Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2019-10585

Summary
Assigner-qualcomm
Assigner Org ID-2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At-21 Jan, 2020 | 06:30
Updated At-04 Aug, 2024 | 22:24
Rejected At-
Credits

Possible integer overflow happens when mmap find function will increment refcount every time when it invokes and can lead to use after free issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8009, APQ8053, MDM9607, MDM9640, MSM8909W, MSM8917, MSM8953, Nicobar, QCS605, QM215, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM660, SDM670, SDM710, SDM845, SDX24, SDX55, SM6150, SM8150, SM8250, SXR1130, SXR2130

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:qualcomm
Assigner Org ID:2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At:21 Jan, 2020 | 06:30
Updated At:04 Aug, 2024 | 22:24
Rejected At:
▼CVE Numbering Authority (CNA)

Possible integer overflow happens when mmap find function will increment refcount every time when it invokes and can lead to use after free issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8009, APQ8053, MDM9607, MDM9640, MSM8909W, MSM8917, MSM8953, Nicobar, QCS605, QM215, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM660, SDM670, SDM710, SDM845, SDX24, SDX55, SM6150, SM8150, SM8250, SXR1130, SXR2130

Affected Products
Vendor
Qualcomm Technologies, Inc.Qualcomm, Inc.
Product
Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
Versions
Affected
  • APQ8009, APQ8053, MDM9607, MDM9640, MSM8909W, MSM8917, MSM8953, Nicobar, QCS605, QM215, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM660, SDM670, SDM710, SDM845, SDX24, SDX55, SM6150, SM8150, SM8250, SXR1130, SXR2130
Problem Types
TypeCWE IDDescription
textN/AUse After Free issue in DSP Services
Type: text
CWE ID: N/A
Description: Use After Free issue in DSP Services
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.qualcomm.com/company/product-security/bulletins/january-2020-bulletin
x_refsource_CONFIRM
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/january-2020-bulletin
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.qualcomm.com/company/product-security/bulletins/january-2020-bulletin
x_refsource_CONFIRM
x_transferred
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/january-2020-bulletin
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:product-security@qualcomm.com
Published At:21 Jan, 2020 | 07:15
Updated At:24 Aug, 2020 | 17:37

Possible integer overflow happens when mmap find function will increment refcount every time when it invokes and can lead to use after free issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8009, APQ8053, MDM9607, MDM9640, MSM8909W, MSM8917, MSM8953, Nicobar, QCS605, QM215, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM660, SDM670, SDM710, SDM845, SDX24, SDX55, SM6150, SM8150, SM8250, SXR1130, SXR2130

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary2.07.2HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 7.2
Base severity: HIGH
Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
Qualcomm Technologies, Inc.
qualcomm
>>apq8009>>-
cpe:2.3:h:qualcomm:apq8009:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8009_firmware>>-
cpe:2.3:o:qualcomm:apq8009_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8053>>-
cpe:2.3:h:qualcomm:apq8053:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8053_firmware>>-
cpe:2.3:o:qualcomm:apq8053_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9607>>-
cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9607_firmware>>-
cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9640>>-
cpe:2.3:h:qualcomm:mdm9640:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9640_firmware>>-
cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8909w>>-
cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8909w_firmware>>-
cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8917_firmware>>-
cpe:2.3:o:qualcomm:msm8917_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8917>>-
cpe:2.3:h:qualcomm:msm8917:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8953_firmware>>-
cpe:2.3:o:qualcomm:msm8953_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8953>>-
cpe:2.3:h:qualcomm:msm8953:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>nicobar_firmware>>-
cpe:2.3:o:qualcomm:nicobar_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>nicobar>>-
cpe:2.3:h:qualcomm:nicobar:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcs605_firmware>>-
cpe:2.3:o:qualcomm:qcs605_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcs605>>-
cpe:2.3:h:qualcomm:qcs605:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qm215_firmware>>-
cpe:2.3:o:qualcomm:qm215_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qm215>>-
cpe:2.3:h:qualcomm:qm215:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sda845_firmware>>-
cpe:2.3:o:qualcomm:sda845_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sda845>>-
cpe:2.3:h:qualcomm:sda845:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm429_firmware>>-
cpe:2.3:o:qualcomm:sdm429_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm429>>-
cpe:2.3:h:qualcomm:sdm429:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm429w_firmware>>-
cpe:2.3:o:qualcomm:sdm429w_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm429w>>-
cpe:2.3:h:qualcomm:sdm429w:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm439_firmware>>-
cpe:2.3:o:qualcomm:sdm439_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm439>>-
cpe:2.3:h:qualcomm:sdm439:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm450_firmware>>-
cpe:2.3:o:qualcomm:sdm450_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm450>>-
cpe:2.3:h:qualcomm:sdm450:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm632_firmware>>-
cpe:2.3:o:qualcomm:sdm632_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm632>>-
cpe:2.3:h:qualcomm:sdm632:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm660_firmware>>-
cpe:2.3:o:qualcomm:sdm660_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm660>>-
cpe:2.3:h:qualcomm:sdm660:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm670_firmware>>-
cpe:2.3:o:qualcomm:sdm670_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm670>>-
cpe:2.3:h:qualcomm:sdm670:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm710_firmware>>-
cpe:2.3:o:qualcomm:sdm710_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm710>>-
cpe:2.3:h:qualcomm:sdm710:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm845_firmware>>-
cpe:2.3:o:qualcomm:sdm845_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm845>>-
cpe:2.3:h:qualcomm:sdm845:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdx24_firmware>>-
cpe:2.3:o:qualcomm:sdx24_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdx24>>-
cpe:2.3:h:qualcomm:sdx24:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdx55_firmware>>-
cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdx55>>-
cpe:2.3:h:qualcomm:sdx55:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sm6150_firmware>>-
cpe:2.3:o:qualcomm:sm6150_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sm6150>>-
cpe:2.3:h:qualcomm:sm6150:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sm8150_firmware>>-
cpe:2.3:o:qualcomm:sm8150_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sm8150>>-
cpe:2.3:h:qualcomm:sm8150:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sm8250_firmware>>-
cpe:2.3:o:qualcomm:sm8250_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sm8250>>-
cpe:2.3:h:qualcomm:sm8250:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-190Primarynvd@nist.gov
CWE-416Primarynvd@nist.gov
CWE ID: CWE-190
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-416
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.qualcomm.com/company/product-security/bulletins/january-2020-bulletinproduct-security@qualcomm.com
Patch
Vendor Advisory
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/january-2020-bulletin
Source: product-security@qualcomm.com
Resource:
Patch
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

2451Records found
CVE-2021-1947
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.10% / 27.68%
||
7 Day CHG~0.00%
Published-17 Sep, 2021 | 07:05
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in kernel graphics driver because of storing an invalid pointer in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830sm7250qca9561qcs2290_firmwareqca8337sm7250_firmwarear9380qca9563_firmwareqca9561_firmwareqca9880_firmwareqca9992qcs4290wcn3950_firmwaresd765g_firmwareqcs2290ipq8069_firmwareqca6390_firmwaresd690_5gwcd9370qcs6125_firmwareqca6426wcn3990_firmwareqca9984_firmwarewcn3998wcd9385_firmwarewcn3950sm4125wcd9326_firmwarewcn3615_firmwareqca9563qsw8573_firmwarewcn3660bsd662qca9982sd460_firmwareqca6320_firmwarewcn3680b_firmwaresdx55_firmwarewcd9375_firmwarewcn3615wcn3998_firmwaremsm8909wapq8009w_firmwarewcn3610_firmwareapq8053_firmwareipq8065qca9990qrb5165_firmwaresd429qcs6125sd662_firmwareipq8068wcn3988_firmwaresd429_firmwarewcd9340sdm830_firmwarewsa8810_firmwaresd765gsd765_firmwarewcd9326wcd9335wcn6851qca9982_firmwareqcs4290_firmwarewcd9385qca9888_firmwarewcd9341ipq8068_firmwaresd750gsd870_firmwareqca6390qca9898_firmwaresd750g_firmwarewcd9375wcn3910_firmwaremsm8953_firmwarewsa8830_firmwaresda429wqca9992_firmwaresd660sd855_firmwaresd865_5g_firmwarewcn3620_firmwarewcn3988wcn6850_firmwaresd660_firmwarewcn3620wsa8815_firmwarewsa8835_firmwareqca9898wcn3610qcm6125_firmwareqca9882qcm2290_firmwarewcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwarewcn3990qca9980_firmwaresdm429wsd865_5gar9380_firmwaresdx55m_firmwareqca9558qca9558_firmwareqet4101_firmwareqca9896_firmwaremsm8909w_firmwareipq8065_firmwarewsa8835sdm429w_firmwaresd665_firmwarewcd9380sd690_5g_firmwareqca9889qca9888qca9994_firmwarewcd9335_firmwarewcn3980qsw8573qca9886wcd9340_firmwaresd855sm4125_firmwarewcn6850sd665wcn3910qca6320wsa8815sd765qca9887qca6426_firmwarewcn3660b_firmwareqca9984ipq8064ipq8069sd768g_firmwarewcn3980_firmwaresd460qca6391sdx55mipq8064_firmwaremsm8953qcm4290qca9882_firmwareqrb5165wcn6851_firmwareqca9994qca9531qca9887_firmwareqca9889_firmwareqca9980apq8009wqca9880wcd9341_firmwareqcm6125qcm4290_firmwaresd870wsa8810wcn3680bqca9886_firmwaresd768gqca6391_firmwarewcd9370_firmwaresdx55apq8053qca9990_firmwareqet4101qca9531_firmwaresdm830qca9896qcm2290Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-416
Use After Free
CVE-2019-2304
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.12% / 31.77%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 05:25
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow to buffer overflow due to lack of validation of event arguments received from firmware. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, IPQ8074, MDM9607, MSM8917, MSM8920, MSM8937, MSM8940, QCN7605, QCS405, QCS605, SDA845, SDM660, SDM845, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-msm8920sdm845sdm660msm8920_firmwaresdx24mdm9607_firmwaremsm8940_firmwareqcs405ipq8074_firmwaresm7150_firmwaresm6150mdm9607sm7150qcn7605_firmwaremsm8917msm8937ipq4019_firmwareqcs605_firmwaresm8150_firmwaresdx24_firmwareipq8074sdm660_firmwareqcs405_firmwaresda845_firmwareqcn7605qcs605ipq4019sdx55msm8940sm6150_firmwaremsm8917_firmwaremsm8937_firmwaresm8150ipq8064sdx55_firmwaresxr1130_firmwaresxr1130ipq8064_firmwaresda845sdm845_firmwareSnapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-2316
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-8.8||HIGH
EPSS-0.03% / 7.69%
||
7 Day CHG~0.00%
Published-25 Jul, 2019 | 16:33
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When computing the digest a local variable is used after going out of scope in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9640, QCS405, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 845 / SD 850, SD 855, SDM660, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_427_firmwaresd_712sd_850sd_855sd_730_firmwaremdm9640_firmwaresd_675sd_670_firmwaresd_425sdm660sdx24sd_430_firmwaresd_710_firmwaresd_435sd_636qcs405sd_625sd_636_firmwaresd_450_firmwaresd_845_firmwareqcs605_firmwaresd_675_firmwaresd_425_firmwaresd_730sd_665sd_850_firmwaresdx24_firmwaresd_625_firmwaresd_450sd_855_firmwareqcs405_firmwaresd_712_firmwaresd_845sd_427qcs605sd_430sd_670sd_435_firmwaresd_710sd_665_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-416
Use After Free
CVE-2023-43545
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 5.92%
||
7 Day CHG~0.00%
Published-03 Jun, 2024 | 10:05
Updated-27 Jan, 2025 | 19:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Integer Overflow or Wraparound in WLAN HOST

Memory corruption when more scan frequency list or channels are sent from the user space.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6584au_firmwareqca6554aqcc2076_firmwareqca8337_firmwarewcd9335_firmwareqfw7124_firmwareqca6696_firmwareqcc710qca8081_firmwareqcc2073_firmwareqca6595au_firmwareqca6584auqcn6224_firmwareqfw7114_firmwareqca8081snapdragon_660_mobileqca6554a_firmwarewcn3990qca6564ausd660qcn6224snapdragon_x75_5g_modem-rfqcn6274_firmwareqfw7114fastconnect_7800wcn3990_firmwarear8035fastconnect_7800_firmwareqca6564au_firmwareqcc2073sd660_firmwarewcd9341_firmwarewcd9340qca6595_firmwareqca8337wcn3980_firmwareqcc710_firmwarear8035_firmwareqcn6274qfw7124qca6574aqca6595qca6574a_firmwareqcc2076wcd9341wcn3980qca6574auqca6574wcd9340_firmwarewcd9335qca6574_firmwareqca6696qca6595ausnapdragon_660_mobile_firmwareqca6574au_firmwaresnapdragon_x75_5g_modem-rf_firmwareSnapdragonqca6564au_firmwareqca8337_firmwareqca6584au_firmwareqcn6274_firmwarewcn3990_firmwareqca6696_firmwareqca6595_firmwarewcd9335_firmwareqfw7114_firmwareqcc2076_firmwareqca6554a_firmwaresnapdragon_x75_5g_modem-rf_system_firmwareqcc2073_firmwareqca6574_firmwarewcd9340_firmwareqcc710_firmwareqcn6224_firmwaresnapdragon_660_mobile_platform_firmwareqca6574a_firmwaresd660_firmwarewcd9341_firmwarefastconnect_7800_firmwareqca6574au_firmwareqca6595au_firmwareqca8081_firmwarewcn3980_firmwareqfw7124_firmwarear8035_firmware
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-43547
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.12% / 32.29%
||
7 Day CHG~0.00%
Published-04 Mar, 2024 | 10:48
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Automotive Multimedia

