Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2019-10575

Summary
Assigner-qualcomm
Assigner Org ID-2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At-16 Apr, 2020 | 10:46
Updated At-04 Aug, 2024 | 22:24
Rejected At-
Credits

Wlan binary which is not signed with OEMs RoT is working on secure device without authentication failure in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in SDA845, SDM845, SDM850

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:qualcomm
Assigner Org ID:2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At:16 Apr, 2020 | 10:46
Updated At:04 Aug, 2024 | 22:24
Rejected At:
▼CVE Numbering Authority (CNA)

Wlan binary which is not signed with OEMs RoT is working on secure device without authentication failure in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in SDA845, SDM845, SDM850

Affected Products
Vendor
Qualcomm Technologies, Inc.Qualcomm, Inc.
Product
Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
Versions
Affected
  • SDA845, SDM845, SDM850
Problem Types
TypeCWE IDDescription
textN/AImproper Authentication Issue in WLAN
Type: text
CWE ID: N/A
Description: Improper Authentication Issue in WLAN
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin
x_refsource_CONFIRM
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin
x_refsource_CONFIRM
x_transferred
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:product-security@qualcomm.com
Published At:16 Apr, 2020 | 11:15
Updated At:24 Aug, 2020 | 17:37

Wlan binary which is not signed with OEMs RoT is working on secure device without authentication failure in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in SDA845, SDM845, SDM850

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary2.07.2HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 7.2
Base severity: HIGH
Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
Qualcomm Technologies, Inc.
qualcomm
>>sda845>>-
cpe:2.3:h:qualcomm:sda845:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sda845_firmware>>-
cpe:2.3:o:qualcomm:sda845_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm845>>-
cpe:2.3:h:qualcomm:sdm845:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm845_firmware>>-
cpe:2.3:o:qualcomm:sdm845_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm850>>-
cpe:2.3:h:qualcomm:sdm850:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm850_firmware>>-
cpe:2.3:o:qualcomm:sdm850_firmware:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-347Primarynvd@nist.gov
CWE ID: CWE-347
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletinproduct-security@qualcomm.com
Vendor Advisory
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin
Source: product-security@qualcomm.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

1050Records found
CVE-2017-18310
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.01%
||
7 Day CHG~0.00%
Published-26 Oct, 2018 | 13:00
Updated-05 Aug, 2024 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ClientEnv exposes services 0-32 to HLOS in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_High_Med_2016

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_427_firmwaresd_820asd_412sdm636_firmwaresdm632_firmwaremsm8996au_firmwaresdm632sd_415sd_616sd_425sdm660sd_430_firmwaresd_615sd_435sd_650_firmwaresdm439sdm429sdm630sd_625sd_615_firmwaremsm8909w_firmwaresd_210msm8996ausd_820_firmwaresd_650sd_820sd_450_firmwaresd_845_firmwaresd_410sd_617sd_820a_firmwaresd_652sd_425_firmwaresd_212_firmwaresd_625_firmwaresd_450sdm439_firmwaresd_412_firmwaresdm636sdm630_firmwaresda660_firmwaresd_845sd_427sd_430sd_810sd_435_firmwaresd_835_firmwaresdm429_firmwaresd_410_firmwaresd_835sd_205sda660sd_210_firmwaresd_415_firmwaresd_652_firmwaremsm8909wsd_810_firmwaresd_616_firmwaresd_205_firmwaresdm660_firmwaresd_212sd_617_firmwareSnapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CVE-2017-18330
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.44%
||
7 Day CHG~0.00%
Published-03 Jan, 2019 | 15:00
Updated-05 Aug, 2024 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in AES-CCM and AES-GCM encryption via initialization vector in snapdragon automobile, snapdragon mobile and snapdragon wear in versions IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_632mdm9635m_firmwaremdm9640_firmwaresd_820amsm8996au_firmwaresd_439sd_429sdx24sdm439mdm9650sd_636sd_615_firmwaresnapdragon_high_med_2016_firmwaremsm8909w_firmwaremsm8996ausd_820sd_650sd_450_firmwaresd_410sd_820a_firmwaremdm9206sd_652sd_425_firmwaresdx24_firmwaresd_625_firmwareipq8074sd_450mdm9635mmdm9206_firmwaresd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sd_210_firmwaresd_415_firmwaresd_652_firmwaremsm8909wsd_616_firmwaresd_205_firmwaresd_415sd_212sd_650_firmwaresd_427_firmwaresd_412sd_616sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435mdm9655_firmwaresd_615sdm630sd_625ipq8074_firmwaresd_820_firmwaresd_210mdm9607sd_636_firmwaresd_439_firmwaresd_429_firmwaresnapdragon_high_med_2016sd_212_firmwaremdm9655sdm439_firmwaresd_412_firmwaresdm630_firmwaresda660_firmwaresd_430sd_427sd_810sd_435_firmwaresd_410_firmwaresd_205sd_810_firmwaresdm660_firmwaremdm9640Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CVE-2017-17767
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.19%
||
7 Day CHG~0.00%
Published-23 Feb, 2018 | 23:00
Updated-17 Sep, 2024 | 03:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all Qualcomm products with Android releases from CAF using the Linux kernel, the IL client may free a buffer OMX Video Encoder Component and then subsequently access the already freed buffer.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-18131
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.13%
||
7 Day CHG~0.00%
Published-06 May, 2019 | 22:19
Updated-05 Aug, 2024 | 21:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In QTEE, an incorrect fuse value can be blown in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 820, SD 820A, SD 835, SD 845, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_High_Med_2016.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_427_firmwaresd_820asd_412sdm636_firmwaresdm632_firmwaremsm8996au_firmwaresdm632sd_415sd_616sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_615sdm439sdm429sdm630sd_625sd_615_firmwaresnapdragon_high_med_2016_firmwaresd_210mdm9607msm8996ausd_820_firmwaresd_820sd_450_firmwaresd_845_firmwaresd_410sd_820a_firmwaremdm9206sd_425_firmwaresnapdragon_high_med_2016sd_212_firmwaresd_625_firmwaresd_450sdm439_firmwaresd_412_firmwaresdm636sdm630_firmwaresd_845mdm9206_firmwaresd_427sd_430sd_435_firmwaresd_835_firmwaresdm429_firmwaresd_410_firmwaresd_835sd_205sd_210_firmwaresd_415_firmwaresd_616_firmwaresd_205_firmwaresdm660_firmwaresd_212Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-665
Improper Initialization
CVE-2017-18311
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.69%
||
7 Day CHG~0.00%
Published-26 Oct, 2018 | 13:00
Updated-05 Aug, 2024 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

XPU Master privilege escalation is possible due to improper access control of unused configuration xPU ports where unused configuration ports are open in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_High_Med_2016.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9635m_firmwaremdm9640_firmwaresd_820asdm632_firmwaremsm8996au_firmwaresdm632sdm439mdm9650sdm429sd_615_firmwaremsm8909w_firmwaremsm8996aumdm9645sd_650sd_820sd_450_firmwaresd_410sd_820a_firmwaresd_652sd_425_firmwaresd_625_firmwaresd_450sdm636mdm9635msd_835_firmwaresdm429_firmwaremdm9650_firmwaresd_835sda660sd_210_firmwaresd_415_firmwaresd_652_firmwaremsm8909wsd_616_firmwaresd_205_firmwaresd_415sd_650_firmwaresd_212sd_427_firmwaresd_412sdm636_firmwaresd_616sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435mdm9655_firmwaresd_615sdm630sd_625sd_210mdm9607sd_820_firmwaremdm9645_firmwaresd_212_firmwaremdm9655sdm439_firmwaresd_412_firmwaresdm630_firmwaresda660_firmwaresd_427sd_430sd_810sd_435_firmwaresd_410_firmwaresd_205sd_810_firmwaresdm660_firmwaremdm9640Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CVE-2017-17765
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.49%
||
7 Day CHG~0.00%
Published-23 Feb, 2018 | 23:00
Updated-17 Sep, 2024 | 04:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all Qualcomm products with Android releases from CAF using the Linux kernel, multiple values received from firmware are not properly validated in wma_get_ll_stats_ext_buf() and are used to allocate the sizes of buffers and may be vulnerable to integer overflow leading to buffer overflow.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2017-18297
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.15%
||
7 Day CHG~0.00%
Published-23 Oct, 2018 | 13:00
Updated-05 Aug, 2024 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Double memory free while closing TEE SE API Session management in Snapdragon Mobile in version SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_652sd_625sd_425_firmwaresd_820_firmwaresd_820sd_625_firmwaresd_450sd_650sd_450_firmwaresd_652_firmwaresd_425sd_430_firmwaresd_430sd_650_firmwareSnapdragon Mobile
CWE ID-CWE-415
Double Free
CVE-2017-18298
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.15%
||
7 Day CHG~0.00%
Published-23 Oct, 2018 | 13:00
Updated-05 Aug, 2024 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of Input Validation in SDMX API can lead to NULL pointer access in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660 .

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_820asd_412msm8996au_firmwaresd_415sd_616sd_425sd_430_firmwaresd_615mdm9607_firmwaremdm9650sd_650_firmwaresd_625sd_615_firmwaresd_210mdm9607msm8996ausd_820_firmwaresd_650sd_820sd_450_firmwaresd_845_firmwaresd_410sd_617sd_820a_firmwaremdm9206sd_652sd_425_firmwaresd_212_firmwaresd_850_firmwaresd_625_firmwaresd_450sd_412_firmwaresda660_firmwaresd_845mdm9206_firmwaresd_430sd_810sd_835_firmwaremdm9650_firmwaresd_410_firmwaresd_835sd_205sda660sd_210_firmwaresd_415_firmwaresd_652_firmwaresd_810_firmwaresd_616_firmwaresd_205_firmwaresd_212sd_617_firmwareSnapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2017-18312
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 6.24%
||
7 Day CHG~0.00%
Published-23 Oct, 2018 | 13:00
Updated-05 Aug, 2024 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While accessing SafeSwitch services, third party can manipulate a given device and perform unauthorized operation due to lack of checking of same state transitions in Snapdragon Automobile, Snapdragon Mobile in version MSM8996AU, SD 410/12, SD 617, SD 650/52, SD 810, SD 820, SD 820A

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_652sd_820asd_412sd_412_firmwaremsm8996au_firmwaresd_810sd_820_firmwaresd_810_firmwaremsm8996ausd_820sd_650sd_410_firmwaresd_652_firmwaresd_410sd_617sd_820a_firmwaresd_650_firmwaresd_617_firmwareSnapdragon Automobile, Snapdragon Mobile
CWE ID-CWE-862
Missing Authorization
CVE-2017-18303
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.16%
||
7 Day CHG~0.00%
Published-23 Oct, 2018 | 13:00
Updated-05 Aug, 2024 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While processing the sensors registry configuration file, if inputs are not validated a buffer overflow will occur in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MMDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SDA660, SDX20.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_820amsm8996au_firmwaresdx20sd_415sd_616sd_425sd_430_firmwaremdm9607_firmwaresd_615mdm9650sd_650_firmwaresd_625sd_615_firmwaremsm8909w_firmwaremdm9607msm8996ausd_210sd_650sd_820_firmwaresd_820sd_450_firmwaresd_800sd_617sd_820a_firmwaremdm9206sd_652sd_425_firmwaresd_212_firmwaresd_800_firmwaresd_625_firmwaresd_450sda660_firmwaremdm9206_firmwaresd_430sd_810sd_835_firmwaremdm9650_firmwaresdx20_firmwaresd_600_firmwaresd_205sd_835sda660sd_210_firmwaresd_600sd_415_firmwaresd_652_firmwaremsm8909wsd_810_firmwaresd_616_firmwaresd_205_firmwaresd_212sd_617_firmwareSnapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2013-2596
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.59% / 68.19%
||
7 Day CHG~0.00%
Published-13 Apr, 2013 | 01:00
Updated-27 Aug, 2025 | 20:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-10-06||Apply updates per vendor instructions.

Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted /dev/graphics/fb0 mmap2 system calls, as demonstrated by the Motochopper pwn program.

Action-Not Available
Vendor-n/aMotorola Mobility LLC. (Lenovo Group Limited)Linux Kernel Organization, IncQualcomm Technologies, Inc.
Product-msm8960linux_kernelrazr_mrazr_hdatrix_hdandroidn/aKernel
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2017-15861
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.59%
||
7 Day CHG~0.00%
Published-23 Feb, 2018 | 23:00
Updated-16 Sep, 2024 | 20:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all Qualcomm products with Android releases from CAF using the Linux kernel, in the function wma_roam_synch_event_handler, vdev_id is received from firmware and used to access an array without validation.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2017-15862
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.82%
||
7 Day CHG~0.00%
Published-23 Feb, 2018 | 23:00
Updated-17 Sep, 2024 | 01:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all Qualcomm products with Android releases from CAF using the Linux kernel, in wma_unified_link_radio_stats_event_handler(), the number of radio channels coming from firmware is not properly validated, potentially leading to an integer overflow vulnerability followed by a buffer overflow.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2024-43061
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.79%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-03 Mar, 2025 | 12:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Audio

Memory corruption during voice activation, when sound model parameters are loaded from HLOS, and the received sound model list is empty in HLOS drive.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-Snapdragon
CWE ID-CWE-416
Use After Free
CVE-2024-43059
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.79%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-03 Mar, 2025 | 13:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Automotive Multimedia

Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-Snapdragon
CWE ID-CWE-416
Use After Free
CVE-2024-43067
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.59%
||
7 Day CHG-0.01%
Published-07 Apr, 2025 | 10:15
Updated-20 Aug, 2025 | 21:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Time-of-check Time-of-use (TOCTOU) Race Condition in Camera

Memory corruption occurs during the copying of read data from the EEPROM because the IO configuration is exposed as shared memory.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sw5100pwsa8832_firmwaresa8195psnapdragon_xr2_5g_platformvideo_collaboration_vc1_platformwsa8810_firmwarewsa8835sxr2130qcs610_firmwareqam8295pqca6696fastconnect_7800sdx55_firmwarewcn3660bqca6391wsa8830sa8155pwsa8832sw5100sa8155p_firmwarefastconnect_6800sa6150p_firmwarewcn3988_firmwaresnapdragon_865_5g_mobile_platform_firmwareqca6426_firmwarevideo_collaboration_vc1_platform_firmwarewsa8835_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresa8295p_firmwaresd865_5g_firmwarewcn3660b_firmwaresa6155p_firmwaresa6145pqcs410_firmwarewcd9385qca6696_firmwaresa8530pwcd9385_firmwarewcn3680b_firmwaresnapdragon_xr2_5g_platform_firmwarevideo_collaboration_vc3_platform_firmwarec-v2x_9150_firmwaresxr2250pwcn3680bsdm429wqca6426sa8145pqcs610wcn3950_firmwaresa6150pqca6436sxr2230p_firmwaresa8530p_firmwarewcd9370_firmwaresxr2250p_firmwaresnapdragon_865_5g_mobile_platformwcd9370qca6574au_firmwarewsa8815sdm429w_firmwaresa8295pwcd9341qsm8250_firmwaresa6145p_firmwarewsa8810qca6436_firmwaresnapdragon_870_5g_mobile_platform_\(sm8250-ac\)snapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)_firmwarewcd9380sxr2130_firmwarec-v2x_9150fastconnect_6800_firmwarewsa8815_firmwarefastconnect_6900_firmwaresnapdragon_8_gen_1_mobile_platform_firmwaresw5100p_firmwareqca6391_firmwaresa8540p_firmwaresnapdragon_429_mobile_platform_firmwaresa8150p_firmwareqcn9074video_collaboration_vc3_platformsw5100_firmwarewcn3980_firmwaresd865_5gsnapdragon_870_5g_mobile_platform_\(sm8250-ac\)_firmwareqam8295p_firmwarefastconnect_7800_firmwaresnapdragon_429_mobile_platformsnapdragon_w5\+_gen_1_wearable_platform_firmwarewcn3620snapdragon_w5\+_gen_1_wearable_platformwcn3980sa8145p_firmwareqca6574auwcn3988snapdragon_8_gen_1_mobile_platformqcn9074_firmwaresa8150pfastconnect_6900wcn3620_firmwareqsm8250snapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)sa9000psxr2230psdx55wcd9341_firmwaresa9000p_firmwaresa8195p_firmwaresa6155psnapdragon_x55_5g_modem-rf_systemwcn3950wcd9380_firmwareqcs410wsa8830_firmwaresa8540pSnapdragon
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2024-43058
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.05%
||
7 Day CHG-0.01%
Published-07 Apr, 2025 | 10:15
Updated-20 Aug, 2025 | 21:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incorrect Type Conversion or Cast in Multimedia Frameworks

