Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2019-10592

Summary
Assigner-qualcomm
Assigner Org ID-2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At-12 Dec, 2019 | 08:30
Updated At-04 Aug, 2024 | 22:24
Rejected At-
Credits

Possible integer overflow while multiplying two integers of 32 bit in QDCM API of get display modes as there is no check on the maximum mode count in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCS405, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:qualcomm
Assigner Org ID:2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At:12 Dec, 2019 | 08:30
Updated At:04 Aug, 2024 | 22:24
Rejected At:
▼CVE Numbering Authority (CNA)

Possible integer overflow while multiplying two integers of 32 bit in QDCM API of get display modes as there is no check on the maximum mode count in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCS405, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Affected Products
Vendor
Qualcomm Technologies, Inc.Qualcomm, Inc.
Product
Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Versions
Affected
  • APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCS405, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130
Problem Types
TypeCWE IDDescription
textN/AInteger Overflow to Buffer Overflow Issue in Display
Type: text
CWE ID: N/A
Description: Integer Overflow to Buffer Overflow Issue in Display
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.qualcomm.com/company/product-security/bulletins/november-2019-bulletin
x_refsource_CONFIRM
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/november-2019-bulletin
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.qualcomm.com/company/product-security/bulletins/november-2019-bulletin
x_refsource_CONFIRM
x_transferred
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/november-2019-bulletin
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:product-security@qualcomm.com
Published At:12 Dec, 2019 | 09:15
Updated At:13 Dec, 2019 | 20:14

Possible integer overflow while multiplying two integers of 32 bit in QDCM API of get display modes as there is no check on the maximum mode count in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCS405, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary2.04.6MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 4.6
Base severity: MEDIUM
Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
Qualcomm Technologies, Inc.
qualcomm
>>apq8017>>-
cpe:2.3:h:qualcomm:apq8017:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8017_firmware>>-
cpe:2.3:o:qualcomm:apq8017_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8053>>-
cpe:2.3:h:qualcomm:apq8053:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8053_firmware>>-
cpe:2.3:o:qualcomm:apq8053_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8096au>>-
cpe:2.3:h:qualcomm:apq8096au:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8096au_firmware>>-
cpe:2.3:o:qualcomm:apq8096au_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8098>>-
cpe:2.3:h:qualcomm:apq8098:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8098_firmware>>-
cpe:2.3:o:qualcomm:apq8098_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9206>>-
cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9206_firmware>>-
cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9207c>>-
cpe:2.3:h:qualcomm:mdm9207c:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9207c_firmware>>-
cpe:2.3:o:qualcomm:mdm9207c_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9607>>-
cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9607_firmware>>-
cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8909>>-
cpe:2.3:h:qualcomm:msm8909:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8909_firmware>>-
cpe:2.3:o:qualcomm:msm8909_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8909w_firmware>>-
cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8909w>>-
cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8917_firmware>>-
cpe:2.3:o:qualcomm:msm8917_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8917>>-
cpe:2.3:h:qualcomm:msm8917:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8920_firmware>>-
cpe:2.3:o:qualcomm:msm8920_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8920>>-
cpe:2.3:h:qualcomm:msm8920:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8937_firmware>>-
cpe:2.3:o:qualcomm:msm8937_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8937>>-
cpe:2.3:h:qualcomm:msm8937:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8940_firmware>>-
cpe:2.3:o:qualcomm:msm8940_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8940>>-
cpe:2.3:h:qualcomm:msm8940:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8953_firmware>>-
cpe:2.3:o:qualcomm:msm8953_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8953>>-
cpe:2.3:h:qualcomm:msm8953:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8996au_firmware>>-
cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8996au>>-
cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8998_firmware>>-
cpe:2.3:o:qualcomm:msm8998_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8998>>-
cpe:2.3:h:qualcomm:msm8998:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>nicobar_firmware>>-
cpe:2.3:o:qualcomm:nicobar_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>nicobar>>-
cpe:2.3:h:qualcomm:nicobar:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcs405_firmware>>-
cpe:2.3:o:qualcomm:qcs405_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcs405>>-
cpe:2.3:h:qualcomm:qcs405:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcs605_firmware>>-
cpe:2.3:o:qualcomm:qcs605_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcs605>>-
cpe:2.3:h:qualcomm:qcs605:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qm215_firmware>>-
cpe:2.3:o:qualcomm:qm215_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qm215>>-
cpe:2.3:h:qualcomm:qm215:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sda660_firmware>>-
cpe:2.3:o:qualcomm:sda660_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sda660>>-
cpe:2.3:h:qualcomm:sda660:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sda845_firmware>>-
cpe:2.3:o:qualcomm:sda845_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sda845>>-
cpe:2.3:h:qualcomm:sda845:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm429_firmware>>-
cpe:2.3:o:qualcomm:sdm429_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm429>>-
cpe:2.3:h:qualcomm:sdm429:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm439_firmware>>-
cpe:2.3:o:qualcomm:sdm439_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm439>>-
cpe:2.3:h:qualcomm:sdm439:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm450_firmware>>-
cpe:2.3:o:qualcomm:sdm450_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm450>>-
cpe:2.3:h:qualcomm:sdm450:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-190Primarynvd@nist.gov
CWE ID: CWE-190
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.qualcomm.com/company/product-security/bulletins/november-2019-bulletinproduct-security@qualcomm.com
Vendor Advisory
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/november-2019-bulletin
Source: product-security@qualcomm.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

1270Records found
CVE-2017-15855
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.38%
||
7 Day CHG~0.00%
Published-17 May, 2018 | 22:00
Updated-17 Sep, 2024 | 03:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, the camera application triggers "user-memory-access" issue as the Camera CPP module Linux driver directly accesses the application provided buffer, which resides in user space. An unchecked userspace value (ioctl_ptr->len) is used to copy contents to a kernel buffer which can lead to kernel buffer overflow.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-129
Improper Validation of Array Index
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-11223
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.75%
||
7 Day CHG~0.00%
Published-22 Feb, 2021 | 06:25
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound in camera driver due to lack of check of validation of array index before copying into array in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qpm5679_firmwareqcs610qdm5579qdm2307qfs2608_firmwareqfs2530qpm8870_firmwareqpa8802qpm6585_firmwareqat3519qbt2000_firmwareqat5522_firmwarewcn3950_firmwarepm8150aqdm5670qca6595au_firmwareqpa5581_firmwarepm7150lqpa8821smr546_firmwareqdm5671qpm4650_firmwareqat3518pm456_firmwareqpa5580_firmwarewcn3998smr526_firmwarewcn3950sd720gwcn3660bqdm2305_firmwareqpm5670_firmwareqdm5652sd6905gqpa4360_firmwareqpm8870wcd9375_firmwarewcn3998_firmwareqpm5679qbt2000pm855pqca6420pm6150aqpm6670_firmwarepmx50_firmwaresdr735gpm660_firmwarepm8150bqdm3301_firmwareqsm7250qca6430qat3522pmr735asd765grsw8577_firmwareqdm2308_firmwaresdr660wcn6851qpa6560qfs2630_firmwaresdr675_firmwaresdr865qdm5620_firmwarewcd9341sm7350_firmwaresmr545qdm4643_firmwareqca6696_firmwareqln5020qet4100_firmwaresd750gqdm3302pm6350qdm5621qtc800sqpm5875_firmwareqat3514_firmwarewsa8830_firmwaresd855_firmwaresd660qdm5650wcn3988sd660_firmwaresdr052smb1390qat5516_firmwarepm6150lsd8885gpm855l_firmwareqet4100wcn3610qpa8686_firmwareqpm6585wcn3991sda429w_firmwarewcd9380_firmwaresmb1355qln4650qpa8801sdr735g_firmwarepm8350bhs_firmwareqat5568qet5100qdm5671_firmwareqpa8801_firmwarepm8150l_firmwareqat5533_firmwaresdx55m_firmwareqtm527_firmwarewcn6856_firmwareqpa8673_firmwarepm6150qet4101_firmwarepm7250bqln4642_firmwareqfs2630qpa8842sdr052_firmwarewcd9380smb1355_firmwarepm7250b_firmwaresmb1351_firmwareqcs410pmk8350_firmwaresmb1381pm855p_firmwaresdx50m_firmwaresdr735pm7250smb1395pm660lqpa8803smr526qca6430_firmwarepmk8003qtc801s_firmwarewcd9335_firmwareqat3522_firmwarewcn3980pm7350c_firmwareqdm2301wsa8815wcn6850qdm5621_firmwareqdm2301_firmwaresmb1394pm8350_firmwarewcn3660b_firmwarepm8009wcn3980_firmwaresd730sdr051_firmwarepm660l_firmwaresdx55mpm6250_firmwarewcn6740_firmwarepm8008pm8350b_firmwareqtm525_firmwareqat3518_firmwaresd6905g_firmwareqpm5621_firmwarepm855lwcn6851_firmwarersw8577qdm5670_firmwareqpa6560_firmwaresd8655gqpa8802_firmwarepm7150a_firmwarepm8150b_firmwareqpm5621qpm6582smr545_firmwarepm8009_firmwareqdm2310_firmwareqfs2580_firmwaresd8885g_firmwarepm8150lqcs610_firmwareqdm5677pm855_firmwarepm660a_firmwarepm855b_firmwareqpm6582_firmwareqca6391_firmwarewcd9370_firmwareqln4650_firmwareqat3516_firmwareqpm5875sdx55qet5100msd675pm8350bhsqet4101qat3555_firmwareqat3516qpa8803_firmwareqpm5658pm855bqpm5658_firmwareqpm5870wcn3991_firmwareqdm5652_firmwarewsa8830sdr051pm660qet6110_firmwareqdm5579_firmwareqln5030qbt1500qpa5581pmi632qpa2625_firmwarepm456pm8350bh_firmwarepmr735b_firmwareqbt1500_firmwareqet5100_firmwareqpm5870_firmwareqpm4621qet6100_firmwareqet6100sd765g_firmwareqpa8686qca6420_firmwaresmb1394_firmwareqca6390_firmwaresmb1396sd730_firmwarepm7150awcd9370sd675_firmwarepm8350qpa5461_firmwarepm8350c_firmwareqca6584au_firmwarewcn3990_firmwareqpm5641pmi632_firmwarewcd9385_firmwareqdm5650_firmwareqpa4340_firmwareqat5516pm7250_firmwareqdm5620qpa8821_firmwarepm8350bhpmk8002_firmwarepm3003aqdm4650_firmwaresdx55_firmwareqat5533qca6595ausm7250p_firmwarewcn3610_firmwaresm7350qsm7250_firmwareqpm6670pm7150l_firmwareqca6584auqdm2305qpm8820qpm4641qat5515_firmwareqln5020_firmwarepm855qpm8830_firmwarepm8250smb1398qdm4643qfs2530_firmwarewcn3988_firmwarepmx55qpm4641_firmwaresdr675pm8150c_firmwareqpa8842_firmwareqdm3301sdr735_firmwareqat3519_firmwaresm6250wsa8810_firmwareqpm5677qat5515sd765_firmwareqat3514wcd9335qdm5677_firmwarepm6350_firmwarepm8004_firmwaresdr8150_firmwarewcd9385pmk7350_firmwareqat3550_firmwareqln5040_firmwareqpm4630qca6390wcd9375sd750g_firmwareaqt1000qpa8673sm6250_firmwareqdm2310qln5030_firmwareqln4642sda429wqpm5677_firmwarewcn3620_firmwarewsa8815_firmwaresmb1396_firmwaresmr525_firmwarewcn6850_firmwarepmk7350wcn3620qpm8820_firmwarewsa8835_firmwareqpm6621_firmwaresmr546qet6110qln5040qpm8895qpm5670wcn3990pmx55_firmwareqtm527pmk8350smb1398_firmwareqpm8830qdm3302_firmwarepm8350bqat5522qdm2307_firmwarewsa8835pm8150cpmr735bqpa4360pmk8003_firmwaresdr660_firmwareqca6574aqpm4640_firmwaresmb1390_firmwareqdm5679_firmwarepm8350csmr525qpm4640pm6150l_firmwarepm7350cpm8150a_firmwareqet5100m_firmwareqpm4650qtm525sd855pm6150a_firmwarepm6150_firmwaresd765qca6574a_firmwareqpm4630_firmwaresd768g_firmwaresdr865_firmwareqat3555pm8250_firmwaresmb1351qca6391qpa5461aqt1000_firmwareqpm8895_firmwarepm660aqpa4340sdx50msdr8150qfs2608qtc801ssmb1395_firmwareqdm4650qpm5641_firmwarepm8008_firmwaresd8655g_firmwarewcd9341_firmwareqpm6621wsa8810pmr735a_firmwareqat5568_firmwareqdm2308pmx50qat3550wcn6856qdm5679sd768gpm3003a_firmwarewcn6740qca6696qtc800s_firmwaresmb1381_firmwarepm8004pmk8002qpa2625sm7250psd720g_firmwareqpm4621_firmwareqcs410_firmwarepm6250qpa5580Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-11202
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.87%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 10:00
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow/underflow occurs when typecasting the buffer passed by CPU internally in the library which is not aligned with the actual size of the structure' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in QCM6125, QCS410, QCS603, QCS605, QCS610, QCS6125, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SDA640, SDA670, SDA845, SDM640, SDM670, SDM710, SDM830, SDM845, SDX50M, SDX55, SDX55M, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM7125, SM7150, SM7150P, SM8150, SM8150P