Memory corruption while invoking IOCTLs calls in Automotive Multimedia.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1010_firmwareqca6678aq_firmwareqcm8550_firmwareqcs410_firmwaresa6150p_firmwaresw5100pwsa8845_firmwaresnapdragon_480_5g_mobileqca6595qcs610_firmwarewcd9335srv1mqca6678aqqca8081_firmwarewcd9370snapdragon_x35_5g_modem-rfar8035_firmwareqca6696wsa8830_firmwarewcd9340_firmwareqrb5165mwcd9341_firmwaresa4150p_firmwarewcd9395_firmwareqcc710_firmwarefastconnect_6700qca6564auqcs6125_firmwaresnapdragon_685_4g_mobilesa4150pwsa8815_firmwaresa8195p_firmwareqca8337_firmwareqca8337qdu1110wcd9395sg8275p_firmwareqca6574au_firmwareqam8295pwcd9341qca6574auqru1032wcd9390wcn3950wsa8810_firmwarewsa8845h_firmwarecsra6640qcs6125flight_rb5_5gsa9000p_firmwaresrv1hqca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwarewsa8815sa8295p_firmwaresmart_audio_400_firmwaresa4155p_firmwarevideo_collaboration_vc1_platform_firmwaresa4155psa8770pqcm6125_firmwareqca6584auqcn6274_firmwareqcn9011_firmwareqcc710qru1062_firmwaresw5100_firmwareqru1062qfw7114_firmwareqca6595_firmwareqcs7230fastconnect_7800_firmwarefastconnect_6900snapdragon_w5\+_gen_1_wearable_firmwarevideo_collaboration_vc1_platformqru1032_firmwareqep8111sa7255pqfw7114wcd9385_firmwarefastconnect_6900_firmwareqam8255p_firmwarerobotics_rb5_firmwarewcd9380sa6145p_firmwareqam8255psa8150psnapdragon_680_4g_mobilewsa8845sa6155pqcm6125snapdragon_auto_5g_modem-rf_firmwareqca6564au_firmwarewsa8810qam8650pqdu1000_firmwarevideo_collaboration_vc5_platform_firmwaresa9000psrv1h_firmwaresw5100qca6595auvideo_collaboration_vc3_platformsnapdragon_4_gen_1_mobile_firmwareqdu1010sa6155p_firmwaresnapdragon_685_4g_mobile_firmwarewsa8840qam8295p_firmwaresrv1m_firmwareqcs8550_firmwaresnapdragon_x35_5g_modem-rf_firmwareqdu1210_firmwaresnapdragon_8_gen_2_mobile_firmwareqfw7124_firmwareqca6564a_firmwareqca6698aq_firmwarewcd9385qcn9012snapdragon_695_5g_mobile_firmwaresnapdragon_680_4g_mobile_firmwaresa8255pqcs7230_firmwarewcd9390_firmwaresnapdragon_8_gen_2_mobileqep8111_firmwaresg8275pwcd9370_firmwareqdx1011_firmwaresnapdragon_auto_5g_modem-rfqdu1110_firmwareflight_rb5_5g_firmwareqdu1000sa7255p_firmwareqca6574asnapdragon_8\+_gen_2_mobileqru1052qca6174asa8195pwcd9340csra6640_firmwareqcs8250_firmwareqdu1210qamsrv1mrobotics_rb5snapdragon_480\+_5g_mobile_firmwareqca6174a_firmwaresnapdragon_auto_5g_modem-rf_gen_2qam8650p_firmwarevideo_collaboration_vc5_platformsm8550p_firmwareqcm8550wcn3988qcs6490_firmwareqca6584au_firmwarewcd9335_firmwareqcn6274qca6574qfw7124qrb5165n_firmwaresa8775pqca6595au_firmwareqca6391_firmwaresnapdragon_w5\+_gen_1_wearablewsa8835wsa8840_firmwareqdu1010_firmwaresw5100p_firmwareqcn9011sa8775p_firmwareqamsrv1hqca6696_firmwaresmart_audio_400wsa8845hwcd9380_firmwaresa6150pqca6574_firmwareqcs410sa8155p_firmwarecsra6620qca6564aqca8081mdm9628sa8155psg4150pqam8775pqca6797aqmdm9628_firmwaresm8550pwcn3980_firmwaresa6145psnapdragon_x75_5g_modem-rfwsa8830qcm4325_firmwaresa8255p_firmwarear8035qca6574a_firmwareqamsrv1m_firmwaresnapdragon_4_gen_1_mobileqrb5165m_firmwaresa8650p_firmwareqcm4325wcd9375_firmwareqca6391qcn6224qcn9012_firmwareqca6698aqsg4150p_firmwarewcn3950_firmwareqru1052_firmwareqrb5165ncsra6620_firmwaresa8295psa8770p_firmwareqcs8550snapdragon_480\+_5g_mobilefastconnect_6200fastconnect_7800sa8145p_firmwaresa8650pqam8775p_firmwaresnapdragon_480_5g_mobile_firmwaresnapdragon_8\+_gen_2_mobile_firmwareqdx1011wcd9375sa8150p_firmwarewcn3988_firmwarefastconnect_6700_firmwareqamsrv1h_firmwarevideo_collaboration_vc3_platform_firmwaresa8145psnapdragon_x75_5g_modem-rf_firmwarewsa8835_firmwareqcs6490qcs8250snapdragon_695_5g_mobilewcn3980fastconnect_6200_firmwareqdx1010qcn6224_firmwareqcs610Snapdragonqca6574a_firmwaresnapdragon_4_gen_1_mobile_platform_firmwareqca6564au_firmwarewcn3980_firmwarequalcomm_video_collaboration_vc1_platform_firmwaremdm9628_firmwareqcm6125_firmwareqep8111_firmwaresnapdragon_x35_5g_modem-rf_system_firmwareflight_rb5_5g_platform_firmwareqca6696_firmwaresa8150p_firmwaresa8775p_firmwareqcs7230_firmwaresrv1h_firmwarewsa8835_firmwareqca8337_firmwaresa8255p_firmwarewcn3988_firmwarequalcomm_video_collaboration_vc5_platform_firmwarefastconnect_6700_firmwareqca6595au_firmwarewcd9390_firmwareqamsrv1h_firmwaresm8550p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqcs6490_firmwaresa8155p_firmwarefastconnect_6200_firmwaresa4155p_firmwarewcd9395_firmwaresa6145p_firmwareqcn6224_firmwareqdu1010_firmwaresa8295p_firmwaresa4150p_firmwaresg4150p_firmwaresa6150p_firmwareqca6174a_firmwarewcd9375_firmwareqfw7124_firmwareqca6391_firmwareqca6698aq_firmwareqca8081_firmwaresnapdragon_680_4g_mobile_platform_firmwarefastconnect_6900_firmwareqdu1000_firmwaresa8770p_firmwarewcd9385_firmwarewcd9370_firmwarewsa8840_firmwarewcd9380_firmwareqca6584au_firmwareqam8775p_firmwarewsa8810_firmwarefastconnect_7800_firmwarecsra6640_firmwaresw5100p_firmwarewcd9341_firmwarewsa8845h_firmwareqcm4325_firmwareqfw7114_firmwarewsa8830_firmwareqcm8550_firmwareqdu1110_firmwareqam8295p_firmwarecsra6620_firmwareqca6574_firmwarewcd9335_firmwaresg8275p_firmwareqamsrv1m_firmwareqca6595_firmwareqcn6274_firmwaresa7255p_firmwaresa8145p_firmwareqam8650p_firmwareqcn9011_firmwareqru1052_firmwarequalcomm_video_collaboration_vc3_platform_firmwarerobotics_rb5_platform_firmwarewcn3950_firmwareqdu1210_firmwaresnapdragon_480_5g_mobile_platform_firmwareqdx1010_firmwareqcs610_firmwareqca6564a_firmwaresrv1m_firmwareqru1062_firmwarewsa8815_firmwareqrb5165n_firmwareqca6797aq_firmwaresnapdragon_8_gen_2_mobile_platform_firmwaresa8195p_firmwareqcn9012_firmwareqdx1011_firmwaresw5100_firmwareqrb5165m_firmwaresa9000p_firmwarewcd9340_firmwarear8035_firmwaresnapdragon_695_5g_mobile_platform_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewsa8845_firmwareqcs6125_firmwareqcc710_firmwaresmart_audio_400_platform_firmwareqru1032_firmwareqca6574au_firmwaresnapdragon_auto_5g_modem-rf_firmwareqcs410_firmwareqam8255p_firmwaresa6155p_firmwaresa8650p_firmwareqcs8250_firmwareqca6678aq_firmwareqcs8550_firmware
CWE ID-CWE-416
Use After Free
CVE-2023-43521
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 4.55%
||
7 Day CHG~0.00%
Published-06 May, 2024 | 14:32
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in HLOS

Memory corruption when multiple listeners are being registered with the same file descriptor.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sw5100pqcs410_firmwaresa6150p_firmwaresd865_5gqcs610_firmwaresxr2130_firmwaresrv1mqca8081_firmwarewcd9370ar8035_firmwareqca6696wcd9340_firmwarewcd9341_firmwareqcc710_firmwareqca6426wcn3610qcn9074wsa8815_firmwaresnapdragon_wear_4100\+_firmwaresa8195p_firmwareqca8337_firmwareqca8337qca6426_firmwareqca6574au_firmwaresnapdragon_x72_5g_modem-rfqam8295pwcd9341qca6574ausa8620p_firmwarewcn3950wsa8810_firmwaresnapdragon_870_5g_mobile_firmwaresa9000p_firmwaresrv1hsnapdragon_auto_5g_modem-rf_gen_2_firmwarewcn3660b_firmwarefastconnect_6800_firmwaresa8295p_firmwaresnapdragon_870_5g_mobilevideo_collaboration_vc1_platform_firmwaresa8770pc-v2x_9150qca6584auqcn6274_firmwareqcc710snapdragon_xr2_5g_firmwaresw5100_firmwarefastconnect_6800qfw7114_firmwaresnapdragon_wear_4100\+fastconnect_7800_firmwarefastconnect_6900snapdragon_w5\+_gen_1_wearable_firmwarevideo_collaboration_vc1_platformsnapdragon_865_5g_mobile_firmwaresa7255pqfw7114fastconnect_6900_firmwareqam8255p_firmwarewcd9380sa6145p_firmwareqam8255psnapdragon_xr2_5gsnapdragon_8_gen_1_mobile_firmwaresa8150psa6155pwsa8810qam8650psa9000psrv1h_firmwaresw5100video_collaboration_vc3_platformc-v2x_9150_firmwaresa6155p_firmwareqam8295p_firmwaresrv1m_firmwaresnapdragon_x55_5g_modem-rfqfw7124_firmwareqca6698aq_firmwareqca6436_firmwaresnapdragon_8_gen_1_mobilesnapdragon_x55_5g_modem-rf_firmwarewcn3610_firmwaresa8255psnapdragon_865\+_5g_mobilewcd9370_firmwaresa7255p_firmwaresnapdragon_x72_5g_modem-rf_firmwarewcn3660bsxr2130qca6174asa8195pwcd9340qamsrv1msnapdragon_auto_5g_modem-rf_gen_2qca6174a_firmwareqam8650p_firmwarewcn3988qca6584au_firmwarewcn3980_firmwareqcn6274qca6436qfw7124sa8775psnapdragon_w5\+_gen_1_wearablewsa8835qca6391_firmwaresw5100p_firmwaresa8775p_firmwareqamsrv1hqca6696_firmwarewcd9380_firmwaresa6150pqcs410sa8155p_firmwareqca8081wsa8815sa8155pwsa8830qam8775psa6145psnapdragon_x75_5g_modem-rfqcn9074_firmwaresa8620psa8255p_firmwarear8035qamsrv1m_firmwaresa8650p_firmwaresnapdragon_865_5g_mobileqca6391qcn6224snapdragon_865\+_5g_mobile_firmwareqca6698aqwcn3950_firmwaresa8770p_firmwaresa8295pfastconnect_7800sa8145p_firmwaresa8650pqam8775p_firmwaresd865_5g_firmwarewcn3680bsa8150p_firmwarewcn3988_firmwareqamsrv1h_firmwarevideo_collaboration_vc3_platform_firmwaresa8145psnapdragon_x75_5g_modem-rf_firmwarewsa8835_firmwarewcn3980wsa8830_firmwarewcn3680b_firmwareqcn6224_firmwareqcs610Snapdragonqam8255p_firmwarequalcomm_video_collaboration_vc1_platform_firmwareqca8337_firmwarewcd9380_firmwaresa6150p_firmwaresa8145p_firmwareqcn6224_firmwarewcn3950_firmwaresa8150p_firmwaresnapdragon_x72_5g_modem-rf_system_firmwareqca6584au_firmwarec-v2x_9150_firmwareqfw7114_firmwarequalcomm_video_collaboration_vc3_platform_firmwareqamsrv1h_firmwarewcd9340_firmwareqam8295p_firmwaresnapdragon_xr2_5g_platform_firmwareqca6426_firmwarewcn3660b_firmwaresa9000p_firmwarewcn3680b_firmwareqca6574au_firmwareqca8081_firmwarewcn3980_firmwaresnapdragon_x55_5g_modem-rf_system_firmwarewcn3610_firmwareqca6436_firmwaresa8620p_firmwaresa6155p_firmwareqcn6274_firmwaresa8775p_firmwaresa8650p_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwaresrv1h_firmwarewcn3988_firmwaresa6145p_firmwaresa8155p_firmwaresa7255p_firmwarewsa8810_firmwarewcd9341_firmwarefastconnect_7800_firmwaresa8255p_firmwaresw5100p_firmwareqcs610_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqca6698aq_firmwareqamsrv1m_firmwaresrv1m_firmwareqca6174a_firmwareqam8650p_firmwaresa8770p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqam8775p_firmwaresxr2130_firmwareqca6696_firmwareqca6391_firmwarewcd9370_firmwareqcc710_firmwarewsa8830_firmwaresd865_5g_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwaresw5100_firmwareqcn9074_firmwarefastconnect_6800_firmwareqcs410_firmwaresa8295p_firmwareqfw7124_firmwarear8035_firmware
CWE ID-CWE-416
Use After Free
CVE-2023-43530
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.04% / 11.58%
||
7 Day CHG~0.00%
Published-06 May, 2024 | 14:32
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Integer Overflow or Wraparound in HLOS

Memory corruption in HLOS while checking for the storage type.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1010_firmwarerobotics_rb3sd865_5gqca6595wcd9370qca8081_firmwaresnapdragon_670_mobileqca6696wcd9340_firmwarewcd9341_firmwarewcd9395_firmwareqcc710_firmwareqca6426wcn6740_firmwarefastconnect_6700snapdragon_780g_5g_mobilesnapdragon_x50_5g_modem-rf_firmwaresnapdragon_782g_mobile_firmwarewsa8832_firmwareqca8337qdu1110qca6426_firmwarewcd9395sc8180xp-aaabqca6574au_firmwaresnapdragon_x72_5g_modem-rfqam8295pwcd9341qca6574auwcd9390snapdragon_888\+_5g_mobile_firmwaresa8620p_firmwarewsa8810_firmwarewsa8845h_firmwaresnapdragon_778g_5g_mobile_firmwaresa9000p_firmwaresc8180xp-acafsrv1hsnapdragon_850_mobile_computefastconnect_6800_firmwareqcs5430qcm5430qcm5430_firmwaresa8770psnapdragon_678_mobile_firmwaressg2115pqcc710snapdragon_xr2_5g_firmwaresa8540pqsm8350_firmwarefastconnect_6900qru1032_firmwareqep8111sa7255pqfw7114wcd9385_firmwareqca6421qca6310qam8255p_firmwaresa8155_firmwareqca6335snapdragon_x65_5g_modem-rfwsa8845sa6155pqca6421_firmwaresc8180x-adqca6564au_firmwarewsa8810qam8650pqdu1000_firmwaresa9000psrv1h_firmwaresnapdragon_888_5g_mobile_firmwareqca6595ausnapdragon_888_5g_mobilesm7315_firmwareqdu1010wcd9326_firmwaresa6155p_firmwaresnapdragon_845_mobile_firmwarewsa8840srv1m_firmwaresnapdragon_x35_5g_modem-rf_firmwaresnapdragon_782g_mobileqdu1210_firmwaresnapdragon_x55_5g_modem-rfqfw7124_firmwareqca6436_firmwaresnapdragon_x55_5g_modem-rf_firmwaresnapdragon_7c\+_gen_3_compute_firmwareqca6420wcd9370_firmwareqdu1110_firmwareqdu1000sa7255p_firmwareqca6574asnapdragon_x72_5g_modem-rf_firmwareqca6174awcd9340qdu1210snapdragon_auto_5g_modem-rf_gen_2qca6335_firmwareqcm6490sa8540p_firmwaresnapdragon_765_5g_mobile_firmwarevision_intelligence_300_firmwaresa8775pqca6574sd675_firmwaresnapdragon_855_mobile_firmwareqca6430_firmwaresa8775p_firmwareqamsrv1hsdx57mwsa8845hwcd9326sa8155p_firmwareqca6564asa8155psnapdragon_765g_5g_mobile_firmwarewsa8830sa6145psnapdragon_768g_5g_mobile_firmwaresa8255p_firmwarear8035qamsrv1m_firmwaresa6155sa8650p_firmwareqcn6224snapdragon_865\+_5g_mobile_firmwareqca6698aqwcn3950_firmwaressg2125p_firmwarefastconnect_6200sd670sm7325p_firmwaresc8180x-acaf_firmwareqdx1011sa8150p_firmwarefastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwarewcn3990robotics_rb3_firmwaresnapdragon_x75_5g_modem-rf_firmwaresd670_firmwaresnapdragon_8_gen_3_mobilesnapdragon_855_mobileqcs6490sc8180xp-acaf_firmwaresnapdragon_778g_5g_mobilefastconnect_6200_firmwarewsa8830_firmwareqcn6224_firmwareqca6431qca6678aq_firmwarewsa8845_firmwarewsa8832sdx57m_firmwaresxr2130_firmwaresrv1mqca6678aqsnapdragon_860_mobile_firmwaresnapdragon_x35_5g_modem-rfar8035_firmwaresc8180xp-aaab_firmwaresnapdragon_778g\+_5g_mobilesc8380xpsd888_firmwareqca6564ausc8180xp-adsc8280xp-abbbwsa8815_firmwareqca8337_firmwareqca9377_firmwareqcm6490_firmwaresm7250p_firmwareqru1032vision_intelligence_400_firmwarewcn3950snapdragon_870_5g_mobile_firmwareqca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_7c\+_gen_3_computesnapdragon_778g\+_5g_mobile_firmwaresa8295p_firmwaresnapdragon_870_5g_mobilesd_675_firmwaresnapdragon_678_mobilesm7250psc8180x-acafsa8155sd_8cx_firmwaresc8180x-ad_firmwareqca6584ausd888qcn6274_firmwareqru1062_firmwaresnapdragon_850_mobile_compute_firmwaresnapdragon_675_mobile_firmwarewcn6740snapdragon_768g_5g_mobilesc8380xp_firmwaresnapdragon_780g_5g_mobile_firmwareqru1062qca6310_firmwaresnapdragon_845_mobilesnapdragon_8_gen_3_mobile_firmwarefastconnect_6800qfw7114_firmwareqca6595_firmwarefastconnect_7800_firmwaresnapdragon_675_mobilesnapdragon_865_5g_mobile_firmwarefastconnect_6900_firmwarewcd9380sa6145p_firmwareqam8255psa6155_firmwaresnapdragon_xr2_5gsa8150psnapdragon_x24_lte_modemsc8180x-aaabsxr1230psc8180x-aaab_firmwarevideo_collaboration_vc3_platformaqt1000qam8295p_firmwaresd855qca6431_firmwarewcn3990_firmwaresm7315qca6698aq_firmwareqca6564a_firmwarewcd9385snapdragon_888\+_5g_mobileqsm8350snapdragon_8_gen_1_mobilesa8255psxr1230p_firmwarewcd9390_firmwaresnapdragon_865\+_5g_mobileqep8111_firmwareqca6430snapdragon_855\+_mobilesnapdragon_765_5g_mobileqdx1011_firmwaresnapdragon_860_mobilesc8180xp-ad_firmwaresdx55_firmwaressg2125pqru1052sxr2130snapdragon_x65_5g_modem-rf_firmwareqamsrv1mqca6174a_firmwaresm7325psnapdragon_x50_5g_modem-rfqam8650p_firmwaresnapdragon_670_mobile_firmwareqca6420_firmwareaqt1000_firmwareqcs6490_firmwaresd855_firmwarewcn3980_firmwareqca6584au_firmwareqca6436qcn6274qfw7124snapdragon_x24_lte_modem_firmwarewsa8835qca6391_firmwarewsa8840_firmwareqca6595au_firmwareqdu1010_firmwareqca6696_firmwarewcd9380_firmwareqca6574_firmwareqca8081wsa8815sd_8_gen1_5gqam8775pqca9377snapdragon_ar2_gen_1_firmwareqca6797aqsnapdragon_x75_5g_modem-rfsa8620pqca6574a_firmwaresdx55snapdragon_865_5g_mobilesnapdragon_855\+_mobile_firmwaresd675sd_8_gen1_5g_firmwarewcd9375_firmwareqca6391qcs5430_firmwareqru1052_firmwaresa8770p_firmwaresa8295psc8280xp-abbb_firmwarefastconnect_7800sa8650pqam8775p_firmwaresd865_5g_firmwarewcd9375vision_intelligence_300snapdragon_ar2_gen_1snapdragon_765g_5g_mobileqamsrv1h_firmwaresd_675sd_8cxvision_intelligence_400ssg2115p_firmwarewsa8835_firmwarewcn3980qdx1010snapdragon_8_gen_1_mobile_firmwareSnapdragonsnapdragon
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-43514
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.11% / 30.36%
||
7 Day CHG~0.00%
Published-02 Jan, 2024 | 05:38
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in DSP Services