Memory corruption while processing IOCTL calls.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_7800fastconnect_6900_firmwaresnapdragon_8_gen_1_mobile_platform_firmwarefastconnect_7800_firmwarewsa8830wcd9380_firmwarewsa8835snapdragon_8_gen_1_mobile_platformwsa8835_firmwarefastconnect_6900wsa8830_firmwarewcd9380Snapdragon
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2024-43052
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.24%
||
7 Day CHG~0.00%
Published-02 Dec, 2024 | 10:18
Updated-12 Dec, 2024 | 15:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in Video Analytics and Processing

Memory corruption while processing API calls to NPU with invalid input.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_wear_2100_platformwsa8830sg8275p_firmwareqca6431_firmwaresnapdragon_870_5g_mobile_platform_firmwaresnapdragon_865_5g_mobile_platformwsa8840snapdragon_wear_2100_platform_firmwaresnapdragon_212_mobile_platformwcn6755_firmwaresnapdragon_427_mobile_platformwcd9370home_hub_100_platformqca6426snapdragon_8_gen_2_mobile_platformmsm8108msm8108_firmwarewcd9385_firmwarewcn7881_firmwarewcd9326_firmwarewcn3615_firmwareqsw8573_firmwarewcn3660bapq8037snapdragon_435_mobile_platform_firmwaresnapdragon_429_mobile_platform_firmwaresnapdragon_x55_5g_modem-rf_systemwcn3680b_firmwaresdx55_firmwaresnapdragon_208_processor_firmwaresnapdragon_212_mobile_platform_firmwarewcd9375_firmwaresnapdragon_8_gen_3_mobile_platformwcn3615wsa8845h_firmwaremsm8909wsnapdragon_425_mobile_platformwcn3610_firmwaresnapdragon_429_mobile_platformqca6436_firmwaresnapdragon_xr2\+_gen_1_platformwcn7860snapdragon_427_mobile_platform_firmwareqcm8550_firmwareqcn9274pm8937snapdragon_870_5g_mobile_platformsnapdragon_208_processorwcn7881snapdragon_439_mobile_platformwsa8840_firmwarevideo_collaboration_vc5_platformqcs8550_firmwaresc8380xp_firmwaresnapdragon_wear_3100_platformsm8635wcn7880_firmwareqca6421apq8017_firmwarewsa8810_firmwarehome_hub_100_platform_firmwarewsa8845hqca6436wcd9326wcd9335sm8750_firmwareqcs7230sm8750p_firmwarewcd9395_firmwarewcn6755msm8209_firmwareqca6174a_firmwarewcd9385sxr2130_firmwaresnapdragon_wear_2500_platformpm8937_firmwareqca6431wcd9375snapdragon_210_processor_firmwaresnapdragon_430_mobile_platformwcd9390wsa8830_firmwaresd865_5g_firmwarewcn3620_firmwarewsa8815_firmwarewsa8835_firmwarewcn3620video_collaboration_vc5_platform_firmwaresnapdragon_865_5g_mobile_platform_firmwareapq8017fastconnect_6800_firmwaresnapdragon_8_gen_2_mobile_platform_firmwarewcn3610wcn7880msm8608wcd9380_firmwareqcm2150_firmwaresdm429wsd865_5gfastconnect_6800qcm8550qcs7230_firmwareqet4101_firmwaremsm8909w_firmwarewsa8835sdm429w_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwarewcd9380snapdragon_wear_4100\+_platform_firmwaresnapdragon_210_processorsxr2130snapdragon_425_mobile_platform_firmwaresm8635_firmwaresnapdragon_wear_4100\+_platformsnapdragon_430_mobile_platform_firmwareqca9379_firmwareqca6174asg8275pwcd9335_firmwarewcn3980qcn9274_firmwarewsa8845qsw8573wsa8815snapdragon_865\+_5g_mobile_platformwsa8845_firmware205_mobile_platform_firmwaresnapdragon_xr2_5g_platform_firmwaresnapdragon_439_mobile_platform_firmwareqca6426_firmwareqcs8250snapdragon_435_mobile_platformsc8380xpsm8750pwcn3660b_firmwarewcn3680msm8209wcn3980_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresnapdragon_xr2\+_gen_1_platform_firmwareqca6391qca6421_firmwarefastconnect_7800snapdragon_865\+_5g_mobile_platform_firmwaresmart_audio_200_platform215_mobile_platformsnapdragon_xr2_5g_platformwcn7861_firmwarewcn3680_firmwarewsa8832_firmwarefastconnect_6900fastconnect_6900_firmwareqcm2150smart_audio_200_platform_firmwareqcs8250_firmwarefastconnect_7800_firmwaresnapdragon_8\+_gen_2_mobile_platformwsa8810wsa8832sm8550pqsm8250wcn3680bsm8750snapdragon_wear_2500_platform_firmwarewcn7860_firmwarewcd9395wcn7861205_mobile_platform215_mobile_platform_firmwareqca6391_firmwareqcs8550msm8608_firmwaresm8550p_firmwarewcd9370_firmwaresdx55snapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwareapq8037_firmwareqet4101snapdragon_wear_3100_platform_firmwareqca9379qsm8250_firmwareSnapdragonwcd9380_firmwareqcm2150_firmwaresg8275p_firmwareqca6431_firmwareqcs7230_firmwareqet4101_firmwaremsm8909w_firmwaresnapdragon_wear_2100_platform_firmwaresdm429w_firmwarewcn6755_firmwaresnapdragon_425_mobile_platform_firmwaresm8635_firmwaresnapdragon_430_mobile_platform_firmwareqca9379_firmwarewcd9335_firmwareqcn9274_firmwaremsm8108_firmwarewcd9385_firmwarewcn7881_firmwarewcd9326_firmwarewcn3615_firmwareqsw8573_firmwarewsa8845_firmwaresnapdragon_xr2_5g_platform_firmwaresnapdragon_439_mobile_platform_firmwaresnapdragon_435_mobile_platform_firmwareqca6426_firmwarewcn3660b_firmwaresnapdragon_429_mobile_platform_firmwarewcn3680b_firmwaresdx55_firmwaresnapdragon_208_processor_firmwaresnapdragon_212_mobile_platform_firmwarewcd9375_firmwarewsa8845h_firmwarewcn3980_firmwaresnapdragon_x55_5g_modem-rf_system_firmwarewcn3610_firmwareqca6436_firmwareqca6421_firmwaresnapdragon_427_mobile_platform_firmwareqcm8550_firmwarewcn7861_firmwarewcn3680_firmwarewsa8840_firmwarewsa8832_firmwarefastconnect_6900_firmwareqcs8550_firmwaresc8380xp_firmwarewcn7880_firmwaresmart_audio_200_platform_firmwareapq8017_firmwarewsa8810_firmwareqcs8250_firmwarefastconnect_7800_firmwarehome_hub_100_platform_firmwarewcd9395_firmwaresm8750_firmwaresm8750p_firmwaremsm8209_firmwarequalcomm_215_mobile_platform_firmwareqca6174a_firmwarequalcomm_205_mobile_platform_firmwaresxr2130_firmwarepm8937_firmwaresnapdragon_wear_2500_platform_firmwarewcn7860_firmwareqca6391_firmwaremsm8608_firmwaresm8550p_firmwaresnapdragon_210_processor_firmwarewcd9370_firmwarequalcomm_video_collaboration_vc5_platform_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwarewsa8830_firmwaresd865_5g_firmwarewcn3620_firmwareapq8037_firmwarewsa8815_firmwarewsa8835_firmwaresnapdragon_865_5g_mobile_platform_firmwaresnapdragon_wear_3100_platform_firmwarefastconnect_6800_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqsm8250_firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2024-43048
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 6.59%
||
7 Day CHG~0.00%
Published-02 Dec, 2024 | 10:18
Updated-12 Dec, 2024 | 15:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Stack-based Buffer Overflow in Performance

Memory corruption when invalid input is passed to invoke GPU Headroom API call.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_662_mobile_platform_firmwarewsa8830wcd9380_firmwaresm4635_firmwarewcn3990sdm429wwcd9378_firmwareqcm8550wsa8840wsa8835sdm429w_firmwarewcn3950_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwarewcd9380wcn6755_firmwaresnapdragon_480_5g_mobile_platformsnapdragon_4_gen_1_mobile_platform_firmwarewcd9370sm8635_firmwaresnapdragon_460_mobile_platform_firmwaresnapdragon_480\+_5g_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwarewcn7880wcn3990_firmwaresnapdragon_8_gen_2_mobile_platformwcd9335_firmwarewcd9385_firmwarewsa8845wcn3950wcn7881_firmwarefastconnect_6200qcm4325_firmwarewcn3660bwsa8815snapdragon_460_mobile_platformwsa8845_firmwaresnapdragon_4_gen_1_mobile_platformwcn3660b_firmwaresnapdragon_429_mobile_platform_firmwaresnapdragon_695_5g_mobile_platform_firmwaresm8750pfastconnect_6200_firmwarewcd9375_firmwaresnapdragon_8_gen_3_mobile_platformwsa8845h_firmwaresnapdragon_429_mobile_platformsnapdragon_680_4g_mobile_platform_firmwarewcn7860fastconnect_7800qcm8550_firmwarewcn7881wcn7861_firmwarewsa8840_firmwarewsa8832_firmwaresm4635fastconnect_6900fastconnect_6900_firmwaresm8635wcn3988_firmwarewcn7880_firmwarewsa8810_firmwarewcd9341_firmwarevision_intelligence_400_platformfastconnect_7800_firmwaresnapdragon_8\+_gen_2_mobile_platformwsa8845hwcn6755wcd9395_firmwarewcd9335sg4150psm8750_firmwaresm8750p_firmwarewsa8810wsa8832sm8550psnapdragon_680_4g_mobile_platformsm8750wcd9385wcd9341wcn7860_firmwarewcd9395wcn7861wcd9375wcd9370_firmwaresm8550p_firmwarewcd9390vision_intelligence_400_platform_firmwaresnapdragon_8_gen_3_mobile_platform_firmwaresnapdragon_662_mobile_platformsnapdragon_685_4g_mobile_platformwsa8830_firmwarewcd9390_firmwarewcn3620_firmwarewcn3988wsa8815_firmwarewsa8835_firmwarewcn3620snapdragon_695_5g_mobile_platformsnapdragon_685_4g_mobile_platform_firmwarewcd9378sg4150p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwaresnapdragon_480\+_5g_mobile_platformqcm4325Snapdragonsnapdragon_662_mobile_platform_firmwarewcd9380_firmwareqcm8550_firmwaresm4635_firmwarewcd9378_firmwarewcn7861_firmwarewsa8832_firmwarewsa8840_firmwarefastconnect_6900_firmwarewcn3988_firmwarewcn7880_firmwaresdm429w_firmwarewcn3950_firmwarewsa8810_firmwarewcd9341_firmwarefastconnect_7800_firmwarewcn6755_firmwarewcd9395_firmwaresm8750_firmwaresm8750p_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaresm8635_firmwaresnapdragon_460_mobile_platform_firmwaresnapdragon_8_gen_2_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwarewcn3990_firmwarewcn7860_firmwarewcd9335_firmwarewcd9385_firmwarewcn7881_firmwareqcm4325_firmwarewcd9370_firmwaresm8550p_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarevision_intelligence_400_platform_firmwarewcd9390_firmwarewsa8830_firmwarewsa8845_firmwarewcn3620_firmwarewsa8815_firmwarewcn3660b_firmwarewsa8835_firmwaresnapdragon_429_mobile_platform_firmwarefastconnect_6200_firmwaresnapdragon_695_5g_mobile_platform_firmwarewcd9375_firmwarewsa8845h_firmwaresg4150p_firmwaresnapdragon_680_4g_mobile_platform_firmware
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-15832
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 25.92%
||
7 Day CHG+0.01%
Published-26 Nov, 2024 | 08:55
Updated-09 Jan, 2025 | 21:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer overwrite due to improper input validation in WLAN host