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm6250p_firmwareqcs610sm6125sdm640sdm845sdx55m_firmwaresm7150_firmwaresm6150sm7150sm6250psa6155qcs410sdm670sda640_firmwareqcs605_firmwaresdx50m_firmwareqcs6125_firmwaresdm670_firmwaresm7150psda845_firmwaresda670qcs605sa8155sdx55_firmwaresa6155_firmwaresdx55msm6150p_firmwaresda845sm7125sa6155p_firmwaresda640sdx50mqcs6125qcs603sa8155_firmwaresa6145p_firmwaresa8155p_firmwaresdm710sm6250sdm830_firmwaresdm710_firmwaresda670_firmwareqcm6125sa6155pqcs610_firmwareqcs603_firmwaresa6145psm8150_firmwaresm7150p_firmwaresm7125_firmwaresdx55sm6250_firmwaresa8155psm6150_firmwaresm8150p_firmwaresm8150sdm830sdm640_firmwareqcs410_firmwaresm6125_firmwaresm8150psm6150pqcm6125_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-11237
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.03% / 7.75%
||
7 Day CHG~0.00%
Published-07 Apr, 2021 | 07:55
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory crash when accessing histogram type KPI input received due to lack of check of histogram definition before accessing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qpm5679_firmwaresm6250p_firmwareqpm5620_firmwareqca8337qdm2307qca6431_firmwareqfs2530qpm8870_firmwareqpa8802qpm6585_firmwareqat3519qbt2000_firmwareqat5522_firmwarewcn3950_firmwarepm8150aqtc800hqdm5670sdr8250_firmwareqca6595au_firmwareqpa5581_firmwarepm7150lqpa8821qdm5671qpm4650_firmwareqat3518pm456_firmwareqpa5580_firmwaresa415mwcn3998smr526_firmwarewcn3950sd720gqdm2305_firmwareqpm5670_firmwareqdm5652sd6905gqca6574au_firmwareqpm8870wcd9375_firmwarewcn3998_firmwareqpm5679qbt2000pm6150aqpa8675_firmwaresdr735gpm8150bqdm3301_firmwareqsm7250pmr735asd765gqdm2308_firmwaresdr660qca6436wcn6851qpa6560sdr675_firmwaresdr865qdm5620_firmwarewcd9341qca6431qca6696_firmwareqln5020qet4100_firmwaresd870_firmwaresd750gqpm5657pm6350qdm5621wsa8830_firmwaresd855_firmwareqdm5650wcn3988smb1390qat5516_firmwarepm6150lpm855l_firmwareqet4100qpa8686_firmwareqpm6585wcn3991qca8337_firmwarewcd9380_firmwaresmb1355qln4650qpa8801sdr735g_firmwareqet5100qdm5671_firmwareqpa8801_firmwareqca6564aupm8150l_firmwareqat5533_firmwaresdx55m_firmwareqtm527_firmwaresdxr25gqpa8673_firmwarepm6150qet4101_firmwarepm7250bqln4642_firmwareqpa8842wcd9380smb1355_firmwarepm7250b_firmwareqln4640smb1381sdr735pm7250smb1395qpa8803smr526wcn3980pmk8003qtc801s_firmwaresdxr25g_firmwareqdm2301wsa8815wcn6850qdm5621_firmwareqdm2301_firmwareqca6426_firmwarepm8009wcn3980_firmwareqpa8675sd730sdx55mpm6250_firmwareqca6421_firmwarepm8008qtm525_firmwareqat3518_firmwaresd6905g_firmwaresd678_firmwareqpm5621_firmwarepm855lqln1021aq_firmwarewcn6851_firmwareqdm5670_firmwareqpa6560_firmwaresd8655gqpa8802_firmwareqln4640_firmwarepm7150a_firmwarepm8150b_firmwareqpm5621qpm6582pm8009_firmwareqdm2310_firmwareqfs2580_firmwaresd480sd870pm8150lqdm5677pm855_firmwarepm855b_firmwareqpm6582_firmwareqca6391_firmwarewcd9370_firmwareqln4650_firmwareqat3516_firmwaresdx55sd675qet4101qat3555_firmwareqat3516qpa8803_firmwareqpm5658pm855bqln1031qpm5658_firmwarewcn3991_firmwareqdm5652_firmwarewsa8830sd678qet6110_firmwareqln5030qbt1500qpa5581pmi632qpa2625_firmwarepm456csrb31024pmr735b_firmwarepmx24_firmwareqbt1500_firmwareqet5100_firmwareqet6100_firmwareqet6100sd765g_firmwareqpa8686qca6390_firmwaresmb1396sd730_firmwarepm7150awcd9370sd675_firmwarepmr525_firmwareqca6426qca6584au_firmwarewcn3990_firmwarepmi632_firmwarewcd9385_firmwareqdm5650_firmwareqat5516pm7250_firmwareqdm5620qln1021aqqpa8821_firmwarepmk8002_firmwarepm3003aqln1031_firmwaresdx55_firmwareqat5533qca6595ausm7250p_firmwareqca6436_firmwareqsm7250_firmwarepm7150l_firmwareqca6564au_firmwareqca6584auqdm2305qpm8820qat5515_firmwareqln5020_firmwarepm855qpm8830_firmwarepm8250qfs2530_firmwaresa415m_firmwarepmx55wcn3988_firmwaresdr675pm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresdr735_firmwaresm6250wsa8810_firmwareqpm5677qat5515sd765_firmwareqdm5677_firmwarepm6350_firmwaresdr8150_firmwarewcd9385qtc800h_firmwareqpm5620qln5040_firmwareqca6390wcd9375sd750g_firmwareqpa8673sm6250_firmwareqdm2310qln5030_firmwareqln4642qpm5677_firmwarewsa8815_firmwaresmb1396_firmwaresmr525_firmwarewcn6850_firmwarewsa8835_firmwareqpm8820_firmwarepmx24qet6110qln5040qpm8895qpm5670wcn3990pmx55_firmwareqtm527qpm8830qdm2307_firmwareqat5522wsa8835pm8150cpmr735bqpm5657_firmwaresm6250ppmk8003_firmwaresdr660_firmwareqca6574asmb1390_firmwareqdm5679_firmwaresmr525pm6150l_firmwarepmr525pm8150a_firmwareqpm4650qtm525qln1036aq_firmwaresd855pm6150a_firmwarepm6150_firmwaresd765qca6574a_firmwaresd768g_firmwaresdr865_firmwareqat3555pm8250_firmwareqca6391qpm8895_firmwarecsrb31024_firmwaresdr8150sd480_firmwareqln1036aqqtc801ssmb1395_firmwareqca6574aupm8008_firmwaresd8655g_firmwarewcd9341_firmwarewsa8810pmr735a_firmwareqdm2308qdm5679sdr8250sd768gpm3003a_firmwareqca6696smb1381_firmwareqpa2625pmk8002sm7250psd720g_firmwarepm6250qpa5580Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile
CWE ID-CWE-20
Improper Input Validation
CVE-2020-11228
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.05%
||
7 Day CHG~0.00%
Published-17 Mar, 2021 | 06:00
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Part of RPM region was not protected from xblSec itself due to improper policy and leads to unprivileged access in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9360_firmwarepm6125qat3519qbt2000_firmwarepm855a_firmwarewcn3950_firmwareqtc800hsdr8250_firmwareqcs2290pm8998_firmwaresmr546_firmwarewtr5975_firmwaresdr425_firmwarewcn3998smr526_firmwarewcn3950sm4125qpa5460pm640a_firmwareqsw8573_firmwarewgr7640_firmwareqsw8574_firmwaresd460_firmwareqca6574au_firmwareqpa4360_firmwarewcd9375_firmwarewcn3998_firmwareqbt2000pm855pqca6420wcd9360pm6150apmx50_firmwarewhs9410_firmwaresdr735gqpa5460_firmwarewcn3999sa8155_firmwaresd662_firmwareqcs405qca6430qat3522wcd9340sdm830_firmwaresdr660sa6155pqpa6560sdr865wcd9341smr545qca6696_firmwarepmm855au_firmwarewcn3910_firmwaresd_8cxpm6350qtc800ssd855_firmwarewcn3988wtr3925pm640p_firmwaresdr052sa8195p_firmwaresmb1390qat5516_firmwarepm6150lpm855l_firmwareqtc410swcn3991smb1355sdr735g_firmwarewgr7640qet5100sdx55m_firmwarepm8005_firmwareqpa8673_firmwarepm6150qet4101_firmwaresmb1354_firmwarepm7250bsdr052_firmwaresmb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwaresmb1381pm855p_firmwaresdx50m_firmwaresdr735sdx24_firmwaresmr526wtr5975qca6430_firmwarepmk8003qtc801s_firmwarewcn3980qat3522_firmwareqdm2301qsw8573wcd9340_firmwarewsa8815wcn6850wcn3910qdm2301_firmwaresd_8c_firmwarepm8350_firmwareqca9984wcn3980_firmwaresdr051_firmwaresdx55mpm8008qtm525_firmwareqsw8574pmi8998pm855lqpa6560_firmwaresmr545_firmwarepm4250_firmwareqcm4290_firmwaresd480pmi8998_firmwarepm8005pm855_firmwarepm4250qdm2302pm855b_firmwareqca6595_firmwareqcs405_firmwarewtr2965pm640l_firmwarewcd9370_firmwaresdx55sa8155psd675qet4101qat3555_firmwarepm855bar8035_firmwareqcm2290wcn3991_firmwaresdr051pm6125_firmwarepm4125qbt1500qcs2290_firmwarepmi632pmx24_firmwareqbt1500_firmwareqet5100_firmwareqcs4290sdr660gpmm855auqca6420_firmwareqca6390_firmwaresmb1396wcd9370sd675_firmwarepm8350qpa4361_firmwaresdr425wcn3990_firmwareqca9984_firmwarepmi632_firmwaresd_8cx_firmwarewcd9385_firmwarewhs9410qat5516sd662sdr660g_firmwarepmk8002_firmwareqsw6310_firmwaresa8155sdx55_firmwarewcn3999_firmwaresmb1354sa6155p_firmwareqat5515_firmwarepm855wcn3988_firmwarepmx55sdr735_firmwareqat3519_firmwaresa8195pwsa8810_firmwareqat5515pm6350_firmwarepm8004_firmwaresdr8150_firmwareqcs4290_firmwarewcd9385qtc800h_firmwareqdm2302_firmwareqat3550_firmwarepm4125_firmwarear8035qca6390wcd9375aqt1000qpa8673pmm8195auwtr3925_firmwaresd888_5g_firmwaresmb1396_firmwarepm8998wcn6850_firmwarewsa8815_firmwaresmr546pmx24qcm2290_firmwarewcn3990pmx55_firmwareqca6595sdx24sd665_firmwaresd888_5gqpa4360pm855apmk8003_firmwaresdr660_firmwareqca6574aqpa4361smb1390_firmwarepm6150l_firmwareqtm525sd855sm4125_firmwaresd665pm6150a_firmwarepm6150_firmwarepm640pqca6574a_firmwaresdr865_firmwareqat3555sd460smb1351aqt1000_firmwarewtr2965_firmwareqcm4290sdx50mpm640asdr8150sd480_firmwareqtc801spmd9655qca6574ausa8155p_firmwareqsw6310pm8008_firmwarewcd9341_firmwarewsa8810qtc410s_firmwareqat3550pmx50sd_8csdr8250qca6696qtc800s_firmwaresmb1381_firmwarepm8004pm640lpmk8002pmm8195au_firmwaresdm830Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CVE-2020-11162
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.81%
||
7 Day CHG~0.00%
Published-02 Nov, 2020 | 06:21
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Possible buffer overflow in MHI driver due to lack of input parameter validation of EOT events received from MHI device side' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in Agatti, APQ8009, Bitra, IPQ4019, IPQ5018, IPQ6018, IPQ8064, IPQ8074, Kamorta, MDM9607, MSM8917, MSM8953, Nicobar, QCA6390, QCM2150, QCS404, QCS405, QCS605, QM215, QRB5165, Rennell, SA415M, SA515M, SA6155P, SA8155P, Saipan, SC8180X, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM710, SDM845, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-ipq5018_firmwarekamorta_firmwareqcm2150_firmwaresdm429wsdm632_firmwaresdm845sdm450_firmwaresdm632sdm439qcs404_firmwaresdm429sm7150_firmwaresm6150agatti_firmwaresdm429w_firmwaresm7150qca6390_firmwareapq8009_firmwaremsm8917sxr2130qcs605_firmwaresc8180xipq4019_firmwareqcs404ipq8074ipq5018sa415mbitraipq6018_firmwaresa515mqcs605bitra_firmwaresdm429_firmwareipq8064sdx55_firmwareapq8009agattiipq8064_firmwarenicobarsa6155p_firmwaremsm8953sdm450sa515m_firmwareqrb5165_firmwareqrb5165qcm2150mdm9607_firmwaresm8250_firmwaresc8180x_firmwaresa415m_firmwareqcs405ipq8074_firmwaresa8155p_firmwareqm215sdm710mdm9607sdm710_firmwaresa6155pipq6018sm8150_firmwaresxr2130_firmwaresdm439_firmwareqcs405_firmwarerennellrennell_firmwareqca6390qm215_firmwareipq4019sdx55msm8953_firmwaresaipan_firmwaresm6150_firmwaresa8155pmsm8917_firmwaresm8250sm8150kamortasaipannicobar_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-11129
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.64%
||
7 Day CHG~0.00%
Published-09 Sep, 2020 | 06:25
Updated-04 Aug, 2024 | 11:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'During the error occurrence in capture request, the buffer is freed and later accessed causing the camera APP to fail due to memory use-after-free' in Snapdragon Consumer IOT, Snapdragon Mobile in Bitra, Kamorta, QCS605, Saipan, SDM710, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sxr2130saipan_firmwaresm8250kamorta_firmwaresdm710bitra_firmwaresxr2130_firmwaresdm710_firmwarekamortabitrasm8250_firmwaresaipanqcs605qcs605_firmwareSnapdragon Consumer IOT, Snapdragon Mobile
CWE ID-CWE-416
Use After Free
CVE-2020-11194
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.75%
||
7 Day CHG~0.00%
Published-22 Feb, 2021 | 06:25