Memory corruption while invoking IOCTLs calls from user space for internal mem MAP and internal mem UNMAP.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1010_firmwareqcm8550_firmwaresw5100pwsa8845_firmwareqca6595wcd9370qca8081_firmwarear8035_firmwareqca6696wsa8830_firmwarewcd9340_firmwaresnapdragon_w5\+_gen_1_wearable_platform_firmwarewcd9395_firmwareqcc710_firmwarefastconnect_6700wsa8815_firmwaresa8195p_firmwareqca8337_firmwareqca8337qdu1110wcd9395snapdragon_680_4g_mobile_platformsg8275p_firmwareqcm6490_firmwareqca6574au_firmwareqam8295pqca6574auqru1032wcd9390flight_rb5_5g_platformwcn3950wsa8810_firmwarewsa8845h_firmwareqca6797aq_firmwaresa8295p_firmwaresnapdragon_695_5g_mobile_platformsnapdragon_4_gen_1_mobile_platform_firmwareqcn6274_firmwareqcc710qru1062_firmwaresw5100_firmwaresnapdragon_480\+_5g_mobile_platform_firmwareqru1062snapdragon_695_5g_mobile_platform_firmwareqfw7114_firmwareqca6595_firmwareqcs7230fastconnect_7800_firmwarefastconnect_6900snapdragon_685_4g_mobile_platform_firmwareqru1032_firmwareqfw7114wcd9385_firmwarefastconnect_6900_firmwareqam8255p_firmwarewcd9380qam8255psnapdragon_4_gen_1_mobile_platformsnapdragon_685_4g_mobile_platformsnapdragon_8\+_gen_2_mobile_platform_firmwarewsa8845sa6155pwsa8810qam8650pqdu1000_firmwarevideo_collaboration_vc5_platform_firmwaresnapdragon_8\+_gen_2_mobile_platformsw5100qca6595auvideo_collaboration_vc3_platformqdu1010sa6155p_firmwarewsa8840qam8295p_firmwareqcs8550_firmwareqdu1210_firmwareqfw7124_firmwareqca6698aq_firmwarewcd9385snapdragon_8_gen_2_mobile_platformsa8255pqcs7230_firmwarewcd9390_firmwaresg8275pwcd9370_firmwareqdx1011_firmwareqdu1110_firmwareqdu1000qca6574aqru1052sa8195pwcd9340qcs8250_firmwareqdu1210qcm6490qam8650p_firmwarevideo_collaboration_vc5_platformsm8550p_firmwareqcm8550wcn3988qcs6490_firmwarewcn3980_firmwareqcn6274qca6574qfw7124qrb5165n_firmwaresnapdragon_480_5g_mobile_platform_firmwareqca6595au_firmwareqca6391_firmwaresnapdragon_x75_5g_modem-rf_systemwsa8835wsa8840_firmwareqdu1010_firmwaresw5100p_firmwareqca6696_firmwarewsa8845hwcd9380_firmwareqca6574_firmwaresa8155p_firmwareqca8081wsa8815sg4150psa8155pwsa8830qam8775pqca6797aqsm8550pqcm4325_firmwaresa8255p_firmwareflight_rb5_5g_platform_firmwarear8035qca6574a_firmwaresnapdragon_480\+_5g_mobile_platformqcm4325wcd9375_firmwarerobotics_rb5_platformqca6391qcn6224qca6698aqsg4150p_firmwaresnapdragon_480_5g_mobile_platformqru1052_firmwareqrb5165nsa8295psnapdragon_8_gen_2_mobile_platform_firmwarewcn3950_firmwarerobotics_rb5_platform_firmwareqcs8550fastconnect_6200fastconnect_7800qam8775p_firmwareqdx1011wcd9375snapdragon_w5\+_gen_1_wearable_platformwcn3988_firmwarefastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwarewsa8835_firmwaresnapdragon_680_4g_mobile_platform_firmwaresnapdragon_x75_5g_modem-rf_system_firmwareqcs6490qcs8250wcn3980fastconnect_6200_firmwareqdx1010qcn6224_firmwareSnapdragonsnapdragon
CWE ID-CWE-416
Use After Free
CVE-2023-43546
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.10% / 27.33%
||
7 Day CHG~0.00%
Published-04 Mar, 2024 | 10:48
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Automotive Multimedia

Memory corruption while invoking HGSL IOCTL context create.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1010_firmwareqca6678aq_firmwareqcm8550_firmwareqcs410_firmwaresa6150p_firmwaresw5100pwsa8845_firmwaresnapdragon_480_5g_mobileqca6595qcs610_firmwarewcd9335srv1mqca6678aqqca8081_firmwarewcd9370snapdragon_x35_5g_modem-rfar8035_firmwareqca6696wsa8830_firmwarewcd9340_firmwareqrb5165mwcd9341_firmwaresa4150p_firmwarewcd9395_firmwareqcc710_firmwarefastconnect_6700qca6564auqcs6125_firmwaresnapdragon_685_4g_mobilesa4150pwsa8815_firmwaresa8195p_firmwareqca8337_firmwareqca8337qdu1110wcd9395sg8275p_firmwareqca6574au_firmwareqam8295pwcd9341qca6574auqru1032wcd9390wcn3950wsa8810_firmwarewsa8845h_firmwarecsra6640qcs6125flight_rb5_5gsa9000p_firmwaresrv1hqca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwarewsa8815sa8295p_firmwaresmart_audio_400_firmwaresa4155p_firmwarevideo_collaboration_vc1_platform_firmwaresa4155psa8770pqcm6125_firmwareqca6584auqcn6274_firmwareqcn9011_firmwareqcc710qru1062_firmwaresw5100_firmwareqru1062qfw7114_firmwareqca6595_firmwareqcs7230fastconnect_7800_firmwarefastconnect_6900snapdragon_w5\+_gen_1_wearable_firmwarevideo_collaboration_vc1_platformqru1032_firmwareqep8111sa7255pqfw7114wcd9385_firmwarefastconnect_6900_firmwareqam8255p_firmwarerobotics_rb5_firmwarewcd9380sa6145p_firmwareqam8255psa8150psnapdragon_680_4g_mobilewsa8845sa6155pqcm6125snapdragon_auto_5g_modem-rf_firmwareqca6564au_firmwarewsa8810qam8650pqdu1000_firmwarevideo_collaboration_vc5_platform_firmwaresa9000psrv1h_firmwaresw5100qca6595auvideo_collaboration_vc3_platformsnapdragon_4_gen_1_mobile_firmwareqdu1010sa6155p_firmwaresnapdragon_685_4g_mobile_firmwarewsa8840qam8295p_firmwaresrv1m_firmwareqcs8550_firmwaresnapdragon_x35_5g_modem-rf_firmwareqdu1210_firmwaresnapdragon_8_gen_2_mobile_firmwareqfw7124_firmwareqca6564a_firmwareqca6698aq_firmwarewcd9385qcn9012snapdragon_695_5g_mobile_firmwaresnapdragon_680_4g_mobile_firmwaresa8255pqcs7230_firmwarewcd9390_firmwaresnapdragon_8_gen_2_mobileqep8111_firmwaresg8275pwcd9370_firmwareqdx1011_firmwaresnapdragon_auto_5g_modem-rfqdu1110_firmwareflight_rb5_5g_firmwareqdu1000sa7255p_firmwareqca6574asnapdragon_8\+_gen_2_mobileqru1052qca6174asa8195pwcd9340csra6640_firmwareqcs8250_firmwareqdu1210qamsrv1mrobotics_rb5snapdragon_480\+_5g_mobile_firmwareqca6174a_firmwaresnapdragon_auto_5g_modem-rf_gen_2qam8650p_firmwarevideo_collaboration_vc5_platformsm8550p_firmwareqcm8550wcn3988qcs6490_firmwareqca6584au_firmwarewcd9335_firmwareqcn6274qca6574qfw7124qrb5165n_firmwaresa8775pqca6595au_firmwareqca6391_firmwaresnapdragon_w5\+_gen_1_wearablewsa8835wsa8840_firmwareqdu1010_firmwaresw5100p_firmwareqcn9011sa8775p_firmwareqamsrv1hqca6696_firmwaresmart_audio_400wsa8845hwcd9380_firmwaresa6150pqca6574_firmwareqcs410sa8155p_firmwarecsra6620qca6564aqca8081mdm9628sa8155psg4150pqam8775pqca6797aqmdm9628_firmwaresm8550pwcn3980_firmwaresa6145psnapdragon_x75_5g_modem-rfwsa8830qcm4325_firmwaresa8255p_firmwarear8035qca6574a_firmwareqamsrv1m_firmwaresnapdragon_4_gen_1_mobileqrb5165m_firmwaresa8650p_firmwareqcm4325wcd9375_firmwareqca6391qcn6224qcn9012_firmwareqca6698aqsg4150p_firmwarewcn3950_firmwareqru1052_firmwareqrb5165ncsra6620_firmwaresa8295psa8770p_firmwareqcs8550snapdragon_480\+_5g_mobilefastconnect_6200fastconnect_7800sa8145p_firmwaresa8650pqam8775p_firmwaresnapdragon_480_5g_mobile_firmwaresnapdragon_8\+_gen_2_mobile_firmwareqdx1011wcd9375sa8150p_firmwarewcn3988_firmwarefastconnect_6700_firmwareqamsrv1h_firmwarevideo_collaboration_vc3_platform_firmwaresa8145psnapdragon_x75_5g_modem-rf_firmwarewsa8835_firmwareqcs6490qcs8250snapdragon_695_5g_mobilewcn3980fastconnect_6200_firmwareqdx1010qcn6224_firmwareqcs610Snapdragonqca6574a_firmwaresnapdragon_4_gen_1_mobile_platform_firmwareqca6564au_firmwarewcn3980_firmwarequalcomm_video_collaboration_vc1_platform_firmwaremdm9628_firmwareqcm6125_firmwareqep8111_firmwaresnapdragon_x35_5g_modem-rf_system_firmwareflight_rb5_5g_platform_firmwareqca6696_firmwaresa8150p_firmwaresa8775p_firmwareqcs7230_firmwaresrv1h_firmwarewsa8835_firmwareqca8337_firmwaresa8255p_firmwarewcn3988_firmwarequalcomm_video_collaboration_vc5_platform_firmwarefastconnect_6700_firmwareqca6595au_firmwarewcd9390_firmwareqamsrv1h_firmwaresm8550p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqcs6490_firmwaresa8155p_firmwarefastconnect_6200_firmwaresa4155p_firmwarewcd9395_firmwaresa6145p_firmwareqcn6224_firmwareqdu1010_firmwaresa8295p_firmwaresa4150p_firmwaresg4150p_firmwaresa6150p_firmwareqca6174a_firmwarewcd9375_firmwareqfw7124_firmwareqca6391_firmwareqca6698aq_firmwareqca8081_firmwaresnapdragon_680_4g_mobile_platform_firmwarefastconnect_6900_firmwareqdu1000_firmwaresa8770p_firmwarewcd9385_firmwarewcd9370_firmwarewsa8840_firmwarewcd9380_firmwareqca6584au_firmwareqam8775p_firmwarewsa8810_firmwarefastconnect_7800_firmwarecsra6640_firmwaresw5100p_firmwarewcd9341_firmwarewsa8845h_firmwareqcm4325_firmwareqfw7114_firmwarewsa8830_firmwareqcm8550_firmwareqdu1110_firmwareqam8295p_firmwarecsra6620_firmwareqca6574_firmwarewcd9335_firmwaresg8275p_firmwareqamsrv1m_firmwareqca6595_firmwareqcn6274_firmwaresa7255p_firmwaresa8145p_firmwareqam8650p_firmwareqcn9011_firmwareqru1052_firmwarequalcomm_video_collaboration_vc3_platform_firmwarerobotics_rb5_platform_firmwarewcn3950_firmwareqdu1210_firmwaresnapdragon_480_5g_mobile_platform_firmwareqdx1010_firmwareqcs610_firmwareqca6564a_firmwaresrv1m_firmwareqru1062_firmwarewsa8815_firmwareqrb5165n_firmwareqca6797aq_firmwaresnapdragon_8_gen_2_mobile_platform_firmwaresa8195p_firmwareqcn9012_firmwareqdx1011_firmwaresw5100_firmwareqrb5165m_firmwaresa9000p_firmwarewcd9340_firmwarear8035_firmwaresnapdragon_695_5g_mobile_platform_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewsa8845_firmwareqcs6125_firmwareqcc710_firmwaresmart_audio_400_platform_firmwareqru1032_firmwareqca6574au_firmwaresnapdragon_auto_5g_modem-rf_firmwareqcs410_firmwareqam8255p_firmwaresa6155p_firmwaresa8650p_firmwareqcs8250_firmwareqca6678aq_firmwareqcs8550_firmware
CWE ID-CWE-416
Use After Free
CVE-2019-2297
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.76%
||
7 Day CHG~0.00%
Published-21 Nov, 2019 | 14:38
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow can occur while processing non-standard NAN message from user space. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS405, QCS605, SDA660, SDA845, SDM636, SDM660, SDM845, SDX20, SDX24, SM8150