Buffer overwrite in the WLAN host driver by leveraging a compromised WLAN FW

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_845sd_850_firmwaremdm9607sd_850mdm9607_firmwaresd_835_firmwaremdm9206sd_835mdm9206_firmwaresd_845_firmwareSnapdragon
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-15818
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 5.17%
||
7 Day CHG~0.00%
Published-18 Sep, 2018 | 18:00
Updated-05 Aug, 2024 | 20:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while loading a user application in qseecom, an integer overflow could potentially occur if the application partition size is rounded up to page_size.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-11292
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.19%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 06:20
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow in voice service due to lack of input validation of parameters in QMI Voice API in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaremdm9640_firmwaresm6250p_firmwareqcs610qca6431_firmwarewcd9360_firmwaremdm9645wcn3950_firmwaresc8180x\+sdx55qca6595au_firmwareqca6335msm8917mdm8215sd_455_firmwareqcs605_firmwaresd_675_firmwareqcs6125_firmwaremdm8615m_firmwaresd632msm8108sa415mwcn3998wcd9371_firmwaremsm8108_firmwarewcn3950sd720gmdm9628mdm9206_firmwareqsw8573_firmwarewcn3660bsd450_firmwaresd710_firmwaremdm9230_firmwaremdm8215mqca6574au_firmwaremdm9630wcd9375_firmwarewcn3998_firmwaremsm8909wapq8009w_firmwareqca6420apq8053_firmwarewcd9360qca9367_firmwarewhs9410_firmwaremdm8207qcs6125sa8155_firmwareqca4004_firmwaremdm9615mqca6430wcd9306_firmwarewcd9340mdm9625_firmwaresd765gqca1990_firmwarequalcomm215_firmwareqca6436wcn6851qcs603_firmwaremsm8937msm8209_firmwaremdm9250_firmwarewcn3660_firmwarewcd9341mdm9655qca6696_firmwareqca6431wcd9371sd870_firmwaresd750gmdm8215_firmwarewcn3910_firmwaresd_8cxmdm9207_firmwareqca4004wsa8830_firmwaremdm9330_firmwaresd855_firmwaresd660sd865_5g_firmwaresd712wcn3988sd660_firmwaremsm8208_firmwaresd450wcn3610mdm9640msm8608wcn3991sda429w_firmwarewcd9380_firmwaresdm429wwcd9330msm8996au_firmwarecsr6030qca6564ausdx55m_firmwarewcn6856_firmwaremsm8940_firmwareqet4101_firmwaremsm8976_firmwareqca6574sd632_firmwaresd670_firmwarewcd9380qualcomm215mdm9230qcs410sd690_5g_firmwaresdx50m_firmwareqca9379_firmwaresdx24_firmwareqca6174qca6430_firmwarewcd9335_firmwaresd439_firmwarewcn3980qca6335_firmwareqsw8573qcs605wcd9340_firmwarewsa8815wcn6850wcn3910qca6320qca6584_firmwaremsm8937_firmwaremdm9650_firmwaresd_8c_firmwaremdm9215_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680sd835qca1990wcn3980_firmwaresd730wcd9330_firmwaresdx55mqca6421_firmwarear6003_firmwaremsm8953sd821_firmwaresd678_firmwarewcn3680_firmwarewcn6851_firmwareqcs603sd670sd_636_firmwareqca6564a_firmwareapq8009wqca6694au_firmwaremsm8976sg_firmwareqcm4290_firmwaresd480sd870wcn6855sd210_firmwareqcs610_firmwareapq8084_firmwaresdxr1apq8096aumdm8207_firmwaresdm630_firmwaremdm9205_firmwareqca6391_firmwaresd820_firmwarewcd9370_firmwaresdx55apq8053sa8155psd675sd439qet4101wcn3660qca9379wcn3991_firmwaremdm9150_firmwarewsa8830sd678csrb31024mdm9628_firmwaremdm9650sd_636qcs4290mdm9250sd765g_firmwareqca6420_firmwareqca6390_firmwareapq8009_firmwaresd690_5gqca6174_firmwaresd730_firmwaremdm9310_firmwarewcd9370sd675_firmwareqca6426qca6584au_firmwarewcn3990_firmwareqca9377sdw2500_firmwaresd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewhs9410wcd9326_firmwaremdm9615m_firmwarewcn3615_firmwareapq8037sa8155qca6320_firmwareqca6584wcn3680b_firmwaresdx55_firmwarewcn3615qca6595ausm7250p_firmwarewcn3610_firmwareqca6436_firmwaremdm9207wcd9306qca6584auqca6564au_firmwareqca6310msm8208sa515m_firmwaresd429sdxr2_5gqca9367apq8084sdm630mdm9607_firmwaresd821mdm9655_firmwaremsm8976sgsa415m_firmwarewcn3988_firmwaresd205sd429_firmwareqca6421sm6250sd712_firmwareapq8017_firmwarewsa8810_firmwareqca6694sd765_firmwarewcd9326wcd9335qca6174a_firmwareqcs4290_firmwarewcd9385mdm8615mmdm9625qca6390wcd9375sd750g_firmwareaqt1000msm8976qca6694_firmwaresm6250_firmwaresc8180x\+sdx55_firmwaremsm8953_firmwareqca6694ausda429wmsm8917_firmwaresd210wcn3620_firmwaresdx20_firmwarewsa8815_firmwaresd888_5g_firmwaresd820wcn6850_firmwarewsa8835_firmwarewcn3620apq8017ar6003csr6030_firmwareqca6564amdm9630_firmwareqcm6125_firmwaremdm9635m_firmwarewcn3990sd_675sd865_5gsdx24msm8909w_firmwarewsa8835msm8996ausdm429w_firmwaresd665_firmwaresd888_5gsm6250pqca6574amdm9206wcn6855_firmwareqca6174aqca6310_firmwaremdm9635mmdm9615mdm9205sa515mqca6574_firmwaresd855sd665sd765qca6574a_firmwaresd768g_firmwaremsm8209sd850_firmwareapq8009qca6391sdxr1_firmwaremdm9310aqt1000_firmwaremsm8920qcm4290csrb31024_firmwaresdx50msdx20sd480_firmwaremsm8920_firmwaremdm9215sd_455qca6574ausd710mdm8215m_firmwaremdm9607sa8155p_firmwaresd205_firmwaremdm9645_firmwarewcd9341_firmwareqcm6125wsa8810mdm9150wcn6856sd_8cwcn3680bsd835_firmwaresd768gqca6696sd845_firmwaremsm8608_firmwaresdw2500msm8940apq8096au_firmwaresd845mdm9615_firmwareapq8037_firmwaresm7250psd720g_firmwareqcs410_firmwaremdm9330sd850Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-43047
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.36% / 57.40%
||
7 Day CHG-0.11%
Published-07 Oct, 2024 | 12:59
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2024-10-29||Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Use After Free in DSP Service

Memory corruption while maintaining memory maps of HLOS memory.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sw5100pqcs410_firmwaresa6150p_firmwaresd660_firmwaresd865_5gqca6595qcs610_firmwarewcd9335sxr2130_firmwarewcd9370qca6696wcd9341_firmwaresa4150p_firmwareqca6426fastconnect_6700snapdragon_685_4g_mobilesa4150pwsa8815_firmwaresa8195p_firmwareqca6426_firmwareqca6574au_firmwareqam8295pwcd9341qca6574ausnapdragon_888\+_5g_mobile_firmwarewcn3950wsa8810_firmwaresnapdragon_870_5g_mobile_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwarefastconnect_6800_firmwaresa8295p_firmwaresnapdragon_870_5g_mobilesa4155p_firmwarevideo_collaboration_vc1_platform_firmwaresa4155pqca6584ausnapdragon_xr2_5g_firmwaresw5100_firmwarefastconnect_6800qca6595_firmwarefastconnect_7800_firmwarefastconnect_6900video_collaboration_vc1_platformsnapdragon_865_5g_mobile_firmwarewcd9385_firmwarefastconnect_6900_firmwarewcd9380sa6145p_firmwaresnapdragon_xr2_5gsa8150psnapdragon_680_4g_mobilesa6155psnapdragon_auto_5g_modem-rf_firmwarewsa8810sw5100snapdragon_888_5g_mobile_firmwarevideo_collaboration_vc3_platformqca6595ausnapdragon_888_5g_mobilesa6155p_firmwaresnapdragon_685_4g_mobile_firmwareqca6688aqqam8295p_firmwarewcn3990_firmwaresnapdragon_660_mobilesnapdragon_x55_5g_modem-rfqca6698aq_firmwareqca6436_firmwaresnapdragon_888\+_5g_mobilewcd9385snapdragon_8_gen_1_mobilesnapdragon_x55_5g_modem-rf_firmwaresnapdragon_680_4g_mobile_firmwaresnapdragon_865\+_5g_mobilewcd9370_firmwaresnapdragon_auto_5g_modem-rfsxr2130qca6174asa8195psnapdragon_auto_5g_modem-rf_gen_2qca6174a_firmwarewcn3988qcs6490_firmwareqca6584au_firmwarewcd9335_firmwarewcn3980_firmwareqca6436wsa8835qca6595au_firmwareqca6391_firmwareqcs610sw5100p_firmwareqca6696_firmwarewcd9380_firmwaresa6150pqcs410sa8155p_firmwarewsa8815sd660sg4150psa8155pwsa8830sa6145psnapdragon_865_5g_mobilewcd9375_firmwareqca6391snapdragon_865\+_5g_mobile_firmwareqca6698aqsg4150p_firmwarewcn3950_firmwaresa8295pfastconnect_7800sa8145p_firmwaresd865_5g_firmwaresnapdragon_660_mobile_firmwareqca6688aq_firmwarewcd9375sa8150p_firmwarewcn3988_firmwarefastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwaresa8145pwcn3990wsa8835_firmwareqcs6490wcn3980wsa8830_firmwaresnapdragon_8_gen_1_mobile_firmwareSnapdragonqca6688aq_firmwarequalcomm_video_collaboration_vc1_platform_firmwareqca6574au_firmwaresa4155p_firmwaresd660_firmwarewcd9380_firmwaresnapdragon_8_gen_1_mobile_platform_firmwaresa6145p_firmwareqca6584au_firmwaresa6150p_firmwareqca6391_firmwarequalcomm_video_collaboration_vc3_platform_firmwareqam8295p_firmwaresa8155p_firmwaresnapdragon_auto_5g_modem-rf_firmwareqcs410_firmwaresa6155p_firmwareqca6698aq_firmwarewsa8835_firmwarefastconnect_6700_firmwaresnapdragon_888_5g_mobile_platform_firmwareqca6436_firmwarewsa8810_firmwaresnapdragon_870_5g_mobile_platform_firmwareqcs6490_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresg4150p_firmwarefastconnect_7800_firmwaresa8150p_firmwaresnapdragon_865_5g_mobile_platform_firmwarewcn3990_firmwaresw5100_firmwaresa8295p_firmwarewcn3980_firmwaresnapdragon_865\+_5g_firmwarewcn3950_firmwarewsa8815_firmwaresxr2130_firmwareqcs610_firmwaresnapdragon_xr2_5g_platform_firmwarewcd9341_firmwarewcd9375_firmwarewcd9385_firmwaresnapdragon_680_4g_mobile_platform_firmwaresw5100p_firmwareqca6696_firmwarewcd9335_firmwaresnapdragon_660_mobile_platform_firmwarewcn3988_firmwaresnapdragon_888\+_5g_mobile_platform_firmwaresa8145p_firmwarewcd9370_firmwarefastconnect_6900_firmwaresm6225-ad_firmwareqca6174a_firmwaresnapdragon_x55_5g_modem-rf_system_firmwarewsa8830_firmwaresd865_5g_firmwarefastconnect_6800_firmwaresa8195p_firmwareqca6595au_firmwaresa4150p_firmwareqca6426_firmwareqca6595_firmwareMultiple Chipsets
CWE ID-CWE-416
Use After Free
CVE-2024-43050
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 6.59%
||
7 Day CHG~0.00%
Published-02 Dec, 2024 | 10:18
Updated-12 Dec, 2024 | 15:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Stack-based Buffer Overflow in WLAN Windows Host

Memory corruption while invoking IOCTL calls from user space to issue factory test command inside WLAN driver.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwareqca2066wsa8830wcd9380_firmwareqca1062_firmwaresdm429wsnapdragon_8cx_gen_2_5g_compute_platformfastconnect_6800snapdragon_8c_compute_platformwsa8840wsa8835sdm429w_firmwaresnapdragon_7c\+_gen_3_computewcd9380qca6420_firmwareqca6595au_firmwarefastconnect_6700video_collaboration_vc3_platformqca2064_firmwareqca2062qca6174_firmwarewcd9370sc8180xqcm5430_firmwareqca6174avideo_collaboration_vc3_platform_firmwareqca6174qca9377qca6430_firmwareqcc2076_firmwareqcn7605wcd9385_firmwarewsa8845qcc2073_firmwarefastconnect_6200wcd9340_firmwarewcn3660bwsa8815qca2065wsa8845_firmwareqca1064wcn3660b_firmwaresnapdragon_429_mobile_platform_firmwaresc8380xpfastconnect_6200_firmwaresdx55_firmwareqca6595auwcd9375_firmwarewsa8845h_firmwareqca6391snapdragon_429_mobile_platformqca6420snapdragon_8cx_gen_3_compute_platform_firmwarefastconnect_7800aqt1000_firmwareqca2062_firmwaresnapdragon_8cx_compute_platform_firmwareqcs6490qcm6490_firmwarewsa8840_firmwarefastconnect_6900fastconnect_6900_firmwaresc8380xp_firmwaresc8180x_firmwareqca6164_firmwareqca6430fastconnect_6700_firmwaresnapdragon_8cx_compute_platformwcd9340wsa8810_firmwarewcd9341_firmwarefastconnect_7800_firmwarewsa8810wsa8845hqcn7605_firmwaresnapdragon_8cx_gen_3_compute_platformqcm5430snapdragon_8c_compute_platform_firmwareqcs5430qca6174a_firmwarewcd9385wcd9341qca2066_firmwareqca2065_firmwareqcs6490_firmwareqca1064_firmwareqca6164qca1062qcs5430_firmwareqca6391_firmwarewcd9375qca2064aqt1000wcd9370_firmwaresdx55wsa8830_firmwareqcc2076wcn3620_firmwaresnapdragon_7c\+_gen_3_compute_firmwareqcm6490wsa8815_firmwarewsa8835_firmwarewcn3620snapdragon_8cx_gen_2_5g_compute_platform_firmwarefastconnect_6800_firmwareqcn7606_firmwareqcc2073qcn7606Snapdragonaqt1000_firmwareqca2062_firmwareqca9377_firmwarewcd9380_firmwareqca1062_firmwareqcm6490_firmwarewsa8840_firmwarefastconnect_6900_firmwaresc8380xp_firmwareqca6164_firmwaresdm429w_firmwarefastconnect_6700_firmwarewsa8810_firmwarewcd9341_firmwarefastconnect_7800_firmwareqca6420_firmwareqca6595au_firmwareqcn7605_firmwareqca2064_firmwareqca6174_firmwareqcm5430_firmwareqca6174a_firmwareqca2066_firmwareqca2065_firmwareqca6430_firmwareqca1064_firmwareqcc2076_firmwareqcs5430_firmwareqcs6490_firmwarequalcomm_video_collaboration_vc3_platform_firmwareqca6391_firmwarewcd9385_firmwareqcc2073_firmwarewcd9370_firmwarewcd9340_firmwarewsa8830_firmwarewsa8845_firmwarewcn3620_firmwarewsa8815_firmwarewcn3660b_firmwarewsa8835_firmwaresnapdragon_429_mobile_platform_firmwarefastconnect_6200_firmwarewcd9375_firmwarewsa8845h_firmwarefastconnect_6800_firmwareqcn7606_firmware
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-43057
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.79%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in MProc

