Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2018-5829

Summary
Assigner-qualcomm
Assigner Org ID-2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At-06 Jul, 2018 | 17:00
Updated At-16 Sep, 2024 | 16:52
Rejected At-
Credits

In wlan_hdd_cfg80211_set_privacy_ibss() in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, a buffer over-read can potentially occur.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:qualcomm
Assigner Org ID:2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At:06 Jul, 2018 | 17:00
Updated At:16 Sep, 2024 | 16:52
Rejected At:
▼CVE Numbering Authority (CNA)

In wlan_hdd_cfg80211_set_privacy_ibss() in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, a buffer over-read can potentially occur.

Affected Products
Vendor
Qualcomm Technologies, Inc.Qualcomm, Inc.
Product
Android for MSM, Firefox OS for MSM, QRD Android
Versions
Affected
  • All Android releases from CAF using the Linux kernel
Problem Types
TypeCWE IDDescription
textN/ABuffer Over-read in WLAN
Type: text
CWE ID: N/A
Description: Buffer Over-read in WLAN
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.codeaurora.org/security-bulletin/2018/07/02/july-2018-code-aurora-security-bulletin
x_refsource_CONFIRM
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=27381e9d253629180dcdaa698d3fd01bec28d351
x_refsource_CONFIRM
https://source.android.com/security/bulletin/2018-06-01#qualcomm-components
x_refsource_CONFIRM
Hyperlink: https://www.codeaurora.org/security-bulletin/2018/07/02/july-2018-code-aurora-security-bulletin
Resource:
x_refsource_CONFIRM
Hyperlink: https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=27381e9d253629180dcdaa698d3fd01bec28d351
Resource:
x_refsource_CONFIRM
Hyperlink: https://source.android.com/security/bulletin/2018-06-01#qualcomm-components
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.codeaurora.org/security-bulletin/2018/07/02/july-2018-code-aurora-security-bulletin
x_refsource_CONFIRM
x_transferred
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=27381e9d253629180dcdaa698d3fd01bec28d351
x_refsource_CONFIRM
x_transferred
https://source.android.com/security/bulletin/2018-06-01#qualcomm-components
x_refsource_CONFIRM
x_transferred
Hyperlink: https://www.codeaurora.org/security-bulletin/2018/07/02/july-2018-code-aurora-security-bulletin
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=27381e9d253629180dcdaa698d3fd01bec28d351
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://source.android.com/security/bulletin/2018-06-01#qualcomm-components
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:product-security@qualcomm.com
Published At:06 Jul, 2018 | 17:29
Updated At:03 Oct, 2019 | 00:03

In wlan_hdd_cfg80211_set_privacy_ibss() in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, a buffer over-read can potentially occur.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.07.5HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Primary2.07.8HIGH
AV:N/AC:L/Au:N/C:C/I:N/A:N
Type: Primary
Version: 3.0
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Type: Primary
Version: 2.0
Base score: 7.8
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:C/I:N/A:N
CPE Matches
Google LLC
google
>>android>>-
cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-125Primarynvd@nist.gov
CWE ID: CWE-125
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://source.android.com/security/bulletin/2018-06-01#qualcomm-componentsproduct-security@qualcomm.com
Vendor Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=27381e9d253629180dcdaa698d3fd01bec28d351product-security@qualcomm.com
Patch
Third Party Advisory
https://www.codeaurora.org/security-bulletin/2018/07/02/july-2018-code-aurora-security-bulletinproduct-security@qualcomm.com
Patch
Third Party Advisory
Hyperlink: https://source.android.com/security/bulletin/2018-06-01#qualcomm-components
Source: product-security@qualcomm.com
Resource:
Vendor Advisory
Hyperlink: https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=27381e9d253629180dcdaa698d3fd01bec28d351
Source: product-security@qualcomm.com
Resource:
Patch
Third Party Advisory
Hyperlink: https://www.codeaurora.org/security-bulletin/2018/07/02/july-2018-code-aurora-security-bulletin
Source: product-security@qualcomm.com
Resource:
Patch
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

1703Records found
CVE-2018-16082
Matching Score-6
Assigner-Chrome
ShareView Details
Matching Score-6
Assigner-Chrome
CVSS Score-6.5||MEDIUM
EPSS-0.51% / 65.39%
||
7 Day CHG~0.00%
Published-09 Jan, 2019 | 19:00
Updated-05 Aug, 2024 | 10:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out of bounds read in Swiftshader in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

Action-Not Available
Vendor-Red Hat, Inc.Google LLC
Product-chromeenterprise_linux_desktopenterprise_linux_workstationenterprise_linux_serverChrome
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-1964
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.39% / 59.51%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 05:31
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer over read due to improper validation of IE size while parsing beacon from peer device in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa6150p_firmwareipq4028_firmwareqcn5550qca8337ar9380ipq8173_firmwareqca9561_firmwareqcn5124qca4024_firmwarewcn3950_firmwareipq8078aipq5028_firmwaresa8150p_firmwareqcs2290qca6595au_firmwaresa6155qcn5064sd_675_firmwaresa415mwcn3998wcn3950qcn6024_firmwaresd720gsm4125ipq8076asd710_firmwaresd460_firmwaresm7315_firmwareqca6428qca6574au_firmwareqcn5164_firmwareipq8071wcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwareqca6420apq8053_firmwareqca6438_firmwareipq8070_firmwareipq8065ipq8078a_firmwareipq5028qca7500ipq8072_firmwareipq4029_firmwaresa8155_firmwareipq6010sd662_firmwareipq8068qca6430wcd9340sd765gqca6436wcn6851sa6155pqca9888_firmwareqcn6122wcd9341ipq8068_firmwareqca6696_firmwaresd870_firmwaresd750gqcn5154_firmwarewcn3910_firmwaresd_8cxsa8150pwsa8830_firmwareqca9992_firmwaresd660sd865_5g_firmwaresd855_firmwarewcn3988qca6438sd660_firmwaresa8195p_firmwareqcn5121qcn5022_firmwarewcn6750_firmwareqca9898ipq4028qca6428_firmwareipq5018_firmwareqca9985_firmwarewcn3991ipq4018_firmwareqca8337_firmwarewcd9380_firmwareipq8072aqca7500_firmwareqca9980_firmwareipq8076a_firmwareipq8078qca6564ausdx55m_firmwareipq8173wcn6856_firmwareqcn5164qca9558sd670_firmwareqca6574csr8811_firmwarewcd9380qcn5054_firmwareqcn5024sd690_5g_firmwareipq4019_firmwaresdx50m_firmwareqca8072_firmwareqca9985qcn9012_firmwareqca6430_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980ipq6018_firmwarewcd9340_firmwarewsa8815wcn6850pmp8074_firmwarewcn3910sd_8c_firmwareqca6426_firmwareqca9984ipq6028ipq8064sd835pmp8074qcn9024wcn3980_firmwaresd730qcn5550_firmwaresdx55mipq8064_firmwarewcn6740_firmwaremsm8953qcn5064_firmwaresd678_firmwareipq8078_firmwareqcn5054wcn6851_firmwareipq8070qca9896qcn5502qca9994qca9887_firmwareqca9980sd670qcn9024_firmwareipq8174_firmwaresd_636_firmwareqca6564a_firmwareqca9880qcm4290_firmwaresd480sd870qcn5121_firmwaresa6145pipq6018qca9886_firmwareqca6595_firmwaresa8145psdm630_firmwareqca6391_firmwareqca4024wcd9370_firmwaresd780g_firmwaresdx55sd888_firmwareapq8053qcn5021_firmwaresa8155psd675qca9531_firmwarear8035_firmwareqcm2290qcn5024_firmwarewcn3991_firmwareqcn5500wsa8830sd678qca9561qcn9070sa8145p_firmwareqcs2290_firmwarecsrb31024qca9563_firmwaresd_636qcn9072qca9880_firmwareqca9992qcs4290sd765g_firmwareqca6420_firmwareqca6390_firmwaresd690_5gipq6000sd730_firmwarewcd9370sd675_firmwareipq8072qcn5152_firmwareqca6564qca6426qca6584au_firmwarewcn3990_firmwareqcn9000_firmwareqca9984_firmwareipq5018sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwareqca9563ipq8074asd662qcn5124_firmwareqca9982sa8155wcn3680b_firmwareqcn5122_firmwaresdx55_firmwarewcn3615qcn6023_firmwareqca6595ausm7250p_firmwareqca6436_firmwareipq5010qca6564au_firmwareqca6584ausd778gsa6155p_firmwareipq8174sa515m_firmwareqca9990sdxr2_5gqcn5052sdm630sa415m_firmwarewcn3988_firmwareqcn9074sa6145p_firmwaresm6250sd778g_firmwaresa8195pwsa8810_firmwareqca6694sd765_firmwarewcd9326wcd9335qca8081qca9982_firmwareqcn6023ipq8071aipq8071a_firmwareqcs4290_firmwarewcd9385qca6390qca9898_firmwaresd750g_firmwareaqt1000wcd9375ar8035sm6250_firmwarecsr8811ipq4019qca6694_firmwaremsm8953_firmwareqcn9100_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwarewsa8815_firmwarewcn6850_firmwarewsa8835_firmwareqca6564aqca9882qca8072qcm2290_firmwarewcn3990qcn9000sd_675sd780gsd865_5gqca6595ar9380_firmwareqcn9012sd888qca9558_firmwareqca9896_firmwareqcn6122_firmwareipq8065_firmwarewsa8835sd665_firmwaresd888_5gqcn5154qca8075_firmwareipq4018qca6574aipq6005_firmwareqca9889sm7325pqca9888ipq8074qca9994_firmwarewcn6750ipq8070a_firmwareipq8076_firmwaresa515mqca6574_firmwareqca9886qcn5502_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665ipq8076qca6175asd765qca9887qca6574a_firmwareqcn5021qcn5152sd768g_firmwaresm7315sd460qca6391ipq6005aqt1000_firmwareqcn9100qcm4290csrb31024_firmwaresdx50mqca9882_firmwareqcn9070_firmwaresd480_firmwareipq6028_firmwareipq8072a_firmwareqca9531ipq8074_firmwareqca6574auqca9889_firmwaresd710sa8155p_firmwareqcn5122wcd9341_firmwarewsa8810qcn5500_firmwarewcn6856sd_8cqcn5022wcn3680bsd835_firmwareqca6564_firmwaresd768gipq6010_firmwarewcn6740qca6696sd845_firmwaresa6150pqca8075qcn9022_firmwareqcn6024qcn9022sd845qca9990_firmwareipq8070aqcn9072_firmwaresm7250pipq6000_firmwaresd720g_firmwareipq8071_firmwareqcn9074_firmwareipq4029qca6175a_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-29606
Matching Score-6
Assigner-GitHub, Inc.
ShareView Details
Matching Score-6
Assigner-GitHub, Inc.
CVSS Score-7.1||HIGH
EPSS-0.02% / 2.65%
||
7 Day CHG~0.00%
Published-14 May, 2021 | 19:21
Updated-03 Aug, 2024 | 22:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Heap OOB read in TFLite

TensorFlow is an end-to-end open source platform for machine learning. A specially crafted TFLite model could trigger an OOB read on heap in the TFLite implementation of `Split_V`(https://github.com/tensorflow/tensorflow/blob/c59c37e7b2d563967da813fa50fe20b21f4da683/tensorflow/lite/kernels/split_v.cc#L99). If `axis_value` is not a value between 0 and `NumDimensions(input)`, then the `SizeOfDimension` function(https://github.com/tensorflow/tensorflow/blob/102b211d892f3abc14f845a72047809b39cc65ab/tensorflow/lite/kernels/kernel_util.h#L148-L150) will access data outside the bounds of the tensor shape array. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-9544
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 4.69%
||
7 Day CHG~0.00%
Published-14 Nov, 2018 | 18:00
Updated-05 Aug, 2024 | 07:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In register_app of btif_hd.cc, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-113037220