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound access in TA while processing a command from NS side due to improper length check of response buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qpm5679_firmwaresa6150p_firmwareqpm5620_firmwareqdm2307qca6431_firmwareqfs2608_firmwareqfs2530qpm8870_firmwareqpa8802qpm6585_firmwarepm6125qat3519qbt2000_firmwareqat5522_firmwarewcn3950_firmwarepm8150aqtc800hqdm5670sa8150p_firmwareqca6595au_firmwareqcs2290qpa5581_firmwaresa6155sdr8250_firmwarepm7150lqpa8821smr546_firmwareqdm5671qpm4650_firmwareqat3518pm456_firmwareqpa5580_firmwaresdr425_firmwarewcn3998smr526_firmwarewcn3950sm4125sd720gwgr7640_firmwareqdm2305_firmwareqsm8350_firmwareqpm5670_firmwaresd710_firmwareqsm8350sd460_firmwareqdm5652qca6574au_firmwareqpm8870wcd9375_firmwarewcn3998_firmwareqpm5679qbt2000sa6155_firmwarepm855pqca6420pm6150aqpm6670_firmwarepmx50_firmwaresdr735gpm660_firmwarewcn3999pm8150bqdm3301_firmwareqsm7250sa8155_firmwaresd662_firmwareqcs405qca6430pmr735asd765gqdm2308_firmwaresdr660qca6436wcn6851sa6155pqpa6560qfs2630_firmwaresdr675_firmwaresdr865qdm5620_firmwarewcd9341smr545qdm4643_firmwareqca6696_firmwareqca6431qln5020sd750gpmm855au_firmwarewcn3910_firmwaresm4350_firmwaresa8150pqpm5657pm6350qdm5621qtc800sqpm5875_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwareqdm5650wcn3988wtr3925sdr052sa8195p_firmwaresmb1390wcn6750_firmwareqat5516_firmwarepm6150lpm855l_firmwareqpa8686_firmwareqpm6585qtc410swcn3991wcd9380_firmwaresmb1355qln4650qpa8801sdr735g_firmwarewgr7640qat5568qet5100qdm5671_firmwareqpa8801_firmwarepm8150l_firmwareqat5533_firmwaresdx55m_firmwareqpa8673_firmwarepm6150qet4101_firmwaresmb1354_firmwaresd670_firmwareqca6574pm7250bqln4642_firmwareqfs2630qpa8842sdr052_firmwarewcd9380smb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwarepmk8350_firmwaresmb1381pm855p_firmwaresd690_5g_firmwaresdx50m_firmwaresdr735pm7250smb1395pm660lqpa8803smr526qca6430_firmwarepmk8003qtc801s_firmwarewcn3980qdm2301wsa8815wcn6850wcn3910qdm5621_firmwareqdm2301_firmwareqca6426_firmwarepm8350_firmwareqca9984pm8009wcn3980_firmwaresd730sdr051_firmwarepm660l_firmwaresdx55mpm6250_firmwareqca6421_firmwarepm8008pm8350b_firmwareqtm525_firmwareqat3518_firmwareqpm5621_firmwarepm855lwcn6851_firmwareqdm5670_firmwareqpa6560_firmwareqpa8802_firmwarepm7150a_firmwarepm8150b_firmwareqpm5621qpm6582sd670pm8009_firmwaresmr545_firmwareqdm2310_firmwareqfs2580_firmwarepm4250_firmwareqcm4290_firmwarepm8150lqdm5677qsm8250sa6145ppm855_firmwarepm4250pmm6155aupm855b_firmwareqcs405_firmwareqpm6582_firmwarewtr2965qca6391_firmwarewcd9370_firmwareqln4650_firmwareqat3516_firmwareqpm5875sdx55qet5100msa8155psd675qet4101qat3555_firmwareqat3516qpa8803_firmwareqpm5658pm855bar8035_firmwareqcm2290qsm8250_firmwareqpm5658_firmwareqpm5870wcn3991_firmwareqdm5652_firmwarewsa8830pmm8155au_firmwarepm660qet6110_firmwaresdr051qln5030pm6125_firmwareqcs2290_firmwareqbt1500pm4125qpa5581pmi632qpa2625_firmwarepm456pm8350bh_firmwarepmr735b_firmwareqbt1500_firmwareqet5100_firmwareqpm5870_firmwareqpm4621qet6100_firmwareqcs4290qet6100pmm855ausd765g_firmwareqpa8686qca6420_firmwareqca6390_firmwaresd690_5gsmb1396pm7150asd730_firmwarewcd9370sd675_firmwarepm8350qpa5461_firmwaresdr425pm8350c_firmwarepmr525_firmwareqca6426wcn3990_firmwareqca9984_firmwareqpm5641pmi632_firmwarewcd9385_firmwareqdm5650_firmwaresdxr2_5g_firmwarewcd9326_firmwareqat5516pm7250_firmwareqdm5620sd662qpa8821_firmwarepm8350bhpmk8002_firmwarepm3003asa8155qdm4650_firmwaresdx55_firmwarepmm6155au_firmwareqat5533qca6595auwcn3999_firmwaresm7250p_firmwareqca6436_firmwareqsm7250_firmwareqpm6670smb1354pm7150l_firmwareqdm2305sa6155p_firmwareqpm8820qpm4641qat5515_firmwareqln5020_firmwarepm855qpm8830_firmwaresdxr2_5gpm8250smb1398qdm4643qfs2530_firmwarewcn3988_firmwarepmx55qpm4641_firmwaresa6145p_firmwaresdr675pm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresa8195psdr735_firmwaresm6250qpm5677qat5515wsa8810_firmwaresd765_firmwarewcd9326qdm5677_firmwarepm6350_firmwarepm8004_firmwaresdr8150_firmwareqcs4290_firmwarewcd9385qtc800h_firmwareqpm5620pmm8155auqln5040_firmwareqpm4630pm4125_firmwareqca6390wcd9375sd750g_firmwareaqt1000ar8035qpa8673sm6250_firmwarepmm8195auqdm2310qln5030_firmwareqln4642qpm5677_firmwarewsa8815_firmwaresd888_5g_firmwaresmr525_firmwarewtr3925_firmwaresmb1396_firmwarewcn6850_firmwareqpm8820_firmwarewsa8835_firmwareqpm6621_firmwaresmr546qet6110qln5040qcm2290_firmwareqpm8895qpm5670wcn3990pmx55_firmwaresd865_5gpmk8350smb1398_firmwareqpm8830pm8350bqat5522qdm2307_firmwarewsa8835pm8150cpmr735bsd665_firmwareqpm5657_firmwaresd888_5gpmk8003_firmwaresdr660_firmwareqca6574aqpm4640_firmwaresmb1390_firmwareqdm5679_firmwarepm8350csmr525qpm4640wcn6750pm6150l_firmwarepmr525pm8150a_firmwareqet5100m_firmwareqpm4650qtm525qca6574_firmwaresd855sm4125_firmwaresd665pm6150a_firmwarepm6150_firmwaresd765qca6574a_firmwareqpm4630_firmwaresd768g_firmwaresdr865_firmwareqat3555pm8250_firmwaresd460qca6391smb1351qpa5461aqt1000_firmwareqpm8895_firmwarewtr2965_firmwareqcm4290sdx50msdr8150qfs2608qtc801ssmb1395_firmwareqdm4650pmd9655qca6574auqpm5641_firmwaresd710sa8155p_firmwarepm8008_firmwarewcd9341_firmwareqpm6621wsa8810qtc410s_firmwarepmr735a_firmwareqat5568_firmwareqdm2308pmx50qdm5679sdr8250sd768gpm3003a_firmwareqca6696qtc800s_firmwaresm4350smb1381_firmwarepm8004pmk8002qpa2625sa6150ppmm8195au_firmwaresm7250psd720g_firmwareqpm4621_firmwarepm6250qpa5580Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-20
Improper Input Validation
CVE-2020-11294
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.04% / 11.23%
||
7 Day CHG~0.00%
Published-07 May, 2021 | 09:10
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound write in logger due to prefix size is not validated while prepended to logging string in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qpm5679_firmwaresa6150p_firmwareqca8337qca6431_firmwareqfs2608_firmwareqfs2530qpm8870_firmwareqpa8802wcd9360_firmwareqpm6585_firmwarepm6125qat3519qbt2000_firmwareqat5522_firmwarewcn3950_firmwarepm8150aqtc800hqdm5670sa8150p_firmwareqca6595au_firmwaresdr8250_firmwareqpa5581_firmwaresa6155pm7150lqpa8821pm8998_firmwareqcs605_firmwaresmr546_firmwareqdm5671wtr5975_firmwareqpm4650_firmwareqcs6125_firmwareqat3518qpa5580_firmwaresdr425_firmwarewcn3998smr526_firmwarewcn3950qpa5460pm640a_firmwareqsw8573_firmwarewcn3660bwgr7640_firmwareqdm2305_firmwareqpm5670_firmwareqsw8574_firmwaresd460_firmwareqdm5652qca6574au_firmwareqpa4360_firmwareqpm8870wcd9375_firmwarewcn3998_firmwareqpm5679qbt2000sa6155_firmwarewcd9360pm6150aqpm6670_firmwaresdr735gqpa5460_firmwarepm8150bqdm3301_firmwareqsm7250qcs6125sa8155_firmwaresd662_firmwareqat3522pmr735awcd9340sdm830_firmwaresd765gqualcomm215_firmwaresdr660qca6436wcn6851sa6155pqpa6560qfs2630_firmwaresdr865qdm5620_firmwarewcd9341smr545qdm4643_firmwareqca6696_firmwareqca6431qln5020sd870_firmwarepmm855au_firmwaresa8150ppm6350qdm5621qtc800sqpm5875_firmwarewsa8830_firmwaresd855_firmwareqet6105qdm5650wcn3988pm640p_firmwarewtr3925sa8195p_firmwaresmb1390wcn6750_firmwareqat5516_firmwarepm6150lsd8885gpm855l_firmwarewcn3610qpa8686_firmwareqpm6585qtc410swcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwaresmb1355qln4650qpa8801sdm429wsdr735g_firmwarewgr7640qat5568qet5100qdm5671_firmwareqpa8801_firmwareqca6564aupm8150l_firmwareqat5533_firmwaresdx55m_firmwareqtm527_firmwarepm8005_firmwaresdxr25gqpa8673_firmwarepm6150qet4101_firmwaresmb1354_firmwareqca6574pm7250bqln4642_firmwareqfs2630qpa8842wcd9380smb1355_firmwarepm7250b_firmwarequalcomm215qet4200aq_firmwarepmk8350_firmwaresmb1381sdr735pm7250wtr4905smb1395qpa8803smr526wtr5975wcn3980pmk8003qtc801s_firmwareqat3522_firmwaresdxr25g_firmwareqdm2301qsw8573qcs605wcd9340_firmwarewsa8815wcn6850qdm5621_firmwareqdm2301_firmwareqca6426_firmwarepm8350_firmwarewcn3660b_firmwarewcn3680pm8009wcn3980_firmwaresdx55mqca6421_firmwarepm8008pm8350b_firmwareqtm525_firmwareqat3518_firmwareqsw8574pmi8998wcn3680_firmwareqpm5621_firmwarepm855lqln1021aq_firmwarewcn6851_firmwareqdm5670_firmwareqpa6560_firmwaresd8655gqpa8802_firmwarepm7150a_firmwarepm8150b_firmwareqpm5621qpm6582smr545_firmwarepm8009_firmwareqca6564a_firmwareqfs2580_firmwareqcm4290_firmwaresd480sd870sd8885g_firmwarepm670pm8150lpmi8998_firmwaresd210_firmwareqdm5677pm8005sa6145ppm855_firmwarepm215qdm2302pmm6155aupm855b_firmwareqca6595_firmwareqpm6582_firmwarewtr2965sa2150pqca6391_firmwarepm640l_firmwarewcd9370_firmwareqln4650_firmwareqat3516_firmwareqpm5875sdx55qet5100msd888_firmwaresa8155psd675qet4101qat3555_firmwareqat3516pm670lqpa8803_firmwareqpm5658pm855bar8035_firmwareqln1031qpm5658_firmwareqpm5870pm8909wcn3991_firmwarewsa8830qdm5652_firmwarepmm8155au_firmwareqet6110_firmwareqln5030pm6125_firmwareqbt1500qpa5581pmi632qpa2625_firmwarepm8350bh_firmwarepmr735b_firmwareqbt1500_firmwareqet5100_firmwareqpm5870_firmwareqpm4621qet6100_firmwareqcs4290qet6100pmm855aupm670l_firmwaresdr660gsd765g_firmwareqpa8686qca6390_firmwaresmb1396pm7150awcd9370sd675_firmwarepm8350qpa5461_firmwareqpa4361_firmwarepm8350c_firmwaresdr425qca6426pmr525_firmwareqca6584au_firmwarewcn3990_firmwareqpm5641pmi632_firmwarewcd9385_firmwareqdm5650_firmwarewcd9326_firmwareqat5516wcn3615_firmwarepm7250_firmwareqdm5620qln1021aqsd662qpa8821_firmwaresdr660g_firmwarepm8350bhpmk8002_firmwareqsw6310_firmwarepm3003asa8155qln1031_firmwareqdm4650_firmwaresdx55_firmwarepmm6155au_firmwareqat5533wcn3615qca6595ausm7250p_firmwarewcn3610_firmwareqca6436_firmwareqsm7250_firmwareqpm6670smb1354pm7150l_firmwareqca6564au_firmwareqca6584auqdm2305sa6155p_firmwareqpm8820qpm4641qat5515_firmwareqln5020_firmwaresa515m_firmwarepm855sd429pm8250smb1398qdm4643qfs2530_firmwarewcn3988_firmwarepmx55qpm4641_firmwaresd205sd429_firmwarepm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresa8195psdr735_firmwaresa6145p_firmwareqpm5677qat5515wsa8810_firmwaresd765_firmwarewcd9326qdm5677_firmwareqet4200aqpm6350_firmwareqcs4290_firmwarewcd9385qtc800h_firmwareqdm2302_firmwareqat3550_firmwarepmm8155auqln5040_firmwareqpm4630qca6390wcd9375ar8035qpa8673pmm8195auqln5030_firmwareqln4642sda429wsd210qpm5677_firmwarewcn3620_firmwarewsa8815_firmwarewtr3925_firmwaresmr525_firmwarepm8998smb1396_firmwarewcn6850_firmwareqpm8820_firmwarewcn3620wsa8835_firmwareqpm6621_firmwareqca6564asmr546qcm6125_firmwareqet6110qln5040qpm8895qpm5670wcn3990pmx55_firmwareqtm527qca6595pmk8350smb1398_firmwaresd888pm8350bqat5522wsa8835sdm429w_firmwarepm8150cpmr735bsd665_firmwareqpa4360pmk8003_firmwaresdr660_firmwarepm8909_firmwareqpa4361qca6574aqpm4640_firmwaresmb1390_firmwareqdm5679_firmwarepm8350csmr525qpm4640wcn6750pm6150l_firmwarepmr525pm8150a_firmwareqet5100m_firmwareqpm4650qtm525qca6574_firmwaresa515msa2150p_firmwareqln1036aq_firmwaresd855sd665pm6150a_firmwarepm6150_firmwareqca6175asd765pm640pqca6574a_firmwareqpm4630_firmwaresd768g_firmwaresdr865_firmwareqat3555pm8250_firmwaresd460qca6391qpa5461pm215_firmwareqpm8895_firmwarewtr2965_firmwarepm670_firmwareqcm4290pm640aqfs2608sd480_firmwareqln1036aqqtc801ssmb1395_firmwareqdm4650qca6574auqpm5641_firmwaresa8155p_firmwaresd205_firmwareqsw6310qet6105_firmwarepm8008_firmwaresd8655g_firmwarewcd9341_firmwareqcm6125qpm6621wsa8810qtc410s_firmwarepmr735a_firmwareqat5568_firmwarepmw3100wtr4905_firmwareqat3550qdm5679sdr8250sd768gpm3003a_firmwareqca6696qtc800s_firmwaresmb1381_firmwarepmw3100_firmwareqpa2625pm640lpmk8002sa6150ppmm8195au_firmwaresm7250psdm830qpm4621_firmwareqca6175a_firmwareqpa5580Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2020-11175
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.64%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 10:00
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Use after free issue in Bluetooth transport driver when a method in the object is accessed after the object has been deleted due to improper timer handling.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8009W, MSM8909W, QCS605, QM215, SA6155, SA6155P, SA8155, SA8155P, SDA640, SDA670, SDA855, SDM1000, SDM640, SDM670, SDM710, SDM845, SDX50M, SDX55, SDX55M, SM6125, SM6350, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR1120, SXR1130, SXR2130, SXR2130P