Memory corruption while processing command in Glink linux.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm429w_firmwareqcs410_firmwaresa6150p_firmwaresd865_5gimmersive_home_214qcn9000_firmwareipq9574qcn6102_firmwaresw5100pqcn9022qcs610_firmwareipq6028_firmwarewcd9370qca8081_firmwaresnapdragon_429_firmwareqca8072qca6696wcd9340_firmwarewcd9341_firmwareipq5028_firmwareqcn6024qcc710_firmwareipq8076qca6426qcn6422_firmwareipq6018_firmwareqcn6023qcn5124_firmwaresnapdragon_888_5gqca8337qca6426_firmwareipq6000ipq9048ipq8078aqca6574au_firmwareipq8078a_firmwareqam8295pwcd9341ipq5312qca6574auwsa8810_firmwaresnapdragon_429qcn9100_firmwaresnapdragon_865\+_5gwcn3660b_firmwareqcn5122fsm20055fastconnect_6800_firmwaresnapdragon_865\+_5g_firmwareqcn6024_firmwaresnapdragon_x65_5gvideo_collaboration_vc1_platform_firmwaresnapdragon_888\+_5g_firmwarec-v2x_9150qcn9000qcc710qcn6132_firmwaresnapdragon_xr2_5g_firmwareqsm8250_firmwareqcn5054qcn6402fastconnect_6900snapdragon_w5\+_gen_1_wearable_firmwareqcn6432video_collaboration_vc1_platformimmersive_home_326_firmwareipq5332_firmwareqcn5052fsm10056_firmwaresnapdragon_x72_5gqfw7114wcd9385_firmwareipq9574_firmwareipq8074a_firmwareipq8076aqcn5164sa6155pqcn6100_firmwareqcn9160csr8811_firmwarewsa8810qca8075qcn5021qsm8250qca8085qcn6100snapdragon_865_5g_firmwaresa6155p_firmwareqfw7124_firmwareqca6436_firmwareqcn9012qcn9070ipq8070a_firmwareqcn5021_firmwareqcf8001qca8084sdx65mwcd9370_firmwareqca9367wcn3660bipq9570wcn3620_firmwaresa8195pqca6174awcd9340snapdragon_auto_5g_modem-rf_gen_2ipq5302qcn6122_firmwareqcn5154_firmwareipq9048_firmwaresnapdragon_x55_5g_firmwarewcn3988fsm20055_firmwareqcn5122_firmwareqcn9274qcn9024pmp8074ipq8076a_firmwareipq9570_firmwareqcn6412_firmwareqcn9024_firmwareqca8082sa6150pqcs410sa8155p_firmwaresa8155pqca8072_firmwarewsa8830snapdragon_870_5g_firmwareipq5312_firmwareqcf8000_firmwaresa6145psnapdragon_x65_5g_firmwareqcn9074_firmwareipq8174immersive_home_318_firmwareqcn6122ipq8174_firmwaresnapdragon_888\+_5gsnapdragon_x75_5gar8035ipq8072aimmersive_home_216_firmwarewcn3620snapdragon_x72_5g_firmwareimmersive_home_316qcf8000sfp_firmwareqcn6224ipq8071aqcn6112qca6698aqqxm8083wcn3950_firmwarewcn3680bsa8145p_firmwaresa8150p_firmwarevideo_collaboration_vc3_platform_firmwareqcn6023_firmwareqcn5164_firmwareipq8078qcn5152_firmwareipq9554_firmwarewsa8830_firmwareqcn9072qcn6224_firmwareqca8386_firmwareqca8082_firmwareimmersive_home_216sxr2130_firmwareqcn6432_firmwarear8035_firmwareqcn5022_firmwareqca4024_firmwareqca0000_firmwarefsm20056ipq9008ipq9554ipq9008_firmwareqcn9074ipq5300_firmwarewsa8815_firmwaresnapdragon_865_5gsa8195p_firmwareqca8337_firmwareqcn5054_firmwareqca9888ipq5332qca9377_firmwareipq8173ipq8072a_firmwareipq6010_firmwarewcn3950qcn6112_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareipq5028qca8085_firmwareqcn9070_firmwareqcf8001_firmwaresa8295p_firmwareqcn9022_firmwareipq5010_firmwareqcn6132ipq6018qcn9160_firmwareqcn6102qcn6274_firmwareqca6584aufsm10056sw5100_firmwarefsm20056_firmwareqfw7114_firmwarefastconnect_6800qca4024fastconnect_7800_firmwareqcn6422immersive_home_214_firmwareqxm8083_firmwareipq5302_firmwareipq5300ipq8070afastconnect_6900_firmwarewcd9380sa6145p_firmwaresnapdragon_xr2_5gsa8150pimmersive_home_3210qca8075_firmwaresnapdragon_888_5g_firmwareqcf8000qcn5052_firmwareipq6010sdx65m_firmwarevideo_collaboration_vc3_platformsw5100c-v2x_9150_firmwareqam8295p_firmwareqcn6402_firmwaresnapdragon_8_gen_1_firmwareqca6698aq_firmwarewcd9385qca9367_firmwareqca8084_firmwaresnapdragon_8_gen_1qcn5024sdx55_firmwareimmersive_home_326snapdragon_x55_5gipq8071a_firmwaresxr2130ipq6028snapdragon_870_5gqcn9100qca6174a_firmwaresdm429wipq8076_firmwarewcn3980_firmwareqcn6274qca6436qfw7124snapdragon_w5\+_gen_1_wearablewsa8835qca6584au_firmwareqca6391_firmwareqca0000sw5100p_firmwareqca6696_firmwarewcd9380_firmwareqca8081wsa8815qcn5124qca9377qcn5152qcn6412sdx55qcn9072_firmwareqca9888_firmwareipq8074aimmersive_home_3210_firmwareqca9889qcn5024_firmwareqca8386qca6391snapdragon_x75_5g_firmwareimmersive_home_318ipq5010qcn9274_firmwareqcn9012_firmwareipq8173_firmwaresa8295pipq6000_firmwarefastconnect_7800sd865_5g_firmwarepmp8074_firmwareipq8078_firmwareqca9889_firmwarewcn3988_firmwareimmersive_home_316_firmwareqcn5154sa8145pwsa8835_firmwarecsr8811qcn5022wcn3980wcn3680b_firmwareqcf8000sfpqcs610Snapdragon
CWE ID-CWE-416
Use After Free
CVE-2024-43053
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 6.59%
||
7 Day CHG~0.00%
Published-02 Dec, 2024 | 10:18
Updated-12 Dec, 2024 | 15:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Restriction of Operations within the Bounds of a Memory Buffer in WLAN Windows Host

Memory corruption while invoking IOCTL calls from user space to read WLAN target diagnostic information.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_7800qca2062_firmwareqca2066wcd9380_firmwaresdm429wwsa8840_firmwarefastconnect_6900fastconnect_6900_firmwaresc8380xp_firmwarewsa8840sdm429w_firmwarefastconnect_6700_firmwaresnapdragon_7c\+_gen_3_computewcd9380fastconnect_7800_firmwarewsa8845hfastconnect_6700qca2064_firmwareqca2062wcd9385qca2066_firmwareqca2065_firmwareqcc2076_firmwarewcd9385_firmwarewsa8845snapdragon_429_mobile_platformqcc2073_firmwareqca2064wcn3660bqca2065qcc2076wsa8845_firmwarewcn3620_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewcn3660b_firmwaresc8380xpsnapdragon_429_mobile_platform_firmwarewcn3620wsa8845h_firmwareqcc2073Snapdragonqca2062_firmwarewcd9380_firmwareqca2066_firmwareqca2065_firmwareqcc2076_firmwarewsa8840_firmwarewcd9385_firmwarefastconnect_6900_firmwareqcc2073_firmwaresc8380xp_firmwarewsa8845_firmwarewcn3620_firmwaresdm429w_firmwarefastconnect_6700_firmwarewcn3660b_firmwaresnapdragon_429_mobile_platform_firmwarefastconnect_7800_firmwarewsa8845h_firmwareqca2064_firmware
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-11288
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.69%
||
7 Day CHG~0.00%
Published-07 May, 2021 | 09:10
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound write can occur in playready while processing command due to lack of input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qca9377_firmwareqpm5679_firmwaresm6250p_firmwareqca8337qfs2608_firmwareqfs2530qpm8870_firmwareqpa8688pm6125qat5522_firmwarewcn3950_firmwarepm8150asc8180x\+sdx55qdm5670qca6595au_firmwareqpm5541_firmwareqpa5581_firmwaresa6155pm7150lqpa8821pm8998_firmwarewtr5975_firmwareqcs6125_firmwarepm456_firmwareqpa5580_firmwaresa415mwcn3998wcd9371_firmwarewcn3950sm4125sd720gqsw8573_firmwareqsm8350_firmwareqsw8574_firmwareqsm8350sd460_firmwaresmb2351_firmwaresd6905gqpa4360_firmwarewcn3998_firmwarepm855pqca6420pm6150aqpm6670_firmwarepm660_firmwarepm8150bsa8155_firmwareqca4004_firmwareqca6430qat3522pmr735awcd9306_firmwarewcd9340sd765gsdr660qfs2630_firmwaresdr865qdm5620_firmwaresmr545qca6696_firmwareqln5020wcd9371sd870_firmwarepmm855au_firmwaresa8150ppm6350qdm5621qtc800sqca4004qet6105sd712pm640p_firmwarewcn6750_firmwareqat5516_firmwarepm6150lsd8885gpm855l_firmwareqtc410swcn3991qpa8801pm8150l_firmwareqat5533_firmwaresdx55m_firmwaresdxr25gqpa8673_firmwarepm6150smb1354_firmwaresd670_firmwareqca6574qfs2630qpa8842sdr052_firmwarewcd9380qcs410qpm5579_firmwaresmb1380_firmwarepmk8350_firmwaresmb1381pm855p_firmwarepm7250qpa8803sdx24_firmwaresdxr25g_firmwareqdm2301wcd9340_firmwarewsa8815wcn6850qdm5621_firmwareqdm2301_firmwareqpm6375wcn3980_firmwaresd730pm660l_firmwarepm6250_firmwarepm8008pm8350b_firmwareqtm525_firmwarepme605_firmwarepme605sd678_firmwareqpm5621_firmwareqln1021aq_firmwareqcs603qpa6560_firmwareqpa8802_firmwareqln4640_firmwareqpm5621qpm6582sd670pm8009_firmwareqfs2580_firmwareqcm4290_firmwarewcn6855pm8150lpmi8998_firmwareqcs610_firmwaresa6145psdr105pm4250ar8031qpm5577wtr2965mdm9205_firmwareqca6391_firmwaresa2150ppm8150wcd9370_firmwareqat3516_firmwaresdx55csra6640qat3555_firmwareqpa8803_firmwarepm855bsmb2351qln1031qsm8250_firmwareqpm5870wsa8830pm660qet6110_firmwareqpm6325pm6125_firmwareqbt1500qpa5581csrb31024pmx24_firmwarefsm10055_firmwareqbt1500_firmwareqpm5870_firmwareqcs4290qet6100pmm855auqca6420_firmwaresmb1396pm7150asd675_firmwarepm8350qca6564qpa4361_firmwarepm8350c_firmwareqpa5461_firmwareqca6426wcn3990_firmwareqca9377qpm5641wcd9385_firmwareqdm5650_firmwarewcd9326_firmwarepm7250_firmwareqdm5620qln1021aqsmb1380pmk8002_firmwareqsw6310_firmwaresa8155qln1031_firmwareqdm4650_firmwaresdx55_firmwarepmm6155au_firmwareqat5533sm7250p_firmwareqsm7250_firmwareqpm6670pm7150l_firmwarewcd9306qca6584auqpm4641qat5515_firmwarepm855qpm8830_firmwarepm8250qdm4643qfs2530_firmwaresa415m_firmwarepmx55qpm4641_firmwarewcn3988_firmwarepm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresa8195psdr735_firmwareqpm5677qat5515wcd9326wcd9335pm6350_firmwarepm8004_firmwaresdr8150_firmwareqcs4290_firmwareqtc800h_firmwareqpm5620qpm4630qca6390wcd9375sd750g_firmwareaqt1000sc8180x\+sdx55_firmwarepmm8195ausm6250_firmwareqln4642qpm5677_firmwarewsa8815_firmwarewtr3925_firmwaresmr525_firmwarepm8998qpm8820_firmwareqpm6621_firmwarepm670a_firmwareqcm6125_firmwarepmx55_firmwareqca6595pm8150_firmwaresmb1398_firmwareqpm8830qat5522pm8150cpmr735bsd665_firmwareqpa4360pmk8003_firmwareqpa4361qpm4640_firmwarewcn6855_firmwareqpm5577_firmwareqdm5679_firmwarepm8350csmr525qca6310_firmwarepm6150l_firmwarepmr525pm8150a_firmwareqca6574_firmwareqln1036aq_firmwaresd665pm6150a_firmwarepm6150_firmwareqca6175asd765qca6574a_firmwareqpm4630_firmwareqat3555sd850_firmwareqpa5461sd8c_firmwarewtr2965_firmwarepm670_firmwarecsrb31024_firmwareqfs2608sd480_firmwareqln1036aqqtc801sqpm5641_firmwaresd710pm8008_firmwareqpm6621pmr735a_firmwarepmx50qca6564_firmwaresdr8250sd768gpm8004pm640lpmk8002sd845qcs410_firmwareqca6175a_firmwareqpa5580qpm5579fsm10055sa6150p_firmwareqcs610qpm5620_firmwareqdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqat3519qbt2000_firmwareqtc800hsa8150p_firmwareqcs2290sdr8250_firmwareqca6335csra6620_firmwareqcs605_firmwaresmr546_firmwareqdm5671csra6640_firmwarepmc1000hqpm4650_firmwareqat3518sd8csdr425_firmwaresmr526_firmwarepm640a_firmwarewgr7640_firmwareqdm2305_firmwareqpm5670_firmwaresd710_firmwareqdm5652qca6574au_firmwareqpm8870wcd9375_firmwareqpm5679qbt2000sa6155_firmwarewcd9360pmx50_firmwareqpa8675_firmwaresdr735gwcn3999qdm3301_firmwareqsm7250qcs6125sd662_firmwareqcs405qdm2308_firmwarefsm10056_firmwareqca6436wcn6851sa6155pqcs603_firmwareqpa6560sdr675_firmwarewcd9341qdm4643_firmwareqca6431qet4100_firmwaresd750gwcn3910_firmwareqpm5657qpm5875_firmwarewsa8830_firmwaresd855_firmwareqdm5650wcn3988wtr3925sdr052sa8195p_firmwaresmb1390qet4100qpa8686_firmwareqpm6585qca8337_firmwarewcd9380_firmwaresmb1355qln4650sdr735g_firmwarewgr7640qat5568qet5100qdm5671_firmwareqpa8801_firmwareqca6564auqtm527_firmwarewcn6856_firmwarepm8005_firmwareqet4101_firmwarepm7250bqln4642_firmwaresmb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwareqet4200aq_firmwaresdx50m_firmwaresdr735smb1395pm660lsmr526wtr5975qca6430_firmwarepmk8003qtc801s_firmwarewcd9335_firmwareqat3522_firmwarewcn3980qca6335_firmwareqsw8573qcs605sd7cwcn3910qca6426_firmwarepm8350_firmwarepm8009qpa8675sdr051_firmwaresdx55mpm670aqca6421_firmwareqat3518_firmwareqsw8574pmi8998sd6905g_firmwarear8031_firmwarepm855lwcn6851_firmwareqdm5670_firmwaresd8655gpm7150a_firmwarepm8150b_firmwaresmr545_firmwarepmc1000h_firmwareqca6564a_firmwareqdm2310_firmwarepm4250_firmwaresdr105_firmwaresd480sd870sd8885g_firmwarepm670qdm5677pm8005qsm8250pm855_firmwareqdm2302pmm6155ausdxr1pm855b_firmwareqca6595_firmwareqcs405_firmwareqpm6582_firmwareqpm6375_firmwarepm640l_firmwareqln4650_firmwareqpm5875qet5100msd888_firmwaresa8155psd675qet4101qat3516pm670lqpm5658ar8035_firmwareqcm2290qpm5658_firmwarewcn3991_firmwareqdm5652_firmwarepmm8155au_firmwaresd678sdr051qln5030qcs2290_firmwarepm4125fsm10056pmi632qpa2625_firmwarepm456sd7c_firmwarepm8350bh_firmwarecsra6620pmr735b_firmwareqet5100_firmwareqpm4621qet6100_firmwarepm670l_firmwaresdr660gsd765g_firmwareqpa8686qca6390_firmwaresd730_firmwarewcd9370sdr425pmr525_firmwareqca6584au_firmwarepmi632_firmwareqpm5541qat5516sd662qpa8821_firmwaresdr660g_firmwarepm8350bhpm3003aqca6595auwcn3999_firmwareqca6436_firmwaresmb1354qca6564au_firmwareqdm2305sa6155p_firmwareqca6310qpm8820qln5020_firmwaresa515m_firmwaresmb1398sa6145p_firmwaresdr675sm6250sd712_firmwarewsa8810_firmwaresmb231sd765_firmwareqdm5677_firmwareqet4200aqqca6174a_firmwarewcd9385qpm6325_firmwareqdm2302_firmwareqat3550_firmwarepmm8155auqln5040_firmwarepm4125_firmwarear8035qpa8673qdm2310qln5030_firmwaresmb1396_firmwarewcn6850_firmwarewsa8835_firmwareqca6564asmr546pmx24qet6110qln5040qcm2290_firmwareqpm8895qpm5670wcn3990qtm527pmk8350sdx24sd888pm8350bqdm2307_firmwarewsa8835qpm5657_firmwaresm6250psdr660_firmwareqca6574asmb1390_firmwareqca6174aqpm4640wcn6750qet5100m_firmwareqpm4650mdm9205qtm525sa515msa2150p_firmwaresd855sm4125_firmwaresd8cxpm640psd768g_firmwaresdr865_firmwarepm8250_firmwarepm6250sd460qca6391sd8cx_firmwaresdxr1_firmwaresmb1351aqt1000_firmwareqpm8895_firmwareqcm4290sdx50mpm640asdr8150smb1395_firmwareqdm4650pmd9655qca6574ausa8155p_firmwareqsw6310qet6105_firmwaresd8655g_firmwarewcd9341_firmwareqcm6125wsa8810qtc410s_firmwaresmb231_firmwareqat5568_firmwareqdm2308qat3550wcn6856qdm5679pm3003a_firmwareqca6696qtc800s_firmwaresmb1381_firmwaresd845_firmwareqpa2625sa6150pqpa8688_firmwarepmm8195au_firmwaresm7250psd720g_firmwareqpm4621_firmwaresd850qln4640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-11121
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.76%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 10:00
Updated-04 Aug, 2024 | 11:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Possible buffer overflow in WIFI hal process due to usage of memcpy without checking length of destination buffer' in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile in QCM4290, QCS4290, QM215, QSM8350, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SC8180X, SC8180XP, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6250, SM6350, SM7125, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm6350sm7125sm4250p_firmwaresa6155p_firmwaresm6115_firmwaresm7250sxr2130p_firmwaresm6125qcm4290sm7250_firmwaresm8350_firmwaresa8155_firmwaresdx55m_firmwaresm8250_firmwaresc8180x_firmwaresm6115p_firmwaresm6350_firmwaresa6145p_firmwareqm215sa8155p_firmwaresm4250_firmwaresm6250qcs4290qcm4290_firmwaresa6155sa6155psm8350sxr2130sc8180xsa6145psm6115sm8350p_firmwareqcs4290_firmwaresm8350psm4250psm8150_firmwaresxr2130_firmwaresxr2130psm4250sc8180xpsm7225qm215_firmwaresc8180xp_firmwaresm6115psm7125_firmwaresdx55sm6250_firmwareqsm8350_firmwaresa8155psm8250qsm8350sm8150p_firmwaresm7225_firmwaresm8150sa8155sm7250psdx55_firmwaresa6155_firmwaresm7250p_firmwaresm6125_firmwaresdx55msm8150pSnapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-43066
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 6.50%
||
7 Day CHG~0.00%
Published-07 Apr, 2025 | 10:15
Updated-07 Apr, 2025 | 18:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in HLOS