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-9481
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.2||MEDIUM
EPSS-0.02% / 4.26%
||
7 Day CHG~0.00%
Published-20 Nov, 2024 | 17:40
Updated-18 Dec, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In bta_hd_set_report_act of bta_hd_act.cc, there is a possible out-of-bounds read due to an integer overflow. This could lead to remote information disclosure in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-The Apache Software FoundationGoogle LLC
Product-androidtraffic_serverAndroid
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-9365
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-9.8||CRITICAL
EPSS-0.18% / 39.39%
||
7 Day CHG~0.00%
Published-19 Nov, 2024 | 20:44
Updated-18 Dec, 2024 | 14:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In smp_data_received of smp_l2c.cc, there is a possible out of bounds read followed by code execution due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndrioidandroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-1928
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-4.6||MEDIUM
EPSS-0.04% / 13.13%
||
7 Day CHG~0.00%
Published-08 Sep, 2021 | 11:25
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer over read could occur due to incorrect check of buffer size while flashing emmc devices in Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn5024_firmwareqca9377_firmwareqcn5500qca9561qcn9070ipq4028_firmwareqcn5550ar9380ipq8173_firmwareqca9563_firmwareqca9561_firmwareqcn5124qca4024_firmwareqcn9072qca9880_firmwareqca9992ipq8078aipq8069_firmwareapq8009_firmwareqca6335ipq6000qcn5064ipq8072qcn5152_firmwareqcn9000_firmwareqca9984_firmwareipq5018qca9377ipq8076aqcn6024_firmwarewcd9326_firmwaremdm9206_firmwareqca9563wcn3660bipq8074aqcn5124_firmwareqca9982qfe1952_firmwareqca6428qca6320_firmwareqcn5164_firmwareqcn5122_firmwareipq8071wcn3680b_firmwareqca8081_firmwareqcn6023_firmwarewcn3610_firmwareapq8053_firmwareqca6438_firmwareipq5010ipq8070_firmwareqca6310qca9367_firmwareipq8065ipq8078a_firmwareqfe1952ipq8174qca9990qca7500ipq4029_firmwareipq8072_firmwareqca9367qcn5052ipq6010ipq8068qcn9074sd205wcd9340wsa8810_firmwarequalcomm215_firmwareqca6694wcd9326qca8081qca9982_firmwareipq8071aqcn6023ipq8071a_firmwareqca9888_firmwareipq8068_firmwareqcn5154_firmwareqca9898_firmwarecsr8811ipq4019qca6694_firmwareqcn9100_firmwareqfe1922sda429wsd210qca9992_firmwarewcn3620_firmwareipq5010_firmwareipq8074a_firmwareqca6438wsa8815_firmwarewcn3620qcn5121qca9898qcn5022_firmwareipq4028wcn3610qca6428_firmwareipq5018_firmwareqca8072qca9882qca9985_firmwareipq4018_firmwaresda429w_firmwareqcn9000ipq8072aqca7500_firmwareqca9980_firmwarewcd9330ipq8076a_firmwarear9380_firmwareipq8078ipq8173qcn9012qcn5164qca9558qca9558_firmwareqca9896_firmwareipq8065_firmwarecsr8811_firmwareqcn5054_firmwarequalcomm215qcn5154qca8075_firmwareipq4019_firmwareipq4018ipq6005_firmwaremdm9206qcn5024qca9889ipq8074qca6310_firmwareqca8072_firmwareqca9888qca9985qca9994_firmwareqcn5052_firmwareipq8070a_firmwareqcn9012_firmwarewcn3980qca6335_firmwareipq6018_firmwareipq8076_firmwareqca9886qcn5502_firmwarewcd9340_firmwarewsa8815pmp8074_firmwareqca6320ipq8076qfe1922_firmwareqca9887wcn3660b_firmwareqca9984ipq6028ipq8064ipq8069pmp8074qcn5021qcn5152qcn9024wcn3980_firmwareapq8009qcn5550_firmwarewcd9330_firmwareipq8064_firmwareipq6005qcn9100qcn5064_firmwareqca9882_firmwareipq8078_firmwareqcn5054qcn9070_firmwareipq8070qca9896ipq6028_firmwareipq8072a_firmwareqcn5502qca9994qca9531qca9887_firmwareipq8074_firmwareqca9889_firmwareqca9980qcn5122qcn9024_firmwareipq8174_firmwaresd205_firmwareqca9880wsa8810qcn5121_firmwareqcn5500_firmwaresd210_firmwareipq6018qcn5022wcn3680bqca9886_firmwareipq6010_firmwareqca4024qca8075apq8053qcn5021_firmwareqcn6024qcn9022_firmwareqcn9022qca9990_firmwareipq8070aqcn9072_firmwareqca9531_firmwareipq6000_firmwareipq8071_firmwareqcn9074_firmwareipq4029Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-9430
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-9.8||CRITICAL
EPSS-1.16% / 77.70%
||
7 Day CHG~0.00%
Published-02 Dec, 2024 | 21:36
Updated-18 Dec, 2024 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In prop2cfg of btif_storage.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroidandroid
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-9563
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.5||MEDIUM
EPSS-0.13% / 33.45%
||
7 Day CHG~0.00%
Published-19 Jun, 2019 | 20:01
Updated-05 Aug, 2024 | 07:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In llcp_util_parse_cc of llcp_util.cc, there is a possible out-of-bound read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9Android ID: A-114237888

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-1970
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.22% / 44.17%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 05:31
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound read due to lack of length check of FT sub-elements in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830sd678sa6150p_firmwaresm6250p_firmwaresa8145p_firmwareqcs610qcs2290_firmwareqca8337csrb31024sd_636csra6620qcs4290wcn3950_firmwaresa8150p_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqcs2290qca6390_firmwaresa6155qca6335sd690_5gsd730_firmwarewcd9370csra6620_firmwaresd_675_firmwaresd675_firmwarecsra6640_firmwareqca6564qcs6125_firmwareqca6426qca6584au_firmwarewcn3990_firmwaresa415mwcn3998sd_8cx_firmwarewcd9371_firmwaresdxr2_5g_firmwarewcd9385_firmwaresm4125sd720gwcd9326_firmwarewcn3615_firmwarewcn3950sd662sd710_firmwaresd460_firmwaresa8155qca6320_firmwaresm7315_firmwareqca6574au_firmwaresdx55_firmwarewcn3680b_firmwareqca6595ausa6155_firmwarewcd9375_firmwarewcn3615sm7250p_firmwarewcn3998_firmwarewcn3999_firmwareqca6420apq8053_firmwareqca6436_firmwareqca6564au_firmwareqca6584ausa6155p_firmwareqca6310sd778gwcn3999sa515m_firmwaresdxr2_5gqcs6125sa8155_firmwaresd662_firmwaresdm630sa415m_firmwareqcs405qca6430wcn3988_firmwaresa6145p_firmwaresm6250sd778g_firmwarewcd9340sa8195pwsa8810_firmwaresd765gsd765_firmwareqca6436wcd9326wcd9335sa6155pwcn6851qcs4290_firmwarewcd9385wcd9341qca6696_firmwarewcd9371sd750gsd870_firmwarear8035qca6390sd_8cxaqt1000sa8150psd750g_firmwaresm6250_firmwarewcd9375msm8953_firmwarewcn3910_firmwarewsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwaresd660_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwareqca6564awcn6750_firmwareqcm6125_firmwareqcm2290_firmwarewcn3991qca8337_firmwarewcd9380_firmwarewcn3990sd_675sd780gsd865_5gqca6595qca6564ausdx55m_firmwarewcn6856_firmwaresd888sd670_firmwareqca6574wsa8835sd665_firmwarewcd9380sd888_5gsm6250pqca6574asd690_5g_firmwaresdx50m_firmwarewcn6855_firmwaresm7325pqca6310_firmwareqca6430_firmwarewcd9335_firmwarewcn3980wcn6750qca6335_firmwaresa515mqca6574_firmwarewcd9340_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665wcn3910qca6320wcn6850wsa8815qca6175asd_8c_firmwareqca6426_firmwaresd765qca6574a_firmwaresd768g_firmwaresd835wcn3980_firmwaresm7315sd460qca6391sd730sdx55msdxr1_firmwareaqt1000_firmwarewcn6740_firmwaremsm8953sd678_firmwarear8031_firmwarecsrb31024_firmwareqcm4290sdx50msd480_firmwarewcn6851_firmwareqca6574ausa8155p_firmwaresd710sd_636_firmwaresd670qca6564a_firmwarewcd9341_firmwareqcm6125qcm4290_firmwaresd480sd870wcn6855wsa8810qcs610_firmwarewcn6856sd_8csa6145pwcn3680bsd835_firmwareqca6564_firmwaresdxr1sd768gar8031qca6595_firmwareqcs405_firmwaresa8145pwcn6740qca6696sdm630_firmwareqca6391_firmwaresd845_firmwaresd780g_firmwarewcd9370_firmwaresa6150psd888_firmwaresdx55apq8053sa8155pcsra6640sd675sd845sm7250psd720g_firmwareqca6175a_firmwarear8035_firmwareqcm2290Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
CVE-2023-52536
Matching Score-6
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
ShareView Details
Matching Score-6
Assigner-Unisoc (Shanghai) Technologies Co., Ltd.
CVSS Score-4.4||MEDIUM
EPSS-0.01% / 0.99%
||
7 Day CHG~0.00%
Published-08 Apr, 2024 | 02:21
Updated-26 Mar, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In faceid service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

Action-Not Available
Vendor-Unisoc (Shanghai) Technologies Co., Ltd.Google LLC
Product-t610t820sc9832et760t606s8000t616t310androidt618sc7731et612sc9863at770SC7731E/SC9832E/SC9863A/T310/T606/T612/T616/T610/T618/T760/T770/T820/S8000
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-33306
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.12% / 32.22%
||
7 Day CHG~0.00%
Published-09 Feb, 2023 | 06:58
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer over-read in WLAN

Transient DOS due to buffer over-read in WLAN while processing an incoming management frame with incorrectly filled IEs.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_8cx_gen3_firmwareqca2066qca8337ar9380ipq8173_firmwaresdx65qcn5124qca4024_firmwareipq8078aipq5028_firmwareqca6595au_firmwareqca2062qca6554a_firmwareqam8295pipq8076aqca8386_firmwareqcn6024_firmwaresd_8_gen1_5g_firmwareqca8084_firmwareqsm8350_firmwareqsm8350wcn7850qca6574au_firmwareqcn5164_firmwarewcd9375_firmwareqca8081_firmwareqcn9002qca9986ipq8065ipq8078a_firmwareqca6678aq_firmwareipq5028qca6698aqipq6010ipq8068qcn6132qca6436wcn6851wcn7851_firmwareqca6698aq_firmwareqca9888_firmwareqcn6122ipq8068_firmwareqca2066_firmwarewcd9341qca6696_firmwaresd870_firmwareipq9008_firmwareqcn5154_firmwarewsa8830_firmwareqca9992_firmwaresd660sd865_5g_firmwaresd660_firmwarewcn7850_firmwaresm8475qcn5022_firmwaresa8295p_firmwarewcn6750_firmwareipq5018_firmwareqca9985_firmwareqca8337_firmwarewcd9380_firmwaressg2125pipq8072aqca9980_firmwareipq8076a_firmwareipq8078qca6564auqca8084ipq8173qcn9001_firmwaresdx55m_firmwareipq9008wcn6856_firmwareqcn5164qca6574csr8811_firmwarewcd9380qcn5054_firmwareqcn5024sxr1230pqca8072_firmwareqca9985wcd9335_firmwareqcn5052_firmwareqcn9274_firmwarewcn3980ipq6018_firmwarewsa8815wcn6850qcn6112qca9986_firmwareqca6426_firmwareqca9984ipq6028ipq8064qcn9024ipq9574_firmwarewcn3980_firmwaresdx55mipq8064_firmwaresa8295pqca2062_firmwarewcn6740_firmwareqca6678aqipq8078_firmwareqcn5054wcn6851_firmwareqca9994qca9980qcn9024_firmwareipq8174_firmwaresd870wsa8832wcn6855ipq6018qca9886_firmwareqca6595_firmwareqca6391_firmwareqca2064qca4024sd780g_firmwarewcd9370_firmwaresd888_firmwaressg2115p_firmwarear8035_firmwareqcn5024_firmwarewsa8830qcn9070sxr2230p_firmwareqca8082qcn9072qca8386qca9992qca6390_firmwareqca2064_firmwareipq6000wcd9370ssg2115pqcn5152_firmwareqca6426qca6584au_firmwarewcn3990_firmwareqcn9000_firmwareqca9984_firmwareipq5018wcd9385_firmwaresdxr2_5g_firmwareipq8074aqca2065qcn5124_firmwareqam8295p_firmwareqcn6100_firmwareqcn6102_firmwareqca8082_firmwareqcn5122_firmwareqca6595auqcn6023_firmwareqca6436_firmwareipq5010qca6564au_firmwareqca6584auqcn9274ipq8174qca9990qcn9001qcs6490sdxr2_5gqcn5052wcn7851qcn6112_firmwareqcn9074qca8085wsa8810_firmwarewcd9335qca8081ipq8071aqcn6023ipq8071a_firmwarewcd9385qca8085_firmwareqca2065_firmwareqcs6490_firmwaresd_8cx_gen3ar8035csr8811qca6390wcd9375qcn9100_firmwareipq5010_firmwareipq8074a_firmwareqcm6490sd888_5g_firmwarewcn6850_firmwarewsa8815_firmwarewsa8835_firmwareqca8072wcn3990qcn9000sd780gqca6554asd865_5gqca6595ar9380_firmwaresd888qcn6122_firmwareipq8065_firmwaresxr1230p_firmwarewsa8835sd888_5gqcn5154qca8075_firmwaressg2125p_firmwareqca6574awcn6855_firmwareqca9889qcn6132_firmwareqcn9003_firmwareqca9888qca9994_firmwarewcn6750qcn9003ipq8070a_firmwareipq8076_firmwareqca6574_firmwareqca9886sxr2230pipq8076qca6574a_firmwareqcn5152qca6391qcn6102qcn9100sdx65_firmwareqcm6490_firmwarewsa8832_firmwareqcn9070_firmwareipq6028_firmwareipq8072a_firmwareqca6574auqca9889_firmwareipq9574qcn5122wcd9341_firmwarewsa8810wcn6856qcn5022ipq6010_firmwarewcn6740qca6696qca8075qcn9022_firmwareqcn6024qcn9022qca9990_firmwareipq8070aqcn9002_firmwareqcn6100qcn9072_firmwareipq6000_firmwareqcn9074_firmwareSnapdragon
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-33252
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-8.2||HIGH
EPSS-0.06% / 19.67%
||
7 Day CHG~0.00%
Published-06 Jan, 2023 | 05:02
Updated-09 Apr, 2025 | 19:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer over-read in WLAN