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm6350sa6155p_firmwaresm7250sxr2130p_firmwaresda640sm6125sdm640sdx50msdm845sm7250_firmwaresa8155_firmwaresdx55m_firmwaresm8250_firmwaresm6125_firmwaresm6350_firmwaresa8155p_firmwaremsm8909w_firmwareqm215sdm710apq8009wsdm710_firmwaresxr1120sda670_firmwaresa6155sa6155psdm670sda640_firmwareqcs605_firmwaresxr2130sdx50m_firmwaresdm670_firmwaresm8150_firmwaresxr2130_firmwaresdx55msxr2130psda670sm7225qm215_firmwareqcs605sda855sdx55sa8155psm8250sm8150p_firmwaresm7250p_firmwaresm7225_firmwaresm8150sdm1000_firmwaresa8155sm7250psxr1130_firmwaresdx55_firmwaresdm640_firmwaresa6155_firmwaresxr1120_firmwaresda855_firmwaremsm8909wsdm1000apq8009w_firmwaresxr1130sm8150psdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2020-11125
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.05%
||
7 Day CHG~0.00%
Published-02 Nov, 2020 | 06:21
Updated-04 Aug, 2024 | 11:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Out of bound access can happen in MHI command process due to lack of check of channel id value received from MHI devices' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in Agatti, APQ8009, Bitra, IPQ4019, IPQ5018, IPQ6018, IPQ8064, IPQ8074, Kamorta, MDM9150, MDM9607, MDM9650, MSM8905, MSM8917, MSM8953, Nicobar, QCA6390, QCA9531, QCM2150, QCS404, QCS405, QCS605, QCS610, QM215, QRB5165, Rennell, SA415M, SA515M, SA6155P, SA8155P, Saipan, SC8180X, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM660, SDM670, SDM710, SDM845, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-ipq5018_firmwaremdm9150_firmwarekamorta_firmwareqcm2150_firmwareqcs610sdm429wsdm632_firmwaresdm845sdm450_firmwaresdm632sdm439qcs404_firmwaremdm9650sdm429sm7150_firmwaresm6150agatti_firmwaresdm429w_firmwaresm7150qca6390_firmwareapq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaresc8180xipq4019_firmwaresdm670_firmwareqcs404ipq8074ipq5018sa415mbitraipq6018_firmwaresa515mqcs605bitra_firmwaresdm429_firmwaremdm9650_firmwaremsm8905_firmwareipq8064sdx55_firmwaresxr1130_firmwaresxr1130apq8009agattiipq8064_firmwarenicobarsa6155p_firmwaremsm8953sdm450sa515m_firmwareqrb5165_firmwareqrb5165qcm2150sdm660mdm9607_firmwaresm8250_firmwaresc8180x_firmwaresa415m_firmwareqcs405qca9531ipq8074_firmwaresa8155p_firmwareqm215sdm710mdm9607sdm710_firmwaresa6155pqcs610_firmwaremdm9150msm8905ipq6018sm8150_firmwaresxr2130_firmwaresdm439_firmwareqcs405_firmwarerennellrennell_firmwareqca6390qm215_firmwareipq4019sdx55msm8953_firmwaresaipan_firmwaresm6150_firmwaresa8155pmsm8917_firmwaresm8250sm8150qca9531_firmwarekamortasaipannicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-9719
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.74%
||
7 Day CHG~0.00%
Published-16 Nov, 2017 | 22:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the kernel driver MDSS, a buffer overflow can occur in HDMI CEC parsing if frame size is out of range.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-15832
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 25.94%
||
7 Day CHG~0.00%
Published-26 Nov, 2024 | 08:55
Updated-09 Jan, 2025 | 21:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer overwrite due to improper input validation in WLAN host