Memory corruption while handling file descriptor during listener registration/de-registration.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-Snapdragon
CWE ID-CWE-416
Use After Free
CVE-2024-43062
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.79%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-03 Mar, 2025 | 12:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Camera Linux

Memory corruption caused by missing locks and checks on the DMA fence and improper synchronization.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-Snapdragon
CWE ID-CWE-416
Use After Free
CVE-2024-43060
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.79%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-03 Mar, 2025 | 13:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use of Out-of-range Pointer Offset in Automotive Audio

Memory corruption during voice activation, when sound model parameters are loaded from HLOS to ADSP.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-Snapdragon
CWE ID-CWE-823
Use of Out-of-range Pointer Offset
CVE-2024-43055
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.58%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-03 Mar, 2025 | 13:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Camera_Linux

Memory corruption while processing camera use case IOCTL call.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-Snapdragon
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-11242
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.03% / 7.69%
||
7 Day CHG~0.00%
Published-07 Apr, 2021 | 07:55
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

User could gain access to secure memory due to incorrect argument into address range validation api used in SDI to capture requested contents in Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-pm660wcn3990sd636qca6595qca6564auqet4101_firmwarepm855a_firmwarewcn3950_firmwarepmm855ausd455qtc800hsmb1351_firmwareqca6595au_firmwareqpa4360pm855aqet4200aq_firmwaresdr660_firmwareqca6574apm660lwcn3990_firmwarewcn3980wcd9335_firmwareqat3522_firmwareqpa4340_firmwarewcn3950qpa5460wcd9340_firmwareqln1036aq_firmwareqln1021aqqca6574a_firmwareqln1031_firmwareqca6574au_firmwareqpa4360_firmwareqca6595auwcn3980_firmwaresmb1351pm660l_firmwareqca6564au_firmwareqpa5460_firmwarepm660_firmwarepm660aqpa4340qln1021aq_firmwarersw8577qln1036aqsdm630qca6574auqat3522qca6564a_firmwarewcd9340wcd9341_firmwarersw8577_firmwareqat3514sdr660wcd9335qet4200aqqat3550pm660a_firmwareqln1031wcd9341qtc800h_firmwareqca6595_firmwareqet4100_firmwaresdm630_firmwareqat3550_firmwareqtc800s_firmwarepmm855au_firmwareqet4100qtc800sqat3514_firmwaresd660qet4101sd455_firmwaresd660_firmwareqca6564asd636_firmwareSnapdragon Industrial IOT, Snapdragon Mobile
CVE-2017-14895
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.49%
||
7 Day CHG~0.00%
Published-05 Dec, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, after a subsystem reset, iwpriv is not giving correct information.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-672
Operation on a Resource after Expiration or Release
CVE-2017-14884
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.49%
||
7 Day CHG~0.00%
Published-23 Feb, 2018 | 23:00
Updated-16 Sep, 2024 | 18:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all Qualcomm products with Android releases from CAF using the Linux kernel, due to lack of bounds checking on the variable "data_len" from the function WLANQCMBR_McProcessMsg, a buffer overflow may potentially occur in WLANFTM_McProcessMsg.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-11187
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.39%
||
7 Day CHG~0.00%
Published-22 Feb, 2021 | 06:25
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible memory corruption in BSI module due to improper validation of parameter count in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwareqdm5652_firmwareqpm5679_firmwaresdr051qet6110_firmwareqln5030qca8337qpa2625_firmwarecsrb31024qpa8802qpm6585_firmwareqat3519pmx24_firmwareqbt2000_firmwareqet5100_firmwareqat5522_firmwaresd765g_firmwareqdm5670qpa8686qca6595au_firmwarepm7150lqpa8821pm7150aqdm5671qat3518qca6584au_firmwareqpa5580_firmwaresa415mwcn3998smr526_firmwarewcd9385_firmwareqdm5650_firmwarepm7250_firmwareqdm2305_firmwareqdm5620qln1021aqqpa8821_firmwareqpm5670_firmwarepmk8002_firmwareqdm5652qca6574au_firmwareqln1031_firmwaresdx55_firmwareqat5533qca6595auqpm5679qbt2000wcn3998_firmwaresm7250p_firmwarepm855ppm7150l_firmwarepmx50_firmwareqca6564au_firmwareqca6584auqdm2305qat5515_firmwareqln5020_firmwarepm855qdm3301_firmwareqpm8830_firmwaresa415m_firmwarepmx55qpa8842_firmwareqdm3301qat3519_firmwarewsa8810_firmwareqpm5677qat5515sd765gsd765_firmwareqdm5677_firmwareqpa6560pm8004_firmwaresdr865sdr8150_firmwareqdm5620_firmwarewcd9385wcd9341qca6696_firmwareqln5020qln5040_firmwareaqt1000qpa8673qdm5621qln5030_firmwareqln4642qpm5677_firmwareqdm5650wsa8815_firmwaresmr525_firmwaresdr052smb1390pmx24pm855l_firmwareqet6110qln5040qpa8686_firmwareqpm8895qpm6585wcn3991qca8337_firmwareqpm5670wcd9380_firmwaresmb1355qln4650qpa8801pmx55_firmwareqtm527qet5100qdm5671_firmwareqpa8801_firmwareqca6564auqat5533_firmwareqtm527_firmwareqpm8830qpa8673_firmwareqat5522qet4101_firmwarepm7250bqln4642_firmwareqpa8842sdr052_firmwarewcd9380smb1355_firmwarepm7250b_firmwareqca6574apm855p_firmwaresdx50m_firmwaresmb1390_firmwarepm7250qdm5679_firmwaresmr525qpa8803smr526qtc801s_firmwareqdm2301qtm525qln1036aq_firmwarewsa8815qdm5621_firmwareqdm2301_firmwaresd765qca6574a_firmwaresd768g_firmwaresdr865_firmwareqat3555sdr051_firmwareqca6391aqt1000_firmwarepm8008qpm8895_firmwareqat3518_firmwareqtm525_firmwarecsrb31024_firmwaresdx50msdr8150qpm5621_firmwarepm855lqln1021aq_firmwareqdm5670_firmwareqln1036aqqtc801sqpa6560_firmwareqpa8802_firmwarepm7150a_firmwareqca6574auqpm5621qpm6582pm8008_firmwarewcd9341_firmwarewsa8810pmx50qdm5677qdm5679pm855_firmwarepm855b_firmwaresd768gqpm6582_firmwareqca6696qca6391_firmwareqln4650_firmwareqat3516_firmwarepm8004pmk8002qpa2625sdx55qet4101qat3555_firmwareqat3516sm7250pqpa8803_firmwareqpm5658pm855bqln1031qpm5658_firmwareqpa5580Snapdragon Auto, Snapdragon Connectivity, Snapdragon Mobile
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2021-35132
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.08% / 25.04%
||
7 Day CHG~0.00%
Published-02 Sep, 2022 | 11:31
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound write in DSP service due to improper bound check for response buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwaresd_8cx_gen3_firmwarewsa8830sd678sm6250p_firmwareqcs610qcs2290_firmwareqca8337qca6431_firmwaresd7c_firmwarewcd9360_firmwaresdx65qcs4290wcn3950_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqcs2290qca6390_firmwaresa6155sd690_5gsd730_firmwarewcd9370sd_675_firmwaresd675_firmwareqca6426wcn3990_firmwareqrb5165n_firmwarewcn3998wcd9371_firmwarewcd9385_firmwaresdxr2_5g_firmwaresd_8cx_gen2_firmwaresm4125sd720gwcd9326_firmwarewcn3950wcn3660bqsm8350_firmwaresd662sd710_firmwareqsm8350sd460_firmwaresa8155sa9000p_firmwaresm7315_firmwareqca6574au_firmwaresdx55_firmwarewcn7850qca6595auqca8081_firmwaresa6155_firmwarewcd9375_firmwaresm7250p_firmwarewcn3998_firmwareqca6420qca6436_firmwarewcd9360qrb5165nsd680_firmwaresd778gsa6155p_firmwaresd_8cx_gen2sa515m_firmwareqcs6490qrb5165_firmwareqrb5165m_firmwaresd429sdxr2_5gwcn7851sa8155_firmwaresd662_firmwarewcn3988_firmwareqca6430sd429_firmwareqca6421sd778g_firmwaresm6250wcd9340sa8195pwsa8810_firmwaresd765gsw5100sd765_firmwareqca6436sd680wcd9326sa6155pwcn6851qca8081wcn7851_firmwareqcs4290_firmwarewcd9385wcd9341qca6431qca6696_firmwareqcs6490_firmwarewcd9371sd750gsd870_firmwaresd_8cx_gen3qca6390ar8035sd750g_firmwareaqt1000wcd9375wcn3910_firmwaresm6250_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewcn3620_firmwareqcm6490sd888_5g_firmwarewcn3988wcn3620wcn6850_firmwarewcn7850_firmwaresa8195p_firmwarewsa8815_firmwarewsa8835_firmwarewcn6750_firmwareqcm2290_firmwarewcn3991qca8337_firmwarewcd9380_firmwarewcn3990sd_675sdm429wsd780gsw5100psd865_5gsdx55m_firmwarewcn6856_firmwaresd888sd670_firmwareqca6574wsa8835sdm429w_firmwaresd665_firmwaresa8540p_firmwarewcd9380sd888_5gsm6250pqcs410qca6574asd690_5g_firmwaresdx50m_firmwarewcn6855_firmwaresm7325pqca6430_firmwarewcn3980wcn6750sa515msa9000pqca6574_firmwarewcd9340_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665sd7cwcn3910wcn6850wsa8815sd765qca6426_firmwarewcn3660b_firmwareqca6574a_firmwaresd695sd768g_firmwareqrb5165mwcn3980_firmwaresm7315sd460qca6391sd730sdx55mqca6421_firmwareaqt1000_firmwarewcn6740_firmwaresdx65_firmwaresd678_firmwareqcm4290qcm6490_firmwaresdx50mqrb5165sd480_firmwarewcn6851_firmwareqca6574ausa8155p_firmwaresd710sd670wcd9341_firmwareqcm4290_firmwaresd480sd870wcn6855wsa8810sa8540psw5100p_firmwareqcs610_firmwarewcn6856sd695_firmwaresd768gwcn6740qca6696qca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55sd888_firmwaresa8155psd675sm7250psd720g_firmwaresw5100_firmwareqcs410_firmwarear8035_firmwareqcm2290Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-1284
Improper Validation of Specified Quantity in Input
CVE-2021-35129
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 30.17%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 10:11
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption in BT controller due to improper length check while processing vendor specific commands in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-ipq5018_firmwaresd_8cx_gen3_firmwareqca2066wsa8830qcn9070qca8337_firmwarewcd9380_firmwareqcn9000qca8337wcn6856_firmwareqcn9012sd888sdx65qcn9072qcn6122_firmwarewsa8835wcd9380ipq5028_firmwaresd888_5gqca2064_firmwareqca2062wcd9370wcn6855_firmwareqcn6132_firmwareqcn9000_firmwareqcn9012_firmwareipq5018wcn6750wcd9385_firmwareqcn6024_firmwaresd_8_gen1_5g_firmwarewcn6850qca2065qcn6112qcn6100_firmwareqcn6102_firmwareqcn9024wcd9375_firmwareqca8081_firmwareqcn6023_firmwareqca6391ipq5010qca2062_firmwareqcn6102qcn9100sdx65_firmwareqcs6490qcm6490_firmwareipq5028qcn9070_firmwarewcn6851_firmwareqcn6112_firmwareqcn9074qcn9024_firmwareqcn6132wcn6855wcn6851qca8081wcn6856qcn6023wcd9385qcn6122qcc710qca2066_firmwareqca2065_firmwareqcs6490_firmwaresd_8cx_gen3qca6391_firmwarear8035wcd9375qca2064wcd9370_firmwaresd888_firmwareqcc710_firmwareqcn9100_firmwareqcn9022_firmwarewsa8830_firmwareqcn6024qcn9022ipq5010_firmwareqcm6490sd888_5g_firmwarewcn6850_firmwarewsa8835_firmwareqcn6100qcn9072_firmwareqcn9074_firmwaresm8475wcn6750_firmwarear8035_firmwareSnapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-38406
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.30%
||
7 Day CHG~0.00%
Published-04 Nov, 2024 | 10:04
Updated-16 Nov, 2024 | 04:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Time-of-check Time-of-use (TOCTOU) Race Condition in Camera