Information disclosure due to buffer over-read in WLAN while handling IBSS beacons frame.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_8cx_gen3_firmwareqca2066sa6150p_firmwareqca8337ar9380ipq8173_firmwareqca6431_firmwarewcd9360_firmwaresdx65qcn5124qca4024_firmwaresc8180x\+sdx55ipq8078aipq5028_firmwaresa8150p_firmwareqca6595au_firmwaresa6155qca2062sa415mwcn3998qca6554a_firmwareqam8295psd_8cx_gen2_firmwareqcn6024_firmwareipq8076aqca8386_firmwaresd_8_gen1_5g_firmwareqca8084_firmwareqsm8350_firmwareqsm8350sm7315_firmwarewcn7850qca6574au_firmwareqcn5164_firmwarewcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwareqca6420wcd9360qcn9002qca9986ipq8070_firmwareipq8065ipq8078a_firmwaresd_8cx_gen2qrb5165_firmwareipq5028qrb5165m_firmwaresa8155_firmwareipq6010ipq8068qca6430wcd9340qcn6132qca6436wcn6851sa6155pwcn7851_firmwareqca9888_firmwareqcn6122wcd9341ipq8068_firmwareqca2066_firmwareqca6696_firmwareqca6431sd870_firmwareqca1062ipq9008_firmwareqcn5154_firmwaresxr2150p_firmwaresa8150pwsa8830_firmwareqca9992_firmwaresd865_5g_firmwarewcn7850_firmwaresa8195p_firmwaresm8475qcn5022_firmwarewcn6750_firmwaresa8295p_firmwareipq5018_firmwareqca9985_firmwareqca8337_firmwarewcd9380_firmwareipq8072aqca9980_firmwareipq8076a_firmwareipq8078qca8084qcn9001_firmwareipq8173sdx55m_firmwareqca6564auwcn6856_firmwareipq9008qcn5164qca6574csr8811_firmwarewcd9380qcn5054_firmwareqcn5024qca8072_firmwareqca9985qcn9012_firmwareqca6430_firmwareqcn9274_firmwareqcn5052_firmwarewcn3980ipq6018_firmwarewcd9340_firmwarewsa8815wcn6850pmp8074_firmwareqcn6112qca9986_firmwareqca6426_firmwareqca9984ipq6028ipq8064qcn9024pmp8074ipq9574_firmwarewcn3980_firmwaresdx55mipq8064_firmwaresa8295pqca6421_firmwareqca2062_firmwarewcn6740_firmwareipq8078_firmwareqcn5054qrb5165wcn6851_firmwareipq8070qca9994qca9980qcn9024_firmwareipq8174_firmwaresd870wcn6855qsm8250sa6145pipq6018qca9886_firmwareqca6595_firmwaresa8145pqca6391_firmwaresa4150p_firmwareqca4024wcd9370_firmwareqca2064sd780g_firmwaresdx55sd888_firmwareqcn5021_firmwaresa8155psxr2150par8035_firmwareqsm8250_firmwareqcn5024_firmwarewsa8830qcn9070sa8145p_firmwareqca1062_firmwarecsrb31024qca8082qcn9072qca8386qca9992qca6420_firmwareqca6390_firmwareqca2064_firmwareipq6000wcd9370qcn5152_firmwareqca6426qca6584au_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwareipq5018wcd9385_firmwaresdxr2_5g_firmwareipq8074aqca2065qcn5124_firmwareqam8295p_firmwareqcn6102_firmwareqcn9011_firmwareqca1064sa8155qcn6100_firmwareqca8082_firmwareqcn5122_firmwaresdx55_firmwareqca6595auqcn6023_firmwareqca6436_firmwareqrb5165nipq5010qca6564au_firmwareqca6584ausd778gsa6155p_firmwareqcn9274ipq8174wcn7851qcn9001qca9990qcs6490qcn5052sa515m_firmwaresdxr2_5gqcn6112_firmwaresa415m_firmwareqcn9074sa6145p_firmwareqca6421qca8085sd778g_firmwaresa8195pwsa8810_firmwareqca8081qcn6023ipq8071aipq8071a_firmwarewcd9385qca8085_firmwareqcs6490_firmwareqca2065_firmwaresd_8cx_gen3qca6390wcd9375ar8035aqt1000csr8811sc8180x\+sdx55_firmwareqcn9100_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwarewsa8815_firmwareqcm6490wcn6850_firmwarewsa8835_firmwareqcx315sa4150pqca8072qcn9000sd780gqca6554asd865_5gqca6595ar9380_firmwareqcn9012sd888qcn6122_firmwareipq8065_firmwareqcx315_firmwarewsa8835sd888_5gqcn5154qca8075_firmwareqca6574awcn6855_firmwareqca9889sm7325pqcn6132_firmwareqcn9003_firmwareqca9888qca9994_firmwarewcn6750qcn9003ipq8070a_firmwareipq8076_firmwaresa515mqca6574_firmwareqca9886sm7325p_firmwareipq8076qca6574a_firmwareqcn5021qcn5152qrb5165msm7315qca6391aqt1000_firmwareqcn6102qcn9100sdx65_firmwarecsrb31024_firmwareqcm6490_firmwareqcn9070_firmwareipq6028_firmwareipq8072a_firmwareqcn9011qca6574auqca9889_firmwaresa8155p_firmwareqcn5122ipq9574wcd9341_firmwarewsa8810wcn6856qcn5022ipq6010_firmwareqca1064_firmwarewcn6740qca6696sa6150pqca8075qcn9022_firmwareqcn6024qcn9022qca9990_firmwareipq8070aqcn9002_firmwareqcn6100qcn9072_firmwareipq6000_firmwareqcn9074_firmwareSnapdragon
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-33258
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-8.2||HIGH
EPSS-0.07% / 21.25%
||
7 Day CHG~0.00%
Published-04 Apr, 2023 | 04:46
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer over-read in Modem

Information disclosure due to buffer over-read in modem while reading configuration parameters.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9206wcd9306snapdragon_wear_1300mdm8207snapdragon_wear_1200wcd9330mdm9207snapdragon_x5_lte_modem_firmwaremdm8207_firmwaresnapdragon_wear_1100mdm9205_firmwaremdm9205qca4004_firmwaremdm9206_firmwaremdm9207_firmwareqca4004qts110wcd9306_firmwaresnapdragon_wear_1100_firmwaresnapdragon_wear_1300_firmwarewcd9330_firmwaresnapdragon_wear_1200_firmwaresnapdragon_x5_lte_modemqts110_firmwareSnapdragon9205_lte_modem_firmware9206_lte_modem_firmwaresnapdragon_wear_1300_platform_firmware9207_lte_modem_firmwarewcd9306_firmwaresnapdragon_x5_lte_modem_firmwaremdm8207_firmwarewcd9330_firmwareqca4004_firmwaresnapdragon_1200_wearable_platform_firmwaresnapdragon_1100_wearable_platform_firmwareqts110_firmware
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-13910
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.75%
||
7 Day CHG~0.00%
Published-14 Jun, 2019 | 17:02
Updated-05 Aug, 2024 | 09:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-Bounds access in TZ due to invalid index calculated to check against DDR in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, QCA8081, Qualcomm 215, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 650/52, SD 820, SD 820A, SDM439, Snapdragon_High_Med_2016

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_427_firmwaresd_632sd_820asd_412msm8996au_firmwaresd_439sd_425sd_429sd_430_firmwaremdm9607_firmwaresd_435mdm9655_firmwaremdm9650sdm439sd_625ipq8074_firmwaresnapdragon_high_med_2016_firmwareqm215mdm9607msm8996ausd_820_firmwaresd_650sd_820sd_450_firmwaresd_410sd_439_firmwaresd_820a_firmwareqca8081sd_429_firmwaremdm9206sd_652sd_425_firmwaresnapdragon_high_med_2016sd_625_firmwareipq8074mdm9655sd_450sd_412_firmwaresdm439_firmwareqm215_firmwaremdm9206_firmwaresd_427sd_430sd_435_firmwaresd_632_firmwaremdm9650_firmwaresd_410_firmwaresd_652_firmwareqca8081_firmwaresd_650_firmwareSnapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-33285
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.16% / 37.20%
||
7 Day CHG~0.00%
Published-06 Jan, 2023 | 05:02
Updated-09 Apr, 2025 | 15:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer over-read in WLAN

Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaremdm9640_firmwaresm6250p_firmwareipq4028_firmwareqca8337ar9380ipq8173_firmwareqcn5124mdm9645wcn3950_firmwareqca6595au_firmwaresa6155mdm8215sd_455_firmwareapq8076qcs6125_firmwaresa415msm4375wcn3998wcd9371_firmwarewcn3950qcn6024_firmwaresd720gsm4125mdm9206_firmwarewcn3660bqsm8350_firmwareqsm8350sd460_firmwaresm7315_firmwarewcn7850qca8081_firmwarewcn3998_firmwareqca6420qcn9002qca9986ipq8070_firmwareqca9367_firmwareipq8065ipq8078a_firmwaresd_8cx_gen2ipq8072_firmwaresa8155_firmwareipq8068qca6430wcd9340sd765gsd680wcn7851_firmwaremdm9250_firmwareqca9888_firmwareqcn6122qca6696_firmwarewcd9371sd870_firmwareqca1062qcn5154_firmwaremdm8215_firmwaresd_8cxsa8150pqca9992_firmwaresd660sd865_5g_firmwaresd712sd660_firmwaresm8475qcn5022_firmwareqcn7606_firmwarewcn6750_firmwareqca6428_firmwareqca9985_firmwarewcn3991ipq4018_firmwareqca4531_firmwareqca9980_firmwareipq8078qca8084qcn9001_firmwareipq8173sdx55m_firmwaremsm8976_firmwareqca6574sd670_firmwarecsr8811_firmwarewcd9380qcs410qcn5024sd690_5g_firmwareqca9379_firmwaresdx24_firmwareqca9985qcn9012_firmwareqcn9274_firmwareipq6018_firmwarewcd9340_firmwarewsa8815wcn6850pmp8074_firmwareqcn6112qca6584_firmwaremdm9215_firmwaresd695ipq6028ipq8064sd835pmp8074ipq9574_firmwarewcn3980_firmwaresd730qcc5100_firmwaresa8295pqca2062_firmwarewcn6740_firmwaresd678_firmwareapq8064au_firmwareipq8078_firmwareqcn5054qcs603qca9994qca9980sd670qcn9024_firmwareipq8174_firmwareqcm4290_firmwarewcn6855qcn7605_firmwaresw5100p_firmwareqcs610_firmwaresa6145pqca9886_firmwarear8031sdm630_firmwaresd820_firmwareqca6391_firmwaresa4150p_firmwareqca4024wcd9370_firmwaresdx55qcn5021_firmwarecsra6640qca9379sxr2150pqcn7606qsm8250_firmwarewsa8830qca1062_firmwarecsrb31024mdm9628_firmwaremdm9650sd_636qca8082qca9992qcs4290mdm9250qca6420_firmwareapq8009_firmwareqca2064_firmwaresd690_5gmdm9310_firmwaresd675_firmwareipq8072qca6564qca6426wcn3990_firmwareqrb5165n_firmwareqca9984_firmwareqca9377qca4531wcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwareipq8074aqcn6102_firmwareqcn9011_firmwaresa8155qca6584qcn5122_firmwaresdx55_firmwarewcn3615qcn6023_firmwaresm7250p_firmwarewcn3610_firmwareqrb5165nqca6584ausd778gipq8174wcn7851qcn5052qca9367sdm630mdm9607_firmwareqcn6112_firmwaresa415m_firmwarewcn3988_firmwareqcn9074qca6421qca8085sd778g_firmwaresa8195psm4375_firmwarewcd9326wcd9335qcn6023qcs4290_firmwareqca8085_firmwareqcs6490_firmwareqca6390qca9898_firmwaresd750g_firmwareaqt1000msm8976wcd9375sm6250_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwaresdx20_firmwarewsa8815_firmwareapq8017qcx315qcm6125_firmwaresd780gsd865_5gqca6595qcc5100ipq8065_firmwareqcx315_firmwaresd665_firmwareqcn5154qca8075_firmwaresc8180xmdm9206wcn6855_firmwareqcn6132_firmwareqcn9003_firmwareqca9888qca6310_firmwareipq8070a_firmwaremdm9615qca6574_firmwareqca9886sm7325p_firmwaresd665qca6175asd765qca6574a_firmwareqrb5165msd850_firmwaresm7315apq8009mdm9310qcn6102csrb31024_firmwareqcm6490_firmwareqcn9070_firmwaresd480_firmwareipq6028_firmwareipq8072a_firmwaresc8180x_firmwareqca9889_firmwaresd710mdm9607qcn5122mdm9645_firmwaresdx20m_firmwareqcn5022qca6564_firmwaresd768gqca1064_firmwarewcn6740qca8075apq8096au_firmwareqcn6024qcn9022sd845mdm9615_firmwareqcn9002_firmwareipq6000_firmwaresdx12qcs410_firmwareqca6175a_firmwaresd_8cx_gen3_firmwareqca2066sa6150p_firmwareqcs610qca6431_firmwarewcd9360_firmwaresdx65qca4024_firmwareipq8078aipq5028_firmwaresa8150p_firmwareqcs2290qca6335qca2062csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqca6554a_firmwareqam8295psd_8cx_gen2_firmwareipq8076amdm9628qca8386_firmwaresd_8_gen1_5g_firmwareqca8084_firmwaresd710_firmwareqca4020qca6428qca6574au_firmwareqcn5164_firmwareipq8071wcd9375_firmwaresa6155_firmwaresdx12_firmwarewcd9360sdx20mqca6438_firmwaresd680_firmwarewcn3999qrb5165_firmwareipq5028qrb5165m_firmwareipq4029_firmwareqcs6125ipq6010sd662_firmwareqcs405qcn6132sw5100qca4020_firmwareqca6436wcn6851sa6155pqcs603_firmwarewcd9341ipq8068_firmwareqca2066_firmwareqca6431sd750gipq9008_firmwarewcn3910_firmwaresxr2150p_firmwarewsa8830_firmwaresd855_firmwarewcn3988qca6438wcn7850_firmwaresa8195p_firmwareqca9898sa8295p_firmwareipq4028wcn3610mdm9640ipq5018_firmwareqca8337_firmwarewcd9380_firmwareipq8072asw5100pmsm8996au_firmwarewcd9330ipq8076a_firmwareqca6564auwcn6856_firmwareipq9008qcn5164qcn5054_firmwaresdx50m_firmwareqca8072_firmwareqca6174qca6430_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqcs605sd7cwcn3910qca6320mdm9650_firmwareqca9986_firmwareqca6426_firmwarewcn3660b_firmwareqca9984qcn9024wcd9330_firmwaresdx55mipq8064_firmwareqca6421_firmwaresd821_firmwarear8031_firmwareqrb5165wcn6851_firmwareipq8070sd_636_firmwareqca6564a_firmwaresd480sd870qsm8250ipq6018sd695_firmwaresdxr1apq8096auqca6595_firmwareqcs405_firmwaresa8145pqca2064sd780g_firmwaresd888_firmwaresa8155psd675ar8035_firmwareqcm2290qcn5024_firmwarewcn3991_firmwaresd678qcn9070sa8145p_firmwareqcs2290_firmwaresd7c_firmwarecsra6620qcn9072qca8386sd765g_firmwareipq8069_firmwareqca6390_firmwareipq6000qca6174_firmwaresd730_firmwarewcd9370qcn5152_firmwareqca6584au_firmwareapq8076_firmwareqcn9000_firmwareipq5018sd_8cx_firmwareqcn7605qca2065sd662qcn5124_firmwareqam8295p_firmwareqca1064qcn6100_firmwareqca8082_firmwareqca6320_firmwarewcn3680b_firmwareqca6595auwcn3999_firmwareqca6436_firmwareipq5010qca6564au_firmwaresa6155p_firmwareqca6310qcn9274qcn9001qca9990qcs6490sa515m_firmwaresdxr2_5gsd821sa6145p_firmwaresm6250sd712_firmwareapq8017_firmwarewsa8810_firmwaresd765_firmwareqca8081ipq8071aqca6174a_firmwareipq8071a_firmwarewcd9385qca2065_firmwaresd_8cx_gen3ar8035csr8811apq8064auqcn9100_firmwaresd820qcm6490wcn6850_firmwarewsa8835_firmwareqca6564asa4150pqca8072qcm2290_firmwarewcn3990qcn9000sd_675qca6554aar9380_firmwaresdx24qcn9012sd888qcn6122_firmwarewsa8835msm8996ausd888_5gsm6250pipq4018qca6574aqca9889qca6174asm7325pipq8074qca9994_firmwarewcn6750qcn9003ipq8076_firmwaresa515msd855sm4125_firmwareipq8076qcn5021ipq8069qcn5152sd768g_firmwaresd460qca6391sdxr1_firmwareaqt1000_firmwareqcn9100sdx65_firmwareqcm4290sdx50msdx20mdm9215qcn9011sd_455ipq8074_firmwareqca6574ausa8155p_firmwareipq9574wcd9341_firmwareqcm6125wsa8810wcn6856wcn3680bsd835_firmwareipq6010_firmwareqca6696sd845_firmwaresa6150pqcn9022_firmwareqca9990_firmwareipq8070aqcn6100qcn9072_firmwaresm7250psd720g_firmwareipq8071_firmwareqcn9074_firmwaresw5100_firmwareipq4029sd850Snapdragon
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-33295
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-8.2||HIGH
EPSS-0.08% / 23.76%
||
7 Day CHG~0.00%
Published-04 Apr, 2023 | 04:46
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer over-read in Modem

Information disclosure in Modem due to buffer over-read while parsing the wms message received given the buffer and its length.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9206wcd9306snapdragon_wear_1300mdm8207snapdragon_wear_1200wcd9330mdm9207snapdragon_x5_lte_modem_firmwaremdm8207_firmwaresnapdragon_wear_1100mdm9205_firmwaremdm9205qca4004_firmwaremdm9206_firmwaremdm9207_firmwareqca4004qts110wcd9306_firmwaresnapdragon_wear_1100_firmwaresnapdragon_wear_1300_firmwarewcd9330_firmwaresnapdragon_wear_1200_firmwaresnapdragon_x5_lte_modemqts110_firmwareSnapdragon
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-32639
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 4.38%
||
7 Day CHG~0.00%
Published-03 Jan, 2023 | 00:00
Updated-10 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In watchdog, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494487; Issue ID: ALPS07494487.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt8362amt8532mt8167sandroidmt6833mt8765mt6771mt6877mt6785mt8786mt6739mt8791mt8167mt8385mt6781mt8518smt6873mt6768mt6853MT6739, MT6768, MT6771, MT6781, MT6785, MT6833, MT6853, MT6873, MT6877, MT8167, MT8167S, MT8362A, MT8385, MT8518S, MT8532, MT8765, MT8786, MT8791
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-33291
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-8.2||HIGH
EPSS-0.07% / 21.25%
||
7 Day CHG~0.00%
Published-04 Apr, 2023 | 04:46
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer over-read in Modem

