7250_firmwaresm8350_firmwaresa8155_firmwaresdx55m_firmwaresm8250_firmwaresc8180x_firmwaresm6115p_firmwaresm6350_firmwaresa6145p_firmwareqm215sa8155p_firmwaresm4250_firmwaresm6250qcs4290qcm4290_firmwaresa6155sa6155psm8350sxr2130sc8180xsa6145psm6115sm8350p_firmwareqcs4290_firmwaresm8350psm4250psm8150_firmwaresxr2130_firmwaresxr2130psm4250sc8180xpsm7225qm215_firmwaresc8180xp_firmwaresm6115psm7125_firmwaresdx55sm6250_firmwareqsm8350_firmwaresa8155psm8250qsm8350sm8150p_firmwaresm7225_firmwaresm8150sa8155sm7250psdx55_firmwaresa6155_firmwaresm7250p_firmwaresm6125_firmwaresdx55msm8150pSnapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2018-5857
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.95%
||
7 Day CHG~0.00%
Published-15 Jun, 2018 | 15:00
Updated-16 Sep, 2024 | 16:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the WCD CPE codec, a Use After Free condition can occur in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-416
Use After Free
CVE-2018-5869
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.04%
||
7 Day CHG~0.00%
Published-18 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 05:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the QTEE keymaster app can lead to invalid memory access in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 800, SD 810

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9206sd_212_firmwaresd_800_firmwaresd_412sd_412_firmwaresd_616mdm9206_firmwaresd_615mdm9607_firmwaresd_615_firmwaresd_810msm8909w_firmwaremdm9607sd_210sd_212sd_410_firmwaresd_205sd_800sd_210_firmwaresd_415_firmwaresd_410msm8909wsd_810_firmwaresd_616_firmwaresd_205_firmwaresd_415Snapdragon Mobile,Snapdragon Wear
CWE ID-CWE-20
Improper Input Validation
CVE-2018-5863
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.37%
||
7 Day CHG~0.00%
Published-15 Jun, 2018 | 20:00
Updated-16 Sep, 2024 | 20:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

If userspace provides a too-large WPA RSN IE length in wlan_hdd_cfg80211_set_ie(), a buffer overflow occurs in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-5825
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.27%
||
7 Day CHG~0.00%
Published-03 Apr, 2018 | 17:00
Updated-16 Sep, 2024 | 22:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in the kernel IPA driver, a Use After Free condition can occur.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-416
Use After Free
CVE-2018-5851
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.03%
||
7 Day CHG~0.00%
Published-12 Jun, 2018 | 20:00
Updated-16 Sep, 2024 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer over flow can occur while processing a HTT_T2H_MSG_TYPE_TX_COMPL_IND message with an out-of-range num_msdus value in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-129
Improper Validation of Array Index
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-5912
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.43%
||
7 Day CHG~0.00%
Published-28 Nov, 2018 | 15:00
Updated-05 Aug, 2024 | 05:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Potential buffer overflow in Video due to lack of input validation in input and output values in Snapdragon Automobile, Snapdragon Mobile in MSM8996AU, SD 450, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_820asd_850_firmwaresd_625_firmwaresd_450msm8996au_firmwaresda660_firmwaresd_845sd_625sd_820_firmwaresd_835_firmwaremsm8996ausd_820sd_835sd_450_firmwaresda660sd_845_firmwaresd_820a_firmwareSnapdragon Automobile, Snapdragon Mobile
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-11174
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.01%
||
7 Day CHG~0.00%
Published-02 Nov, 2020 | 06:21