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaremdm9640_firmwaresdm636_firmwareapq8064sdm845_firmwaremsm8996au_firmwaresdm845sdx20sdm660sdx24mdm9607_firmwaremdm9650qcs405ipq8074_firmwareqca6574aumdm9607msm8996auapq8017_firmwareapq8009_firmwareqcn7605_firmwareqcs605_firmwareipq4019_firmwaremdm9207c_firmwaremdm9206msm8905mdm9207cqca6174a_firmwareqca6174aqca9379_firmwaresm8150_firmwaresdx24_firmwareipq8074apq8096ausdm636qcs405_firmwareqca9377sda845_firmwaresdm660_firmwaresda660_firmwareqcn7605mdm9206_firmwareqcs605ipq4019apq8053apq8096au_firmwaremdm9650_firmwaresm8150sdx20_firmwaremsm8905_firmwareipq8064qca6574au_firmwaresda660apq8017apq8064_firmwareapq8009qca9379apq8053_firmwareipq8064_firmwaresda845mdm9640Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-2329
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 26.39%
||
7 Day CHG~0.00%
Published-21 Nov, 2019 | 14:38
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free issue in cleanup routine due to missing pointer sanitization for a failed start of a trusted application. in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in MDM9205, QCS404, QCS605, SDA845, SDM670, SDM710, SDM845, SDX55, SM6150, SM7150, SM8150, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm670_firmwareqcs404sm8150_firmwaresxr2130_firmwaresda845_firmwaresdm845mdm9205_firmwaremdm9205qcs404_firmwareqcs605sdx55sm7150_firmwaresm6150_firmwaresdm710sm6150sm8150sdm710_firmwaresxr1130_firmwaresdx55_firmwaresm7150sxr1130sdm670sxr2130qcs605_firmwaresda845sdm845_firmwareSnapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-416
Use After Free
CVE-2019-14029
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.57%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free in graphics module due to destroying already queued syncobj in error case in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, APQ8098, MDM9607, MSM8909W, MSM8953, MSM8996AU, Nicobar, QCS405, QCS605, Rennell, SA6155P, Saipan, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM670, SDM710, SDM845, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439sdm429sm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150apq8009_firmwaresdm670sxr2130qcs605_firmwaresc8180xsdm670_firmwaresdx24_firmwaresda845_firmwareapq8098qcs605sdm429_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130apq8009msm8909wapq8053_firmwaresda845nicobarsa6155p_firmwaremsm8953sdm450apq8098_firmwaremdm9607_firmwaresm8250_firmwaresc8180x_firmwareqcs405sdm710mdm9607sdm710_firmwaresa6155psm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwarerennellsda660_firmwarerennell_firmwaresdx55msm8953_firmwareapq8053apq8096au_firmwaresaipan_firmwaresm6150_firmwaresm8250sm8150nicobar_firmwaresaipansdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2019-14037
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.10% / 27.68%
||
7 Day CHG~0.00%
Published-30 Jul, 2020 | 11:40
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Close and bind operations done on a socket can lead to a Use-After-Free condition. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8996, MSM8996AU, QCN7605, QCN7606, QCS605, SC8180X, SDA660, SDA845, SDM439, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaresdm636_firmwaresdm845_firmwaremsm8996au_firmwareapq8098_firmwaresdm845sdx20sdm660sdx24sdm439mdm9607_firmwareqcn7606_firmwaremdm9650sc8180x_firmwaresdm630sdm710msm8909w_firmwaremdm9607msm8996ausdm710_firmwareapq8009_firmwareqcn7605_firmwaremsm8909wsdm670qcs605_firmwaremdm9207c_firmwaremsm8996_firmwaresc8180xmdm9206msm8905mdm9207csdm670_firmwaresm8150_firmwaresdx24_firmwareapq8096ausdm439_firmwaresda845_firmwaresdm636sdm630_firmwareapq8098qcn7605sda660_firmwaremdm9206_firmwareqcs605sdx55apq8053apq8096au_firmwaremdm9650_firmwaresm8150sdx20_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaremsm8996sxr1130apq8009apq8053_firmwaresdm660_firmwaresda845qcn7606mdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2019-14135
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.39%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible integer overflow to buffer overflow in WLAN while parsing nonstandard NAN IE messages. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA4010, QCA6174A, QCA6574AU, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9886, QCN7605, QCS405, QCS605, SA6155P, Saipan, SDA845, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaremdm9640_firmwaremsm8996au_firmwaresdm845sdx24mdm9650sm7150_firmwaresm6150msm8996ausm7150qca4010_firmwareapq8009_firmwaresdm670qcs605_firmwaremdm9206qca9379_firmwareqca6174asdm670_firmwaresdx24_firmwareqca6584au_firmwareipq8074sda845_firmwareqca9377qcn7605mdm9206_firmwareqcs605qca9886mdm9640mdm9650_firmwareqca6574au_firmwaresxr1130_firmwareqca8081_firmwaresxr1130apq8009apq8053_firmwaresda845sdm850_firmwareqca6584ausa6155p_firmwaresdx20sdm660mdm9607_firmwareqcs405ipq8074_firmwareqca6574ausdm710mdm9607apq8017_firmwaresdm710_firmwareqcn7605_firmwareqca4010sa6155pqca8081mdm9207c_firmwaremdm9207cqca6174a_firmwareqca9886_firmwaresm8150_firmwareapq8096auqcs405_firmwareapq8053apq8096au_firmwaresaipan_firmwaresm6150_firmwaresm8150sdx20_firmwaresdm850apq8017saipanqca9379sdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-14024
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.69%
||
7 Day CHG~0.00%
Published-21 Jan, 2020 | 06:30
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible stack-use-after-scope issue in NFC usecase for card emulation in Snapdragon Auto, Snapdragon Industrial IOT, Snapdragon Mobile in MSM8917, MSM8953, Nicobar, QM215, Rennell, SDM429, SDM439, SDM450, SDM632, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-msm8953sdm450sdm632_firmwaresdm845sdm450_firmwaresdm632sdm439sm8250_firmwaresdm429sm7150_firmwaresdm710qm215sm6150sdm710_firmwaresm7150msm8917sdm670sxr2130sdm670_firmwaresm8150_firmwaresxr2130_firmwaresdm439_firmwarerennellrennell_firmwareqm215_firmwaremsm8953_firmwaresm6150_firmwaresm8250msm8917_firmwaresdm429_firmwaresm8150nicobar_firmwarenicobarsdm845_firmwareSnapdragon Auto, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-416
Use After Free
CVE-2019-14088
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.81%
||
7 Day CHG~0.00%
Published-07 Feb, 2020 | 05:00
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible use after free issue while CRM is accessing the link pointer from device private data due to lack of resource protection in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, MDM9206, MDM9207C, MDM9607, QCS605, SDM429W, SDX24, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9206mdm9207csm8150_firmwaresdx24_firmwaresdm429wsdx24mdm9206_firmwareqcs605mdm9607_firmwaremdm9607sdm429w_firmwaresm8150sxr1130_firmwareapq8009_firmwaresxr1130apq8009qcs605_firmwaremdm9207c_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2019-14055
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.57%
||
7 Day CHG~0.00%
Published-07 Feb, 2020 | 05:00
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possibility of use-after-free and double free because of not marking buffer as NULL after freeing can lead to dangling pointer access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8939, MSM8953, MSM8996AU, MSM8998, Nicobar, QCN7605, QCS605, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8909w_firmwaremsm8996ausdm429w_firmwareapq8009_firmwaresxr2130qcs605_firmwaresc8180xmdm9206sdx24_firmwaresdm636sda845_firmwareapq8098qcn7605mdm9206_firmwaremsm8939qcs605mdm9640sdm429_firmwaremdm9650_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009apq8053_firmwaresda845nicobarmsm8953sdm450sdm636_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660sdm630mdm9607_firmwaresm8250_firmwaresc8180x_firmwaremdm9607apq8017_firmwaremsm8939_firmwareqcn7605_firmwaremdm9207c_firmwaremsm8905mdm9207csm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwaresdm630_firmwaresda660_firmwaresdx55msm8953_firmwareapq8053apq8096au_firmwaresm8250msm8998sm8150sdx20_firmwareapq8017nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CWE ID-CWE-415
Double Free
CVE-2023-33108
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.06% / 18.86%
||
7 Day CHG~0.00%
Published-02 Jan, 2024 | 05:38
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Graphics

Memory corruption in Graphics Driver when destroying a context with KGSL_GPU_AUX_COMMAND_TIMELINE objects queued.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sw5100p_firmwaresw5100psa6155p_firmwaresa8295p_firmwareqca6696_firmwareqam8295p_firmwareqca6595qca6574_firmwaresa8155p_firmwaresa8155pwsa8830_firmwareqca6696qam8775pqca6797aqwsa8830qca6698aq_firmwaresnapdragon_w5\+_gen_1_wearable_platform_firmwaresa8255p_firmwareqca6574a_firmwaresw5100_firmwaresa8255pqcs7230_firmwareqca6595_firmwareqcs7230qca6391sa8195p_firmwareqca6698aqsa8295pqam8255p_firmwareqca6574aqam8255pqca6574au_firmwaresa8195pqam8775p_firmwareqam8295pqcs8250_firmwaresw5100qca6574ausnapdragon_w5\+_gen_1_wearable_platformqam8650p_firmwarevideo_collaboration_vc5_platformsa6155pwsa8835_firmwarewsa8835qam8650pqca6574qca6797aq_firmwareqcs8250qca6595au_firmwareqca6391_firmwarevideo_collaboration_vc5_platform_firmwareqca6595auSnapdragon
CWE ID-CWE-416
Use After Free
CVE-2023-33074
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.03% / 6.78%
||
7 Day CHG~0.00%
Published-07 Nov, 2023 | 05:26
Updated-05 Feb, 2025 | 18:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Audio

Memory corruption in Audio when SSR event is triggered after music playback is stopped.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qam8255p_firmwarewsa8830wcd9380_firmwaresa6150p_firmwaressg2125psa8145p_firmwaresxr2230p_firmwaresw5100pqam8650psd865_5gsg8275p_firmwaresnapdragon_w5\+_gen_1_wearable_platformwcn785x-5qca6595qam8775pwsa8840wsa8835qca6574sxr1230p_firmwarewcn3950_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwarewcd9380sa8150p_firmwareqca6595au_firmwaressg2125p_firmwareqca6574assg2115pwcn685x-5_firmwaresxr1230pwcn685x-1sg8275psnapdragon_8_gen_2_mobile_platformwcn6750wcn3980wcd9385_firmwareqam8295pwcn3950wsa8845qcm4325_firmwareqca6574_firmwarewsa8815sxr2230pwsa8845_firmwareqam8295p_firmwaresnapdragon_xr2_5g_platform_firmwareqca6574a_firmwareqca6574au_firmwareqca6595ausm6225-adwsa8845h_firmwarewcn785x-5_firmwarewcn3980_firmwaresa8295psnapdragon_w5\+_gen_1_wearable_platform_firmwaresm8475_firmwaresa6155p_firmwaresm6225snapdragon_xr2_5g_platformsm6225-ad_firmwarewsa8840_firmwareqca6698aqsa4155p_firmwarewsa8832_firmwarewcn685x-5sm6225_firmwarewcn3988_firmwareqca6797aq_firmwarewcn785x-1_firmwareqca6574ausa6145p_firmwaresa8155p_firmwaresa8195pwsa8810_firmwaresnapdragon_8\+_gen_2_mobile_platformsw5100wsa8810wsa8845hwsa8832wcd9395_firmwaresa8255p_firmwaresa6155psw5100p_firmwaresm8550pqca6698aq_firmwaresa6145pwcn685x-1_firmwarewcd9385qam8650p_firmwareqam8775p_firmwaresa8255pqca6696_firmwareqca6595_firmwaresa8145pwcd9395qca6696qca6797aqsa4150p_firmwarewcn6750_firmwaresa8150psm8550p_firmwaresa6150pwcd9390wcd9390_firmwaresa8155pwsa8830_firmwaresd865_5g_firmwarewcn3988wsa8815_firmwarewsa8835_firmwaresa8195p_firmwaressg2115p_firmwaresw5100_firmwaresm8475sa8295p_firmwareqam8255psa4155psa4150psnapdragon_8_gen_2_mobile_platform_firmwarewcn785x-1qcm4325Snapdragon
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-33022
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.06% / 18.86%
||
7 Day CHG~0.00%
Published-05 Dec, 2023 | 03:04
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Integer Overflow to Buffer Overflow in HLOS

Memory corruption in HLOS while invoking IOCTL calls from user-space.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1010_firmwareqcm8550_firmwareqcs410_firmwaresa6150p_firmwaresd865_5gsw5100psxr1120vision_intelligence_300_platformqca6595snapdragon_xr1_platformqcs610_firmwarewcd9335wcd9370qca8081_firmwaresm7250-absnapdragon_x50_5g_modem-rf_systemqca6696wcd9340_firmwarewcd9341_firmwarewcd9395_firmwareqcn6024qca6390qcc710_firmwareqca6426sc8180x-abwcn6740_firmwaresa4150psm7325-ae_firmwarewsa8832_firmwareqca8337qdu1110qca6426_firmwarewcd9395qca6574au_firmwareqcn7606_firmwarewcn785x-5qam8295psm8150_firmwarewcd9341qca6574auwcd9390wsa8810_firmwaresd730_firmwarewsa8845h_firmwarecsra6640sc8180x-af_firmwaresa9000p_firmwaresd730sdm670qcs5430sm8150-acsm6375_firmwareqcn6024_firmwaresm7150-acqcm5430qcm5430_firmwarevideo_collaboration_vc1_platform_firmwaresa4155psm8350sa8770pqcm6125_firmwaressg2115pqcc710sm6375sa8540psm7250-aa_firmwaresxr1120_firmwareqsm8250_firmwaresc8180xp-acqsm8350_firmware315_5g_iot_modem_firmwaresm8450_firmwarevideo_collaboration_vc1_platformqru1032_firmwareqfw7114wcd9385_firmwareqca6421315_5g_iot_modemsnapdragon_x55_5g_modem-rf_systemqam8255p_firmwaresa8155_firmwaresm7150-abqcs603_firmwarewcd9360snapdragon_ar2_gen_1_platform_firmwaresc7180-adsc8180xp-afsnapdragon_8\+_gen_2_mobile_platform_firmwarewsa8845sa6155pqca6421_firmwareqcm6125sm7150-ac_firmwaresc8180x-adsm7125wsa8810qam8650pqdu1000_firmwaresa9000pqsm8250snapdragon_8\+_gen_2_mobile_platformsm8350-acqca6595ausm7325_firmwaresm7315_firmwareqdu1010wcd9326_firmwaresa6155p_firmwarewsa8840qcs8550_firmwareqca6390_firmwareqdu1210_firmwareqfw7124_firmwareqca6436_firmwaresc8180x-afwcd9371_firmwaresnapdragon_8_gen_2_mobile_platformwcn3910_firmwaresnapdragon_7c\+_gen_3_compute_firmwaresm4125_firmwaresm8250-ac_firmwareqca6420wcn3910wcd9370_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareqdu1110_firmwareqdu1000qca6574asm7325-aesa8195pwcd9340qcm2290qdu1210sm6150-acsm6225snapdragon_auto_5g_modem-rf_gen_2sc8180xp-aa_firmwareqcm6490sa8540p_firmwaresm8150-ac_firmwaresm8550p_firmwarewcn3998_firmwareqcm8550wcn3988qcn9024sa8775pqca6574sm7325-afsnapdragon_x75_5g_modem-rf_systemsxr2230p_firmwaresd675_firmwaresdm710_firmwareqca6430_firmwaresc8180x-aasa8775p_firmwareqcs605qcn9024_firmwarewsa8845hsc8180xp-ac_firmwaresa6150psm7250-aawcd9326qcs410qcm2290_firmwaresa8155p_firmwaresa8155pwsa8830snapdragon_675_mobile_platformsnapdragon_662_mobile_platformsm8550psa6145psc8180x\+sdx55_firmwaresa8255p_firmwareflight_rb5_5g_platform_firmwarewcn785x-1_firmwarear8035sa6155qrb5165m_firmwareqcm4325qcn6224sc8280xp-absc8180x\+sdx55qca6698aqwcn3950_firmwaressg2125p_firmwaresm6250qrb5165nsc7180-acsm7250-acsc8180x-aa_firmwaresd670wcn685x-1sm7325p_firmwaresa8145p_firmwarewcd9360_firmwareqdx1011sa8150p_firmwaresnapdragon_w5\+_gen_1_wearable_platformvideo_collaboration_vc3_platform_firmwarewcn3990sd670_firmwareqcs6490sc8280xp-bb_firmwarewsa8830_firmwaresm7150-aaqcn6224_firmwareqca6431wsa8845_firmwarewsa8832qcs603sm6350sxr2130_firmwaresnapdragon_675_mobile_platform_firmwarear8035_firmwareqrb5165msc8380xpsnapdragon_w5\+_gen_1_wearable_platform_firmwaresm8250-ab_firmwaresa4150p_firmwaresd888_firmwaresnapdragon_662_mobile_platform_firmwareqcs6125_firmwaresm6225_firmwaresc8180xp-adsm6250p_firmwaresm7325-af_firmwaresdm712_firmwarewsa8815_firmwaresm8250-absa8195p_firmwareqca8337_firmwareqcm4290sm7325sm6125_firmwaresg8275p_firmwareqcm6490_firmwaresm8350-ac_firmwaresm7250p_firmwaresm4125qru1032wcn785x-5_firmwarewcn3950flight_rb5_5g_platformsnapdragon_xr2_5g_platformsm4250-aaqcs6125apq5053-aa_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_7c\+_gen_3_computesnapdragon_xr2\+_gen_1_platform_firmwaresm4350_firmwaresm7350-ab_firmwarewcn3991sa8295p_firmwaresd_675_firmwareapq5053-aasdm710sa4155p_firmwaresm7250psm6250_firmwaresa8155sc8180x-ad_firmwaresm7150-aa_firmwareqca6584ausd888qcn6274_firmwareqru1062_firmwaresw5100_firmwarewcn685x-5wcn6740sc8380xp_firmwareqru1062sm6225-ad_firmwareqfw7114_firmwareqcs605_firmwaresc8280xp-ab_firmwareqca6595_firmwaresm8250-acsm8250_firmwarewcd9371sc8180xp-aasm7225wcd9380sa6145p_firmwareqam8255psa6155_firmwaresxr2230psnapdragon_xr2_5g_platform_firmwaresa8150pvision_intelligence_300_platform_firmwaresm7350-absnapdragon_auto_5g_modem-rf_firmwareqrb5165_firmwaresm8350_firmwaresxr1230psm6225-adsm4350-acsw5100video_collaboration_vc3_platformaqt1000sm8150wcn3991_firmwareqam8295p_firmwaresd855qca6431_firmwaresc8180x-ab_firmwaresm7225_firmwarewcn3990_firmwaresm7315sm6125qca6698aq_firmwareqcs2290wcd9385qcn7606qsm8350qcs2290_firmwaresc8280xp-bbsc8180xp-ab_firmwaresa8255pqcs4290sxr1230p_firmwarewcd9390_firmwaresc8180xp-abwcn6750qca6430sg8275pwcn6750_firmwaresm6250psdx55_firmwareqdx1011_firmwaresc8180xp-ad_firmwaresnapdragon_auto_5g_modem-rfsm7250-ab_firmwaressg2125pqru1052sxr2130sm7150-ab_firmwarecsra6640_firmwaresm4350snapdragon_xr2\+_gen_1_platformsm7325pqam8650p_firmwarewcn3998qca6420_firmwareaqt1000_firmwareqcs6490_firmwaresm8450sm6150-ac_firmwaresnapdragon_x65_5g_modem-rf_systemsd855_firmwarewcd9335_firmwareqrb5165n_firmwareqca6436wcn3980_firmwareqca6584au_firmwarewsa8835wsa8840_firmwareqca6391_firmwaresc8180x-acqcn6274qfw7124qdu1010_firmwareqca6595au_firmwaresc8180x-ac_firmwaresm4250-aa_firmwaresw5100p_firmwaresm8250snapdragon_ar2_gen_1_platformqca6696_firmwareqcs4290_firmwarewcd9380_firmwareqca6574_firmwarecsra6620sdm670_firmwareqca8081wsa8815sm4375sg4150pqam8775pqca6797aqsm4375_firmwareqcm4325_firmwaresm7125_firmwareqca6574a_firmwaresdx55qcm4290_firmwaresm6350_firmwaresd675wcd9375_firmwareqca6391qrb5165wcn785x-1qcs5430_firmwaresg4150p_firmwareqru1052_firmwaresc8180xp-af_firmwarecsra6620_firmwaresa8770p_firmwaresa8295psnapdragon_8_gen_2_mobile_platform_firmwareqcs8550snapdragon_xr1_platform_firmwaresnapdragon_x50_5g_modem-rf_system_firmwareqam8775p_firmwaresd865_5g_firmwaresc7180-ad_firmwarewcd9375wcn685x-5_firmwaresdm712wcn3988_firmwaresa8145psd_675sm4350-ac_firmwarewsa8835_firmwaressg2115p_firmwaresnapdragon_x75_5g_modem-rf_system_firmwaresc7180-ac_firmwaresm7250-ac_firmwarewcn3980qdx1010wcn685x-1_firmwareqcs610Snapdragon
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-680
Integer Overflow to Buffer Overflow
CVE-2023-33021
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.03% / 6.50%
||
7 Day CHG~0.00%
Published-05 Sep, 2023 | 06:24
Updated-02 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Graphics