Memory corruption while handling IOCTL calls in JPEG Encoder driver.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wsa8830wcd9380_firmwaresnapdragon_8c_compute_platform_\(sc8180x-ad\)_\"poipu_lite\"sdm429wsnapdragon_8cx_gen_2_5g_compute_platform_\(sc8180xp-aa\,_ab\)_firmwaresnapdragon_8cx_compute_platform_\(sc8180x-aa\,_ab\)snapdragon_7c_gen_2_compute_platform_\(sc7180-ad\)_\"rennell_pro\"_firmwarefastconnect_6800snapdragon_8cx_compute_platform_\(sc8180xp-ac\,_af\)_\"poipu_pro\"wsa8840wsa8835sdm429w_firmwaresnapdragon_7c\+_gen_3_computesc8180x\+sdx55wcd9380qca6420_firmwarefastconnect_6700video_collaboration_vc3_platformwcd9370snapdragon_8c_compute_platform_\(sc8180xp-ad\)_\"poipu_lite\"qcm5430_firmwarevideo_collaboration_vc3_platform_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-ac\,_af\)_\"poipu_pro\"_firmwareqca6430_firmwaresnapdragon_8cx_compute_platform_\(sc8180x-aa\,_ab\)_firmwarewcd9385_firmwarewsa8845snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-ab\,_bb\)fastconnect_6200wcd9340_firmwarewcn3660bwsa8815wsa8845_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-ac\,_af\)_\"poipu_pro\"wcn3660b_firmwaresnapdragon_429_mobile_platform_firmwaresc8380xpfastconnect_6200_firmwarewsa8845h_firmwarewcd9375_firmwareqca6391qca6420snapdragon_429_mobile_platformfastconnect_7800snapdragon_7c_compute_platform_firmwareaqt1000_firmwareqcs6490qcm6490_firmwarewsa8840_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_\(sc8180xp-aa\,_ab\)fastconnect_6900fastconnect_6900_firmwaresc8380xp_firmwaresnapdragon_8cx_compute_platform_\(sc8180xp-ac\,_af\)_\"poipu_pro\"_firmwareqca6430sm6250wcd9340fastconnect_6700_firmwarewsa8810_firmwarewcd9341_firmwarefastconnect_7800_firmwarewsa8810wsa8845hqcm5430qcs5430wcd9385wcd9341snapdragon_8c_compute_platform_\(sc8180x-ad\)_\"poipu_lite\"_firmwaresnapdragon_7c_gen_2_compute_platform_\(sc7180-ad\)_\"rennell_pro\"qcs6490_firmwareqcs5430_firmwareqca6391_firmwarewcd9375wcd9370_firmwareaqt1000snapdragon_8c_compute_platform_\(sc8180xp-ad\)_\"poipu_lite\"_firmwaresm6250_firmwaresc8180x\+sdx55_firmwarewsa8830_firmwarewcn3620_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewsa8815_firmwareqcm6490wsa8835_firmwarewcn3620snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-ab\,_bb\)_firmwarefastconnect_6800_firmwaresnapdragon_7c_compute_platformSnapdragonaqt1000_firmwarewcd9380_firmwareqcm6490_firmwarewsa8840_firmwarefastconnect_6900_firmwaresc8380xp_firmwaresdm429w_firmwarefastconnect_6700_firmwarewsa8810_firmwarewcd9341_firmwarefastconnect_7800_firmwareqca6420_firmwareqcm5430_firmwareqca6430_firmwareqcs6490_firmwareqcs5430_firmwarequalcomm_video_collaboration_vc3_platform_firmwareqca6391_firmwarewcd9385_firmwarewcd9370_firmwarewcd9340_firmwaresm6250_firmwarewsa8830_firmwarewsa8845_firmwarewcn3620_firmwarewsa8815_firmwarewcn3660b_firmwarewsa8835_firmwaresnapdragon_429_mobile_platform_firmwarefastconnect_6200_firmwarewcd9375_firmwarewsa8845h_firmwarefastconnect_6800_firmware
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2021-35115
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.04% / 12.54%
||
7 Day CHG~0.00%
Published-01 Apr, 2022 | 04:40
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper handling of multiple session supported by PVM backend can lead to use after free in Snapdragon Auto, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-ar6003_firmwareqca6564au_firmwareqca6584ausa6155p_firmwaresa6150p_firmwaresa8145p_firmwaremsm8996au_firmwareqca6564ausdx55m_firmwaremdm9215mdm9615mqca6574ausa6145p_firmwaremdm8215m_firmwaresa8155p_firmwaremsm8996auqca6564a_firmwaresa8195psa8540p_firmwaresa8150p_firmwarewcd9341_firmwaresa6155psa8540pmdm8215mdm9310_firmwareqca6574asa6145pmdm8615m_firmwarewcd9341mdm8615mqca6584au_firmwareapq8096auqca6564aqca6696_firmwaresa8145pqca6696mdm9615mdm8215_firmwaremdm9615m_firmwaresa9000psa8150psa6150psdx55apq8096au_firmwaresa8155pmdm9615_firmwaremdm9215_firmwaresa9000p_firmwaremdm8215mqca6574a_firmwareqca6574au_firmwaresa8195p_firmwaresdx55_firmwarear6003sdx55mmdm9310Snapdragon Auto, Snapdragon Mobile
CWE ID-CWE-416
Use After Free
CVE-2024-38422
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.61%
||
7 Day CHG~0.00%
Published-04 Nov, 2024 | 10:04
Updated-07 Nov, 2024 | 19:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Integer Overflow to Buffer Overflow in Audio