Information disclosure in Modem due to buffer over-read while receiving a IP header with malformed length.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_1100_wearable_platformwsa8830wcd9380_firmwaressg2125psxr2230p_firmware9207_lte_modemwcd9330wcn785x-59205_lte_modemcsra6620qca4024_firmwarewsa8835sxr1230p_firmwarewcd9380snapdragon_wear_1300_platformcsra6620_firmwarehome_hub_100_platformssg2125p_firmwaressg2115pcsra6640_firmwarewcn685x-5_firmwaresxr1230pwcn685x-1qcs400_firmwarewcd9335_firmwarewcn3980wcn3998wcd9385_firmwaresnapdragon_1200_wearable_platform_firmwarewsa8815sxr2230pwcn3999_firmwarewcn3998_firmwarewcn785x-5_firmwarewcn3980_firmwarewcd9330_firmware9205_lte_modem_firmwarewcd9306mdm8207wcn3999snapdragon_x5_lte_modem_firmwarear8031_firmwarewsa8832_firmware9206_lte_modemwcn685x-5qca4004_firmware9206_lte_modem_firmwarewcn785x-1_firmwareqts110wcd9306_firmwarewsa8810_firmwarewsa8810home_hub_100_platform_firmwarewsa8832snapdragon_ar2_gen_1_platform_firmwarewcd9335qca4010snapdragon_ar2_gen_1_platformwcn685x-1_firmwaresnapdragon_wear_1300_platform_firmwarewcd93859207_lte_modem_firmwarear8031mdm8207_firmwareqca4024snapdragon_1100_wearable_platform_firmwareqca4004wsa8830_firmwarecsra6640wsa8815_firmwarewsa8835_firmwaressg2115p_firmwaresnapdragon_1200_wearable_platformqcs400qca4010_firmwarewcn785x-1snapdragon_x5_lte_modemqts110_firmwareSnapdragon9205_lte_modem_firmwarewcd9380_firmwaresxr2230p_firmwaresmart_audio_400_platform_firmwarear8031_firmwaresnapdragon_x5_lte_modem_firmwarewsa8832_firmwarefastconnect_6900_firmwareqca4004_firmware9206_lte_modem_firmwareqca4024_firmwarewcd9306_firmwaresxr1230p_firmwarewsa8810_firmwarefastconnect_7800_firmwarehome_hub_100_platform_firmwaresnapdragon_ar2_gen_1_platform_firmwarecsra6620_firmwaressg2125p_firmwarecsra6640_firmwaresnapdragon_wear_1300_platform_firmware9207_lte_modem_firmwarewcd9335_firmwaremdm8207_firmwarewcd9385_firmwaresnapdragon_1200_wearable_platform_firmwaresnapdragon_1100_wearable_platform_firmwarewsa8830_firmwarewsa8815_firmwarewsa8835_firmwarefastconnect_6200_firmwaressg2115p_firmwarewcn3999_firmwarewcn3980_firmwarewcd9330_firmwareqca4010_firmwareqts110_firmware
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-32602
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 5.30%
||
7 Day CHG~0.00%
Published-08 Nov, 2022 | 00:00
Updated-01 May, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07388790; Issue ID: ALPS07388790.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt8766mt8797mt6833mt8321androidmt8789mt8768mt8385mt8183mt8791tmt6983mt6883mt8765mt8185mt8786mt8675mt8791MT6833, MT6883, MT6983, MT8183, MT8185, MT8321, MT8385, MT8675, MT8765, MT8766, MT8768, MT8786, MT8789, MT8791, MT8791T, MT8797
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-32595
Matching Score-6
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-6
Assigner-MediaTek, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.04% / 10.96%
||
7 Day CHG~0.00%
Published-06 Feb, 2023 | 00:00
Updated-26 Mar, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In widevine, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446236; Issue ID: ALPS07446236.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6895mt6769mt8765mt6853tmt6877mt6785mt6781mt6855mt6885mt6889mt6875mt6779mt8768mt8766mt8781mt6833mt6768mt6765androidmt6893mt8786mt8788mt8791mt6883mt6853mt8385mt6762mt8789mt6879mt6789mt6891mt8797mt6873MT6762, MT6765, MT6768, MT6769, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT8385, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8797
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-33236
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.20% / 42.03%
||
7 Day CHG~0.00%
Published-15 Nov, 2022 | 00:00
Updated-22 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Transient DOS due to buffer over-read in WLAN firmware while parsing cipher suite info attributes. in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwareqcn9072_firmwareqcn9000qca8082qcn5054_firmwareqca9889qcn6024_firmwareipq5018ipq6028qcn9070wcn7850qcn5122qca6426_firmwareipq8078aqca9889_firmwareipq5028_firmwareqcn5124wsa8830wcn6740_firmwarewcn6856wsa8815qcn9003qca6390ipq9008ipq5010_firmwarewcn7851_firmwareipq9008_firmwareqca4024_firmwarewcn6850csr8811ipq6018_firmwareqcn9100_firmwareqca8386_firmwareqcn5122_firmwareqcn5022_firmwareqcn6024ipq8078a_firmwareqca8386qca8072qca8084_firmwareipq6010sd865_5g_firmwareqcn5024qcn9074qcn9274_firmwareqcn5054wcd9380qcn6102_firmwareqcn5024_firmwareqcn5052qca8081ar8035_firmwarewcn6856_firmwareqcn6132_firmwaresd870ipq6018qcn5152_firmwareipq5018_firmwareqcn6100_firmwareqca6390_firmwarear8035qcn6112qcn9024_firmwarewcn6855_firmwareqca8072_firmwarewcn6855ipq8072aipq8070asdx65_firmwareipq8070a_firmwaresd870_firmwareqcn5124_firmwareipq8078_firmwareqcn5164_firmwareqcn5152ipq6028_firmwareqcn6023qca8081_firmwareqcn9022wsa8835qca9888_firmwarewcn6850_firmwarecsr8811_firmwareqcn9002_firmwareqcn9274wsa8810_firmwareqca8337_firmwarewsa8815_firmwareqcn5164qca8075_firmwareqcn6122_firmwarewcn6740ipq8072a_firmwareipq8078ipq8076aqca6436wcn7850_firmwareqcn6112_firmwaresdx65ipq8071aqca4024wsa8810qcn9000_firmwareipq8173_firmwareqcn9001_firmwareqcn9070_firmwareqca8075wsa8835_firmwareipq8076qcn5154_firmwareipq6010_firmwareqca6391qcn9024qcn5052_firmwarewcn6851ipq8076a_firmwareqca9888ipq8074aqcn6023_firmwarewsa8830_firmwareqca8082_firmwareipq8174_firmwareqca8337sd_8_gen1_5g_firmwareqcn6100ipq8174qcn6122qcn6132wcn6851_firmwareqca8084qca6391_firmwareqcn9074_firmwareqcn5154qca8085_firmwareipq8173qcn9001qcn9072ipq8076_firmwaresd865_5gqca6426qcn9003_firmwareqcn9100qcn5022sm8475ipq8071a_firmwareqca8085ipq6000ipq5010wcn7851qcn9002qcn9022_firmwareipq5028qca6436_firmwareipq8074a_firmwareipq6000_firmwareqcn6102Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-13911
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 55.34%
||
7 Day CHG~0.00%
Published-14 Jun, 2019 | 17:02
Updated-05 Aug, 2024 | 09:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bounds memory read and access may lead to unexpected behavior in GNSS XTRA Parser in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632mdm9635m_firmwaremdm9640_firmwaresd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdm439mdm9650sd_636snapdragon_high_med_2016_firmwaremsm8909w_firmwaremsm8996ausd_820sd_650sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_652sd_425_firmwaresd_625_firmwaresd_450mdm9635msd_8cx_firmwaremdm9615sd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sxr1130_firmwaresd_210_firmwaresd_652_firmwaresxr1130msm8909wsd_205_firmwaresd_212sd_650_firmwaresd_427_firmwaresd_712sd_855sd_730_firmwaresdx20sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435mdm9655_firmwaresd_710_firmwaresdm630sd_625qm215sd_820_firmwaresd_210mdm9607sd_636_firmwaresd_439_firmwaremdm9150sd_429_firmwaresd_730snapdragon_high_med_2016sd_212_firmwaresd_850_firmwaremdm9655sdm439_firmwaresd_855_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_8cxsd_430qm215_firmwaresd_427sd_670sd_435_firmwaremdm9615_firmwaresdx20_firmwaresd_710sd_205sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-33253
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.11% / 30.31%
||
7 Day CHG~0.00%
Published-06 Jan, 2023 | 05:02
Updated-09 Apr, 2025 | 19:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer over-read in WLAN

Transient DOS due to buffer over-read in WLAN while parsing corrupted NAN frames.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_8cx_gen3_firmwareqca2066sa6150p_firmwareqca8337ar9380ipq8173_firmwareqca6431_firmwarewcd9360_firmwaresdx65qcn5124qca4024_firmwaresc8180x\+sdx55ipq8078aipq5028_firmwaresa8150p_firmwareqca6595au_firmwaresa6155qca2062sa415mwcn3998qca6554a_firmwareqam8295psd_8cx_gen2_firmwareqcn6024_firmwareipq8076aqca8386_firmwaresd_8_gen1_5g_firmwareqca8084_firmwareqsm8350_firmwareqsm8350sm7315_firmwarewcn7850qca6574au_firmwareqcn5164_firmwarewcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwareqca6420wcd9360qcn9002qca9986ipq8070_firmwareipq8065ipq8078a_firmwaresd_8cx_gen2qrb5165_firmwareipq5028qrb5165m_firmwaresa8155_firmwareipq6010ipq8068qca6430wcd9340qcn6132qca6436wcn6851sa6155pwcn7851_firmwareqca9888_firmwareqcn6122wcd9341ipq8068_firmwareqca2066_firmwareqca6696_firmwareqca6431sd870_firmwareqca1062ipq9008_firmwareqcn5154_firmwaresxr2150p_firmwaresa8150pwsa8830_firmwareqca9992_firmwaresd865_5g_firmwarewcn7850_firmwaresa8195p_firmwaresm8475qcn5022_firmwarewcn6750_firmwaresa8295p_firmwareipq5018_firmwareqca9985_firmwareqca8337_firmwarewcd9380_firmwareipq8072aqca9980_firmwareipq8076a_firmwareipq8078qca8084qcn9001_firmwareipq8173sdx55m_firmwareqca6564auwcn6856_firmwareipq9008qcn5164qca6574csr8811_firmwarewcd9380qcn5054_firmwareqcn5024qca8072_firmwareqca9985qcn9012_firmwareqca6430_firmwareqcn9274_firmwareqcn5052_firmwarewcn3980ipq6018_firmwarewcd9340_firmwarewsa8815wcn6850pmp8074_firmwareqcn6112qca9986_firmwareqca6426_firmwareqca9984ipq6028ipq8064qcn9024pmp8074ipq9574_firmwarewcn3980_firmwaresdx55mipq8064_firmwaresa8295pqca6421_firmwareqca2062_firmwarewcn6740_firmwareipq8078_firmwareqcn5054qrb5165wcn6851_firmwareipq8070qca9994qca9980qcn9024_firmwareipq8174_firmwaresd870wcn6855qsm8250sa6145pipq6018qca9886_firmwareqca6595_firmwaresa8145pqca6391_firmwaresa4150p_firmwareqca4024wcd9370_firmwareqca2064sd780g_firmwaresdx55sd888_firmwareqcn5021_firmwaresa8155psxr2150par8035_firmwareqsm8250_firmwareqcn5024_firmwarewsa8830qcn9070sa8145p_firmwareqca1062_firmwarecsrb31024qca8082qcn9072qca8386qca9992qca6420_firmwareqca6390_firmwareqca2064_firmwareipq6000wcd9370qcn5152_firmwareqca6426qca6584au_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwareipq5018wcd9385_firmwaresdxr2_5g_firmwareipq8074aqca2065qcn5124_firmwareqam8295p_firmwareqcn6102_firmwareqcn9011_firmwareqca1064sa8155qcn6100_firmwareqca8082_firmwareqcn5122_firmwaresdx55_firmwareqca6595auqcn6023_firmwareqca6436_firmwareqrb5165nipq5010qca6564au_firmwareqca6584ausd778gsa6155p_firmwareqcn9274ipq8174wcn7851qcn9001qca9990qcs6490qcn5052sa515m_firmwaresdxr2_5gqcn6112_firmwaresa415m_firmwareqcn9074sa6145p_firmwareqca6421qca8085sd778g_firmwaresa8195pwsa8810_firmwareqca8081qcn6023ipq8071aipq8071a_firmwarewcd9385qca8085_firmwareqcs6490_firmwareqca2065_firmwaresd_8cx_gen3qca6390wcd9375ar8035aqt1000csr8811sc8180x\+sdx55_firmwareqcn9100_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwarewsa8815_firmwareqcm6490wcn6850_firmwarewsa8835_firmwareqcx315sa4150pqca8072qcn9000sd780gqca6554asd865_5gqca6595ar9380_firmwareqcn9012sd888qcn6122_firmwareipq8065_firmwareqcx315_firmwarewsa8835sd888_5gqcn5154qca8075_firmwareqca6574awcn6855_firmwareqca9889sm7325pqcn6132_firmwareqcn9003_firmwareqca9888qca9994_firmwarewcn6750qcn9003ipq8070a_firmwareipq8076_firmwaresa515mqca6574_firmwareqca9886sm7325p_firmwareipq8076qca6574a_firmwareqcn5021qcn5152qrb5165msm7315qca6391aqt1000_firmwareqcn6102qcn9100sdx65_firmwarecsrb31024_firmwareqcm6490_firmwareqcn9070_firmwareipq6028_firmwareipq8072a_firmwareqcn9011qca6574auqca9889_firmwaresa8155p_firmwareqcn5122ipq9574wcd9341_firmwarewsa8810wcn6856qcn5022ipq6010_firmwareqca1064_firmwarewcn6740qca6696sa6150pqca8075qcn9022_firmwareqcn6024qcn9022qca9990_firmwareipq8070aqcn9002_firmwareqcn6100qcn9072_firmwareipq6000_firmwareqcn9074_firmwareSnapdragon
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-1897
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-4.6||MEDIUM
EPSS-0.11% / 30.52%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 05:30
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible Buffer Over-read due to lack of validation of boundary checks when loading splash image in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwarewcn3991sda429w_firmwaresd678wcd9380_firmwaresd_675wcd9330sdx55m_firmwaremsm8909w_firmwarewcn3950_firmwarewcd9380qca6420_firmwarequalcomm215apq8009_firmwaresd730_firmwarewcd9370sd_675_firmwaresd675_firmwaresdx50m_firmwaremdm9206qca6430_firmwareqca9377wcn3980wcn3998wcn3950wcd9326_firmwaresd720gwcn3615_firmwaremdm9206_firmwarewcd9340_firmwarewcn3660bsd855wsa8815wcn3660b_firmwarewcn3680wcn3680b_firmwaresdx55_firmwarewcd9375_firmwarewcn3615wcn3998_firmwarewcn3980_firmwaremsm8909wapq8009wcn3610_firmwareapq8009w_firmwareqca6420apq8053_firmwaresd730sdx55mwcd9330_firmwareaqt1000_firmwareqca9367_firmwaresd678_firmwarewcn3680_firmwaresdx50mqca9367wcn3988_firmwareqca6430sd205sm6250sd205_firmwarewcd9340apq8009wwsa8810_firmwarequalcomm215_firmwarewcd9341_firmwarewsa8810wcd9326sd210_firmwarewcn3680bwcd9341wcd9375wcd9370_firmwareaqt1000sm6250_firmwaresdx55apq8053sd675sda429wsd210sd855_firmwarewcn3620_firmwarewcn3988wsa8815_firmwarewcn3620sd720g_firmwarewcn3610Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-33220
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-5.1||MEDIUM
EPSS-0.02% / 3.10%
||
7 Day CHG~0.00%
Published-05 Sep, 2023 | 06:23
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer over-read in Automotive multimedia