Memory corruption in Graphics while processing user packets for command submission.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwareqam8255p_firmwaresa6150p_firmwaresm6250p_firmwareqcs610qca8337qca6431_firmwaresmart_audio_400wcn3950_firmwaresnapdragon_8_gen_1sa8150p_firmwareqca6595au_firmwaresa6155snapdragon_x55_5gcsra6620_firmwaresd_675_firmwarecsra6640_firmwaresnapdragon_632snapdragon_730g_firmwarewcd9371_firmwareqam8295pwcn3950qcn6024_firmwarewcn3660bsnapdragon_626_firmwaresnapdragon_x65_5g_firmwaresnapdragon_768g_5gsnapdragon_730_firmwaresm7315_firmwaresnapdragon_778g\+_5gsnapdragon_x55_5g_firmwareqca6574au_firmwaresmart_audio_200qca8081_firmwaresa6155_firmwarewcd9375_firmwareqca6420snapdragon_xr2_5gsnapdragon_w5\+_gen_1snapdragon_888_5gsnapdragon_626qrb5165m_firmwareqca6698aqsa4155p_firmwaresa8155_firmwaresnapdragon_765_5g_firmwareqca6430snapdragon_870_5gsnapdragon_778g\+_5g_firmwaresnapdragon_855\+wcd9340sd626_firmwaresw5100qca6436sa6155pqca6698aq_firmwaresnapdragon_710snapdragon_865\+_5g_firmwaresnapdragon_675_firmwaresnapdragon_630wcn3660_firmwarewcd9341sa8255pqca6431qca6696_firmwarewcd9371qca6797aqsa8150pwsa8830_firmwaresnapdragon_765g_5g_firmwaresd855_firmwaresd660sd865_5g_firmwaresnapdragon_4_gen_1snapdragon_778g_5gwcn3988snapdragon_768g_5g_firmwaresd660_firmwaresa8195p_firmwarefastconnect_6800_firmwaresnapdragon_865_5g_firmwaresa8295p_firmwarewcn3610qca8337_firmwarewcd9380_firmwaresw5100pmsm8996au_firmwaresnapdragon_x12_lte_firmwareqca6564ausnapdragon_8_gen_1_firmwaresd670_firmwareqca6574wcd9380snapdragon_x50_5gfastconnect_6700snapdragon_720gqcs410snapdragon_auto_5gsnapdragon_480_5gqca9379_firmwareqcn9012_firmwaresd626qca6430_firmwarewcd9335_firmwarewcn3980qcm4325_firmwarewcd9340_firmwaresnapdragon_680_4g_firmwarewsa8815vision_intelligence_200qca6320mdm9650_firmwareqca6426_firmwarewcn3660b_firmwaresd835qcn9024wcn3980_firmwaresd730snapdragon_888_5g_firmwaresa8295psnapdragon_765g_5gvision_intelligence_100wcn6740_firmwareqca6421_firmwaresnapdragon_632_firmwaresnapdragon_670_firmwaresmart_audio_200_firmwaresnapdragon_730apq8064au_firmwaresnapdragon_710_firmwarefastconnect_6900fastconnect_6900_firmwaresmart_audio_400_firmwaresnapdragon_820_firmwareqca6797aq_firmwaresnapdragon_750g_5gsd670qcn9024_firmwareqca6564a_firmwaresnapdragon_x24_lte_firmwaresw5100p_firmwareqcs610_firmwaresa6145pqca6595_firmwaresa8145pqca6391_firmwaresa4150p_firmwarewcd9370_firmwaresmart_display_200snapdragon_730gsdx55sd888_firmwaresa8155pcsra6640sd675snapdragon_690_5gsnapdragon_xr1_firmwarewcn3660qca9379qam8255psa4155par8035_firmwarevision_intelligence_100_firmwarewsa8830snapdragon_429_firmwaresa8145p_firmwaresnapdragon_x65_5gsnapdragon_4_gen_1_firmwaremdm9650snapdragon_7c\+_gen_3_firmwarecsra6620snapdragon_690_5g_firmwaresnapdragon_439qca6420_firmwaresd730_firmwaresnapdragon_765_5gwcd9370sd675_firmwareqca6564snapdragon_835_firmwareqca6426qca6584au_firmwarewcn3990_firmwareqrb5165n_firmwareqca9377snapdragon_xr1snapdragon_720g_firmwarewcd9385_firmwaresnapdragon_782g_firmwarewcd9326_firmwarefastconnect_6200wcn3615_firmwaresnapdragon_780g_5g_firmwaresnapdragon_732gqam8295p_firmwareqcn9011_firmwareflight_rb5_5g_firmwaresa8155qca6320_firmwarewcn3680b_firmwaresdx55_firmwarewcn3615qca6595ausm7250p_firmwarewcn3610_firmwareqca6436_firmwareqrb5165nsnapdragon_888\+_5gqca6564au_firmwareqca6584ausnapdragon_695_5g_firmwaresa6155p_firmwareqca6310snapdragon_855\+_firmwareqcs6490snapdragon_450_firmwaresnapdragon_732g_firmwaresnapdragon_x24_ltewcn3988_firmwaresnapdragon_778g_5g_firmwaresa6145p_firmwareqca6421sm6250fastconnect_6700_firmwaresa8195psxr1120wsa8810_firmwaresnapdragon_636_firmwarerobotics_rb5wcd9326wcd9335sa8255p_firmwaresnapdragon_780g_5gqca8081snapdragon_630_firmwareqca6174a_firmwarewcd9385sxr2130_firmwareqcs6490_firmwarehome_hub_100snapdragon_660snapdragon_xr2_5g_firmwarear8035snapdragon_450wcd9375aqt1000apq8064ausm6250_firmwaresnapdragon_480_5g_firmwarewsa8815_firmwareqcm6490wsa8835_firmwaresnapdragon_820snapdragon_695_5gsxr1120_firmwareqca6564avision_intelligence_200_firmwaresa4150pqcm4325snapdragon_865_5gsnapdragon_636wcn3990sd_675sd865_5gfastconnect_6800qca6595qcn9012sd888snapdragon_685_4g_firmwaresnapdragon_855wsa8835msm8996ausnapdragon_auto_5g_firmwaresnapdragon_860snapdragon_7c\+_gen_3sm6250psnapdragon_865\+_5gsnapdragon_855_firmwaresxr2130snapdragon_670qca6574aqca6174asm7325pqca6310_firmwaresnapdragon_678_firmwarehome_hub_100_firmwaresnapdragon_625qca6574_firmwaresnapdragon_888\+_5g_firmwaresnapdragon_480\+_5g_firmwaresd855sm7325p_firmwaresnapdragon_782gqca6574a_firmwarefastconnect_6200_firmwaresnapdragon_678qrb5165msm7315qca6391snapdragon_w5\+_gen_1_firmwarefastconnect_7800aqt1000_firmwaresnapdragon_625_firmwaresnapdragon_685_4gsnapdragon_660_firmwareqcm6490_firmwaresnapdragon_675qcn9011snapdragon_480\+_5gqca6574ausa8155p_firmwaresnapdragon_680_4gsnapdragon_x50_5g_firmwarewcd9341_firmwarefastconnect_7800_firmwarewsa8810smart_display_200_firmwaresnapdragon_429snapdragon_439_firmwaresnapdragon_x12_lterobotics_rb5_firmwarewcn3680bsd835_firmwareqca6564_firmwaresnapdragon_835wcn6740qca6696sa6150psnapdragon_870_5g_firmwareqcn6024flight_rb5_5gsm7250psw5100_firmwareqcs410_firmwaresnapdragon_860_firmwaresnapdragon_750g_5g_firmwareSnapdragon
CWE ID-CWE-416
Use After Free
CVE-2023-33094
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.06% / 18.86%
||
7 Day CHG~0.00%
Published-02 Jan, 2024 | 05:38
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Linux Graphics

Memory corruption while running VK synchronization with KASAN enabled.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm8550_firmwareqcs410_firmwaresa6150p_firmwaresd660_firmwaresd865_5gsw5100pwsa8845_firmwareqca6595qcs610_firmwarewcd9335sxr2130_firmwarewcd9370qca8081_firmwarear8035_firmwareqca6696qrb5165msnapdragon_888_5g_mobile_platformwcd9341_firmwaresnapdragon_w5\+_gen_1_wearable_platform_firmwaresa4150p_firmwarewcd9395_firmwareqcn6024sd888_firmwareqca6426wcn6740_firmwarefastconnect_6700snapdragon_768g_5g_mobile_platform_firmwaresa4150pwsa8815_firmwaresa8195p_firmwareqca8337_firmwareqca8337qca6426_firmwaresnapdragon_680_4g_mobile_platformwcd9395sg8275p_firmwareqcm6490_firmwareqca6574au_firmwaresm7250p_firmwareqam8295pwcd9341qca6574auwcd9390flight_rb5_5g_platformwcn3950wsa8810_firmwaresnapdragon_xr2_5g_platformwsa8845h_firmwarecsra6640snapdragon_x65_5g_modem-rf_system_firmwareqca6797aq_firmwaresnapdragon_7c\+_gen_3_computesnapdragon_765g_5g_mobile_platform_firmwaresnapdragon_xr2\+_gen_1_platform_firmwarewcn3660b_firmwaresnapdragon_780g_5g_mobile_platformfastconnect_6800_firmwaresa8295p_firmwareqcn6024_firmwaresa4155p_firmwaresm7250psnapdragon_695_5g_mobile_platformsnapdragon_4_gen_1_mobile_platform_firmwarevideo_collaboration_vc1_platform_firmwaresa4155psnapdragon_778g\+_5g_mobile_platformsnapdragon_780g_5g_mobile_platform_firmwaresd888qcn9011_firmwaresw5100_firmwaresnapdragon_765_5g_mobile_platform_firmwarewcn6740snapdragon_480\+_5g_mobile_platform_firmwaresnapdragon_695_5g_mobile_platform_firmwarefastconnect_6800qca6595_firmwareqcs7230fastconnect_7800_firmwarefastconnect_6900snapdragon_685_4g_mobile_platform_firmwaresnapdragon_765g_5g_mobile_platformvideo_collaboration_vc1_platformsnapdragon_782g_mobile_platform_firmwarewcd9385_firmwaresnapdragon_x55_5g_modem-rf_systemfastconnect_6900_firmwareqam8255p_firmwarewcd9380sa6145p_firmwareqam8255psnapdragon_888_5g_mobile_platform_firmwaresnapdragon_xr2_5g_platform_firmwaresnapdragon_4_gen_1_mobile_platformsa8150psnapdragon_8_gen_1_mobile_platform_firmwaresnapdragon_778g_5g_mobile_platformsnapdragon_685_4g_mobile_platformsnapdragon_8\+_gen_2_mobile_platform_firmwarewsa8845sa6155psnapdragon_auto_5g_modem-rf_firmwaresnapdragon_768g_5g_mobile_platformwsa8810qam8650pvideo_collaboration_vc5_platform_firmwaresnapdragon_865\+_5g_mobile_platformsnapdragon_8\+_gen_2_mobile_platformwcn3950_firmwaresw5100qca6595auvideo_collaboration_vc3_platformsm7315_firmwaresnapdragon_865_5g_mobile_platform_firmwaresa6155p_firmwarewcd9326_firmwarewsa8840qam8295p_firmwareqcs8550_firmwarewcn3990_firmwaresm7315snapdragon_870_5g_mobile_platform_firmwareqca6698aq_firmwareqca6436_firmwarewcd9385qcn9012wcn3615snapdragon_8_gen_2_mobile_platformsnapdragon_7c\+_gen_3_compute_firmwaresa8255pqcs7230_firmwarewcd9390_firmwaresnapdragon_778g\+_5g_mobile_platform_firmwaresnapdragon_865\+_5g_mobile_platform_firmwaresnapdragon_690_5g_mobile_platformsg8275pwcd9370_firmwaresnapdragon_auto_5g_modem-rfsnapdragon_750g_5g_mobile_platform_firmwaresnapdragon_x55_5g_modem-rf_system_firmwarewcn3615_firmwaresnapdragon_660_mobile_platformwcn3660bqca6574asxr2130sa8195pcsra6640_firmwareqcs8250_firmwaresnapdragon_xr2\+_gen_1_platformsm7325pqcm6490qam8650p_firmwarevideo_collaboration_vc5_platformsm8550p_firmwareqcm8550wcn3988qcs6490_firmwaresnapdragon_x65_5g_modem-rf_systemqcn9024wcd9335_firmwarewcn3980_firmwareqrb5165n_firmwareqca6436qca6574snapdragon_480_5g_mobile_platform_firmwarewsa8835qca6595au_firmwareqca6391_firmwarewsa8840_firmwaresnapdragon_870_5g_mobile_platformqcn9011sw5100p_firmwaresnapdragon_782g_mobile_platformqca6696_firmwareqcn9024_firmwaresnapdragon_865_5g_mobile_platformwsa8845hwcd9380_firmwaresa6150pqca6574_firmwarewcd9326qcs410sa8155p_firmwarecsra6620qca8081sd660sa8155psg4150pwsa8815qam8775pqca6797aqwsa8830sm8550psa6145pqcm4325_firmwaresnapdragon_765_5g_mobile_platformsa8255p_firmwareflight_rb5_5g_platform_firmwarear8035qca6574a_firmwaresnapdragon_750g_5g_mobile_platformsnapdragon_480\+_5g_mobile_platformqrb5165m_firmwareqcm4325wcd9375_firmwarerobotics_rb5_platformqca6391qualcomm_215_mobile_platformqcn9012_firmwaresmart_audio_400_platform_firmwareqca6698aqsg4150p_firmwaresnapdragon_480_5g_mobile_platformsnapdragon_778g_5g_mobile_platform_firmwareqrb5165ncsra6620_firmwaresa8295psnapdragon_8_gen_1_mobile_platformrobotics_rb5_platform_firmwareqcs8550snapdragon_8_gen_2_mobile_platform_firmwarefastconnect_6200fastconnect_7800sa8145p_firmwaresm7325p_firmwareqam8775p_firmwaresd865_5g_firmwarewcn3680bsnapdragon_888\+_5g_mobile_platformqualcomm_215_mobile_platform_firmwarewcd9375sa8150p_firmwaresmart_audio_400_platformsnapdragon_w5\+_gen_1_wearable_platformwcn3988_firmwarefastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwaresa8145pwcn3990snapdragon_888\+_5g_mobile_platform_firmwarewsa8835_firmwaresnapdragon_680_4g_mobile_platform_firmwaresnapdragon_660_mobile_platform_firmwareqcs6490qcs8250wcn3980snapdragon_690_5g_mobile_platform_firmwarefastconnect_6200_firmwarewsa8830_firmwarewcn3680b_firmwareqcs610Snapdragon
CWE ID-CWE-416
Use After Free
CVE-2023-33039
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.03% / 6.78%
||
7 Day CHG~0.00%
Published-03 Oct, 2023 | 05:00
Updated-27 Feb, 2025 | 20:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Automotive Display