Buffer overwrite in the WLAN host driver by leveraging a compromised WLAN FW

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_845sd_850_firmwaremdm9607sd_850mdm9607_firmwaresd_835_firmwaremdm9206sd_835mdm9206_firmwaresd_845_firmwareSnapdragon
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-9705
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 6.30%
||
7 Day CHG~0.00%
Published-10 Jan, 2018 | 22:00
Updated-16 Sep, 2024 | 16:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, concurrent rx notifications and read() operations in the G-Link PKT driver can result in a double free condition due to missing locking resulting in list_del() and list_add() overlapping and corrupting the next and previous pointers.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-415
Double Free
CVE-2017-15852
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.41%
||
7 Day CHG~0.00%
Published-30 Mar, 2018 | 21:00
Updated-17 Sep, 2024 | 00:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Information leak of the ISPIF base address in Android for MSM, Firefox OS for MSM, and QRD Android can occur in the camera driver.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-15842
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.04%
||
7 Day CHG~0.00%
Published-12 Jun, 2018 | 20:00
Updated-17 Sep, 2024 | 00:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer might get used after it gets freed due to unlocking the mutex before freeing the buffer in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-416
Use After Free
CVE-2020-11146
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.53%
||
7 Day CHG~0.00%
Published-21 Jan, 2021 | 09:41
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound write while copying data using IOCTL due to lack of check of array index received from user in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qpm5579qfs2580qca8337qdm5579qdm2307qfs2530qpa8802qln1030pm6125qat3519pm8150aqtc800hqdm5670sa6155qca6335pm7150lqpa8821qln1020apq8076qdm5671pmc1000hqat3518sd8cwcn3998wcn3950sm4125sd720gwcn3660bqca4020qdm5652sd6905gqpm8870qpm5679qbt2000pm855pqca6420pm6150asdr735gwcn3999pm8150bqsm7250qcs405qca6430qat3522pmr735awcd9340sd765gsdr660qca6436wcn6851sa6155pqpa6560msm8937sdr865wcd9341pmi8952smr545qca6431qln5020wcd9371sd750gqdm3302sa8150ppm6350qdm5621qtc800sqdm5650wcn3988wtr3925smb1390pm6150lsd8885gqet4100wcn3610qpm6585qtc410swcn3991smb1355qln4650qpa8801sdm429wwgr7640qat5568qet5100qca6564ausdxr25gpm6150qca6574pm7250bqfs2630qpa8842wcd9380qualcomm215qln4640smb1381sdr735pm7250wtr4905smb1395pm660lqpa8803smr526wtr5975wcn3980pmk8003qdm2301qsw8573qcs605wsa8815wcn6850wcn3910qpm6375smb1394wcn3680pm8009qpa8675sd730sdx55mpm8008qsw8574pmi8998pm855lsd8655gqpm5621qpm6582sd670pm670pm8150lqdm5677pm8005sa6145ppm215qdm2302pmm6155ausdxr1ar8031qpm5577wtr2965pm8150qpm5875sdx55qet5100msa8155pcsra6640pm8350bhssd675qet4101pm8952qat3516pm670lqpm5658qca9379pm855bsmb2351qln1031qpm5870pm8909wsa8830pm660qln5030qpm6325pm4125qbt1500qpa5581pmi632pm456csra6620qpm4621qcs4290qet6100pmm855ausdr660gqpa8686smb1396pm7150awcd9370pm8350qca6564sdr425qca6426qpm5641qpm5541qat5516wtr2955qdm5620qln1021aqsd662smb1380pm8350bhpm3003asa8155qat5533wcn3615qca6595ausm7350qpm6670smb1354wcd9306qca6584auqdm2305qca6310qpm8820qpm4641pm8937qpm2630pm855sd429pm8250smb1398qdm4643pmx55sd205sdr675qca6421sm6250qdm3301sa8195pqpm5677qat5515qat3514wcd9326wcd9335qet4200aqwcd9385pmm8155auqpm4630qca6390wcd9375ar8035aqt1000qpa8673qdm2310pmm8195auqln4642sda429wsd210pmi8937pm8998pmk7350wcn3620qca6564asmr546qet6110qln5040qpm8895qpm5670wcn3990qtm527qca6595pmk8350qpm8830pm8350bqat5522wsa8835pm8150cpmr735bsm6250pqpa4360qpa4361qca6574aqca6174apm8350csmr525qpm4640wcn6750pmr525pm7350cqpm4650qtm525wtr6955sd855sd8cxsd665qca6175asd765pm640pqat3555sd460qca6391smb1351qpa5461qcm4290pm640asdr8150qfs2608pm8916qln1036aqqtc801sqdm4650pmd9655qca6574ausd710qsw6310qpm6621wsa8810qdm2308pmw3100qat3550wcn6856qdm5679wcn3680bsdr8250sd768gwcn6740qca6696pm8004pm640lpmk8002qpa2625sd845sm7250ppm8956pm6250qpa5580Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2017-9721
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.74%
||
7 Day CHG~0.00%
Published-16 Nov, 2017 | 22:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the boot loader, a buffer overflow can occur while parsing the splash image.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-15825
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 5.76%
||
7 Day CHG~0.00%
Published-18 Sep, 2018 | 18:00
Updated-05 Aug, 2024 | 20:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing a gpt update, an out of bounds memory access may potentially occur.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-3646
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.81%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-04 Aug, 2024 | 07:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Buffer overflow seen as the destination buffer size is lesser than the source buffer size in video application' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Bitra, MSM8909W, QCM2150, QCS405, QCS605, Saipan, SC8180X, SDA845, SDM429W, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm2150_firmwaresdm429wqcm2150sdx24sm8250_firmwaresc8180x_firmwareqcs405sm7150_firmwaresm6150msm8909w_firmwaresdm429w_firmwaresm7150sxr2130sc8180xqcs605_firmwaresm8150_firmwaresdx24_firmwaresxr2130_firmwareqcs405_firmwaresda845_firmwarebitraqcs605sdx55saipan_firmwaresm6150_firmwaresm8250bitra_firmwaresm8150sdx55_firmwaresaipanmsm8909wsda845Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2017-9689
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.64%
||
7 Day CHG~0.00%
Published-10 Jan, 2018 | 22:00
Updated-16 Sep, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a specially-crafted HDMI CEC message can be used to cause stack memory corruption.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-9700
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.41%
||
7 Day CHG~0.00%
Published-05 Dec, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, buffer overwrite is possible in fw_name_store if image name is 64 characters.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2023-43532
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.05% / 16.49%
||
7 Day CHG~0.00%
Published-06 Feb, 2024 | 05:47
Updated-17 Jun, 2025 | 21:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Untrusted Pointer Dereference in Display

Memory corruption while reading ACPI config through the user mode app.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_7800wcd9380_firmwarewsa8830wcd9385wsa8840_firmwarefastconnect_6900wcd9385_firmwarewsa8845fastconnect_6900_firmwaresc8380xp_firmwarewsa8830_firmwarewsa8835wsa8840wsa8845_firmwaresnapdragon_7c\+_gen_3_compute_firmwarefastconnect_6700_firmwaresnapdragon_7c\+_gen_3_computewsa8835_firmwarewcd9380sc8380xpfastconnect_7800_firmwarewsa8845hfastconnect_6700wsa8845h_firmwaresnapdragon_8cx_gen_3_compute_platformsnapdragon_8cx_gen_3_compute_platform_firmwareSnapdragon
CWE ID-CWE-822
Untrusted Pointer Dereference
CWE ID-CWE-763
Release of Invalid Pointer or Reference
CVE-2017-9711
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 3.91%
||
7 Day CHG~0.00%
Published-22 Nov, 2024 | 09:09
Updated-25 Nov, 2024 | 19:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Permissions, Privileges, and Access Controls in Data

Certain unprivileged processes are able to perform IOCTL calls.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaresd_820asd_617_firmwaresd_415sd_616sd_425sd_430_firmwaremdm9607_firmwaresd_615mdm9650sd_650_firmwaresd_625sd_615_firmwaremsm8909w_firmwaremdm9607sd_210sd_820_firmwaresd_650sd_820sd_450_firmwaresd_845_firmwaresd_617sd_820a_firmwaremdm9206sd_652sd_425_firmwaresd_212_firmwaresd_625_firmwaresd_450sd_845mdm9206_firmwaresd_430sd_810sd_835_firmwaremdm9650_firmwaresd_835sd_205sd_210_firmwaresd_415_firmwaresd_652_firmwaremsm8909wsd_810_firmwaresd_616_firmwaresd_205_firmwaresd_212mdm9640Snapdragonsd_425_firmwaremsm8909w_firmwaresd_820_firmwaremdm9650_firmwaremdm9640_firmwaresd_430_firmwaresd_625_firmwaresd_820a_firmwaresd_835_firmwaresd_450_firmwaresd_845_firmwaresd_810_firmwaremdm9206_firmwaremdm9607_firmwaresd_617_firmware
CWE ID-CWE-264
Not Available
CVE-2017-15848
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 5.74%
||
7 Day CHG~0.00%
Published-10 Jan, 2018 | 22:00
Updated-16 Sep, 2024 | 17:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the fastrpc kernel driver, a buffer overflow vulnerability from userspace may potentially exist.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2023-43513
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.49%
||
7 Day CHG~0.00%
Published-06 Feb, 2024 | 05:47
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use of Out-of-range Pointer Offset in PCIe

Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1010_firmwaresdm429w_firmwaresd865_5gqcs8155_firmwareqca6595snapdragon_xr1_platformimmersive_home_214_platformqca8081_firmwareqcn9001snapdragon_x50_5g_modem-rf_systemwcd9340_firmwarewcd9395_firmwaresnapdragon_730_mobile_platformqcn6024qcc710_firmwareqca6426fastconnect_6700wcn3610snapdragon_768g_5g_mobile_platform_firmwaresa4150pwsa8832_firmwareqca8337qca6426_firmwarewcd9395snapdragon_460_mobile_platformsmart_display_200_platformqca6574au_firmwareqam8295pwcd9341sd626_firmwaresnapdragon_x12_lte_modemwsa8810_firmwaresd730_firmwarewsa8845h_firmwaresa9000p_firmwarefastconnect_6800_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaresnapdragon_4_gen_1_mobile_platform_firmwarevideo_collaboration_vc1_platform_firmwaresa4155psnapdragon_778g\+_5g_mobile_platformsa8770pqcn9000snapdragon_480\+_5g_mobile_platform_firmwaresnapdragon_695_5g_mobile_platform_firmwareqsm8350_firmwaresnapdragon_765g_5g_mobile_platformvideo_collaboration_vc1_platformqep8111wcd9385_firmwareqca6421qca6310ipq8074a_firmwarewcd9360snapdragon_ar2_gen_1_platform_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareimmersive_home_3210_platform_firmwaresnapdragon_685_4g_mobile_platformsa6155pqca6564au_firmwaresnapdragon_768g_5g_mobile_platformqca8075qam8650pvideo_collaboration_vc5_platform_firmwaresa9000psa6155p_firmwaresnapdragon_632_mobile_platform_firmwaresnapdragon_870_5g_mobile_platform_firmwareqca6436_firmwaresnapdragon_wear_4100\+_platform_firmwaresnapdragon_8\+_gen_1_mobile_platformqualcomm_205_mobile_platformsnapdragon_8_gen_2_mobile_platformsnapdragon_7c\+_gen_3_compute_firmwaresm4125_firmwareqca6420wcn3910csrb31024snapdragon_845_mobile_platformsnapdragon_x55_5g_modem-rf_system_firmwaresnapdragon_660_mobile_platformwcn3660bqca6574awcn3620_firmwareqca6174awcd9340qcs8250_firmwareqcm2290qdu1210snapdragon_auto_5g_modem-rf_gen_2sm8550p_firmwareqcm8550wcn3988qcn5122_firmwareqcn9024snapdragon_460_mobile_platform_firmwareqca6574snapdragon_x75_5g_modem-rf_systemqamsrv1hqcs410qcm2290_firmwaresa8155pqca8072_firmwarewsa8830sm8550psa6145psnapdragon_8\+_gen_1_mobile_platform_firmwaresa8255p_firmwaresnapdragon_626_mobile_platformqrb5165m_firmwaresa8650p_firmwarewcn3620snapdragon_678_mobile_platform_firmwarewcn3950_firmwaresnapdragon_632_mobile_platformqrb5165nsnapdragon_8_gen_1_mobile_platformfastconnect_6200snapdragon_710_mobile_platformsm7325p_firmwaresnapdragon_730g_mobile_platformwcd9360_firmwareqdx1011smart_audio_400_platformsnapdragon_855\+\/860_mobile_platformvideo_collaboration_vc3_platform_firmwaresd670_firmwareimmersive_home_326_platform_firmwaresnapdragon_750g_5g_mobile_platformqcn6224_firmwareqca6431sd660_firmwarevision_intelligence_200_platformsxr2130_firmwaresrv1mar8035_firmwaresnapdragon_730_mobile_platform_firmwareqrb5165msnapdragon_888_5g_mobile_platformsnapdragon_w5\+_gen_1_wearable_platform_firmwareqca4024_firmwarefsm20056sd888_firmwaresnapdragon_662_mobile_platform_firmwareqcs6125_firmwareqcn9074wsa8815_firmwareqca8337_firmwaresnapdragon_x12_lte_modem_firmwaresm7250p_firmwarewcn3680_firmwarewcn3950snapdragon_x65_5g_modem-rf_system_firmwareqca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_765g_5g_mobile_platform_firmwaresnapdragon_780g_5g_mobile_platformsnapdragon_710_mobile_platform_firmwaresa8295p_firmwaresa4155p_firmwaresnapdragon_720g_mobile_platformipq5010_firmwaresm7250pcsrb31024_firmwareipq6018sa8155snapdragon_845_mobile_platform_firmwaresd888qru1062_firmwaresnapdragon_4_gen_2_mobile_platformfsm20056_firmwareqru1062qca6310_firmwaresd626fastconnect_6800qcs7230snapdragon_685_4g_mobile_platform_firmwareqcn9001_firmwaresnapdragon_782g_mobile_platform_firmwarefastconnect_6900_firmwaresnapdragon_732g_mobile_platform_firmwaresnapdragon_xr2_5g_platform_firmwareqca8075_firmwaresnapdragon_865\+_5g_mobile_platformvideo_collaboration_vc3_platformsnapdragon_865_5g_mobile_platform_firmwaresnapdragon_212_mobile_platformqca6431_firmwareqca6698aq_firmwareqcs2290qcs2290_firmwarewcn3615wcn3680snapdragon_678_mobile_platformsa8255pqcs7230_firmwaresnapdragon_720g_mobile_platform_firmwarewcd9390_firmwareimmersive_home_318_platform_firmwareqcn5024snapdragon_690_5g_mobile_platformqep8111_firmwareqca6430qdx1011_firmwaresnapdragon_auto_5g_modem-rfssg2125pqru1052csra6640_firmwarevision_intelligence_100_platform_firmwareqamsrv1mimmersive_home_326_platformqam8650p_firmwarevideo_collaboration_vc5_platformqca6420_firmwareqcs6490_firmwaresnapdragon_x65_5g_modem-rf_systemsd855_firmwarewcd9335_firmwareqrb5165n_firmwareqca6436wcn3980_firmwarewsa8835wsa8840_firmwareqca6391_firmwareqdu1010_firmwaresnapdragon_732g_mobile_platformqcs4290_firmwaresnapdragon_865_5g_mobile_platformqualcomm_205_mobile_platform_firmwarecsra6620sd660qca8081mdm9628wsa8815qam8775pqca9377qcm4325_firmwareqcm4290_firmwareqcn5024_firmwareqcn9002_firmwaresnapdragon_425_mobile_platform_firmwareipq5010qcn9274_firmwaresmart_audio_400_platform_firmwaresnapdragon_778g_5g_mobile_platform_firmwaresg4150p_firmwaresnapdragon_480_5g_mobile_platformqru1052_firmwaresnapdragon_670_mobile_platformcsra6620_firmwareqcs8550sa8650pqam8775p_firmwaresd865_5g_firmwarewcd9375sa8145pimmersive_home_316_platformsnapdragon_888\+_5g_mobile_platform_firmwareqdx1010wcn3680b_firmwareqcm8550_firmwareapq8017qcs410_firmwaresa6150p_firmwaresnapdragon_429_mobile_platform_firmwareipq9574qcn9000_firmwaresw5100psxr1120qcs610_firmwarewcd9335wcd9370qca8072qca6696wcd9341_firmwaresnapdragon_626_mobile_platform_firmwareqcn9003_firmwarewcn6740_firmwareipq6018_firmwareimmersive_home_216_platformsnapdragon_x35_5g_modem-rf_system_firmwareqdu1110snapdragon_auto_4g_modemqca6574auwcd9390csra6640srv1hwcn3660b_firmwareqcn5122sd730snapdragon_730g_mobile_platform_firmwarefsm20055qcn6024_firmwaresnapdragon_695_5g_mobile_platformsnapdragon_210_processor_firmwareqcm6125_firmwarec-v2x_9150ssg2115pqcc710snapdragon_625_mobile_platform_firmwaresxr1120_firmwareqcn5054robotics_rb3_platform315_5g_iot_modem_firmwarefastconnect_6900qru1032_firmwareqcn5052qfw7114315_5g_iot_modemipq9574_firmwaresnapdragon_x55_5g_modem-rf_systemqam8255p_firmwaresa8155_firmwaresnapdragon_888_5g_mobile_platform_firmwareqca6335qcs4490snapdragon_8\+_gen_2_mobile_platform_firmwarewsa8845qca6421_firmwareqcm6125wsa8810qdu1000_firmwaresrv1h_firmwaresnapdragon_8\+_gen_2_mobile_platformqca6595ausm7315_firmwareqdu1010wcd9326_firmwarewsa8840srv1m_firmwareqcs8550_firmwareqdu1210_firmwareqfw7124_firmwareqcn9012qcs4490_firmwarewcn3910_firmwaresnapdragon_855\+\/860_mobile_platform_firmwaresnapdragon_212_mobile_platform_firmwarewcd9370_firmwaresnapdragon_750g_5g_mobile_platform_firmwareqdu1110_firmwareqdu1000sa8195pqca6335_firmwareqcm6490immersive_home_316_platform_firmwareimmersive_home_3210_platformfsm20055_firmwareqcn9274sa8775psxr2230p_firmwareqca6430_firmwaresnapdragon_870_5g_mobile_platformqcn9011sa8775p_firmwareqcn9024_firmwarewsa8845hsa6150pwcd9326sa8155p_firmwareqca6564asnapdragon_675_mobile_platformsnapdragon_662_mobile_platformqcn9074_firmwarevision_intelligence_400_platform_firmwareipq8174snapdragon_765_5g_mobile_platformflight_rb5_5g_platform_firmwareipq8174_firmwaresnapdragon_665_mobile_platformar8035qamsrv1m_firmwaresa6155qcm4325robotics_rb5_platformqcn6224smart_display_200_platform_firmwareqca6698aqssg2125p_firmwaresm6250sd670wcn3680bsa8145p_firmwareqcs8155snapdragon_888\+_5g_mobile_platformsa8150p_firmwaresnapdragon_w5\+_gen_1_wearable_platformfastconnect_6700_firmwarewcn3990qcn9002snapdragon_680_4g_mobile_platform_firmwareqcs6490qcs8250fastconnect_6200_firmwarear8031_firmwarewsa8830_firmwarewsa8845_firmwarewsa8832snapdragon_auto_4g_modem_firmwaresnapdragon_675_mobile_platform_firmwareqcn5022_firmwaresa4150p_firmwareqca6564auimmersive_home_214_platform_firmwaresa8195p_firmwareqcm4290qcn5054_firmwarevision_intelligence_100_platformsnapdragon_680_4g_mobile_platformar8031sg8275p_firmwareqca9377_firmwareqcm6490_firmwaresm4125qcm4490_firmwaresnapdragon_855_mobile_platformqru1032robotics_rb3_platform_firmwareflight_rb5_5g_platformsnapdragon_xr2_5g_platformsnapdragon_429_mobile_platformqcs6125snapdragon_7c\+_gen_3_computesnapdragon_xr2\+_gen_1_platform_firmwaresnapdragon_670_mobile_platform_firmwaresnapdragon_439_mobile_platformvision_intelligence_200_platform_firmwaresm6250_firmwaresnapdragon_780g_5g_mobile_platform_firmwareqca6584auqcn6274_firmwareqcn9011_firmwaresw5100_firmwaresnapdragon_439_mobile_platform_firmwaresnapdragon_425_mobile_platformsnapdragon_765_5g_mobile_platform_firmwarewcn6740qfw7114_firmwareqca4024qca6595_firmwarefastconnect_7800_firmwareimmersive_home_216_platform_firmwareapq8017_firmwarewcd9380sa6145p_firmwareqam8255psa6155_firmwaresxr2230psnapdragon_4_gen_1_mobile_platformsa8150pqcn9003snapdragon_778g_5g_mobile_platformsnapdragon_665_mobile_platform_firmwareqcn5052_firmwaresnapdragon_auto_5g_modem-rf_firmwaresnapdragon_x35_5g_modem-rf_systemsxr1230psw5100aqt1000c-v2x_9150_firmwareqca6688aqqam8295p_firmwaresd855wcn3990_firmwaresm7315qca6564a_firmwarewcd9385qsm8350wcn3610_firmwareqcs4290sxr1230p_firmwaresnapdragon_778g\+_5g_mobile_platform_firmwaresnapdragon_865\+_5g_mobile_platform_firmwaresg8275psdx55_firmwarewcn3615_firmwaresnapdragon_210_processorsxr2130qcm4490snapdragon_xr2\+_gen_1_platformqca6174a_firmwaresm7325psnapdragon_855_mobile_platform_firmwareaqt1000_firmwaresdm429wqca6584au_firmwareqcn5152_firmwareqcn6274snapdragon_480_5g_mobile_platform_firmwareqfw7124qca6595au_firmwaresw5100p_firmwaresnapdragon_ar2_gen_1_platformsnapdragon_782g_mobile_platformqca6696_firmwarewcd9380_firmwareqca6574_firmwaresg4150psd_8_gen1_5gqca6797aqmdm9628_firmwareqcn5152vision_intelligence_400_platformqca6574a_firmwaresdx55snapdragon_480\+_5g_mobile_platformipq8074aimmersive_home_318_platformsd_8_gen1_5g_firmwarewcd9375_firmwareqca6391qualcomm_215_mobile_platformqcn9012_firmwaresa8770p_firmwaresa8295psnapdragon_8_gen_2_mobile_platform_firmwaresnapdragon_xr1_platform_firmwarerobotics_rb5_platform_firmwaresnapdragon_625_mobile_platformsnapdragon_x50_5g_modem-rf_system_firmwarefastconnect_7800qualcomm_215_mobile_platform_firmwareqca6688aq_firmwarewcn3988_firmwareqamsrv1h_firmwaresnapdragon_wear_4100\+_platformwsa8835_firmwaressg2115p_firmwareqcn5022snapdragon_660_mobile_platform_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewcn3980snapdragon_690_5g_mobile_platform_firmwareqcs610Snapdragon
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-823
Use of Out-of-range Pointer Offset
CVE-2018-5863
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.38%
||
7 Day CHG~0.00%
Published-15 Jun, 2018 | 20:00
Updated-16 Sep, 2024 | 20:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