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Array index underflow issue in adsp driver due to improper check of channel id before used as array index.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in Agatti, APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Bitra, IPQ4019, IPQ5018, IPQ6018, IPQ8064, IPQ8074, Kamorta, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8953, MSM8996AU, QCA6390, QCA9531, QCM2150, QCS404, QCS405, QCS605, SA415M, SA515M, SA6155P, SA8155P, Saipan, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-ipq5018_firmwarekamorta_firmwareqcm2150_firmwaremdm9640_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm632sdx24qcs404_firmwaremdm9650sdm429sm6150msm8909w_firmwareagatti_firmwaremsm8996ausdm429w_firmwareqca6390_firmwareapq8009_firmwaresdm670sxr2130qcs605_firmwaresc8180xipq4019_firmwaresdm670_firmwareqcs404sdx24_firmwareipq8074sdm636sda845_firmwareipq5018sa415mbitraapq8098ipq6018_firmwaresa515mqcs605bitra_firmwaresdm429_firmwaremdm9650_firmwaremsm8905_firmwaresda660sdx55_firmwareipq8064sxr1130_firmwaresxr1130msm8909wapq8009apq8053_firmwareipq8064_firmwaresda845agattisa6155p_firmwaremsm8953sdm636_firmwaresdm845_firmwaresa515m_firmwareapq8098_firmwaresdx20qcm2150sdm660sdm630mdm9607_firmwaresm8250_firmwaresc8180x_firmwaresa415m_firmwareqcs405qca9531ipq8074_firmwaresa8155p_firmwaresdm710mdm9607apq8017_firmwaresdm710_firmwaresa6155pmsm8905ipq6018sm8150_firmwaresxr2130_firmwareapq8096auqcs405_firmwaresdm630_firmwaresda660_firmwareqca6390ipq4019sdx55msm8953_firmwareapq8053saipan_firmwaresm6150_firmwareapq8096au_firmwaresa8155psm8250sm8150sdx20_firmwareqca9531_firmwarekamortaapq8017saipansdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2018-5898
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.40%
||
7 Day CHG~0.00%
Published-06 Jul, 2018 | 17:00
Updated-17 Sep, 2024 | 01:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow can occur in msm_pcm_adsp_stream_cmd_put() function if the user supplied data "param_length" goes beyond certain limit in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-5870
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.04%
||
7 Day CHG~0.00%
Published-28 Nov, 2018 | 15:00
Updated-05 Aug, 2024 | 05:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While loading a service image, an untrusted pointer dereference can occur in Snapdragon Mobile in versions SD 835, SDA660, SDX24.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_835_firmwaresdx24_firmwaresd_835sda660sda660_firmwaresdx24Snapdragon Mobile
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-5827
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.37%
||
7 Day CHG~0.00%
Published-17 May, 2018 | 22:00
Updated-17 Sep, 2024 | 02:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, a buffer overflow vulnerability exists in WLAN while processing an extscan hotlist event.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-18274
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.43%
||
7 Day CHG~0.00%
Published-06 May, 2019 | 22:37
Updated-05 Aug, 2024 | 21:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While iterating through the models contained in a fixed-size array in the actData structure, which also stores an incorrect number of models that is greater than the size of the array, a buffer overflow occurs in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_820asd_425sd_430_firmwaremdm9607_firmwaremdm9650sd_650_firmwaresd_625sd_210mdm9607sd_820_firmwaresd_820sd_650sd_450_firmwaresd_617sd_820a_firmwaremdm9206sd_652sd_425_firmwaresd_212_firmwaresd_625_firmwaresd_450mdm9206_firmwaresd_430sd_835_firmwaremdm9650_firmwaresd_835sd_205sd_210_firmwaresd_652_firmwaresd_205_firmwaresd_212sd_617_firmwareSnapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2018-5907
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.73%
||
7 Day CHG~0.00%
Published-06 Jul, 2018 | 19:00
Updated-16 Sep, 2024 | 22:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow in msm_adsp_stream_callback_put due to lack of input validation of user-provided data that leads to integer overflow in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2017-18155
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.10% / 28.42%
||
7 Day CHG~0.00%
Published-12 Jul, 2018 | 14:00
Updated-16 Sep, 2024 | 23:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While playing HEVC content using HD DMB in Snapdragon Automobile and Snapdragon Mobile in version MSM8996AU, SD 450, SD 625, SD 820, SD 820A, SD 835, an uninitialized variable can be used leading to a kernel fault.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_625sd_820_firmwaresd_835_firmwaremsm8996ausd_820sd_625_firmwaresd_450sd_820amsm8996au_firmwaresd_835sd_450_firmwaresd_820a_firmwareSnapdragon Automobile, Snapdragon Mobile