Memory corruption in Automotive Display while destroying the image handle created using connected display driver.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa6155p_firmwaresa6150p_firmwaresa8145p_firmwaresa8650p_firmwareqam8650psa8155_firmwaresrv1h_firmwareqca6574ausa6145p_firmwaresa8155p_firmwaresrv1hsa8195psa8540p_firmwaresa8150p_firmwareqca6595au_firmwaresa6155sa6155psa8540pqca6574asa6145pqam8650p_firmwareqca6696_firmwaresa8145pqamsrv1hqca6696qam8295psa8650pqamsrv1h_firmwaresa9000psa8150psa6150psa8155pqam8295p_firmwaresa8155qca6574a_firmwaresa9000p_firmwareqca6574au_firmwaresa8195p_firmwareqca6595ausa6155_firmwaresa8295p_firmwaresa8295pSnapdragon
CWE ID-CWE-416
Use After Free
CVE-2019-10518
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.54%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 05:25
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free of a pointer in iWLAN scenario during netmgr state transition to CONNECT in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, IPQ4019, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, QCA6574AU, QCS405, QCS605, SDA660, SDA845, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9640_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwareipq4019_firmwaremdm9206sdm670_firmwaresdx24_firmwareipq8074sdm636sda845_firmwareapq8098mdm9206_firmwaremsm8939qcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwareqca6574au_firmwaresda660sdx55_firmwareipq8064sxr1130_firmwareapq8064_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwareipq8064_firmwaresda845msm8920msm8953sdm636_firmwareapq8064sdm845_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwareqcs405ipq8074_firmwareqca6574ausdm710mdm9607apq8017_firmwaresdm710_firmwaremsm8939_firmwaremdm9150msm8937mdm9207c_firmwaremsm8905mdm9207csm8150_firmwaremsm8909sxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwaresdm630_firmwaresda660_firmwareipq4019sdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250msm8998sm8150sdx20_firmwareapq8017sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-416
Use After Free
CVE-2019-10615
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.39%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-04 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Possibility of integer overflow in keymaster 4 while allocating memory due to multiplication of large numcerts value and size of keymaster bob which can lead to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SA415M, SA515M, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwarekamorta_firmwareqcm2150_firmwareqcs610sdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439qcs404_firmwaremdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaresc8180xmdm9206sdm670_firmwareqcs404sdx24_firmwaresdm636sda845_firmwaresa415mapq8098mdm9205mdm9206_firmwaresa515mqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaresa6155p_firmwaremsm8920msm8953sdm450sdm636_firmwaresa515m_firmwareapq8098_firmwaremsm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwaresdm660sc8180x_firmwaresa415m_firmwareqcs405sdm710qm215sc7180_firmwaremdm9607apq8017_firmwaresdm710_firmwaresa6155pqcs610_firmwaremdm9150msm8937msm8996_firmwaremsm8905sm8150_firmwaremsm8909sxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwarerennellsc7180sdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250msm8998sm8150sdm850kamortaapq8017msm8996nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-10537
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.69%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 05:25
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper validation of event buffer extracted from FW response can lead to integer overflow, which will allow to pass the length check and eventually will lead to buffer overwrite when event data is copied to context buffer in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607, Nicobar, QCA6574AU, QCN7605, QCS405, QCS605, SDM660, SDM845, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm8150_firmwaresxr2130_firmwaresdm660_firmwareqcs405_firmwaresdm845qcn7605sdm660mdm9607_firmwaresm8250_firmwareqcs605sdx55qcs405sm7150_firmwareqca6574ausm6150_firmwaresm6150sm8250mdm9607sm8150qca6574au_firmwaresdx55_firmwaresm7150sxr1130_firmwareqcn7605_firmwarenicobar_firmwaresxr1130sxr2130qcs605_firmwarenicobarsdm845_firmwareSnapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-10580
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.10% / 27.68%
||
7 Day CHG~0.00%
Published-30 Jul, 2020 | 11:40
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When kernel thread unregistered listener, Use after free issue happened as the listener client`s private data has been already freed in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9607, MSM8909W, Nicobar, QCM2150, QCS405, QCS605, Saipan, SC8180X, SDM429W, SDX55, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm2150_firmwaresm8150_firmwaresxr2130_firmwaresdm429wqcs405_firmwareqcs605_firmwareqcm2150mdm9607_firmwaresm8250_firmwareqcs605sc8180x_firmwaresdx55qcs405saipan_firmwaresm8250msm8909w_firmwaremdm9607sdm429w_firmwaresm8150sdx55_firmwarenicobar_firmwaremsm8909wsaipansxr2130sc8180xnicobarSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2019-10602
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.57%
||
7 Day CHG~0.00%
Published-21 Jan, 2020 | 06:30
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Potential use-after-free heap error during Validate/Present calls on display HW composer in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, QCS605, SDA660, SDM845, SDX20, SM8150

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-msm8920msm8953msm8996au_firmwareapq8098_firmwaresdm845sdx20msm8920_firmwaremdm9607_firmwaremdm9650msm8940_firmwaremsm8909w_firmwaremdm9607msm8996aumsm8917msm8937mdm9207c_firmwareqcs605_firmwaremdm9206mdm9207csm8150_firmwareapq8096auapq8098sda660_firmwaremdm9206_firmwareqcs605msm8940apq8053apq8096au_firmwaremsm8953_firmwaremsm8917_firmwaremsm8937_firmwaremdm9650_firmwaresm8150sdx20_firmwaresda660msm8909wapq8053_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2024-21472
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.08% / 24.04%
||
7 Day CHG+0.02%
Published-01 Apr, 2024 | 15:06
Updated-13 Jan, 2025 | 21:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Kernel

Memory corruption in Kernel while handling GPU operations.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa8770p_firmwaresnapdragon_685_4g_mobile_firmwarewsa8840_firmwareqam8255p_firmwareqca6797aq_firmwarefastconnect_7800_firmwaresa8155pqam8255pqca6595au_firmwaresnapdragon_auto_5g_modem-rf_gen_2sg8275p_firmwarewsa8845_firmwareqam8650p_firmwareqca6574_firmwaresnapdragon_8_gen_1_mobilesa8255p_firmwareqca6595ausnapdragon_auto_5g_modem-rf_gen_2_firmwarewcd9390wsa8835snapdragon_680_4g_mobilewcn3950fastconnect_7800wsa8845h_firmwarewcd9395_firmwarewsa8830sa8295p_firmwareqca6696qcm4325sa8295pqca6584au_firmwarefastconnect_6900qca6574au_firmwaresnapdragon_685_4g_mobilewsa8845snapdragon_680_4g_mobile_firmwareqcm4325_firmwareqca6584auqca6595sa8155p_firmwarewsa8835_firmwareqca6595_firmwaresa8255pwcd9390_firmwareqca6574aqca6797aqwsa8845hqam8775p_firmwarewcd9385_firmwarefastconnect_6900_firmwareqam8295p_firmwarewcd9380wcn3950_firmwarewcd9385wcd9395qam8650psa8770psa8195p_firmwareqca6574a_firmwareqca6574qca6696_firmwaresa8775psa6155pwsa8830_firmwaresa9000p_firmwareqca6698aqsa6155p_firmwareqam8775pqam8295pwcd9380_firmwaresa9000psnapdragon_8_gen_1_mobile_firmwaresa8775p_firmwareqca6698aq_firmwarewsa8840sg8275pqca6574ausa8195pSnapdragonqam8255p_firmwaresa6155p_firmwarewcd9380_firmwaresa8775p_firmwarewsa8840_firmwaresg8275p_firmwarefastconnect_6900_firmwareqca6797aq_firmwaresa8155p_firmwarewcn3950_firmwarefastconnect_7800_firmwareqca6595au_firmwarewcd9395_firmwaresa8255p_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqca6698aq_firmwareqam8650p_firmwaresa8770p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqam8775p_firmwareqca6584au_firmwareqca6696_firmwareqca6595_firmwarewcd9385_firmwareqcm4325_firmwareqca6574_firmwarewcd9390_firmwarewsa8830_firmwarewsa8845_firmwareqam8295p_firmwaresa9000p_firmwareqca6574a_firmwarewsa8835_firmwareqca6574au_firmwaresa8195p_firmwarewsa8845h_firmwaresa8295p_firmwaresnapdragon_680_4g_mobile_platform_firmware
CWE ID-CWE-416
Use After Free
CVE-2019-10592
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.98%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 08:30
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible integer overflow while multiplying two integers of 32 bit in QDCM API of get display modes as there is no check on the maximum mode count in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCS405, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632sdm439sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausm7150msm8917sdm670sxr2130qcs605_firmwaremdm9206sdm670_firmwaresdm636sda845_firmwareapq8098mdm9206_firmwareqcs605msm8937_firmwaresdm429_firmwaresda660sxr1130_firmwaresxr1130msm8909wmsm8909_firmwareapq8053_firmwaresda845nicobarmsm8920msm8953sdm450sdm636_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwareqcs405sdm710qm215mdm9607apq8017_firmwaresdm710_firmwaremsm8937mdm9207c_firmwaremdm9207csm8150_firmwaremsm8909sxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwaresdm630_firmwaresda660_firmwareqm215_firmwaremsm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250msm8998sm8150sdx20_firmwareapq8017nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-10583
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.57%
||
7 Day CHG~0.00%
Published-21 Jan, 2020 | 06:30
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free issue occurs when camera access sensors data through direct report mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8096AU, MDM9607, MSM8909W, Nicobar, QCS605, SA6155P, SDA845, SDM429W, SDM670, SDM710, SDM845, SM6150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa6155p_firmwaresdm429wsdm845mdm9607_firmwaresm8250_firmwaresdm710msm8909w_firmwaremdm9607sm6150sdm429w_firmwaresdm710_firmwaresa6155psdm670sxr2130qcs605_firmwaresdm670_firmwaresm8150_firmwaresxr2130_firmwareapq8096ausda845_firmwareqcs605apq8096au_firmwaresm6150_firmwaresm8250sm8150sxr1130_firmwarenicobar_firmwaremsm8909wsxr1130sda845nicobarsdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2019-10548
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.57%
||
7 Day CHG~0.00%
Published-21 Jan, 2020 | 06:30
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While trying to obtain datad ipc handle during DPL initialization, Heap use-after-free issue can occur if modem SSR occurs at same time in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCA6574AU, QCS605, QM215, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdm439sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670qcs605_firmwaresdm670_firmwaresdm636msm8939qcs605msm8937_firmwaresdm429_firmwaremsm8905_firmwareqca6574au_firmwaresda660sxr1130_firmwaresxr1130apq8009msm8909wmsm8909_firmwareapq8053_firmwarenicobarmsm8920msm8953sdm450sdm636_firmwaremsm8998_firmwaresdm660msm8920_firmwaresdm630qca6574ausdm710qm215sdm710_firmwaremsm8939_firmwaremsm8937msm8905sm8150_firmwaremsm8909apq8096ausdm439_firmwaresdm630_firmwaresda660_firmwareqm215_firmwaremsm8940apq8053apq8096au_firmwaremsm8953_firmwaresm6150_firmwaremsm8917_firmwaremsm8998sm8150nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2019-10582
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.57%
||
7 Day CHG~0.00%
Published-21 Jan, 2020 | 06:30
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free issue due to using of invalidated iterator to delete an object in sensors HAL in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8096AU, MSM8909W, Nicobar, QCS605, SA6155P, SDA845, SDM429W, SDM670, SDM710, SDM845, SM6150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa6155p_firmwaresdm429wsdm845mdm9607_firmwaresm8250_firmwaresdm710msm8909w_firmwaremdm9607sm6150sdm429w_firmwaresdm710_firmwaresa6155psdm670sxr2130qcs605_firmwaresdm670_firmwaresm8150_firmwaresxr2130_firmwareapq8096ausda845_firmwareqcs605apq8096au_firmwaresm6150_firmwaresm8250sm8150sxr1130_firmwarenicobar_firmwaremsm8909wsxr1130sda845nicobarsdm845_firmwareSnapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2019-10530
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.81%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 08:30
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of check of data truncation on user supplied data in kernel leads to buffer overflow in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632mdm9640_firmwaresd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdx24sdm439mdm9650sd_636msm8909w_firmwaremsm8996ausd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_425_firmwaresd_665sdx24_firmwaresd_625_firmwaresd_450sd_845mdm9206_firmwareqcs605mdm9640sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sd_210_firmwaremsm8909wsd_665_firmwaresd_205_firmwaresd_212sd_712sd_855sd_730_firmwaresdx20sd_425sdm660sdm630mdm9607_firmwaresd_710_firmwareqcs405sd_625sd_210mdm9607sd_636_firmwaresd_439_firmwaremdm9150sd_429_firmwaresd_730sd_212_firmwaresd_850_firmwaresdm439_firmwareqcs405_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_670sd_710sdx20_firmwaresd_205sdm660_firmwaresd_855_firmwareSnapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2024-38415
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.61%
||
7 Day CHG~0.00%
Published-04 Nov, 2024 | 10:04
Updated-07 Nov, 2024 | 19:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Computer Vision