Information disclosure in Automotive multimedia due to buffer over-read.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wsa8830wcd9380_firmwaresa6150p_firmwaresa8145p_firmwaresw5100psd865_5gqcc5100sdx55m_firmwarewcn6856_firmwarewsa8835sd_8_gen1_5gwcd9380sa8150p_firmwaresd888_5gqca6420_firmwareqca6595au_firmwareqca6390_firmwarewcn6855_firmwareqca6426qca6430_firmwarewcn3980wcn3998wcd9385_firmwareqam8295psdxr2_5g_firmwaresd_8_gen1_5g_firmwaresd855wsa8815wcn6850qam8295p_firmwareqca6426_firmwarewcn7850qca6574au_firmwareqca6595auwcn3998_firmwarewcn3980_firmwareqca6391sdx55mqca6420qca6436_firmwaresa8295pqcc5100_firmwareaqt1000_firmwaresa6155p_firmwarewcn7851sdxr2_5gwcn6851_firmwarewcn3988_firmwareqca6430qca6574ausa6145p_firmwaresa8155p_firmwaresa8195pwsa8810_firmwarewcd9341_firmwaresw5100wsa8810sd870qca6436wcn6851wcn6855sa6155psw5100p_firmwarewcn7851_firmwarewcn6856sa6145pwcd9385wcd9341qca6696_firmwaresa8145psd870_firmwareqca6696qca6391_firmwareqca6390aqt1000sa8150psa6150psa8155pwsa8830_firmwaresd855_firmwaresd865_5g_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwarewcn7850_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresw5100_firmwaresa8295p_firmwareSnapdragon
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-1899
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-4.6||MEDIUM
EPSS-0.05% / 13.58%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 05:30
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer over read due to lack of length check while flashing meta images in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewcn3991sda429w_firmwaresd678wcd9380_firmwaresd_675sdm429wsdx55m_firmwaremsm8909w_firmwaresdm429w_firmwarewcn3950_firmwarewcd9380qca6420_firmwarequalcomm215sd730_firmwarewcd9370sd_675_firmwaresd675_firmwaresdx50m_firmwareqca9379_firmwareqca6174aqca6430_firmwarewcn3980wcn3998wcn3950wcd9326_firmwaresd720gwcn3615_firmwarewcn3660bsd855wsa8815qca4020wcn3660b_firmwarewcn3680wcn3680b_firmwaresdx55_firmwarewcd9375_firmwarewcn3615wcn3998_firmwarewcn3980_firmwaremsm8909wsd730wcn3610_firmwareapq8009w_firmwareqca6420sdx55maqt1000_firmwaresd678_firmwarewcn3680_firmwaresdx50mwcn3988_firmwareqca6430sd205sm6250sd205_firmwareapq8009wwsa8810_firmwarequalcomm215_firmwarewcd9341_firmwarewsa8810qca4020_firmwarewcd9326sd210_firmwarewcn3680bqca6174a_firmwarewcd9341wcd9375wcd9370_firmwareaqt1000sm6250_firmwaresdx55sd675sda429wsd210sd855_firmwarewcn3620_firmwarewcn3988wsa8815_firmwarewcn3620sd720g_firmwareqca9379wcn3610Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-33255
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-8.2||HIGH
EPSS-0.08% / 24.38%
||
7 Day CHG~0.00%
Published-06 Jan, 2023 | 05:02
Updated-09 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer over-read in Bluetooth HOST

Information disclosure due to buffer over-read in Bluetooth HOST while processing GetFolderItems and GetItemAttribute Cmds from peer device.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6595ausa6155_firmwaresd660_firmwarewcd9335wcn3990_firmwaresdm429w_firmwarewsa8815_firmwarewcn7851_firmwarewsa8835_firmwareqcs605_firmwarewsa8810sa6145psd845sa6155sa8145psd205_firmwareqcc5100_firmwaresd439_firmwareqcn9074_firmwaresd210_firmwaresd626sd870wcn6856qca6335_firmwarewcn3680sd439wcn6855_firmwarewsa8830sd429wcn7850_firmwareqcn9012qca6431_firmwaresdx55mqcc5100qcs605wcd9385qca6426_firmwarewsa8830_firmwaresa8155_firmwaresdx55m_firmwarewcn3660bqcm6125sd865_5g_firmwarewcn3988wcn3615_firmwarewcn6855msm8608qcn9012_firmwareqca6310qcn9011sa8155pqca6431sd845_firmwarewcd9340_firmwareqcs410_firmwaresw5100pwsa8810_firmwareqca6421sw5100_firmwareqcs610qca6320wcn6851_firmwarequalcomm215sw5100p_firmwareqca6574a_firmwareqrb5165nqrb5165mwcn3615qcs405sd210wcn3950qcn9011_firmwarewcd9340qca6595wcn3988_firmwareqca6595au_firmwarewcn6850_firmwaresdm429wsa6150pwcd9370sd870_firmwarewcn6850msm8208_firmwareqrb5165_firmwaresa8195pqca6320_firmwareqcs410csra6620qca6391_firmwaremsm8108_firmwareqca6391sd660qca6390_firmwarewcn7850ar8031msm8208sd625wcd9341_firmwarewcn3680b_firmwarewsa8815qualcomm215_firmwaresdxr1wcn3980_firmwaresd625_firmwareqca6310_firmwaresd205qca6421_firmwaremsm8209sa8150p_firmwaresa6150p_firmwarewcn3610qcm6125_firmwarewcn3680bsa6145p_firmwareqca6574au_firmwarear8031_firmwarewcn6851qca6696_firmwaremsm8108wcd9380_firmwarecsra6640sd_8_gen1_5g_firmwareqca6696apq8009qcs610_firmwareqcs6125_firmwaresd835wcn3660b_firmwarewcd9385_firmwaresdxr1_firmwarewcn3680_firmwarewcn6856_firmwareqca6574auwcn3610_firmwarewcn3998sd835_firmwaresa6155p_firmwareqcs6125wsa8835qca6574qca6574aqcn9074msm8608_firmwareqca6426wcd9370_firmwaresa8155p_firmwareapq8009_firmwareqca6390wcd9326_firmwaresd865_5gwcd9380msm8209_firmwaresa8145p_firmwareqrb5165n_firmwarecsra6620_firmwaresd626_firmwarewcd9335_firmwareqca6436_firmwareqrb5165sdxr2_5gqrb5165m_firmwarewcn3998_firmwarewcn7851sw5100wcn3620_firmwaresa8155csra6640_firmwaresdxr2_5g_firmwarewcn3990sa8195p_firmwaresa8150pwcd9326qca6436wcn3620sd429_firmwareqca6595_firmwaresm8475qca6335qca6574_firmwareqcs405_firmwaresa6155pwcd9341wcn3950_firmwarewcn3980Snapdragon
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-33229
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-8.2||HIGH
EPSS-0.08% / 24.38%
||
7 Day CHG~0.00%
Published-09 Feb, 2023 | 06:58
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer over-read in Modem

Information disclosure due to buffer over-read in Modem while using static array to process IPv4 packets.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9306mdm8207wcd9330wcn3999ar8031_firmwareqca4004_firmwaremdm9607_firmwarecsra6620qcs405qca4024_firmwareqts110mdm9607wcd9306_firmwarewsa8810_firmwarewsa8810qca4020_firmwarewcd9335qca4010csra6620_firmwaremdm9206csra6640_firmwarear8031qcs405_firmwarewcd9335_firmwarewcn3980mdm8207_firmwaremdm9205_firmwaremdm9205mdm9206_firmwareqca4024wsa8815mdm9207_firmwareqca4004csra6640qca4020wsa8815_firmwarewcn3999_firmwarewcn3980_firmwarewcd9330_firmwareqca4010_firmwaremdm9207qts110_firmwareSnapdragoncsra6640_firmwareqcs405_firmwarewcd9335_firmwarear8031_firmwaremdm8207_firmwaremdm9205_firmwareqca4004_firmwaremdm9607_firmwaremdm9206_firmwaremdm9207_firmwareqca4024_firmwarewcd9306_firmwarewsa8815_firmwarewsa8810_firmwarewcn3999_firmwareqca4020_firmwarewcn3980_firmwarewcd9330_firmwarecsra6620_firmwareqca4010_firmwareqts110_firmware
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-11897
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.52%
||
7 Day CHG~0.00%
Published-19 Sep, 2018 | 14:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing diag event after associating to a network out of bounds read occurs if ssid of the network joined is greater than max limit.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-33309
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.13% / 33.80%
||
7 Day CHG~0.00%
Published-07 Mar, 2023 | 04:43
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buiffer over-read in WLAN Firmware.

Transient DOS due to buffer over-read in WLAN Firmware while parsing secure FTMR frame with size lesser than 39 Bytes.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn5024_firmwarewsa8830qcn9070sxr2230p_firmwareipq8173_firmwaresdx65qcn5124qca4024_firmwareqca8082qcn9072qca8386ipq8078aipq5028_firmwareipq6000ssg2115pqcn5152_firmwareqcn9000_firmwareipq5018wcd9385_firmwareipq8076aqca8386_firmwareqcn6024_firmwaresd_8_gen1_5g_firmwareqca8084_firmwareipq8074aqcn5124_firmwareqca8082_firmwarewcn7850qcn5164_firmwareqcn5122_firmwareqca8081_firmwareqcn6023_firmwareipq5010ipq8078a_firmwareqcn9274ipq8174wcn7851ipq5028qcn5052ipq6010qcn9074qca8085sdx65mqcn6132qca8081wcn7851_firmwareipq8071aqcn6023sdx65m_firmwareipq8071a_firmwarewcd9385qca8085_firmwareqca9888_firmwareqcn6122ipq9008_firmwareqcn5154_firmwarecsr8811qcn9100_firmwarewsa8830_firmwareipq5010_firmwareipq8074a_firmwarewsa8835_firmwarewcn7850_firmwaresm8475qcn5022_firmwareipq5018_firmwarewcd9380_firmwaressg2125pqcn9000ipq8072aipq8076a_firmwareipq8078qca8084ipq8173wcn6856_firmwareipq9008qcn5164qcn6122_firmwarewsa8835sxr1230p_firmwarecsr8811_firmwarewcd9380qcn5154qca8075_firmwaressg2125p_firmwareqcn5024wcn6855_firmwareqca9889qcn6132_firmwaresxr1230pqca9888qcn5052_firmwareqcn9274_firmwareipq8070a_firmwareipq6018_firmwareipq8076_firmwaresxr2230pipq8076qcn5152ipq6028qcn9024ipq9574_firmwareqcn9100sdx65_firmwareipq8078_firmwarewsa8832_firmwareqcn9070_firmwareipq6028_firmwareipq8072a_firmwareqca9889_firmwareipq9574qcn5122qcn9024_firmwareipq8174_firmwarewsa8832wcn6855wcn6856ipq6018qcn5022ipq6010_firmwareqca4024qca8075qcn9022_firmwareqcn6024qcn9022ipq8070aqcn9072_firmwareipq6000_firmwaressg2115p_firmwareqcn9074_firmwareSnapdragon
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-33221
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.03% / 6.39%
||
7 Day CHG~0.00%
Published-09 Feb, 2023 | 06:58
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer over-read in Trusted Execution Environment

Information disclosure in Trusted Execution Environment due to buffer over-read while processing metadata verification requests.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn6855_firmwarewcd9380_firmwarewsa8830ssg2125psxr1230psxr2230p_firmwarewcd9385wcn7851wsa8832_firmwarewcd9385_firmwarewcn6856_firmwaresd_8_gen1_5g_firmwaresxr2230pwsa8830_firmwarewsa8835sxr1230p_firmwarewcn7850wcn7851_firmwarewcd9380wcn7850_firmwarewsa8835_firmwaressg2115p_firmwarewsa8832wcn6855sm8475ssg2125p_firmwarewcn6856ssg2115pSnapdragon
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-12824
Matching Score-6
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-6
Assigner-Adobe Systems Incorporated
CVSS Score-5.9||MEDIUM
EPSS-1.29% / 78.83%
||
7 Day CHG~0.00%
Published-29 Aug, 2018 | 13:00
Updated-05 Aug, 2024 | 08:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Action-Not Available
Vendor-n/aGoogle LLCAdobe Inc.Red Hat, Inc.Apple Inc.Microsoft CorporationLinux Kernel Organization, Inc
Product-enterprise_linux_serverlinux_kernelwindows_8.1enterprise_linux_workstationchrome_osmac_os_xwindowsflash_player_desktop_runtimewindows_10enterprise_linux_desktopflash_playerAdobe Flash Player 30.0.0.134 and earlier
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-33287
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-8.2||HIGH
EPSS-0.07% / 21.25%
||
7 Day CHG~0.00%
Published-04 Apr, 2023 | 04:46
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer over-read in Modem