CWE ID-CWE-20
Improper Input Validation
CVE-2021-1961
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-1.15% / 77.59%
||
7 Day CHG~0.00%
Published-09 Sep, 2021 | 07:36
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow due to lack of offset length check while updating the buffer value in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055qca9377_firmwaremdm9150_firmwarewcn3991_firmwaresm7250mdm9640_firmwaresa6150p_firmwaresa8145p_firmwareqcs610wsa8830fsm10056qca8337sm7250_firmwareqca6431_firmwaremdm9650csra6620fsm10055_firmwarewcn3950_firmwaresa8150p_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqca6390_firmwareapq8009_firmwaresa6155sd690_5gwcd9370csra6620_firmwareqcs605_firmwarecsra6640_firmwareqcs6125_firmwareqca6426qca6584au_firmwarewcn3990_firmwareqca9377wcn3998sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcn3950wcd9326_firmwarewcn3615_firmwaremdm9206_firmwarewcn3660bsd662sd460_firmwaresa8155qca6574au_firmwaresdx55_firmwarewcn3680b_firmwareqca6595ausa6155_firmwaresdx12_firmwarewcd9375_firmwarewcn3615wcn3998_firmwarewcn3610_firmwareqca6420qca6436_firmwareapq8053_firmwareqca6564au_firmwareqca6584ausa6155p_firmwareqca9367_firmwaresd778gwcn3999qrb5165_firmwaresdxr2_5gqca9367qcs6125sa8155_firmwaresd662_firmwareqcs405qca6430wcn3988_firmwaresa6145p_firmwaresd205qca6421sd778g_firmwarewcd9340sa8195pwsa8810_firmwarequalcomm215_firmwaresd765gsd765_firmwarefsm10056_firmwareqca6436wcd9326wcd9335sa6155pwcn6851qca6174a_firmwarewcd9385wcd9341qca6431qca6696_firmwaresd750gsd870_firmwarear8035qca6390sd_8cxaqt1000sa8150psd750g_firmwarewcd9375msm8953_firmwarewsa8830_firmwaresda429wsd210sd855_firmwaresd865_5g_firmwarewcn3620_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwarewcn3620wsa8815_firmwarewsa8835_firmwaresa8195p_firmwareqca6564awcn6750_firmwarewcn3610qcm6125_firmwaremdm9640wcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwarewcn3990wcd9330msm8996au_firmwaresd780gsd865_5gqca6595qca6564ausdx55m_firmwarewcn6856_firmwarewsa8835qca6574msm8996ausd665_firmwarewcd9380sd888_5gwcn3999_firmwarequalcomm215qcs410qca6574asd690_5g_firmwaremdm9206wcn6855_firmwareqca6174asm7325qca6430_firmwarewcd9335_firmwarewcn3980wcn6750qca6574_firmwareqcs605wcd9340_firmwaresd855wsa8815wcn6850sd665mdm9650_firmwaresd_8c_firmwaresd765qca6426_firmwarewcn3660b_firmwarewcn3680qca6574a_firmwaresd768g_firmwarewcn3980_firmwareapq8009qca6391sd460sdx55mwcd9330_firmwareqca6421_firmwareaqt1000_firmwarewcn6740_firmwaremsm8953ar8031_firmwarewcn3680_firmwareqrb5165sd480_firmwarewcn6851_firmwareqca6574ausa8155p_firmwaresd205_firmwareqca6564a_firmwarewcd9341_firmwareqcm6125sd480sd870wsa8810wcn6855sd210_firmwareqcs610_firmwaremdm9150wcn6856qsm8250sd_8csa6145pwcn3680bsd768gapq8096auar8031qca6595_firmwareqcs405_firmwaresa8145pwcn6740qca6696qca6391_firmwaresd780g_firmwarewcd9370_firmwaresa6150psdx55apq8053apq8096au_firmwarecsra6640sa8155psdx12qcs410_firmwarear8035_firmwareqsm8250_firmwaresm7325_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-11286
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.04% / 13.09%
||
7 Day CHG~0.00%
Published-22 Feb, 2021 | 06:26
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Untrusted Pointer Dereference can occur while doing USB control transfers, if multiple requests of different standard request categories like device, interface & endpoint are made together. in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100pm8909qfe1040qfe2550pm660pmi8996qbt1500qfe1045qln1030mdm9650sd_636pmk8001qfe2340mdm9250qtc800hapq8076wtr3905qca9377mdm9628qpa5460wtr2955wcn3660bqln1021aqsmb1380qca6584mdm9630wcn3615msm8909wqtc800tsdx20mwcd9306qca6584auqca6310pm8937pm8996qca9367sd821sdm630smb1360qat3522sd205wcd9340pm8953smb231qat3514sdr660wcd9326wcd9335qet4200aqmsm8937qfe3345smb1358wcd9341pmi8952mdm9655smb1350apq8064auwtr3950qtc800ssd210sd660sd820wtr3925pmi8937pm8998sdw3100wcn3620apq8017qca6564aqet4100wcn3610mdm9640wcn3990wcd9330wgr7640csr6030qca6564auqca6574msm8996auqfe1035pmm8996aurgr7640aumdm9230qpa4360qca6574amdm9206smb358sqca6174apm660lwtr4905ar8151wtr5975qca6174wcn3980pmd9645qsw8573qfe3335wsa8815qbt1000qca6320pmx20pmd9607sd835apq8009smb1351mdm9626pm660apmi8998qpa4340sdx20pm8916qln1036aqrsw8577pmd9635pmd9655qca6574auqfe3320mdm9607apq8009wwsa8810qat3550pm8005wcn3680bapq8096auwtr2965pm8004sdw2500apq8053qet4101pm8952pmi8994smb1357mdm9330pm8956qln1031Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-3587