Memory corruption while handling session errors from firmware.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresnapdragon_8_gen_1_mobile_platformsa6150p_firmwareqcs610qca8337sg8275p_firmwareqca6431_firmwaresnapdragon_778g\+_5g_mobile_platformsnapdragon_870_5g_mobile_platform_firmwaresnapdragon_888_5g_mobile_platformwsa8840wcn3950_firmwaresa8150p_firmwarewcn6755_firmwareqcs2290qca6595au_firmwaresnapdragon_480_5g_mobile_platformvideo_collaboration_vc3_platformcsra6620_firmwarecsra6640_firmwaresnapdragon_460_mobile_platform_firmwareqcm5430_firmwaresnapdragon_480_5g_mobile_platform_firmwareqam8295pwcn3950sm4125qcn6024_firmwaremdm9628sd_8_gen1_5g_firmwarewcn3660bqsm8350_firmwaresnapdragon_660_mobile_platform_firmwaresnapdragon_460_mobile_platformqsm8350sm7315_firmwaresnapdragon_695_5g_mobile_platform_firmwareqca6574au_firmwarewcd9375_firmwareqca8081_firmwaresnapdragon_778g\+_5g_mobile_platform_firmwaresnapdragon_xr2\+_gen_1_platformsnapdragon_782g_mobile_platform_firmwaresnapdragon_auto_5g_modem-rf_firmwarewcn7881smart_audio_400_platform_firmwareqrb5165m_firmwarewsa8840_firmwaresa4155p_firmwareqca6698aqsm8635snapdragon_765g_5g_mobile_platformsnapdragon_8\+_gen_1_mobile_platformsw5100snapdragon_780g_5g_mobile_platformwcn6755qca6436sm8750p_firmwaresm8750_firmwaresa6155psnapdragon_765_5g_mobile_platform_firmwaresnapdragon_690_5g_mobile_platformqca6698aq_firmwaresxr2250pwcd9341qca6431qca6696_firmwaresnapdragon_x12_lte_modemwcn3910_firmwaresa8150probotics_rb5_platformwsa8830_firmwaresd865_5g_firmwaresd660snapdragon_7c\+_gen_3_compute_firmwarewcn3988sd660_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresnapdragon_685_4g_mobile_platform_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwaresa8295p_firmwaresnapdragon_750g_5g_mobile_platform_firmwarewcd9380_firmwareqca8337_firmwaressg2125psnapdragon_778g_5g_mobile_platform_firmwaresw5100psnapdragon_w5\+_gen_1_wearable_platformqcm8550qca6564ausnapdragon_670_mobile_platform_firmwaresd670_firmwareqca6574snapdragon_7c\+_gen_3_computewcd9380snapdragon_782g_mobile_platformfastconnect_6700qcs410sm8635_firmwaresxr1230pvideo_collaboration_vc3_platform_firmwaresg8275pqcn9012_firmwarewcn3980qcn9274_firmwarewcd9335_firmwaresm6370_firmwarewsa8845wsa8815wcn3910snapdragon_865\+_5g_mobile_platformsnapdragon_4_gen_1_mobile_platformqcs8250qca6426_firmwarewcn3680sm8750pwcn3660b_firmwaresnapdragon_670_mobile_platformsnapdragon_x62_5g_modem-rf_system_firmwareqcn9024wcn3980_firmwaresnapdragon_xr2\+_gen_1_platform_firmwaresa8295pqca6421_firmwarewcn6740_firmwareqcs4490_firmwaresnapdragon_xr2_5g_platformsnapdragon_x65_5g_modem-rf_systemwcn7861_firmware215_mobile_platformwcn3680_firmwarefastconnect_6900fastconnect_6900_firmwaresnapdragon_660_mobile_platformsd670qcn9024_firmwareqca6564a_firmwaresnapdragon_8\+_gen_2_mobile_platformqcm4290_firmwarewsa8832sw5100p_firmwaresa8540pqcs610_firmwareqsm8250sa6145pqcm5430sm8750qcs4490wcn7860_firmwareqca6595_firmwarewcn7861wcd9395qcs5430_firmwaresnapdragon_750g_5g_mobile_platformsnapdragon_888\+_5g_mobile_platform_firmwareqca6391_firmwaresa8145psnapdragon_710_mobile_platform_firmwaresa4150p_firmwarewcd9370_firmwaresm8550p_firmwaresdx55sd888_firmwaresa8155pcsra6640snapdragon_695_5g_mobile_platformvideo_collaboration_vc1_platformssg2115p_firmwaresa4155par8035_firmwareqcm2290qsm8250_firmwaresnapdragon_480\+_5g_mobile_platformtalynplus_firmwarewsa8830snapdragon_662_mobile_platform_firmwaresxr2230p_firmwaresa8145p_firmwareqcs2290_firmwaremdm9628_firmwaresnapdragon_865_5g_mobile_platformflight_rb5_5g_platformcsra6620flight_rb5_5g_platform_firmwareqcs4290snapdragon_888_5g_mobile_platform_firmwarewcd9370ssg2115psnapdragon_480\+_5g_mobile_platform_firmwareqca6426wcn3990_firmwareqrb5165n_firmwaresnapdragon_8_gen_2_mobile_platformqca9377sa8530pwcd9385_firmwarewcn7881_firmwarewcd9326_firmwarefastconnect_6200wcn3615_firmwaretalynplusqam8295p_firmwareqcn9011_firmwaresa9000p_firmwaresnapdragon_x55_5g_modem-rf_systemwcn3680b_firmwaresdx55_firmwaresnapdragon_4_gen_2_mobile_platformsnapdragon_778g_5g_mobile_platformwsa8845h_firmwarewcn3615snapdragon_8_gen_3_mobile_platformqca6595ausm7250p_firmwareqca6436_firmwaresnapdragon_680_4g_mobile_platform_firmwarewcn7860qrb5165nsnapdragon_w5\+_gen_1_wearable_platform_firmwareqca6564au_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwaresnapdragon_870_5g_mobile_platformqcm8550_firmwareqcn9274qcs6490snapdragon_439_mobile_platformvideo_collaboration_vc5_platformqcs8550_firmwarewcn3988_firmwarewcn7880_firmwaresa6145p_firmwareqca6421fastconnect_6700_firmwaresa8195psxr1120wsa8810_firmwarevision_intelligence_400_platformwsa8845hsnapdragon_x62_5g_modem-rf_systemwcd9395_firmwarewcd9335wcd9326snapdragon_ar2_gen_1_platform_firmwareqcs7230qca8081qcm4490snapdragon_888\+_5g_mobile_platformqcs5430qca6174a_firmwareqcs4290_firmwarewcd9385sxr2130_firmwareqcs6490_firmwaresnapdragon_x12_lte_modem_firmwarear8035wcd9375wcd9390vision_intelligence_400_platform_firmwaresnapdragon_662_mobile_platformsnapdragon_685_4g_mobile_platformsnapdragon_768g_5g_mobile_platform_firmwarewsa8815_firmwareqcm6490wsa8835_firmwarevideo_collaboration_vc5_platform_firmwaresxr1120_firmwaresxr2250p_firmwareqca6564asa4150pwcn7880snapdragon_8_gen_2_mobile_platform_firmwareqcm2290_firmwarerobotics_rb5_platform_firmwareqcm2150_firmwarewcn3990sd865_5gfastconnect_6800qca6595qcs7230_firmwareqcn9012sd888sa8530p_firmwarewsa8835sxr1230p_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwaresa8540p_firmwaresnapdragon_auto_5g_modem-rfsd_8_gen1_5gsnapdragon_4_gen_1_mobile_platform_firmwaresxr2130snapdragon_4_gen_2_mobile_platform_firmwaressg2125p_firmwaresmart_audio_400_platformqca6574aqca6174asm7325psa9000pqca6574_firmwaresm4125_firmwaresm7325p_firmwaresxr2230pwsa8845_firmwaresnapdragon_xr2_5g_platform_firmwaresnapdragon_439_mobile_platform_firmwareqca6574a_firmwarefastconnect_6200_firmwareqcs9100_firmwareqrb5165msnapdragon_x55_5g_modem-rf_system_firmwaresm7315qca6391snapdragon_710_mobile_platformfastconnect_7800snapdragon_865\+_5g_mobile_platform_firmwareqcm4490_firmwaresnapdragon_690_5g_mobile_platform_firmwareqcm4290qcm6490_firmwarewsa8832_firmwaresnapdragon_xr1_platformqcm2150qcn9011video_collaboration_vc1_platform_firmwareqca6574ausa8155p_firmwareqcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwarewsa8810snapdragon_765g_5g_mobile_platform_firmwaresnapdragon_8_gen_1_mobile_platform_firmwaresm8550psnapdragon_680_4g_mobile_platformsm6370snapdragon_ar2_gen_1_platformwcn3680bsdx61wcn6740qca6696215_mobile_platform_firmwareqcs8550sa6150psnapdragon_8_gen_3_mobile_platform_firmwareqcs9100wcd9390_firmwareqcn6024snapdragon_768g_5g_mobile_platformsnapdragon_765_5g_mobile_platformsm7250psnapdragon_8\+_gen_1_mobile_platform_firmwaresw5100_firmwareqcs410_firmwaresdx61_firmwaresnapdragon_xr1_platform_firmwareSnapdragonqca9377_firmwaretalynplus_firmwaresnapdragon_662_mobile_platform_firmwaresa6150p_firmwaresa8145p_firmwaresxr2230p_firmwareqcs2290_firmwaresg8275p_firmwareqca6431_firmwaremdm9628_firmwareflight_rb5_5g_platform_firmwarewcn3950_firmwaresnapdragon_888_5g_mobile_platform_firmwaresa8150p_firmwarewcn6755_firmwareqca6595au_firmwaresnapdragon_xr1_platform_firmwarecsra6620_firmwarecsra6640_firmwareqcm5430_firmwaresnapdragon_460_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwarewcn3990_firmwareqrb5165n_firmwarequalcomm_video_collaboration_vc3_platform_firmwarewcd9385_firmwarewcn7881_firmwareqcn6024_firmwarewcd9326_firmwarewcn3615_firmwaresd_8_gen1_5g_firmwareqsm8350_firmwaresnapdragon_660_mobile_platform_firmwareqam8295p_firmwareqcn9011_firmwaresa9000p_firmwaresm7315_firmwaresnapdragon_695_5g_mobile_platform_firmwareqca6574au_firmwaresdx55_firmwarewcn3680b_firmwarewcd9375_firmwareqca8081_firmwarewsa8845h_firmwaresm7250p_firmwareqca6436_firmwaresnapdragon_680_4g_mobile_platform_firmwareqca6564au_firmwaresnapdragon_auto_5g_modem-rf_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwaresmart_audio_400_platform_firmwareqrb5165m_firmwarewsa8840_firmwaresa4155p_firmwareqcs8550_firmwarewcn3988_firmwarewcn7880_firmwaresa6145p_firmwarefastconnect_6700_firmwarewsa8810_firmwaresnapdragon_ar2_gen_1_platform_firmwarewcd9395_firmwaresm8750_firmwaresm8750p_firmwareqca6698aq_firmwareqca6174a_firmwareqcs4290_firmwaresxr2130_firmwareqca6696_firmwareqcs6490_firmwaresnapdragon_x12_lte_modem_firmwarewcn3910_firmwarevision_intelligence_400_platform_firmwarewsa8830_firmwaresd865_5g_firmwarewsa8815_firmwarewsa8835_firmwaresd660_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwaresxr1120_firmwaresa8295p_firmwaresxr2250p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwaresnapdragon_750g_5g_mobile_platform_firmwareqcm2290_firmwarequalcomm_video_collaboration_vc1_platform_firmwarerobotics_rb5_platform_firmwareqca8337_firmwareqcm2150_firmwaresnapdragon_778g_5g_mobile_platform_firmwarewcd9380_firmwareqcs7230_firmwaresnapdragon_670_mobile_platform_firmwaresa8530p_firmwaresd670_firmwaresxr1230p_firmwaresa8540p_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaressg2125p_firmwaresm8635_firmwareqcn9012_firmwaresm6370_firmwareqcn9274_firmwarewcd9335_firmwareqca6574_firmwaresm4125_firmwaresm7325p_firmwarewsa8845_firmwaresnapdragon_xr2_5g_platform_firmwaresnapdragon_439_mobile_platform_firmwareqca6426_firmwarewcn3660b_firmwareqca6574a_firmwarefastconnect_6200_firmwareqcs9100_firmwaresnapdragon_x62_5g_modem-rf_system_firmwarewcn3980_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareqca6421_firmwarewcn6740_firmwareqcm4490_firmwaresnapdragon_690_5g_mobile_platform_firmwareqcs4490_firmwarewcn7861_firmwarewcn3680_firmwareqcm6490_firmwarewsa8832_firmwarefastconnect_6900_firmwaresa8155p_firmwareqca6564a_firmwareqcn9024_firmwareqcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwareqcm4290_firmwaresw5100p_firmwareqcs610_firmwaresnapdragon_8_gen_1_mobile_platform_firmwarequalcomm_215_mobile_platform_firmwarewcn7860_firmwareqca6595_firmwareqcs5430_firmwareqca6391_firmwaresnapdragon_710_mobile_platform_firmwaresa4150p_firmwarewcd9370_firmwaresm8550p_firmwarequalcomm_video_collaboration_vc5_platform_firmwaresd888_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwaresdx61_firmwaressg2115p_firmwaresw5100_firmwareqcs410_firmwarear8035_firmwareqsm8250_firmware
CWE ID-CWE-416
Use After Free
CVE-2023-28577
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 5.78%
||
7 Day CHG~0.00%
Published-08 Aug, 2023 | 09:15
Updated-02 Aug, 2024 | 13:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Multiple Dmabuf Kernel Address UAF Vulnerability

In the function call related to CAM_REQ_MGR_RELEASE_BUF there is no check if the buffer is being used. So when a function called cam_mem_get_cpu_buf to get the kernel va to use, another thread can call CAM_REQ_MGR_RELEASE_BUF to unmap the kernel va which cause UAF of the kernel address.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_7800snapdragon_865_5gwcd9380_firmwarewsa8830qcs610sw5100psd865_5gfastconnect_6900fastconnect_6800fastconnect_6900_firmwaresnapdragon_8_gen_1_firmwarewcn3988_firmwareqcn9074snapdragon_870_5gwsa8835wcn3950_firmwaresnapdragon_8_gen_1wsa8810_firmwarewcd9380wcd9341_firmwarefastconnect_7800_firmwaresw5100wsa8810qca6436qcs410snapdragon_865\+_5gsnapdragon_x55_5gqcs610_firmwaresw5100p_firmwaresxr2130wcd9370snapdragon_865\+_5g_firmwarewcn3680bqca6426sxr2130_firmwarewcd9341wcn3980qca6391_firmwarewcn3950snapdragon_xr2_5g_firmwarewcd9370_firmwarewcn3660bwsa8815snapdragon_870_5g_firmwarewsa8830_firmwaresd865_5g_firmwareqca6426_firmwarewcn3660b_firmwarewcn3988wsa8815_firmwaresnapdragon_x55_5g_firmwarewcn3680b_firmwarewsa8835_firmwaresw5100_firmwareqcn9074_firmwarefastconnect_6800_firmwareqcs410_firmwaresnapdragon_865_5g_firmwareqca6391wcn3980_firmwareqca6436_firmwaresnapdragon_xr2_5gSnapdragonwcd9380_firmwaresxr2130_firmwareqca6391_firmwarefastconnect_6900_firmwarewcd9370_firmwareqca6436_firmwarewcn3988_firmwarewsa8830_firmwaresd865_5g_firmwaresnapdragon_xr2_5g_platform_firmwarewcn3950_firmwareqca6426_firmwarewcn3660b_firmwarewsa8810_firmwarewsa8815_firmwarewcd9341_firmwarefastconnect_7800_firmwareqcs610_firmwarewsa8835_firmwarewcn3680b_firmwaresnapdragon_865_5g_mobile_platform_firmwaresw5100_firmwareqcn9074_firmwarefastconnect_6800_firmwaresw5100p_firmwareqcs410_firmwaresnapdragon_8_gen_1_mobile_platform_firmwaresnapdragon_x55_5g_modem-rf_system_firmwarewcn3980_firmware
CWE ID-CWE-416
Use After Free
CVE-2023-28537
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.05% / 16.48%
||
7 Day CHG~0.00%
Published-08 Aug, 2023 | 09:15
Updated-02 Aug, 2024 | 13:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Integer Overflow or Wraparound in Audio