If userspace provides a too-large WPA RSN IE length in wlan_hdd_cfg80211_set_ie(), a buffer overflow occurs in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2023-43515
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.6||MEDIUM
EPSS-0.05% / 14.13%
||
7 Day CHG~0.00%
Published-01 Apr, 2024 | 15:05
Updated-13 Jan, 2025 | 21:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer copy without checking size of input (Classic buffer overflow) in HLOS

Memory corruption in HLOS while running kernel address sanitizers (syzkaller) on tmecom with DEBUG_FS enabled.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wsa8830_firmwarewcd9380fastconnect_6900wsa8835fastconnect_7800snapdragon_8_gen_1_mobilewsa8830fastconnect_7800_firmwarewcd9380_firmwarefastconnect_6900_firmwarewsa8835_firmwaresnapdragon_8_gen_1_mobile_firmwareSnapdragon
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2017-8246
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.29%
||
7 Day CHG~0.00%
Published-12 May, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In function msm_pcm_playback_close() in all Android releases from CAF using the Linux kernel, prtd is assigned substream->runtime->private_data. Later, prtd is freed. However, prtd is not sanitized and set to NULL, resulting in a dangling pointer. There are other functions that access the same memory (substream->runtime->private_data) with a NULL check, such as msm_pcm_volume_ctl_put(), which means this freed memory could be used.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-416
Use After Free
CVE-2023-43542
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.18%
||
7 Day CHG~0.00%
Published-03 Jun, 2024 | 10:05
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input in Trusted Execution Environment