Memory corruption while processing voice packet with arbitrary data received from ADSP.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaremdm9640_firmwareqca8337qfw7124sg8275p_firmwareqam8775pqamsrv1msnapdragon_888_5g_mobile_platformwcn3950_firmwarewcn6755_firmwareqca6595au_firmwaresa6155snapdragon_480_5g_mobile_platformvideo_collaboration_vc3_platformsnapdragon_460_mobile_platform_firmwareqcs6125_firmwareqcm5430_firmwaresnapdragon_480_5g_mobile_platform_firmwaremsm8108wcd9371_firmwaremsm8108_firmwarewcn3950sm4125wcn3660bsnapdragon_660_mobile_platform_firmwaresnapdragon_460_mobile_platformsm7315_firmwaresnapdragon_429_mobile_platform_firmwaresnapdragon_695_5g_mobile_platform_firmwaresnapdragon_636_mobile_platformqca8081_firmwareqca6420snapdragon_auto_5g_modem-rf_firmwareqca9367_firmwaresa8155_firmwarerobotics_rb3_platform_firmwaresm8635qca6430snapdragon_678_mobile_platform_firmwaresnapdragon_630_mobile_platformsa7775p_firmwarewcd9340vision_intelligence_200_platform_firmwaresnapdragon_765_5g_mobile_platform_firmwaresnapdragon_690_5g_mobile_platformqca6698aq_firmwaremsm8209_firmwaremdm9250_firmwaresnapdragon_wear_2500_platformqca6696_firmwarewcd9371sa8150psd865_5g_firmwaresd660sd660_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwaresnapdragon_730_mobile_platform_firmwaresnapdragon_750g_5g_mobile_platform_firmwaresa8770psnapdragon_675_mobile_platform_firmwaresnapdragon_778g_5g_mobile_platform_firmwaresdm429wqcm8550snapdragon_670_mobile_platform_firmwaresd670_firmwareqca6574snapdragon_7c\+_gen_3_computewcd9380snapdragon_x72_5g_modem-rf_system_firmwareqcs410snapdragon_210_processorvideo_collaboration_vc3_platform_firmwarec-v2x_9150_firmwaresd626qcn9012_firmwarewsa8845qcm4325_firmwarewcd9340_firmwarewsa8815snapdragon_865\+_5g_mobile_platformqca6584_firmwaresnapdragon_630_mobile_platform_firmwareqcs8250sd835wcn3980_firmwaresd730sa8295pwcn6740_firmwareqca6678aqapq8064au_firmwaresa8650p_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900fastconnect_6900_firmwaresnapdragon_660_mobile_platformsrv1lsd670smart_audio_200_platform_firmwaresnapdragon_8\+_gen_2_mobile_platformqcm4290_firmwaresw5100p_firmwareqcs610_firmwareqamsrv1m_firmwaresa6145pqcm5430ar8031snapdragon_750g_5g_mobile_platformqcs5430_firmwaresa2150pqca6391_firmwaresa4150p_firmwarewcd9370_firmwaresm8550p_firmwaresdx55csra6640snapdragon_695_5g_mobile_platformvideo_collaboration_vc1_platformsrv1msnapdragon_x20_lte_modemsnapdragon_1200_wearable_platformqfw7124_firmwareqam8620p_firmwareqam8255psa4155psnapdragon_480\+_5g_mobile_platformqsm8250_firmwarewsa8830snapdragon_x24_lte_modem_firmwareqam8650pcsrb31024mdm9628_firmwaresnapdragon_865_5g_mobile_platformmdm9650flight_rb5_5g_platformflight_rb5_5g_platform_firmwareqcn6224_firmwaresnapdragon_x20_lte_modem_firmwareqcs4290srv1l_firmwaremdm9250qca6420_firmwaresnapdragon_auto_4g_modem_firmwaresd675_firmwareqca6564qca6426wcn3990_firmwareqrb5165n_firmwaresnapdragon_8_gen_2_mobile_platformqca9377wcd9385_firmwarewcd9326_firmwarefastconnect_6200wcn3615_firmwareqamsrv1h_firmwareqcn9011_firmwaresa8155snapdragon_x55_5g_modem-rf_systemqca6584snapdragon_835_mobile_pc_platform_firmwaresnapdragon_208_processor_firmwaresdx55_firmwaresa7255pwsa8845h_firmwarewcn3615snapdragon_8_gen_3_mobile_platformqfw7114sm7250p_firmwarewcn3610_firmwareqrb5165nqca6584ausnapdragon_870_5g_mobile_platformqcm8550_firmwaresnapdragon_x72_5g_modem-rf_systemsnapdragon_208_processorsnapdragon_439_mobile_platformsm4635qca93679206_lte_modemsnapdragon_wear_3100_platformwcn3988_firmware315_5g_iot_modemqcn9074srv1hqca6421fastconnect_6700_firmwaresa8195psxr1120snapdragon_626_mobile_platform_firmwareqcn6224wcd9395_firmwarewcd9335wcd9326snapdragon_x75_5g_modem-rf_systemsnapdragon_auto_5g_modem-rf_gen_2snapdragon_888\+_5g_mobile_platformqcs4290_firmwaresa8770p_firmwaresxr2130_firmwareqcs6490_firmwarewcd9375aqt1000snapdragon_210_processor_firmwaresm6250_firmwaresnapdragon_662_mobile_platformsnapdragon_685_4g_mobile_platformwsa8815_firmwaresnapdragon_636_mobile_platform_firmwarevideo_collaboration_vc5_platform_firmwareapq8017sxr1120_firmwaresnapdragon_8_gen_2_mobile_platform_firmwaresnapdragon_x5_lte_modemqcm6125_firmwaresnapdragon_855\+\/860_mobile_platform_firmwarerobotics_rb5_platform_firmwarewcd9378_firmwaresd865_5gqca6595sa8530p_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwaresa8540p_firmwareqcn6274sxr2130smart_audio_400_platformqca6310_firmwaresa8650psa9000pqca6574_firmwaresm7325p_firmwaresnapdragon_xr2_5g_platform_firmware205_mobile_platform_firmwaresa8775psnapdragon_730g_mobile_platformqca6574a_firmwareqrb5165msnapdragon_x55_5g_modem-rf_system_firmwaresm7315snapdragon_865\+_5g_mobile_platform_firmwaresnapdragon_x35_5g_modem-rf_system_firmwaresnapdragon_690_5g_mobile_platform_firmwareqcn6274_firmwaresnapdragon_auto_4g_modemsnapdragon_632_mobile_platform_firmwareqcm6490_firmwarecsrb31024_firmwarewsa8832_firmwaresnapdragon_xr1_platformqcm2150qcs8250_firmwaresdx20m_firmwaresnapdragon_765g_5g_mobile_platform_firmwaresm8550pqca6564_firmwarewcn6740snapdragon_732g_mobile_platformqcs8550snapdragon_x50_5g_modem-rf_systemsnapdragon_8_gen_3_mobile_platform_firmwareqcs410_firmwarewcd9378qam8255p_firmwaresa6150p_firmwareqcs610315_5g_iot_modem_firmwareqca6431_firmwaresnapdragon_778g\+_5g_mobile_platformwcd9360_firmwaresnapdragon_870_5g_mobile_platform_firmwaresnapdragon_820_automotive_platform_firmwarevision_intelligence_100_platform_firmwarewsa8840snapdragon_wear_2100_platform_firmwaresnapdragon_212_mobile_platformsa8150p_firmwareqcs2290qca6335csra6620_firmwaresd_675_firmwarecsra6640_firmwareqep8111_firmwareqam8295pmdm9628qca6688aqqca6574au_firmwarewcd9375_firmwaresnapdragon_778g\+_5g_mobile_platform_firmwaresa6155_firmwaremsm8909wwcd9360snapdragon_xr2\+_gen_1_platformsnapdragon_782g_mobile_platform_firmwaresdx20mqca6678aq_firmwaresmart_audio_400_platform_firmwareqrb5165m_firmwarewsa8840_firmwaresa4155p_firmwareqcs6125qca6698aqsnapdragon_765g_5g_mobile_platformrobotics_rb3_platformsnapdragon_720g_mobile_platformsd626_firmwaresw5100snapdragon_780g_5g_mobile_platformwcn6755qca6436sa6155psnapdragon_auto_5g_modem-rf_gen_2_firmwarewcd9341sa8255pqam8775p_firmwareqca6431snapdragon_x12_lte_modemqca6797aqwcn3910_firmwaresnapdragon_855_mobile_platform_firmwarerobotics_rb5_platformqcc710_firmwarewsa8830_firmwaresd855_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewcn3988snapdragon_780g_5g_mobile_platform_firmwaresnapdragon_685_4g_mobile_platform_firmwaresa8195p_firmwaresa8295p_firmwarewcn3610msm8608mdm9640wcd9380_firmwareqca8337_firmwarewcd9330sw5100pmsm8996au_firmwaresnapdragon_w5\+_gen_1_wearable_platformqca6564ausnapdragon_782g_mobile_platformfastconnect_6700sm8635_firmwaresg8275pwcn3980wcd9335_firmwaresm6370_firmwareqfw7114_firmwareqca6430_firmwareqca6174snapdragon_732g_mobile_platform_firmwareqca6335_firmwarewcn3910qca6320mdm9650_firmwaresnapdragon_4_gen_1_mobile_platformqca6426_firmwarewcn3680wcn3660b_firmwaresnapdragon_670_mobile_platformsnapdragon_xr2\+_gen_1_platform_firmwarewcd9330_firmwaresnapdragon_x50_5g_modem-rf_system_firmwaresnapdragon_820_automotive_platformqca6421_firmwaresmart_audio_200_platformvision_intelligence_100_platformsnapdragon_xr2_5g_platform215_mobile_platformwcn3680_firmwarear8031_firmwareqca6797aq_firmware9206_lte_modem_firmwareqca6564a_firmwaresa7255p_firmwaresa8620pwsa8832snapdragon_x24_lte_modemsa8540psmart_display_200_platform_firmwareqsm8250snapdragon_730_mobile_platformqcc710qca6595_firmwarewcd9395sa8145psnapdragon_888\+_5g_mobile_platform_firmware205_mobile_platformsnapdragon_710_mobile_platform_firmwaresd888_firmwaresd675sa8155psnapdragon_720g_mobile_platform_firmwareqep8111snapdragon_855_mobile_platformqcm2290snapdragon_632_mobile_platformsnapdragon_625_mobile_platform_firmwarear8035_firmwaresnapdragon_wear_2100_platformsnapdragon_662_mobile_platform_firmwaresa8145p_firmwareqcs2290_firmwarecsra6620smart_display_200_platformsnapdragon_888_5g_mobile_platform_firmwaresd730_firmwareqca6174_firmwarewcd9370snapdragon_480\+_5g_mobile_platform_firmwareqca6584au_firmwareqamsrv1hsa8530psnapdragon_1200_wearable_platform_firmwareqam8295p_firmwarevision_intelligence_200_platformsa9000p_firmwareqca6320_firmwarewcn3680b_firmwaresnapdragon_778g_5g_mobile_platformsnapdragon_212_mobile_platform_firmwareqca6595ausnapdragon_425_mobile_platformsnapdragon_429_mobile_platformqca6436_firmwaresnapdragon_680_4g_mobile_platform_firmwaresnapdragon_w5\+_gen_1_wearable_platform_firmwareqca6564au_firmwaresa8620p_firmwaresa6155p_firmwareqca6310sa8775p_firmwaresnapdragon_x5_lte_modem_firmwareqcs6490video_collaboration_vc5_platformsnapdragon_625_mobile_platformqcs8550_firmwarevision_intelligence_300_platform_firmwaresa6145p_firmwaresm6250c-v2x_9150apq8017_firmwarewsa8810_firmwarevision_intelligence_400_platformwsa8845hsa8255p_firmwaresg4150pqcs7230qca8081snapdragon_x35_5g_modem-rf_systemsa7775pqcs5430qca6174a_firmwareqam8620pwcd9385snapdragon_x12_lte_modem_firmwarear8035apq8064auwcd9390vision_intelligence_400_platform_firmwaresnapdragon_768g_5g_mobile_platform_firmwarewcn3620_firmwareqcm6490wsa8835_firmwarewcn3620qca6564asg4150p_firmwaresa4150pqca6688aq_firmwareqcm4325qcm2290_firmwaresnapdragon_626_mobile_platformsnapdragon_845_mobile_platformqcm2150_firmwaresm4635_firmwarewcn3990sd_675fastconnect_6800snapdragon_835_mobile_pc_platformqcs7230_firmwareqcn9012sd888wsa8835msm8909w_firmwaremsm8996ausdm429w_firmwaresnapdragon_auto_5g_modem-rfsnapdragon_678_mobile_platformsnapdragon_855\+\/860_mobile_platformsnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_425_mobile_platform_firmwareqca6574aqca6174asm7325psa2150p_firmwaresm4125_firmwaresd855wsa8845_firmwaresnapdragon_439_mobile_platform_firmwarefastconnect_6200_firmwaremsm8209vision_intelligence_300_platformqca6391snapdragon_710_mobile_platformfastconnect_7800aqt1000_firmwaresnapdragon_845_mobile_platform_firmwareqcm4290srv1h_firmwareqcn9011video_collaboration_vc1_platform_firmwareqca6574ausa8155p_firmwarewcd9341_firmwareqcm6125wsa8810fastconnect_7800_firmwaresnapdragon_730g_mobile_platform_firmwaresnapdragon_680_4g_mobile_platformsm6370srv1m_firmwarewcn3680bsd835_firmwareqam8650p_firmwaresnapdragon_675_mobile_platformsnapdragon_wear_2500_platform_firmwareqca6696215_mobile_platform_firmwaremsm8608_firmwaresa6150pwcd9390_firmwaresnapdragon_768g_5g_mobile_platformsnapdragon_765_5g_mobile_platformsm7250psnapdragon_wear_3100_platform_firmwaresw5100_firmwareqcn9074_firmwaresnapdragon_xr1_platform_firmwareSnapdragonqam8255p_firmwareqca9377_firmwaresnapdragon_662_mobile_platform_firmwaremdm9640_firmwaresa6150p_firmwaresa8145p_firmware315_5g_iot_modem_firmwareqcs2290_firmwaresnapdragon_x24_lte_modem_firmwaresg8275p_firmwareqca6431_firmwaremdm9628_firmwaresnapdragon_820_automotive_platform_firmwarewcd9360_firmwareflight_rb5_5g_platform_firmwareqcn6224_firmwaresnapdragon_wear_2100_platform_firmwaresnapdragon_x20_lte_modem_firmwarewcn3950_firmwaresrv1l_firmwaresnapdragon_888_5g_mobile_platform_firmwaresa8150p_firmwarewcn6755_firmwareqca6420_firmwareqca6595au_firmwaresnapdragon_xr1_platform_firmwareqca6174_firmwaresd730_firmwaresnapdragon_auto_4g_modem_firmwarecsra6620_firmwaresd_675_firmwaresd675_firmwarecsra6640_firmwareqcm5430_firmwareqcs6125_firmwaresnapdragon_460_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwareqca6584au_firmwareqep8111_firmwareqrb5165n_firmwarewcn3990_firmwarequalcomm_video_collaboration_vc3_platform_firmwaremsm8108_firmwarewcd9371_firmwarewcd9385_firmwarewcd9326_firmwarewcn3615_firmwareqamsrv1h_firmwaresnapdragon_1200_wearable_platform_firmwaresnapdragon_660_mobile_platform_firmwareqam8295p_firmwareqcn9011_firmwaresa9000p_firmwareqca6320_firmwaresm7315_firmwareqca6574au_firmwaresdx55_firmwaresnapdragon_208_processor_firmwaresnapdragon_212_mobile_platform_firmwaresnapdragon_429_mobile_platform_firmwareqca8081_firmwaresa6155_firmwaresnapdragon_695_5g_mobile_platform_firmwaresm7250p_firmwaresnapdragon_835_mobile_pc_platform_firmwarewcd9375_firmwarewcn3610_firmwareqca6436_firmwaresnapdragon_680_4g_mobile_platform_firmwareqca6564au_firmwaresa8620p_firmwaresa6155p_firmwareqca9367_firmwaresnapdragon_auto_5g_modem-rf_firmwareqcm8550_firmwareqca6678aq_firmwaresmart_audio_400_platform_firmwaresa8775p_firmwaresnapdragon_x5_lte_modem_firmwareqrb5165m_firmwarewsa8840_firmwaresa4155p_firmwarewsa8845h_firmwaresa8155_firmwarerobotics_rb3_platform_firmwareqcs8550_firmwarevision_intelligence_300_platform_firmwarewcn3988_firmwaresa6145p_firmwaresa7775p_firmwarefastconnect_6700_firmwareapq8017_firmwaresd626_firmwaresnapdragon_626_mobile_platform_firmwarewsa8810_firmwarewcd9395_firmwaresa8255p_firmwareqca6698aq_firmwaremsm8209_firmwareqca6174a_firmwaremdm9250_firmwareqcs4290_firmwarequalcomm_205_mobile_platform_firmwareqam8775p_firmwaresa8770p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresxr2130_firmwareqca6696_firmwareqcs6490_firmwaresnapdragon_x12_lte_modem_firmwarewcn3910_firmwaresnapdragon_855_mobile_platform_firmwaresnapdragon_210_processor_firmwaresm6250_firmwareqcc710_firmwarevision_intelligence_400_platform_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewcn3620_firmwarewsa8815_firmwarewsa8835_firmwaresd660_firmwaresnapdragon_636_mobile_platform_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwaresxr1120_firmwaresa8295p_firmwaresg4150p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqca6688aq_firmwareqcm6125_firmwaresnapdragon_675_mobile_platform_firmwareqcm2290_firmwaresnapdragon_750g_5g_mobile_platform_firmwarequalcomm_video_collaboration_vc1_platform_firmwarerobotics_rb5_platform_firmwareqca8337_firmwareqcm2150_firmwaresm4635_firmwaresnapdragon_778g_5g_mobile_platform_firmwarewcd9380_firmwaremsm8996au_firmwarewcd9378_firmwareqcs7230_firmwaresnapdragon_670_mobile_platform_firmwaresa8530p_firmwaremsm8909w_firmwaresd670_firmwaresdm429w_firmwaresa8540p_firmwaresnapdragon_x72_5g_modem-rf_system_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_425_mobile_platform_firmwaresm8635_firmwarec-v2x_9150_firmwareqca6310_firmwareqca6430_firmwareqcn9012_firmwareqfw7114_firmwaresm6370_firmwarewcd9335_firmwareqca6335_firmwareqcm4325_firmwareqca6574_firmwaresa2150p_firmwarewcd9340_firmwaresm4125_firmwarewcn3680b_firmwaresm7325p_firmwareqca6584_firmwarewsa8845_firmwaremdm9650_firmwaresnapdragon_630_mobile_platform_firmwaresnapdragon_439_mobile_platform_firmwareqca6426_firmwaresnapdragon_xr2_5g_platform_firmwarewcn3660b_firmwareqca6574a_firmwarefastconnect_6200_firmwarewcn3980_firmwaresnapdragon_x55_5g_modem-rf_system_firmwarewcd9330_firmwaresnapdragon_x50_5g_modem-rf_system_firmwareqca6421_firmwareaqt1000_firmwarewcn6740_firmwaresnapdragon_x35_5g_modem-rf_system_firmwaresnapdragon_690_5g_mobile_platform_firmwaresnapdragon_845_mobile_platform_firmwareqcn6274_firmwaresnapdragon_632_mobile_platform_firmwareapq8064au_firmwarear8031_firmwarecsrb31024_firmwareqcm6490_firmwaresa8650p_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewcn3680_firmwarewsa8832_firmwarefastconnect_6900_firmwaresrv1h_firmware9206_lte_modem_firmwareqca6797aq_firmwaresa8155p_firmwaresmart_audio_200_platform_firmwareqca6564a_firmwaresa7255p_firmwareqcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwareqcm4290_firmwaresdx20m_firmwaresw5100p_firmwareqcs610_firmwareqamsrv1m_firmwaresrv1m_firmwarequalcomm_215_mobile_platform_firmwaresd835_firmwareqam8650p_firmwareqca6564_firmwaresnapdragon_wear_2500_platform_firmwareqca6595_firmwareqcs5430_firmwareqca6391_firmwaresnapdragon_710_mobile_platform_firmwaresa4150p_firmwaremsm8608_firmwaresm8550p_firmwarewcd9370_firmwarequalcomm_video_collaboration_vc5_platform_firmwaresd888_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwaresnapdragon_wear_3100_platform_firmwaresw5100_firmwareqcn9074_firmwareqam8620p_firmwareqcs410_firmwareqfw7124_firmwaresnapdragon_720g_mobile_platform_firmwarear8035_firmwareqsm8250_firmwaresnapdragon_625_mobile_platform_firmware
CWE ID-CWE-680
Integer Overflow to Buffer Overflow
CVE-2024-38409
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.61%
||
7 Day CHG~0.00%
Published-04 Nov, 2024 | 10:04
Updated-16 Nov, 2024 | 04:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input in WLAN Windows Host