Information disclosure in Modem due to buffer over-read while getting length of Unfragmented headers in an IPv6 packet.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_1100_wearable_platformwsa8830wcd9380_firmwaressg2125psxr2230p_firmware9207_lte_modemwcd9330wcn785x-59205_lte_modemcsra6620qca4024_firmwarewsa8835sxr1230p_firmwarewcd9380snapdragon_wear_1300_platformcsra6620_firmwarehome_hub_100_platformssg2125p_firmwaressg2115pcsra6640_firmwarewcn685x-5_firmwaresxr1230pwcn685x-1qcs400_firmwarewcd9335_firmwarewcn3980wcn3998wcd9385_firmwaresnapdragon_1200_wearable_platform_firmwarewsa8815sxr2230pwcn3999_firmwarewcn3998_firmwarewcn785x-5_firmwarewcn3980_firmwarewcd9330_firmware9205_lte_modem_firmwarewcd9306mdm8207wcn3999snapdragon_x5_lte_modem_firmwarear8031_firmwarewsa8832_firmware9206_lte_modemwcn685x-5qca4004_firmware9206_lte_modem_firmwarewcn785x-1_firmwareqts110wcd9306_firmwarewsa8810_firmwarewsa8810home_hub_100_platform_firmwarewsa8832snapdragon_ar2_gen_1_platform_firmwarewcd9335qca4010snapdragon_ar2_gen_1_platformwcn685x-1_firmwaresnapdragon_wear_1300_platform_firmwarewcd93859207_lte_modem_firmwarear8031mdm8207_firmwareqca4024snapdragon_1100_wearable_platform_firmwareqca4004wsa8830_firmwarecsra6640wsa8815_firmwarewsa8835_firmwaressg2115p_firmwaresnapdragon_1200_wearable_platformqcs400qca4010_firmwarewcn785x-1snapdragon_x5_lte_modemqts110_firmwareSnapdragon9205_lte_modem_firmwarewcd9380_firmwaresxr2230p_firmwaresmart_audio_400_platform_firmwarear8031_firmwaresnapdragon_x5_lte_modem_firmwarewsa8832_firmwarefastconnect_6900_firmwareqca4004_firmware9206_lte_modem_firmwareqca4024_firmwarewcd9306_firmwaresxr1230p_firmwarewsa8810_firmwarefastconnect_7800_firmwarehome_hub_100_platform_firmwaresnapdragon_ar2_gen_1_platform_firmwarecsra6620_firmwaressg2125p_firmwarecsra6640_firmwaresnapdragon_wear_1300_platform_firmware9207_lte_modem_firmwarewcd9335_firmwaremdm8207_firmwarewcd9385_firmwaresnapdragon_1200_wearable_platform_firmwaresnapdragon_1100_wearable_platform_firmwarewsa8830_firmwarewsa8815_firmwarewsa8835_firmwarefastconnect_6200_firmwaressg2115p_firmwarewcn3999_firmwarewcn3980_firmwarewcd9330_firmwareqca4010_firmwareqts110_firmware
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-33237
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.15% / 36.74%
||
7 Day CHG~0.00%
Published-15 Nov, 2022 | 00:00
Updated-22 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Transient DOS due to buffer over-read in WLAN firmware while processing PPE threshold. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwareqcn9072_firmwareqca6595au_firmwareqca1062qca6310sd730qcn9000qcn7606_firmwareipq8074ipq6028qca6696qca6421mdm9607qcn9070wcn7850qcn5122qsm8250_firmwareqca6564auqca6426_firmwaresd720gipq8078asa6150psd460sd710_firmwareqca9889_firmwareqcn5124wsa8830ipq8072wsa8815qcn9003ipq9008qca6430sd855ipq9008_firmwareqcs6490_firmwaresd_8cx_gen3_firmwarewcd9340qca0000_firmwaresdx55_firmwaresd_8cx_firmwaresxr2150p_firmwaresdxr2_5g_firmwaresd_8cx_gen2_firmwareqca8386_firmwaresc8180x\+sdx55_firmwareqcn5022_firmwaresa4155p_firmwaresd712qca8386qca8072sd765g_firmwareqca6574aqca8084_firmwaresd865_5g_firmwareqcm6125_firmwarewcn6750sa8295p_firmwaresm7325pqcn5024sd695_firmwareqcc5100qca9994qca6335sd_675qcs405qcn5024_firmwareqca6595qca6431_firmwarecsra6640sd480_firmwareqca6430_firmwareqca8081sm7315_firmwaresm7325p_firmwareqca6584ausd870ipq6018qca9367ipq5018_firmwareqca6390_firmwareqcn9024_firmwaresc8180x\+sdx55ipq4028_firmwareqcn9011_firmwaresa6155_firmwarewcn6855qcx315_firmwareipq8072aipq8070awcn3910ipq8070a_firmwaresd870_firmwareqcm6490_firmwaresm6250ipq8078_firmwareqca6431qca6595auwcd9370sd888_firmwareqcs4290_firmwarewcn3980qcn5152qca2066sm4125_firmwareqca9992sm7315qcn9022sd765_firmwaresd720g_firmwaresd765gsd670qca9888_firmwaresdx55mqam8295pwcn6850_firmwareqcn9002_firmwareqcn9274sm6250pwsa8810_firmwarewsa8815_firmwarewcn3991_firmwaresa8150psd850_firmwarewcn6740ipq8078qca6436ipq8076aipq8069ipq8071aqca4024qcn7605_firmwaresa8155psdxr1wsa8810qca6694_firmwareqca2062_firmwareqca2066_firmwaresw5100p_firmwareaqt1000_firmwareqcn9012wsa8835_firmwareipq8076wcd9335_firmwaresm7250p_firmwareqcn5154_firmwareqca6391ar9380_firmwareqcn9024qcn5052_firmwarecsra6620wcn3998_firmwarewcn6851sd778g_firmwarewcd9370_firmwaresd675qca6420_firmwareipq8074aqcn6023_firmwareqcx315qcc5100_firmwareqca6554a_firmwareqca8082_firmwareipq4028qcm6125ipq8174ipq8071ipq8064_firmwareqcn6122sd660csrb31024_firmwaresa4150p_firmwareipq8070qcs610qca6391_firmwarewcd9326_firmwareqcn9012_firmwaresm7250psa8155p_firmwarecsra6620_firmwaresa6145pwcn3910_firmwareqrb5165_firmwareqca8085_firmwarewcd9375sd750g_firmwareqca6696_firmwareipq8076_firmwareqca2064sxr2150psd865_5gqca2062ipq8071_firmwareqca9377sm6250p_firmwareqca9980_firmwareqcn9003_firmwarewcn3990_firmwarewcn3950_firmwarewcn3988sd778gwcd9371_firmwareipq8071a_firmwareqca8085sd750gqca9980sd768g_firmwareqcs605sd712_firmwarewcn7851qcn9002qca6310_firmwaresd710qca6436_firmwaresa8195p_firmwareqcn5021_firmwareqca9367_firmwareipq8074a_firmwarewcd9341_firmwareipq6000_firmwareqcn6102ipq4018wcd9340_firmwaresd850qca8082sd_675_firmwareqca6174a_firmwareqcn5021sd855_firmwaresd662_firmwareqcn5054_firmwareqca9889sdx50mwcd9371qcs405_firmwareqcn6024_firmwareqcs6490ipq5018sdx55sd460_firmwaremdm9628sa6155qca9990qcm4290_firmwareqca1064sm4375sd665_firmwaresdx20m_firmwarewcd9360_firmwareqrb5165m_firmwaresa6145p_firmwareqsm8350_firmwareipq5028_firmwaresd768gwcn6740_firmwarewcn6856sm4125qca6390sdx50m_firmwareipq5010_firmwaresa6155pipq8074_firmwaresa8150p_firmwaresd480wcd9330wcn7851_firmwaresa8145p_firmwaresw5100qca4024_firmwarewcn6850csr8811sa8145psa415mwcn3950qcs603_firmwareipq6018_firmwareqca6584au_firmwareqcn9100_firmwareqcn5122_firmwareqcn7605qcm6490qcn6024qca6174awcd9335wcn3999ipq8078a_firmwaresd7c_firmwaresd670_firmwareqca6595_firmwareqrb5165nipq6010qca6421_firmwareqca6438_firmwareqrb5165qca6574au_firmwaresd662qrb5165n_firmwareqca2065_firmwareipq4029_firmwareqam8295p_firmwaresa8295pqcs610_firmwareqcn9074qcm2290_firmwareqcn9274_firmwareqcn5054wcd9380ar8031qca6438qcm4290qcn6102_firmwareqcn5052sd660_firmwaresd730_firmwaremdm9628_firmwareqca2064_firmwaresd695ipq8064sd_8cx_gen3ipq8069_firmwarewcd9375_firmwaresa6150p_firmwaresd888ar8035_firmwareipq8070_firmwareqca0000wcn6856_firmwareqcn6132_firmwareaqt1000qcn5152_firmwareqcs603qcn6100_firmwarear8035qcn6112wcn6855_firmwareqca8072_firmwareqsm8250qca6420wcd9360sd780g_firmwareqca9898_firmwaresdx65_firmwareqcm2290qcn9011qcn5124_firmwaresa515msd845_firmwareqca6428_firmwaremdm9206sa515m_firmwaresdxr1_firmwareqcn5164_firmwareqca9994_firmwaremdm9607_firmwarewcn3990ipq6028_firmwareqcn6023sd690_5gqca8081_firmwareqca9984qca1062_firmwarewsa8835wcn3998ar8031_firmwarecsr8811_firmwareqca8337_firmwareqca9898qca8075_firmwareqcn5164qcs2290qrb5165mmdm9206_firmwareqcn6122_firmwareqca9990_firmwareqca1064_firmwaresd7cipq8072a_firmwaresd678wcd9385qca6574auwcn7850_firmwareqcn6112_firmwaresdx65wcd9385_firmwareipq4029wcn6750_firmwareqcs410_firmwareqcn9000_firmwareipq8173_firmwaresd680qcn9001_firmwaresd888_5gqcn9070_firmwarepmp8074qca8075pmp8074_firmwaresd678_firmwarewcn3999_firmwareqcs6125sm4375_firmwareipq6010_firmwareqca9984_firmwareqca6574qsm8350wcn3991sd_8cxcsra6640_firmwareqca6574_firmwaresa415m_firmwareipq8076a_firmwarear9380sdx20msa8195psd675_firmwareqca6574a_firmwareqca9888qca6694sd665sa8155_firmwarewsa8830_firmwaresd888_5g_firmwareipq8174_firmwareqca8337sd_8_gen1_5g_firmwaresm6250_firmwareqcn6100sdxr2_5gqcn6132wcd9341wcn3980_firmwareqcs2290_firmwarewcn6851_firmwareipq4018_firmwarewcd9326sd680_firmwareqca8084sa6155p_firmwareqcn9074_firmwareqca9992_firmwaresa4150pqcn5154qca2065qca9377_firmwaresw5100_firmwareipq8173qcn9001qcn9072sd780gqca6564au_firmwarecsrb31024qca6426qca6335_firmwaresdx55m_firmwareqcs6125_firmwareqcn9100sd690_5g_firmwareqcn5022sm8475ipq8072_firmwaresa8155ipq6000sd765qcs605_firmwarewcd9330_firmwareipq5010wcn3988_firmwareqcn9022_firmwareqcs4290qca6554aipq5028sa4155pqcn7606sw5100psd_8cx_gen2sd845qcs410qca6428Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-11898
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.26%
||
7 Day CHG~0.00%
Published-19 Sep, 2018 | 14:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing start bss request from upper layer, out of bounds read occurs if ssid length is greater than maximum.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-0942
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-9.8||CRITICAL
EPSS-0.09% / 25.67%
||
7 Day CHG~0.00%
Published-13 Sep, 2022 | 19:13
Updated-03 Aug, 2024 | 15:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The path in this case is a little bit convoluted. The end result is that via an ioctl an untrusted app can control the ui32PageIndex offset in the expression:sPA.uiAddr = page_to_phys(psOSPageArrayData->pagearray[ui32PageIndex]);With the current PoC this crashes as an OOB read. However, given that the OOB read value is ending up as the address field of a struct I think i seems plausible that this could lead to an OOB write if the attacker is able to cause the OOB read to pull an interesting kernel address. Regardless if this is a read or write, it is a High severity issue in the kernel.Product: AndroidVersions: Android SoCAndroid ID: A-238904312

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-0632
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.5||MEDIUM
EPSS-0.10% / 27.42%
||
7 Day CHG~0.00%
Published-25 Oct, 2021 | 13:17
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wifi driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to a proximal attacker under certain build conditions with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05560246; Issue ID: ALPS05551383.