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.84%
||
7 Day CHG~0.00%
Published-06 Jul, 2018 | 19:00
Updated-16 Sep, 2024 | 16:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In a firmware memory dump feature in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android), a Use After Free condition can occur.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-416
Use After Free
CVE-2018-3564
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.23%
||
7 Day CHG~0.00%
Published-06 Jul, 2018 | 17:00
Updated-16 Sep, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the FastRPC driver in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, a Use After Free condition can occur when mapping on the remote processor fails.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-416
Use After Free
CVE-2021-1962
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 18.55%
||
7 Day CHG~0.00%
Published-09 Sep, 2021 | 07:36
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow while processing IOCTL for getting peripheral endpoint information there is no proper validation for input maximum endpoint pair and its size in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055wcn3991_firmwaremdm9150_firmwaresd678qca9561sa6150p_firmwaresa8145p_firmwareqcs610fsm10056ar9380qca9563_firmwareqca9561_firmwarefsm10055_firmwareqca9880_firmwareqca9992wcn3950_firmwaresa8150p_firmwareqca6420_firmwareqca6595au_firmwareipq8069_firmwaresa6155sd730_firmwarewcd9370qcs605_firmwaresd_675_firmwaresd675_firmwareqca6584au_firmwarewcn3990_firmwareqca9984_firmwarewcn3998wcn3950wcd9326_firmwaresd720gwcn3615_firmwareqca9563wcn3660bqca9982sa8155qca6574au_firmwaresdx55_firmwareqca6595ausa6155_firmwarewcd9375_firmwarewcn3615wcn3998_firmwarewcn3610_firmwareqca6420qca6584ausa6155p_firmwareipq8065qca9990sa8155_firmwareipq8068wcn3988_firmwareqca6430sa6145p_firmwaresd205sm6250wcd9340sa8195pwsa8810_firmwarequalcomm215_firmwarefsm10056_firmwarewcd9326wcd9335sa6155pqca9982_firmwareqca9888_firmwarewcd9341ipq8068_firmwareqca6696_firmwareqca9898_firmwarewcd9375aqt1000sa8150psm6250_firmwaresda429wsd210qca9992_firmwaresd855_firmwarewcn3620_firmwarewcn3988wsa8815_firmwarewcn3620sa8195p_firmwareqca9898wcn3610qca9882wcn3991sda429w_firmwarewcd9380_firmwarewcn3990sd_675qca9980_firmwareqca6595ar9380_firmwaresdx55m_firmwareqca9558qca9558_firmwareqca9896_firmwareipq8065_firmwareqca6574sd665_firmwarewcd9380qualcomm215qcs410qca6574asdx50m_firmwareqca9889qca9888qca6430_firmwareqca9994_firmwarewcd9335_firmwarewcn3980qca6574_firmwareqca9886qcs605sd855wcd9340_firmwarewsa8815sd665qca9887wcn3660b_firmwarewcn3680qca6574a_firmwareqca9984ipq8064ipq8069wcn3980_firmwaresd730qca6391sdx55mipq8064_firmwareaqt1000_firmwaresd678_firmwarewcn3680_firmwaresdx50mqca9882_firmwareqca9994qca9887_firmwareqca9531qca6574auqca9889_firmwaresa8155p_firmwareqca9980sd205_firmwareqca9880wcd9341_firmwarewsa8810sd210_firmwareqcs610_firmwaremdm9150sa6145pqca9886_firmwareqca6595_firmwaresa8145pqca6696qca6391_firmwarewcd9370_firmwaresa6150psdx55sa8155psd675qca9990_firmwareqca9531_firmwaresd720g_firmwareqcs410_firmwareqca9896Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2018-3572
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.03%
||
7 Day CHG~0.00%
Published-12 Jun, 2018 | 20:00
Updated-16 Sep, 2024 | 20:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While processing a DSP buffer in an audio driver's event handler, an index of a buffer is not checked before accessing the buffer in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 9
  • 10
  • Next
Details not found