Memory corruption while station LL statistic handling.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_7800wsa8830wcd9380_firmwaresdm429wqcs6490qcm6490_firmwarewsa8840_firmwarefastconnect_6900fastconnect_6900_firmwaresc8380xp_firmwareqcc2073wsa8840wsa8835sdm429w_firmwarefastconnect_6700_firmwarewcd9380fastconnect_7800_firmwarewsa8845hfastconnect_6700video_collaboration_vc3_platformsnapdragon_8cx_gen_3_compute_platformwcd9370qcm5430qcs5430qcm5430_firmwarewcd9385video_collaboration_vc3_platform_firmwareqcs6490_firmwareqcc2076_firmwareqcs5430_firmwarewcd9385_firmwarewsa8845qcc2073_firmwarewcd9375wcd9370_firmwarewcn3660bwsa8830_firmwareqcc2076wsa8845_firmwarewcn3620_firmwareqcm6490wcn3660b_firmwarewsa8835_firmwarewcn3620snapdragon_429_mobile_platform_firmwaresc8380xpwsa8845h_firmwarewcd9375_firmwaresnapdragon_429_mobile_platformsnapdragon_8cx_gen_3_compute_platform_firmwareSnapdragonqcm5430_firmwarewcd9380_firmwareqcs6490_firmwareqcm6490_firmwareqcc2076_firmwarewsa8840_firmwareqcs5430_firmwarequalcomm_video_collaboration_vc3_platform_firmwarewcd9385_firmwarefastconnect_6900_firmwareqcc2073_firmwarewcd9370_firmwaresc8380xp_firmwarewsa8830_firmwarewsa8845_firmwarewcn3620_firmwaresdm429w_firmwarefastconnect_6700_firmwarewcn3660b_firmwarewsa8835_firmwaresnapdragon_429_mobile_platform_firmwarefastconnect_7800_firmwarewcd9375_firmwarewsa8845h_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-35105
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.10% / 28.53%
||
7 Day CHG~0.00%
Published-01 Apr, 2022 | 04:40
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bounds access due to improper input validation during graphics profiling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarefsm10055sa6150p_firmwaresm6250p_firmwareqcs610qca8337wcd9360_firmwaresdx65wcn3950_firmwaresa8150p_firmwareqcs2290qca6595au_firmwaresa6155csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaresa415mwcn3998wcn3950sd720gmdm9628mdm9206_firmwareqsw8573_firmwaresd_8_gen1_5g_firmwaresm6375_firmwarewcn3660bsd460_firmwaresm7315_firmwareqca6574au_firmwarewcd9375_firmwarewcn3998_firmwareqca8081_firmwaresa6155_firmwaresdx12_firmwaremsm8909wapq8009w_firmwarewcd9360apq8053_firmwareqca9367_firmwarewcn3999qrb5165_firmwareqrb5165m_firmwaresa4155p_firmwareqcs6125sa8155_firmwaresd662_firmwareqcs405wcd9340sd765gqualcomm215_firmwaresw5100fsm10056_firmwareqca6436wcn6851sa6155pqcs603_firmwaremdm9250_firmwarewcd9341qca6696_firmwaresd870_firmwaresd750gwcn3910_firmwaresa8150pwsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwarewcn3988sd660_firmwaresa8195p_firmwaresm8475wcn6750_firmwarewcn3610sm6375wcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwaresdm429wsw5100pmsm8996au_firmwarewcd9330qca6564ausdx55m_firmwarewcn6856_firmwareqet4101_firmwareqca6574wcd9380qualcomm215qcs410sd690_5g_firmwaresdx24_firmwareqcn9012_firmwarewcd9335_firmwarewcn3980sd439_firmwareqsw8573qcs605wcd9340_firmwarewsa8815wcn6850wcn3910qca6584_firmwaremdm9650_firmwareqca6426_firmwarewcn3660b_firmwarewcn3980_firmwaresd730wcd9330_firmwaresdx55mwcn6740_firmwaremsm8953sd678_firmwarear8031_firmwareqrb5165wcn6851_firmwareqcs603qca6564a_firmwareapq8009wqcm4290_firmwaresd480sd870wcn6855sw5100p_firmwaresd210_firmwareqcs610_firmwareqsm8250sa6145psdxr1ar8031apq8096auqcs405_firmwaresa8145pqca6391_firmwaresa4150p_firmwarewcd9370_firmwaresd780g_firmwaresdx55sd888_firmwareapq8053sa8155pcsra6640sd675sd439qet4101qcs8155_firmwaresa4155par8035_firmwareqcm2290qsm8250_firmwarewcn3991_firmwaremdm9150_firmwarewsa8830sd678sa8145p_firmwareqcs2290_firmwarefsm10056csrb31024mdm9628_firmwaremdm9650csra6620fsm10055_firmwareqcs4290mdm9250sd765g_firmwareqca6390_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwareqca6564qca6426qca6584au_firmwarewcn3990_firmwareqrb5165n_firmwareqca9377sdw2500_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwaresd662qcn9011_firmwaresa8155qca6584wcn3680b_firmwaresdx55_firmwarewcn3615qca6595auwcn3999_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwareqrb5165nqca6564au_firmwareqca6584ausd778gsa6155p_firmwareqcs8155sm6225sa515m_firmwaresd429qcs6490sdxr2_5gqca9367mdm9607_firmwaresa415m_firmwarewcn3988_firmwaresd205sd429_firmwaresa6145p_firmwaresd778g_firmwaresm6250sa8195papq8017_firmwarewsa8810_firmwaresd765_firmwarewcd9326wcd9335qca8081qca6174a_firmwareqcs4290_firmwarewcd9385qcs6490_firmwareqca6390wcd9375sd750g_firmwareaqt1000ar8035sm6250_firmwaremsm8953_firmwaresda429wsd210wcn3620_firmwaresdx20_firmwarewsa8815_firmwaresd888_5g_firmwareqcm6490wcn6850_firmwarewsa8835_firmwarewcn3620apq8017qcx315qca6564asa4150pqcm6125_firmwareqcm2290_firmwarewcn3990sd_675sd780gsd865_5gsdx24qcn9012sd888msm8909w_firmwareqcx315_firmwarewsa8835msm8996ausdm429w_firmwaresd665_firmwaresd888_5gsm6250pqca6574amdm9206wcn6855_firmwareqca6174asm7325pwcn6750sa515mqca6574_firmwaresd855sm7325p_firmwaresd665sd765qca6574a_firmwaresd768g_firmwareqrb5165msm7315sd460qca6391sdxr1_firmwareaqt1000_firmwaresdx65_firmwareqcm4290csrb31024_firmwareqcm6490_firmwaresdx20sd480_firmwareqcn9011sm6225_firmwareqca6574ausa8155p_firmwaremdm9607sd205_firmwarewcd9341_firmwareqcm6125wsa8810mdm9150wcn6856wcn3680bqca6564_firmwaresd768gwcn6740qca6696sdw2500sa6150papq8096au_firmwaresm7250psd720g_firmwaresdx12sw5100_firmwareqcs410_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2021-35091
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.09% / 27.25%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 10:11
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bounds read due to improper typecasting while handling page fault for global memory in Snapdragon Connectivity, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn6855_firmwarewsa8830_firmwarewcd9380_firmwarewsa8830wsa8835wcn6856wsa8835_firmwarewcd9380wcn6855sm8475wcn6856_firmwaresd_8_gen1_5g_firmwareSnapdragon Connectivity, Snapdragon Mobile
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2021-35072
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.15% / 35.56%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 09:50
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow due to improper validation of array index while processing external DIAG command in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaremdm9150_firmwarewsa8830mdm9640_firmwareqcs2290_firmwaremdm9628_firmwaremdm9650qcs4290wcn3950_firmwaremdm9250qcs2290apq8009_firmwaremsm8917wcd9370sd632wcn3990_firmwaremsm8108qca9377wcn3998sdw2500_firmwaremsm8108_firmwarewcn3950sm4125mdm9628wcd9326_firmwaremdm9206_firmwarewcn3615_firmwarewcn3660bsd450_firmwaresd662sd460_firmwareapq8037qca6320_firmwareqca6584qca6574au_firmwarewcn3680b_firmwarewcd9375_firmwaresdx12_firmwarewcn3615wcn3998_firmwaremsm8909wapq8009w_firmwarewcn3610_firmwareapq8053_firmwareqca6564au_firmwaresd680_firmwareqca6310msm8208qca9367_firmwaresd429qca9367sd662_firmwaremdm9607_firmwaresd821wcn3988_firmwaresd429_firmwarewcd9340apq8017_firmwarewsa8810_firmwarequalcomm215_firmwaresw5100sd680wcd9326wcd9335msm8937msm8209_firmwareqca6174a_firmwaremdm9250_firmwareqcs4290_firmwarewcd9341wcn3660_firmwarewcn3910_firmwarewcd9375msm8953_firmwarewsa8830_firmwaremsm8917_firmwaresd210wcn3620_firmwaresd820wcn3988wsa8815_firmwarewsa8835_firmwarewcn3620apq8017msm8208_firmwareqca6564asd450wcn3610msm8608qcm2290_firmwaremdm9640wcn3990sdm429wmsm8996au_firmwaresw5100pwcd9330qca6564aumsm8940_firmwaremsm8909w_firmwareqca6574msm8996ausd632_firmwaresdm429w_firmwarewsa8835qualcomm215qca6574amdm9206qca9379_firmwareqca6174aqca6310_firmwarewcd9335_firmwarewcn3980sd439_firmwareqca6574_firmwarewcd9340_firmwaresm4125_firmwarewsa8815wcn3910qca6320qca6584_firmwaremsm8937_firmwaremdm9650_firmwarewcn3660b_firmwarewcn3680qca6574a_firmwaresd835msm8209wcn3980_firmwareapq8009sd460wcd9330_firmwaremsm8920msm8953sd821_firmwareqcm4290wcn3680_firmwaremsm8920_firmwareqca6574aumdm9607qca6564a_firmwareapq8009wwcd9341_firmwareqcm4290_firmwarewsa8810sw5100p_firmwaresd210_firmwaremdm9150wcn3680bsd835_firmwareapq8096ausd820_firmwaremsm8608_firmwarewcd9370_firmwaresdw2500msm8940apq8053apq8096au_firmwareapq8037_firmwaresd439sdx12sw5100_firmwarewcn3660qca9379qcm2290Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2024-38407
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.30%
||
7 Day CHG~0.00%
Published-04 Nov, 2024 | 10:04
Updated-16 Nov, 2024 | 04:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Time-of-check Time-of-use (TOCTOU) Race Condition in Camera

Memory corruption while processing input parameters for any IOCTL call in the JPEG Encoder driver.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wsa8830wcd9380_firmwaresnapdragon_8c_compute_platform_\(sc8180x-ad\)_\"poipu_lite\"sdm429wsnapdragon_8cx_compute_platform_\(sc8180x-aa\,_ab\)snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180xp-aa\,_ab\)_firmwaresnapdragon_7c_gen_2_compute_platform_\(sc7180-ad\)_\"rennell_pro\"_firmwarefastconnect_6800snapdragon_8cx_compute_platform_\(sc8180xp-ac\,_af\)_\"poipu_pro\"wsa8840wsa8835sdm429w_firmwaresnapdragon_7c\+_gen_3_computesc8180x\+sdx55wcd9380qca6420_firmwarefastconnect_6700video_collaboration_vc3_platformwcd9370snapdragon_8c_compute_platform_\(sc8180xp-ad\)_\"poipu_lite\"qcm5430_firmwarevideo_collaboration_vc3_platform_firmwareqca6430_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-ac\,_af\)_\"poipu_pro\"_firmwaresnapdragon_8cx_compute_platform_\(sc8180x-aa\,_ab\)_firmwarewcd9385_firmwarewsa8845snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-ab\,_bb\)fastconnect_6200wcd9340_firmwarewcn3660bwsa8815wsa8845_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-ac\,_af\)_\"poipu_pro\"wcn3660b_firmwaresnapdragon_429_mobile_platform_firmwaresc8380xpfastconnect_6200_firmwarewcd9375_firmwarewsa8845h_firmwareqca6391snapdragon_429_mobile_platformqca6420fastconnect_7800aqt1000_firmwaresnapdragon_7c_compute_platform_firmwareqcs6490qcm6490_firmwarewsa8840_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_\(sc8180xp-aa\,_ab\)fastconnect_6900fastconnect_6900_firmwaresc8380xp_firmwaresnapdragon_8cx_compute_platform_\(sc8180xp-ac\,_af\)_\"poipu_pro\"_firmwareqca6430sm6250fastconnect_6700_firmwarewcd9340wsa8810_firmwarewcd9341_firmwarefastconnect_7800_firmwarewsa8810wsa8845hqcm5430qcs5430wcd9385wcd9341snapdragon_8c_compute_platform_\(sc8180x-ad\)_\"poipu_lite\"_firmwaresnapdragon_7c_gen_2_compute_platform_\(sc7180-ad\)_\"rennell_pro\"qcs6490_firmwareqcs5430_firmwareqca6391_firmwarewcd9375snapdragon_8c_compute_platform_\(sc8180xp-ad\)_\"poipu_lite\"_firmwareaqt1000wcd9370_firmwaresc8180x\+sdx55_firmwaresm6250_firmwarewsa8830_firmwarewcn3620_firmwaresnapdragon_7c\+_gen_3_compute_firmwareqcm6490wsa8815_firmwarewsa8835_firmwarewcn3620snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-ab\,_bb\)_firmwarefastconnect_6800_firmwaresnapdragon_7c_compute_platformSnapdragonaqt1000_firmwarewcd9380_firmwareqcm6490_firmwarewsa8840_firmwarefastconnect_6900_firmwaresc8380xp_firmwaresdm429w_firmwarefastconnect_6700_firmwarewsa8810_firmwarewcd9341_firmwarefastconnect_7800_firmwareqca6420_firmwareqcm5430_firmwareqca6430_firmwareqcs6490_firmwareqcs5430_firmwarequalcomm_video_collaboration_vc3_platform_firmwareqca6391_firmwarewcd9385_firmwarewcd9370_firmwarewcd9340_firmwaresm6250_firmwarewsa8830_firmwarewsa8845_firmwarewcn3620_firmwarewsa8815_firmwarewcn3660b_firmwarewsa8835_firmwaresnapdragon_429_mobile_platform_firmwarefastconnect_6200_firmwarewcd9375_firmwarewsa8845h_firmwarefastconnect_6800_firmware
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2024-38413
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.6||MEDIUM
EPSS-0.03% / 8.30%
||
7 Day CHG~0.00%
Published-03 Feb, 2025 | 16:51
Updated-05 Feb, 2025 | 13:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in Computer Vision

Memory corruption while processing frame packets.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_7800_firmwarewsa8840snapdragon_8_gen_3_mobile_firmwarewsa8845_firmwarewsa8845h_firmwarewsa8845snapdragon_8_gen_3_mobilewcd9395_firmwarewcd9390wsa8840_firmwarewsa8845hwcd9395fastconnect_7800wcd9390_firmwareSnapdragon
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-38399
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.03% / 8.26%
||
7 Day CHG~0.00%
Published-07 Oct, 2024 | 12:58
Updated-16 Oct, 2024 | 18:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Graphics

Memory corruption while processing user packets to generate page faults.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qam8255p_firmwaresnapdragon_8_gen_1_mobile_platformwsa8830wcd9380_firmwareqam8650pqca6595qam8775pqamsrv1mwsa8835wcn3950_firmwarewcd9380snapdragon_685_4g_mobile_platform_\(sm6225-ad\)_firmwareqca6595au_firmwaresnapdragon_685_4g_mobile_platform_\(sm6225-ad\)wcd9370qamsrv1hqam8295pwcn3950sa8650pqamsrv1h_firmwaresa9000pqca6688aqqam8295p_firmwaresa9000p_firmwaresa8775pqca6574au_firmwaresa7255pwcd9375_firmwareqca6595ausnapdragon_680_4g_mobile_platform_firmwaresa8295pfastconnect_7800sa8620p_firmwaresa6155p_firmwaresa8775p_firmwaresa8650p_firmwareqca6698aqfastconnect_6900srv1h_firmwarefastconnect_6900_firmwareqca6797aq_firmwareqca6574ausrv1hsa8155p_firmwaresa7775p_firmwaresa8195psa7255p_firmwarewsa8810_firmwarefastconnect_7800_firmwarewsa8810sa8620psa8255p_firmwaresg4150psa6155psnapdragon_8_gen_1_mobile_platform_firmwaresnapdragon_680_4g_mobile_platformqca6698aq_firmwaresrv1m_firmwaresa7775pqamsrv1m_firmwareqam8650p_firmwaresa8770p_firmwaresa8255pqam8775p_firmwareqca6696_firmwareqca6595_firmwareqca6696qca6797aqwcd9375wcd9370_firmwaresa8155pwsa8830_firmwarewsa8835_firmwaresrv1msa8195p_firmwaresa8295p_firmwareqam8255psg4150p_firmwaresa8770pqca6688aq_firmwareSnapdragonqam8255p_firmwaresa8620p_firmwaresa6155p_firmwarewcd9380_firmwaresa8775p_firmwaresa8650p_firmwarefastconnect_6900_firmwaresrv1h_firmwareqca6797aq_firmwaresa8155p_firmwaresa7775p_firmwaresa7255p_firmwarewcn3950_firmwarewsa8810_firmwarefastconnect_7800_firmwareqca6595au_firmwaresa8255p_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqca6698aq_firmwareqamsrv1m_firmwaresrv1m_firmwareqam8650p_firmwaresa8770p_firmwareqam8775p_firmwareqca6696_firmwareqca6595_firmwareqamsrv1h_firmwarewcd9370_firmwarewsa8830_firmwareqam8295p_firmwaresa9000p_firmwarewsa8835_firmwareqca6574au_firmwaresa8195p_firmwarewcd9375_firmwaresa8295p_firmwaresg4150p_firmwaresnapdragon_680_4g_mobile_platform_firmwareqca6688aq_firmware
CWE ID-CWE-416
Use After Free
CVE-2024-38412
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.6||MEDIUM
EPSS-0.02% / 4.41%
||
7 Day CHG~0.00%
Published-03 Feb, 2025 | 16:51
Updated-05 Feb, 2025 | 13:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Computer Vision

Memory corruption while invoking IOCTL calls from user-space to kernel-space to handle session errors.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_7800_firmwarewsa8840snapdragon_8_gen_3_mobile_firmwarewsa8845_firmwarewsa8845h_firmwarewsa8845snapdragon_8_gen_3_mobilewcd9395_firmwarewcd9390wsa8840_firmwarewsa8845hwcd9395fastconnect_7800wcd9390_firmwareSnapdragon
CWE ID-CWE-416
Use After Free
CVE-2021-35089
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.10% / 27.87%
||
7 Day CHG~0.00%
Published-01 Apr, 2022 | 04:40
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow due to lack of input IB amount validation while processing the user command in Snapdragon Auto

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6574ausa8155psa8155p_firmwareqca6696_firmwareqca6574au_firmwareqca6696Snapdragon Auto
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 20
  • 21
  • Next
Details not found