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidMT6739, MT6761, MT6762, MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-0666
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 2.38%
||
7 Day CHG~0.00%
Published-18 Nov, 2021 | 14:58
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In apusys, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672086; Issue ID: ALPS05672086.

Action-Not Available
Vendor-n/aGoogle LLCMediaTek Inc.
Product-mt9638mt9980mt6873mt6885mt9981mt9669mt9650mt6877mt8195mt6891mt6883mt9636mt9970androidmt9652mt6875mt8797mt6889mt9686mt9639mt8791MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8195, MT8791, MT8797, MT9636, MT9638, MT9639, MT9650, MT9652, MT9669, MT9686, MT9970, MT9980, MT9981
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-11955
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.32% / 54.64%
||
7 Day CHG~0.00%
Published-14 Jun, 2019 | 17:02
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of check on length of reason-code fetched from payload may lead driver access the memory not allocated to the frame and results in out of bound read in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 665, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDM439, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresd_850mdm9150_firmwaresd_632mdm9640_firmwaresd_820amsm8996au_firmwaresd_439sd_670_firmwaresd_429sdx24sdm439mdm9650sd_636sd_615_firmwaremsm8909w_firmwaremsm8996ausd_820sd_650sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaremdm9206sd_652sd_425_firmwareqca9379_firmwareqca6174asd_665sdx24_firmwaresd_625_firmwaresd_450qca9377sd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835qca6574au_firmwaresd_210_firmwaresd_600sd_652_firmwaresd_415_firmwaremsm8909wsd_665_firmwaresd_616_firmwaresd_205_firmwaresd_415sd_212sd_650_firmwaresd_427_firmwaresd_712sd_855sd_730_firmwarequalcomm_215sdx20sd_616sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_615sd_710_firmwareqcs405sd_625qca6574ausd_820_firmwaresd_210mdm9607sd_636_firmwaresd_439_firmwarequalcomm_215_firmwaremdm9150sd_429_firmwareqca6174a_firmwaresd_730sd_212_firmwaresd_850_firmwaresd_855_firmwaresdm439_firmwareqcs405_firmwaresd_712_firmwaresd_430sd_427sd_670sd_435_firmwaresdx20_firmwaresd_710sd_600_firmwaresd_205qca9379sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-1046
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 2.29%
||
7 Day CHG~0.00%
Published-15 Dec, 2021 | 18:06
Updated-03 Aug, 2024 | 15:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In lwis_dpm_update_clock of lwis_device_dpm.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-195609074References: N/A

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-11963
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.19%
||
7 Day CHG~0.00%
Published-20 Dec, 2018 | 15:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Buffer overread may occur due to non-null terminated strings while processing vsprintf in camera jpeg driver.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-0900
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 2.38%
||
7 Day CHG~0.00%
Published-17 Dec, 2021 | 16:10
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In apusys, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05672055.

Action-Not Available
Vendor-n/aGoogle LLCMediaTek Inc.
Product-mt6873mt6893androidmt6885mt6875mt8797mt6889mt8791mt6877mt8195mt6891mt6883MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8195, MT8791, MT8797
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-0924
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.32%
||
7 Day CHG~0.00%
Published-15 Dec, 2021 | 18:05
Updated-03 Aug, 2024 | 15:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In xhci_vendor_get_ops of xhci.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-194461020References: Upstream kernel

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-0674
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 4.30%
||
7 Day CHG~0.00%
Published-17 Dec, 2021 | 16:10
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In alac decoder, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06064258; Issue ID: ALPS06064237.

Action-Not Available
Vendor-n/aGoogle LLCMediaTek Inc.
Product-mt6757cdmt8175mt6873mt6893mt8765mt6799mt6580mt8788mt6750mt6755smt8167mt6765mt6757cmt8183mt6737mt6883mt6853tmt6739mt6757mt8768mt6797mt8789mt6761mt8797mt6889mt8321mt6768mt8362amt8786mt8766mt6755mt8167smt6771mt8385mt6758mt6833mt6885mt6735mt6750smt6753mt6877mt6781mt8365mt8195mt6853mt8168mt6570mt6757chandroidmt8176mt8185mt8791mt6779mt8163mt6785mt6763mt8173MT6570, MT6580, MT6735, MT6737, MT6739, MT6750, MT6750S, MT6753, MT6755, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6758, MT6761, MT6763, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6797, MT6799, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6883, MT6885, MT6889, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8176, MT8183, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-0624
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-5.5||MEDIUM
EPSS-0.01% / 1.25%
||
7 Day CHG~0.00%
Published-18 Nov, 2021 | 14:55
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In flv extractor, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05594988; Issue ID: ALPS05594988.

Action-Not Available
Vendor-n/aGoogle LLCMediaTek Inc.
Product-mt6757cdmt8175mt6873mt6893mt8765mt6580mt8788mt6755smt8167mt6765mt6757cmt8183mt6737mt8735amt6853tmt8768mt6757mt8789mt6761mt8797mt6889mt8321mt6768mt8362amt8786mt8766mt8167smt6771mt8385mt6833mt6885mt6735mt6750smt6753mt6762mt6877mt8365mt8195mt6853mt8168androidmt6757chmt8185mt8791mt6779mt8163mt6785mt8735bmt6763mt8173MT6580, MT6735, MT6737, MT6739, MT6750S, MT6753, MT6755S, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6771, MT6779, MT6785, MT6833, MT6853, MT6853T, MT6873, MT6877, MT6885, MT6889, MT6893, MT8163, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8183, MT8185, MT8195, MT8321, MT8362A, MT8365, MT8385, MT8735A, MT8735B, MT8765, MT8766, MT8768, MT8786, MT8788, MT8789, MT8791, MT8797
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-0996
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.5||MEDIUM
EPSS-0.03% / 6.33%
||
7 Day CHG~0.00%
Published-15 Dec, 2021 | 18:06
Updated-03 Aug, 2024 | 15:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In nfaHciCallback of HciEventManager.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure over NFC with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-181346545

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-0902
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 2.38%
||
7 Day CHG~0.00%
Published-17 Dec, 2021 | 16:10
Updated-03 Aug, 2024 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In apusys, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05672107; Issue ID: ALPS05656484.

Action-Not Available
Vendor-n/aGoogle LLCMediaTek Inc.
Product-mt6873mt6893androidmt6885mt6875mt8797mt6889mt8791mt6877mt8195mt6891mt6883MT6873, MT6875, MT6877, MT6883, MT6885, MT6889, MT6891, MT6893, MT8195, MT8791, MT8797
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-33283
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-8.2||HIGH
EPSS-0.09% / 26.74%
||
7 Day CHG~0.00%
Published-06 Jan, 2023 | 05:02
Updated-09 Apr, 2025 | 15:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer over-read in WLAN

Information disclosure due to buffer over-read in WLAN while WLAN frame parsing due to missing frame length check.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_8cx_gen3_firmwareqca2066qca8337ar9380qca6431_firmwareipq8173_firmwaresdx65qcn5124qca4024_firmwareipq8078aipq5028_firmwareqca6595au_firmwareqca2062qca6554a_firmwareqam8295pipq8076aqca8386_firmwareqcn6024_firmwaresd_8_gen1_5g_firmwareqca8084_firmwareqsm8350_firmwareqsm8350sm7315_firmwarewcn7850qca6574au_firmwareqcn5164_firmwarewcd9375_firmwareqca8081_firmwareqcn9002qca9986ipq8070_firmwareipq8065ipq8078a_firmwareqrb5165_firmwareipq5028qrb5165m_firmwareipq6010ipq8068qcn6132qca6436wcn6851wcn7851_firmwareqca9888_firmwareqcn6122ipq8068_firmwareqca2066_firmwareqca6431qca6696_firmwaresd870_firmwareipq9008_firmwareqcn5154_firmwaresxr2150p_firmwarewsa8830_firmwareqca9992_firmwaresd865_5g_firmwarewcn7850_firmwaresm8475qcn5022_firmwaresa8295p_firmwarewcn6750_firmwareipq5018_firmwareqca9985_firmwareqca8337_firmwarewcd9380_firmwareipq8072aqca9980_firmwareipq8076a_firmwareipq8078qca6564auqca8084ipq8173qcn9001_firmwaresdx55m_firmwareipq9008wcn6856_firmwareqcn5164qca6574csr8811_firmwarewcd9380qcn5054_firmwareqcn5024qca8072_firmwareqca9985qcn9012_firmwareqcn5052_firmwareqcn9274_firmwarewcn3980ipq6018_firmwarewsa8815wcn6850pmp8074_firmwareqcn6112qca9986_firmwareqca6426_firmwareqca9984ipq6028ipq8064qcn9024pmp8074ipq9574_firmwarewcn3980_firmwaresdx55mipq8064_firmwaresa8295pqca6421_firmwareqca2062_firmwarewcn6740_firmwareipq8078_firmwareqcn5054qrb5165wcn6851_firmwareipq8070qca9994qca9980qcn9024_firmwareipq8174_firmwaresd870wcn6855ipq6018qca9886_firmwareqca6595_firmwareqca6391_firmwareqca2064qca4024sd780g_firmwarewcd9370_firmwaresd888_firmwareqcn5021_firmwaresxr2150par8035_firmwareqcn5024_firmwarewsa8830qcn9070qca8082qcn9072qca8386qca9992qca6390_firmwareqca2064_firmwareipq6000wcd9370qcn5152_firmwareqca6426qca6584au_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwareipq5018wcd9385_firmwaresdxr2_5g_firmwareipq8074aqca2065qcn5124_firmwareqam8295p_firmwareqcn6100_firmwareqcn6102_firmwareqcn9011_firmwareqca8082_firmwareqcn5122_firmwareqca6595auqcn6023_firmwareqca6436_firmwareqrb5165nipq5010qca6564au_firmwareqca6584ausd778gqcn9274ipq8174qca9990qcn9001qcs6490sdxr2_5gqcn5052wcn7851qcn6112_firmwareqcn9074qca6421qca8085sd778g_firmwarewsa8810_firmwareqca8081ipq8071aqcn6023ipq8071a_firmwarewcd9385qca8085_firmwareqca2065_firmwareqcs6490_firmwaresd_8cx_gen3ar8035csr8811qca6390wcd9375qcn9100_firmwareipq5010_firmwareipq8074a_firmwareqcm6490sd888_5g_firmwarewcn6850_firmwarewsa8815_firmwarewsa8835_firmwareqca8072qcn9000sd780gqca6554asd865_5gqca6595ar9380_firmwareqcn9012sd888qcn6122_firmwareipq8065_firmwarewsa8835sd888_5gqcn5154qca8075_firmwareqca6574awcn6855_firmwareqca9889sm7325pqcn6132_firmwareqcn9003_firmwareqca9888qca9994_firmwarewcn6750qcn9003ipq8070a_firmwareipq8076_firmwareqca6574_firmwareqca9886sm7325p_firmwareipq8076qca6574a_firmwareqcn5021qcn5152qrb5165msm7315qca6391qcn6102qcn9100sdx65_firmwareqcm6490_firmwareqcn9070_firmwareipq6028_firmwareipq8072a_firmwareqcn9011qca6574auqca9889_firmwareipq9574qcn5122wsa8810wcn6856qcn5022ipq6010_firmwarewcn6740qca6696qca8075qcn9022_firmwareqcn6024qcn9022qca9990_firmwareipq8070aqcn9002_firmwareqcn6100qcn9072_firmwareipq6000_firmwareqcn9074_firmwareSnapdragon
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-0941
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-6
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 19.94%
||
7 Day CHG~0.00%
Published-25 Oct, 2021 | 13:20
Updated-03 Aug, 2024 | 15:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In bpf_skb_change_head of filter.c, there is a possible out of bounds read due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-154177719References: Upstream kernel

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-125
Out-of-bounds Read
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • ...
  • 34
  • 35
  • Next
Details not found