Memory corruption while allocating memory in COmxApeDec module in Audio.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-s820aqca9377_firmwaresa6150p_firmwaresm6250p_firmwareqcs610315_5g_iot_modem_firmwareqca83378098qca6431_firmwarewcd9360_firmwareqca4024_firmwarewcn3950_firmwaresa8150p_firmwareqcs2290qca6595au_firmwaresa6155qca6335msm8917sm8350csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwares820a_firmwaresd632wcn685x-1apq5053-aa_firmwaresda845_firmwaremsm8108sm4375wcn3998wcd9371_firmwaremsm8108_firmwareqam8295pwcn3950sm4125sd720gmdm9628sd_8_gen1_5g_firmwarewcn3660bsd450_firmwaresd710_firmwaresd460_firmware8998_firmwareqca4020sm7315_firmwareqca6574au_firmwarewcd9375_firmwarewcn3998_firmwareqca8081_firmwaresa6155_firmwareqca6420wcd9360snapdragon_xr2\+_gen_1_platformsda845sd680_firmwaresnapdragon_auto_5g_modem-rf_firmwarewcn3999qrb5165m_firmwareqrb5165_firmwareqca6698aqqcs6125sa4155p_firmwaresa8155_firmwaresd662_firmwareqca6430wcd9340sd626_firmwaresd765gsd680qca4020_firmwareqca6436sa6155pqcs603_firmwareqca6698aq_firmwaremsm8209_firmwarewcn685x-1_firmwarewcn3660_firmwarewcd9341qca6431qca6696_firmwarewcd9371sd870_firmwaresd750gsnapdragon_x12_lte_modemwcn3910_firmwaresa8150pwsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwarewcn3988sd660_firmwaresa8195p_firmwaremsm8208_firmwarewcn6750_firmwaresa8295p_firmwaresd450wcn3610msm8608wcn3991qca8337_firmwarewcd9380_firmwaresdm429wmsm8996au_firmwaresd625_firmwareqca6564ausmart_audio_100_platform_firmwaresd670_firmwareqca6574sd632_firmwareapq8053-acwcd9380snapdragon_wear_4100\+_platform_firmwareqcs410sd690_5g_firmwareapq8053-ac_firmwareqca9379_firmwareqcn9012_firmwaresd626qca6430_firmwaresd439_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqcs605wcd9340_firmwarewsa8815wcn3910qca6320qca6426_firmwarewcn3660b_firmwarewcn3680sd695sd835wcn3980_firmwaresd730snapdragon_xr2\+_gen_1_platform_firmwaresnapdragon_x50_5g_modem-rf_system_firmwaresa8295pqca6421_firmwarewcn6740_firmwaresnapdragon_xr2_5g_platformsd678_firmwaresnapdragon_x65_5g_modem-rf_systemar8031_firmwarewcn3680_firmwaresm8350_firmwareqrb51658098_firmwareqcs603sd670sd_636_firmwareqca6564a_firmwareqcm4290_firmwaresd480sd870snapdragon_x24_lte_modemsd210_firmwareqcs610_firmwareqsm8250sa6145psd695_firmwarear8031qca6595_firmwaresa8145psdm630_firmwareqca6391_firmwaresa4150p_firmwareqca4024wcd9370_firmwareqm215_firmwaresd780g_firmwaresdx55sd888_firmwaresa8155pcsra6640sd675sd439wcn3660qca9379sa4155par8035_firmwareqcm2290qsm8250_firmwaresdm845_firmwarewcn3991_firmwarewsa8830sd6788998sa8145p_firmwaresnapdragon_x24_lte_modem_firmwareqcs2290_firmwarecsrb31024mdm9628_firmwareflight_rb5_5g_platformsd_636csra6620flight_rb5_5g_platform_firmwareqcs4290sd765g_firmwareqca6420_firmwareqca6390_firmwareapq8009_firmwaresd690_5gsnapdragon_auto_4g_modem_firmwaresd730_firmwarewcd9370sd675_firmwaresd625qca6564qca6426qca6584au_firmwarewcn3990_firmwareqrb5165n_firmwareqca9377wcd9385_firmwarewcd9326_firmwarewcn3615_firmwaresd662qam8295p_firmwareqcn9011_firmwaresa8155snapdragon_x55_5g_modem-rf_systemqca6320_firmwarewcn3680b_firmwaresdx55_firmwarewcn3615qca6595auwcn3999_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwareqrb5165nqca6564au_firmwareqca6584ausd778gsa6155p_firmwaremsm8208snapdragon_x65_5g_modem-rf_system_firmwareqca6310apq8053-aa_firmwaresd429qcs6490sdm630wcn3988_firmware315_5g_iot_modemqcn9074sd205qm215qca6421sd429_firmwaresd778g_firmwaresa6145p_firmwaresa8195psxr1120sm6250apq8017_firmwarewsa8810_firmwaresm4375_firmwaresd765_firmwarewcd9326wcd9335qca8081apq8053-aaqca6174a_firmwareqcs4290_firmwarewcd9385sxr2130_firmwareqcs6490_firmwaresnapdragon_x12_lte_modem_firmwareqca6390wcd9375sd750g_firmwareaqt1000ar8035sm6250_firmwaremsm8917_firmwaresd210wcn3620_firmwarewsa8815_firmwareqcm6490wsa8835_firmwarewcn3620apq8017sxr1120_firmwareqca6564asa4150pqcm6125_firmwareqcm2290_firmwareapq5053-aawcn3990sd_675sd780gsdm845sd865_5gqca6595sm8350-ac_firmwareqcn9012sd888wsa8835msm8996ausdm429w_firmwaresd665_firmwaresnapdragon_auto_5g_modem-rfsd_8_gen1_5gsm6250psxr2130snapdragon_wear_4100\+_platformqca6574awcn685x-5_firmwareqca6174asm7325pqca6310_firmwarewcn6750qca6574_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665smart_audio_100_platformsnapdragon_xr2_5g_platform_firmwaresd765qca6574a_firmwaresd768g_firmwaremsm8209qrb5165msm7315apq8009snapdragon_x55_5g_modem-rf_system_firmwaresd460qca6391aqt1000_firmwaresnapdragon_auto_4g_modemqcm4290csrb31024_firmwareqcm6490_firmwaresnapdragon_xr1_platformsd480_firmwarewcn685x-5qcn9011qca6574ausd710sa8155p_firmwaresd205_firmwarewcd9341_firmwareqcm6125wsa8810wcn3680bsm8350-acsd835_firmwareqca6564_firmwaresd768gwcn6740qca6696sd845_firmwaremsm8608_firmwaresnapdragon_x50_5g_modem-rf_systemsa6150psd845sm7250psd720g_firmwareqcn9074_firmwareqcs410_firmwaresnapdragon_xr1_platform_firmwareSnapdragon
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-13995
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.39%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Lack of integer overflow check for addition of fragment size and remaining size that are read from shared memory can lead to memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Bitra, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SA415M, SA6155P, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9640_firmwareqcs610sdm450_firmwaresdm632qcs404_firmwaremdm9650mdm9645apq8009_firmwaremsm8917sdm670qcs605_firmwaresda845_firmwaresa415mbitraapq8098qcn7605mdm9206_firmwarebitra_firmwaremsm8905_firmwaresda660sdx55_firmwareqca8081_firmwaresxr1130apq8053_firmwaresda845sa6155p_firmwaresdm450sdm636_firmwareapq8098_firmwaremsm8998_firmwaresdm630mdm9607_firmwaresm8250_firmwaremdm9655_firmwaresa415m_firmwareqcs405qm215sc7180_firmwareapq8017_firmwaresdm710_firmwaresa6155pqca8081msm8937msm8905sm8150_firmwaremsm8909sxr2130_firmwaremdm9655rennellsc7180msm8953_firmwaresaipan_firmwaresm6150_firmwaremsm8917_firmwaremsm8998sm8150sdx20_firmwaresdm850kamortaapq8017msm8996saipanmdm9640kamorta_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdx24sdm439sdm429msm8940_firmwaresm7150_firmwaresm6150msm8996ausdm429w_firmwaresm7150sxr2130sc8180xmdm9206sdm670_firmwareqcs404sdx24_firmwareipq8074sdm636ipq6018_firmwaremdm9205qcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaresxr1130_firmwareapq8009msm8909_firmwarenicobarsdm850_firmwaremsm8920msm8953sdx20qcm2150msm8920_firmwaresdm660sc8180x_firmwareipq8074_firmwaresdm710mdm9607mdm9645_firmwareqcn7605_firmwareqcs610_firmwaremdm9150msm8996_firmwareipq6018apq8096ausdm439_firmwareqcs405_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwareqm215_firmwaresdx55msm8940apq8053apq8096au_firmwaresm8250nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-14056
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.69%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Possible integer overflow in API due to lack of check on large oid range count in cert extension field' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Kamorta, MDM9150, MDM9205, MDM9607, MDM9650, Nicobar, QCS404, QCS405, QCS605, QCS610, Rennell, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX55, SM6150, SM7150, SM8150, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm850_firmwarekamorta_firmwaremdm9150_firmwaresa6155p_firmwareqcs610sdm636_firmwaresdm845sdm660sdm630qcs404_firmwaremdm9607_firmwaremdm9650sc8180x_firmwareqcs405sm7150_firmwaresdm710sc7180_firmwaremdm9607sm6150sdm710_firmwaresm7150sa6155psdm670qcs610_firmwaremdm9150qcs605_firmwaresc8180xsxr2130sdm670_firmwareqcs404sm8150_firmwaresxr2130_firmwaresdm636qcs405_firmwarerennellsc7180sda845_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwaremdm9205qcs605sdx55sm6150_firmwaremdm9650_firmwaresm8150sdm850sda660kamortasdx55_firmwaresxr1130_firmwarenicobar_firmwaresxr1130sdm660_firmwaresda845nicobarsdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-13994
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 30.17%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Lack of check that the current received data fragment size of a particular packet that are read from shared memory are less than the actual packet size can lead to memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Bitra, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SA415M, SA6155P, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9640_firmwareqcs610sdm450_firmwaresdm632qcs404_firmwaremdm9650mdm9645apq8009_firmwaremsm8917sdm670qcs605_firmwaresda845_firmwaresa415mbitraapq8098qcn7605mdm9206_firmwarebitra_firmwaremsm8905_firmwaresda660sdx55_firmwareqca8081_firmwaresxr1130apq8053_firmwaresda845sa6155p_firmwaresdm450sdm636_firmwareapq8098_firmwaremsm8998_firmwaresdm630mdm9607_firmwaresm8250_firmwaremdm9655_firmwaresa415m_firmwareqcs405qm215sc7180_firmwareapq8017_firmwaresdm710_firmwaresa6155pqca8081msm8937msm8905sm8150_firmwaremsm8909sxr2130_firmwaremdm9655rennellsc7180msm8953_firmwaresaipan_firmwaresm6150_firmwaremsm8917_firmwaremsm8998sm8150sdx20_firmwaresdm850kamortaapq8017msm8996saipanmdm9640kamorta_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdx24sdm439sdm429msm8940_firmwaresm7150_firmwaresm6150msm8996ausdm429w_firmwaresm7150sxr2130sc8180xmdm9206sdm670_firmwareqcs404sdx24_firmwareipq8074sdm636ipq6018_firmwaremdm9205qcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaresxr1130_firmwareapq8009msm8909_firmwarenicobarsdm850_firmwaremsm8920msm8953sdx20qcm2150msm8920_firmwaresdm660sc8180x_firmwareipq8074_firmwaresdm710mdm9607mdm9645_firmwareqcn7605_firmwareqcs610_firmwaremdm9150msm8996_firmwareipq6018apq8096ausdm439_firmwareqcs405_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwareqm215_firmwaresdx55msm8940apq8053apq8096au_firmwaresm8250nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-14094
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.98%
||
7 Day CHG~0.00%
Published-22 Jun, 2020 | 07:10
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in diag command handler when user inputs a large value for number of tasks field in the request packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, APQ8096AU, APQ8098, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM9207C, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QM215, Rennell, SA415M, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9640_firmwaresdm450_firmwaresdm632qcs404_firmwaremdm9650mdm9645apq8009_firmwaremsm8917sdm670qcs605_firmwaresda845_firmwaresa415mapq8098qcn7605mdm9206_firmwaremsm8905_firmwaresda660qca8081_firmwaresxr1130msm8909wapq8053_firmwaresda845sdm450sdm636_firmwareapq8098_firmwaremsm8998_firmwaresdm630mdm9607_firmwaresm8250_firmwaremdm9655_firmwaresa415m_firmwareqcs405qm215sc7180_firmwaremdm9625_firmwaresdm710_firmwareqca8081msm8937msm8905sm8150_firmwaremsm8909sxr2130_firmwaremdm9655rennellsc7180mdm9625msm8953_firmwaresaipan_firmwaresm6150_firmwaremsm8917_firmwaremsm8998sm8150sdx20_firmwaresdm850kamortamsm8996saipanmdm9640kamorta_firmwaremdm9635m_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdx24sdm439sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150sxr2130sc8180xmdm9206sdm670_firmwareqcs404sdx24_firmwareipq8074sdm636mdm9635mipq6018_firmwaremdm9205qcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaresxr1130_firmwareapq8009msm8909_firmwarenicobarsdm850_firmwaremsm8920msm8953sdx20qcm2150msm8920_firmwaresdm660sc8180x_firmwareipq8074_firmwaresdm710mdm9607mdm9645_firmwareqcn7605_firmwaremdm9150mdm9207c_firmwaremsm8996_firmwareipq6018mdm9207capq8096ausdm439_firmwareqcs405_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwareqm215_firmwaremsm8940apq8053apq8096au_firmwaresm8250nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-14066
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.69%
||
7 Day CHG~0.00%
Published-02 Jun, 2020 | 15:05
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in calculating estimated output buffer size when getting a list of installed Feature IDs, Serial Numbers or checking Feature ID status in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Kamorta, MDM9205, MDM9607, Nicobar, QCS404, QCS405, Rennell, SA6155P, SC7180, SC8180X, SDX55, SM6150, SM7150, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-kamorta_firmwaresa6155p_firmwareqcs404sxr2130_firmwareqcs405_firmwarerennellsc7180mdm9205_firmwarerennell_firmwaremdm9205qcs404_firmwaremdm9607_firmwaresc8180x_firmwaresdx55qcs405sm7150_firmwaresm6150_firmwaresm6150sc7180_firmwaremdm9607kamortasm7150sdx55_firmwarenicobar_firmwaresa6155psxr2130sc8180xnicobarSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-14032
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.57%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory use after free issue in audio due to lack of resource control in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8953, MSM8996AU, Nicobar, QCS405, QCS605, Rennell, SA6155P, Saipan, SC8180X, SDA845, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaremsm8996au_firmwaresdm845sdx24mdm9650sm7150_firmwaresm6150msm8909w_firmwaremsm8996ausm7150apq8009_firmwaresdm670sxr2130qcs605_firmwaresc8180xmdm9206sdm670_firmwaresdx24_firmwaresda845_firmwareapq8098mdm9206_firmwareqcs605mdm9640mdm9650_firmwaremsm8905_firmwaresxr1130_firmwaresdx55_firmwaresxr1130msm8909wapq8009apq8053_firmwaresda845nicobarsa6155p_firmwaremsm8953apq8098_firmwaresdx20mdm9607_firmwaresm8250_firmwaresc8180x_firmwareqcs405sdm710mdm9607apq8017_firmwaresdm710_firmwaresa6155pmdm9207c_firmwaremsm8905mdm9207csm8150_firmwaresxr2130_firmwareapq8096auqcs405_firmwarerennellrennell_firmwaresdx55msm8953_firmwareapq8053apq8096au_firmwaresaipan_firmwaresm6150_firmwaresm8250sm8150sdx20_firmwareapq8017nicobar_firmwaresaipansdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-416
Use After Free
CVE-2019-13999
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.39%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Lack of check for integer overflow for round up and addition operations result into memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SA415M, SA515M, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9640_firmwareqcs610sdm450_firmwaresdm632qcs404_firmwaremdm9650mdm9645apq8009_firmwaremsm8917sdm670qcs605_firmwaresda845_firmwaresa415mapq8098qcn7605mdm9206_firmwaremsm8905_firmwaresda660sdx55_firmwareqca8081_firmwaresxr1130apq8053_firmwaresda845sa6155p_firmwaresdm450sdm636_firmwaresa515m_firmwareapq8098_firmwaremsm8998_firmwaresdm630mdm9607_firmwaresm8250_firmwaremdm9655_firmwaresa415m_firmwareqcs405qm215sc7180_firmwareapq8017_firmwaresdm710_firmwaresa6155pqca8081msm8937msm8905sm8150_firmwaremsm8909sxr2130_firmwaremdm9655rennellsc7180msm8953_firmwaresm6150_firmwaremsm8917_firmwaremsm8998sm8150sdx20_firmwaresdm850kamortaapq8017msm8996mdm9640kamorta_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdx24sdm439sdm429msm8940_firmwaresm7150_firmwaresm6150msm8996ausdm429w_firmwaresm7150sxr2130sc8180xmdm9206sdm670_firmwareqcs404sdx24_firmwareipq8074sdm636ipq6018_firmwaremdm9205sa515mqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaresxr1130_firmwareapq8009msm8909_firmwarenicobarsdm850_firmwaremsm8920msm8953sdx20qcm2150msm8920_firmwaresdm660sc8180x_firmwareipq8074_firmwaresdm710mdm9607mdm9645_firmwareqcn7605_firmwareqcs610_firmwaremdm9150msm8996_firmwareipq6018apq8096ausdm439_firmwareqcs405_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwareqm215_firmwaresdx55msm8940apq8053apq8096au_firmwaresm8250nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-14034
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.57%
||
7 Day CHG~0.00%
Published-21 Jan, 2020 | 06:30
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free while processing eeprom query as there is a chance to not unlock mutex after error occurs in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, MSM8909W, MSM8917, MSM8953, Nicobar, QCS605, QM215, Rennell, SA6155P, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM670, SDM710, SDM845, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa6155p_firmwaremsm8953sdm450sdm429wsdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439sm8250_firmwaresdm429sm7150_firmwaresdm710msm8909w_firmwareqm215sm6150sdm429w_firmwaresdm710_firmwaresm7150apq8009_firmwaremsm8917msm8909wsa6155psdm670sxr2130qcs605_firmwaresdm670_firmwaresm8150_firmwaresdx24_firmwaresxr2130_firmwaresdm439_firmwaresda845_firmwarerennellrennell_firmwareqm215_firmwareqcs605sdx55msm8953_firmwareapq8053sm6150_firmwaresm8250msm8917_firmwaresdm429_firmwaresm8150sxr1130_firmwaresdx55_firmwarenicobar_firmwareapq8009sxr1130apq8053_firmwaresda845nicobarsdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2019-14117
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.57%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Whenever the page list is updated via privileged user, the previous list elements are freed but are not deleted from the list which results in a use after free causing an unhandled page fault exception in rmnet driver' in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Bitra, MDM9607, QCS405, Saipan, SC8180X, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm8150_firmwaresxr2130_firmwareqcs405_firmwarebitrasm8250_firmwaremdm9607_firmwaresc8180x_firmwaresdx55qcs405sm7150_firmwaresaipan_firmwaresm6150_firmwaresm6150sm8250mdm9607bitra_firmwaresm8150sdx55_firmwaresm7150saipansxr2130sc8180xSnapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2019-14087
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.69%
||
7 Day CHG~0.00%
Published-02 Jun, 2020 | 15:05
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Failure in buffer management while accessing handle for HDR blit when color modes not supported by display in Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wearables in MSM8909W, QCS605

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcs605qcs605_firmwaremsm8909w_firmwaremsm8909wSnapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2019-13998
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.39%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Lack of check that the TX FIFO write and read indices that are read from shared RAM are less than the FIFO size results into memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Bitra, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SA415M, SA515M, SA6155P, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9640_firmwareqcs610sdm450_firmwaresdm632qcs404_firmwaremdm9650mdm9645apq8009_firmwaremsm8917sdm670qcs605_firmwaresda845_firmwaresa415mbitraapq8098qcn7605mdm9206_firmwarebitra_firmwaremsm8905_firmwaresda660sdx55_firmwareqca8081_firmwaresxr1130apq8053_firmwaresda845sa6155p_firmwaresdm450sdm636_firmwareapq8098_firmwaremsm8998_firmwaresdm630mdm9607_firmwaresm8250_firmwaremdm9655_firmwaresa415m_firmwareqcs405qm215sc7180_firmwareapq8017_firmwaresdm710_firmwaresa6155pqca8081msm8937msm8905sm8150_firmwaremsm8909sxr2130_firmwaremdm9655rennellsc7180msm8953_firmwaresaipan_firmwaresm6150_firmwaremsm8917_firmwaremsm8998sm8150sdx20_firmwaresdm850kamortaapq8017msm8996saipanmdm9640kamorta_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdx24sdm439sdm429msm8940_firmwaresm7150_firmwaresm6150msm8996ausdm429w_firmwaresm7150sxr2130sc8180xmdm9206sdm670_firmwareqcs404sdx24_firmwareipq8074sdm636ipq6018_firmwaremdm9205qcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaresxr1130_firmwareapq8009msm8909_firmwarenicobarsdm850_firmwaremsm8920msm8953sdx20qcm2150msm8920_firmwaresdm660sc8180x_firmwareipq8074_firmwaresdm710mdm9607mdm9645_firmwareqcn7605_firmwareqcs610_firmwaremdm9150msm8996_firmwareipq6018apq8096ausdm439_firmwareqcs405_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwareqm215_firmwaresdx55msm8940apq8053apq8096au_firmwaresm8250nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-14040
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-1.43% / 79.86%
||
7 Day CHG~0.00%
Published-07 Feb, 2020 | 05:00
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Using memory after being freed in qsee due to wrong implementation can lead to unexpected behavior such as execution of unknown code in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, QCS605, QM215, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX24, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9640_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaremsm8909w_firmwaremsm8996ausdm429w_firmwareapq8009_firmwaremsm8917qcs605_firmwaremdm9206sdx24_firmwaresdm636sda845_firmwareapq8098mdm9206_firmwareqcs605mdm9640msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sxr1130_firmwaresxr1130msm8909wapq8009apq8053_firmwaresda845msm8920msm8953sdm450sdm636_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660msm8920_firmwaresdm630mdm9607_firmwareqm215mdm9607apq8017_firmwaremdm9150msm8937mdm9207c_firmwaremsm8905mdm9207csm8150_firmwareapq8096ausdm439_firmwaresdm630_firmwaresda660_firmwareqm215_firmwaremsm8940apq8053apq8096au_firmwaremsm8953_firmwaremsm8917_firmwaremsm8998sm8150sdx20_firmwareapq8017sdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2019-14051
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.39%
||
7 Day CHG~0.00%
Published-07 Feb, 2020 | 05:00
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Subsequent additions performed during Module loading while allocating the memory would lead to integer overflow and then to buffer overflow in Snapdragon Industrial IOT in MDM9206, MDM9607

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9206mdm9206_firmwaremdm9607_firmwaremdm9607Snapdragon Industrial IOT
CWE ID-CWE-190
Integer Overflow or Wraparound
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 49
  • 50
  • Next
Details not found