Memory corruption while copying a keyblob`s material when the key material`s size is not accurately checked.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1010_firmwareqcm8550_firmwarerobotics_rb3sa6150p_firmwaresd865_5gqcs8155_firmwareqca6595wcd9335wcd9370qca8081_firmwaresnapdragon_670_mobileqca4004qca6696snapdragon_x70_modem-rf_firmwarewcd9340_firmwarewcd9341_firmwarewcd9395_firmwareqcn6024qcc710_firmwareqca6426snapdragon_8\+_gen_1_mobilewcn6740_firmwarefastconnect_6700snapdragon_780g_5g_mobileqca9984_firmwaresnapdragon_685_4g_mobilesa4150psnapdragon_782g_mobile_firmwaresnapdragon_x50_5g_modem-rf_firmwarewsa8832_firmwareqca8337qdu1110qca6426_firmwarewcd9395snapdragon_665_mobile_firmwaresc8180xp-aaab9205_lte_modemqca6574au_firmwareqcn7606_firmwareqca6564_firmwareqam8295pwcd9341snapdragon_wear_1300qca6574auwcd9390snapdragon_888\+_5g_mobile_firmwarewsa8810_firmwarewsa8845h_firmwarecsra6640snapdragon_778g_5g_mobile_firmwaresa9000p_firmwaresc8180xp-acafsnapdragon_850_mobile_computefastconnect_6800_firmwareqcs5430qcn6024_firmwareqcm5430qcm5430_firmwaresa4155psa8770psnapdragon_678_mobile_firmwaressg2115pqcc710snapdragon_xr2_5g_firmwaresa8540pqsm8350_firmwarefastconnect_6900qru1032_firmwarefsm10056_firmwareqfw7114wcd9385_firmwareqca6421qca6310qam8255p_firmwaresa8155_firmwareqca6335snapdragon_x65_5g_modem-rfqcs4490snapdragon_680_4g_mobilewsa8845sa6155pqca6421_firmwaresc8180x-adqca6564au_firmwarewsa8810qam8650pvideo_collaboration_vc5_platform_firmwaresa9000pqdu1000_firmwaresnapdragon_888_5g_mobile_firmwareqca6595ausnapdragon_888_5g_mobilesm7315_firmwareqdu1010snapdragon_662_mobile_firmwaresa6155p_firmwaresnapdragon_685_4g_mobile_firmwarewcd9326_firmwaresnapdragon_845_mobile_firmwarewsa8840qcs8550_firmwaresnapdragon_782g_mobileqdu1210_firmwaresnapdragon_8_gen_2_mobile_firmwaresnapdragon_x55_5g_modem-rfqfw7124_firmwaresnapdragon_4_gen_2_mobile_firmwareqca6436_firmwareqcn9012snapdragon_695_5g_mobile_firmwareqcs4490_firmwaresnapdragon_x55_5g_modem-rf_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewcn3910_firmwaresm4125_firmwaresnapdragon_460_mobilesnapdragon_8_gen_2_mobileqca6420wcn3910wcd9370_firmwareqdu1110_firmwareqdu1000qca6574asnapdragon_8\+_gen_2_mobileqca6174asa8195pwcd9340qcs8250_firmwareqcm2290qdu1210snapdragon_auto_5g_modem-rf_gen_2qca6335_firmwareqcm6490sa8540p_firmwaresm8550p_firmwareqcm8550wcn3988snapdragon_765_5g_mobile_firmwaresnapdragon_662_mobileqcn9024vision_intelligence_300_firmwaresa8775pqca6574sxr2230p_firmwaresd675_firmwaresnapdragon_855_mobile_firmwareqca6430_firmwareqcn9011sa8775p_firmwaresdx57msmart_audio_400qcn9024_firmwarewsa8845hsa6150pwcd9326qcm2290_firmwaresa8155p_firmwareqca6564asa8155psnapdragon_765g_5g_mobile_firmwarewsa8830sm8550psa6145psnapdragon_768g_5g_mobile_firmwaresa8255p_firmwarear8035snapdragon_4_gen_2_mobileqca6564sa6155qrb5165m_firmwareqcm4325qcn6224snapdragon_865\+_5g_mobile_firmwareqca6698aqwcn3950_firmwaressg2125p_firmwareqrb5165nsnapdragon_480\+_5g_mobilefastconnect_6200sd670sm7325p_firmwaresa8145p_firmwaresd460sc8180x-acaf_firmwaresnapdragon_480_5g_mobile_firmwareqcs8155qdx1011sa8150p_firmwarefastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwarewcn3990robotics_rb3_firmwaresnapdragon_x75_5g_modem-rf_firmwaresd670_firmwaresnapdragon_855_mobileqcs6490qcs8250snapdragon_695_5g_mobilesc8180xp-acaf_firmwaresnapdragon_778g_5g_mobilefastconnect_6200_firmwarear8031_firmwarewsa8830_firmwaresnapdragon_460_mobile_firmwareqcn6224_firmwareqca6431wsa8845_firmwarewsa8832snapdragon_480_5g_mobilesdx57m_firmwaresxr2130_firmwaresnapdragon_860_mobile_firmwarear8035_firmwaresc8180xp-aaab_firmwaresnapdragon_778g\+_5g_mobileqrb5165msc8380xpsa4150p_firmwaresd888_firmwarewcd9306qca6564ausc8180xp-adsnapdragon_wear_1300_firmwaresc8280xp-abbbwsa8815_firmwaresa8195p_firmwareqca8337_firmwareqcm4290ar8031sg8275p_firmwareqca9377_firmwareqcm6490_firmwaresnapdragon_665_mobilesm7250p_firmwarewcn3999sm4125qcm4490_firmwareqru1032vision_intelligence_400_firmwarewcn3950flight_rb5_5gsnapdragon_870_5g_mobile_firmwareqca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_7c\+_gen_3_computeqca4004_firmwaresnapdragon_778g\+_5g_mobile_firmwaresa8295p_firmwaresmart_audio_400_firmwaresd_675_firmwaresnapdragon_870_5g_mobilesnapdragon_678_mobilesa4155p_firmwareqca9984sm7250psc8180x-acafsa8155sd_8cx_firmwaresc8180x-ad_firmwareqca6584ausd888qcn6274_firmwareqcn9011_firmwareqru1062_firmwarefsm10056sd460_firmwaresnapdragon_675_mobile_firmwaresnapdragon_850_mobile_compute_firmwarewcn6740snapdragon_768g_5g_mobilesc8380xp_firmwaresnapdragon_780g_5g_mobile_firmwareqru1062qca6310_firmwaresnapdragon_845_mobilefastconnect_6800qfw7114_firmwareqcs7230qca6595_firmwarefastconnect_7800_firmwaresnapdragon_675_mobilesnapdragon_865_5g_mobile_firmwarefastconnect_6900_firmwarerobotics_rb5_firmwarewcd9380sa6145p_firmwareqam8255psa6155_firmwaresxr2230psnapdragon_xr2_5gsa8150psnapdragon_x24_lte_modemsc8180x-aaabsxr1230psc8180x-aaab_firmwaresd662_firmwarevideo_collaboration_vc3_platformaqt1000wcd9306_firmwaresnapdragon_4_gen_1_mobile_firmwareqam8295p_firmwaresd855qca6431_firmwarewcn3990_firmware9205_lte_modem_firmwaresm7315qca6698aq_firmwareqcs2290qca6564a_firmwareqcn7606wcd9385qcs2290_firmwaresnapdragon_888\+_5g_mobileqsm8350snapdragon_8_gen_1_mobilewcn3999_firmwaresd662snapdragon_680_4g_mobile_firmwaresa8255pqcs7230_firmwareqcs4290sxr1230p_firmwarewcd9390_firmwaresnapdragon_865\+_5g_mobileqca6430snapdragon_855\+_mobilesg8275psnapdragon_765_5g_mobileqdx1011_firmwaresnapdragon_860_mobilesc8180xp-ad_firmwaresdx55_firmwareflight_rb5_5g_firmwaressg2125pqru1052sxr2130qcm4490snapdragon_x65_5g_modem-rf_firmwarecsra6640_firmwaresnapdragon_480\+_5g_mobile_firmwarerobotics_rb5qca6174a_firmwaresm7325psnapdragon_x50_5g_modem-rfqam8650p_firmwarevideo_collaboration_vc5_platformsnapdragon_670_mobile_firmwareqca6420_firmwareaqt1000_firmwareqcs6490_firmwaresd855_firmwarewcd9335_firmwareqrb5165n_firmwareqca6436snapdragon_x70_modem-rfwcn3980_firmwaresnapdragon_x24_lte_modem_firmwarewsa8835qca6391_firmwarewsa8840_firmwareqcn6274qfw7124qdu1010_firmwareqca6595au_firmwareqca6696_firmwareqcs4290_firmwarewcd9380_firmwareqca6574_firmwarecsra6620qca8081wsa8815sg4150psd_8_gen1_5gqam8775pqca9377snapdragon_ar2_gen_1_firmwareqca6797aqsnapdragon_x75_5g_modem-rfqcm4325_firmwareqca6574a_firmwaresdx55snapdragon_4_gen_1_mobileqcm4290_firmwaresnapdragon_865_5g_mobilesnapdragon_855\+_mobile_firmwaresd675sd_8_gen1_5g_firmwarewcd9375_firmwareqca6391qcn9012_firmwareqcs5430_firmwaresg4150p_firmwareqru1052_firmwaresa8770p_firmwarecsra6620_firmwaresa8295pqcs8550sc8280xp-abbb_firmwarefastconnect_7800qam8775p_firmwaresd865_5g_firmwaresnapdragon_8\+_gen_2_mobile_firmwarewcd9375vision_intelligence_300snapdragon_ar2_gen_1snapdragon_765g_5g_mobilewcn3988_firmwaresa8145psd_675snapdragon_8\+_gen_1_mobile_firmwaresd_8cxvision_intelligence_400ssg2115p_firmwarewsa8835_firmwarewcn3980qca6584au_firmwareqdx1010snapdragon_8_gen_1_mobile_firmwareSnapdragonqam8255p_firmwareqca9377_firmwaresnapdragon_850_mobile_compute_platform_firmwaresnapdragon_662_mobile_platform_firmwaresa6150p_firmwaresa8145p_firmwaresxr2230p_firmwareqcs2290_firmwaresnapdragon_x24_lte_modem_firmwaresg8275p_firmwareqca6431_firmwareflight_rb5_5g_platform_firmwareqcn6224_firmwarewcn3950_firmwaresnapdragon_888_5g_mobile_platform_firmwaresa8150p_firmwareqca6420_firmwareqca6595au_firmwarecsra6620_firmwaresd_675_firmwaresd675_firmwarecsra6640_firmwareqcm5430_firmwaresnapdragon_460_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwareqca6584au_firmwarewcn3990_firmwareqrb5165n_firmwareqca9984_firmwarequalcomm_video_collaboration_vc3_platform_firmwaresd_8cx_firmwarewcd9385_firmwareqcn6024_firmwarewcd9326_firmwaresd_8_gen1_5g_firmwareqsm8350_firmwaresd460_firmwareqam8295p_firmwareqcn9011_firmwaresa9000p_firmwaresm7315_firmwaresnapdragon_695_5g_mobile_platform_firmwareqca6574au_firmwaresdx55_firmwarewcd9375_firmwareqca8081_firmwaresa6155_firmwarewcn3999_firmwaresm7250p_firmwarewsa8845h_firmwareqca6436_firmwaresnapdragon_680_4g_mobile_platform_firmwareqca6564au_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwaresmart_audio_400_platform_firmwaresa8775p_firmwaresnapdragon_x70_modem-rf_system_firmwareqrb5165m_firmwarewsa8840_firmwaresa4155p_firmwaresa8155_firmwarerobotics_rb3_platform_firmwareqca4004_firmwareqcs8550_firmwaresc8380xp_firmwaresd662_firmwarevision_intelligence_300_platform_firmwarewcn3988_firmwareqru1062_firmwaresa6145p_firmwarewcd9306_firmwarefastconnect_6700_firmwarewsa8810_firmwarefsm10056_firmwaresnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwarewcd9395_firmwareqdu1000_firmwareqca6698aq_firmwareqca6174a_firmwareqcs4290_firmwaresa8770p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqam8775p_firmwaresnapdragon_wear_1300_platform_firmwaresxr2130_firmwareqca6696_firmwareqcs6490_firmwaresnapdragon_665_mobile_platform_firmwareqru1052_firmwarewcn3910_firmwaresnapdragon_855_mobile_platform_firmwareqcc710_firmwarevision_intelligence_400_platform_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewsa8815_firmwarewsa8835_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwareqcn7606_firmwaresa8295p_firmwaresg4150p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwaresnapdragon_675_mobile_platform_firmwareqcm2290_firmwarerobotics_rb5_platform_firmwareqca8337_firmwarewcd9380_firmwaresnapdragon_778g_5g_mobile_platform_firmwareqcs7230_firmwareqdu1010_firmwaresnapdragon_670_mobile_platform_firmwaresd670_firmwaresxr1230p_firmwareqdu1110_firmwaresa8540p_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaressg2125p_firmwareqca6310_firmwareqca6430_firmwareqcn9012_firmwareqfw7114_firmwarewcd9335_firmwareqca6335_firmwareqcm4325_firmwareqca6574_firmwarewcd9340_firmwaresm4125_firmwaresm7325p_firmwaresdx57m_firmwareqru1032_firmwaresnapdragon_xr2_5g_platform_firmwarewsa8845_firmwareqca6426_firmwareqca6574a_firmwarefastconnect_6200_firmwarewcn3980_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresnapdragon_x50_5g_modem-rf_system_firmwareqca6421_firmware9205_lte_modem_firmwareaqt1000_firmwarewcn6740_firmwareqcm4490_firmwaresnapdragon_845_mobile_platform_firmwareqcn6274_firmwareqcs4490_firmwarear8031_firmwareqcm6490_firmwarewsa8832_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwareqca6797aq_firmwaresa8155p_firmwareqdx1011_firmwareqca6564a_firmwareqcn9024_firmwareqcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwareqcm4290_firmwareqdx1010_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqam8650p_firmwareqca6564_firmwareqca6595_firmwareqcs5430_firmwareqca6391_firmwaresa4150p_firmwarewcd9370_firmwaresm8550p_firmwarequalcomm_video_collaboration_vc5_platform_firmwaresd888_firmwarewcd9390_firmwaressg2115p_firmwareqcs8155_firmwareqfw7124_firmwareqdu1210_firmwarear8035_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2017-14888
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.74%
||
7 Day CHG~0.00%
Published-07 Dec, 2018 | 14:00
Updated-05 Aug, 2024 | 19:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Userspace can pass IEs to the host driver and if multiple append commands are received, then the integer variable that stores the length can overflow and the subsequent copy of the IE data may potentially lead to a heap buffer overflow.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-14880
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.37%
||
7 Day CHG~0.00%
Published-03 Apr, 2018 | 17:00
Updated-16 Sep, 2024 | 16:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, while IPA WAN-driver is processing multiple requests from modem/user-space module, the global variable "num_q6_rule" does not have a mutex lock and thus can be accessed and modified by multiple threads.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2023-43525
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 6.99%
||
7 Day CHG~0.00%
Published-06 May, 2024 | 14:32
Updated-15 Jan, 2025 | 16:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Audio

Memory corruption while copying the sound model data from user to kernel buffer during sound model register.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-Snapdragonqam8255p_firmwaresa8620p_firmwaresa6155p_firmwareqca8337_firmwaresa6150p_firmwaresa8145p_firmwareqcn6274_firmwaresa8775p_firmwaresa8650p_firmwaresrv1h_firmwareqcn6224_firmwaresa6145p_firmwaresa8155p_firmwaresa7255p_firmwaresa8150p_firmwarefastconnect_7800_firmwaresa8255p_firmwareqca6698aq_firmwareqamsrv1m_firmwaresrv1m_firmwareqam8650p_firmwaresa8770p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqam8775p_firmwareqca6584au_firmwareqca6696_firmwareqfw7114_firmwareqamsrv1h_firmwarewcd9340_firmwareqcc710_firmwareqam8295p_firmwaresa9000p_firmwareqca6574au_firmwaresa8195p_firmwareqca8081_firmwareqfw7124_firmwaresa8295p_firmwarear8035_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-43517
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.05% / 14.21%
||
7 Day CHG~0.00%
Published-06 Feb, 2024 | 05:47
Updated-15 May, 2025 | 19:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Access Control in Automotive Multimedia

Memory corruption in Automotive Multimedia due to improper access control in HAB.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qam8255p_firmwaresa8775p_firmwaresa8650p_firmwareqam8650pqca6698aqqca6595srv1h_firmwareqam8775pqamsrv1mqca6574ausrv1hsa8540p_firmwaresa8255p_firmwaresa8540pqca6698aq_firmwareqamsrv1m_firmwaresrv1m_firmwareqam8650p_firmwaresa8770p_firmwareqam8775p_firmwaresa8255pqca6696_firmwareqca6595_firmwareqamsrv1hqca6696qam8295psa8650pqamsrv1h_firmwaresa9000pqam8295p_firmwaresa9000p_firmwaresa8775pqca6574au_firmwaresrv1msa8295p_firmwareqam8255psa8770psa8295pSnapdragon
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-8276
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.79%
||
7 Day CHG~0.00%
Published-18 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 16:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper authorization involving a fuse in TrustZone in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_632sd_820amsm8996au_firmwaresd_439sd_429sdx24sdm439sd_636sd_615_firmwaresnapdragon_high_med_2016_firmwaremsm8996ausd_820sd_650sd_450_firmwaresd_410sd_820a_firmwaremdm9206sd_652sd_425_firmwaresdx24_firmwaresd_625_firmwaresd_450mdm9206_firmwaresd_632_firmwaresd_835_firmwaresd_835sda660sd_210_firmwaresd_415_firmwaresd_652_firmwaresd_616_firmwaresd_205_firmwaresd_415sd_650_firmwaresd_212sd_427_firmwaresd_412sd_616sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_615sdm630sd_625sd_210mdm9607sd_636_firmwaresd_820_firmwaresd_439_firmwaresd_429_firmwaresnapdragon_high_med_2016sd_212_firmwaresdm439_firmwaresd_412_firmwaresdm630_firmwaresda660_firmwaresd_427sd_430sd_810sd_435_firmwaresd_410_firmwaresd_205sd_810_firmwaresdm660_firmwareSnapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-863
Incorrect Authorization
CVE-2020-11195
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.75%
||
7 Day CHG~0.00%
Published-22 Feb, 2021 | 06:25
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound write and read in TA while processing command from NS side due to improper length check on command and response buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100qfe2080fc_firmwareqca9377_firmwareqfs2580qpm5679_firmwaremdm9640_firmwaresm6250p_firmwarepmd9607_firmwareqfe4455fc_firmwareqca8337qfs2608_firmwareqfs2530qpm8870_firmwareqln1030qpa8688pm6125qat5522_firmwarewcn3950_firmwarepm8150aqdm5670qca6595au_firmwareqpm5541_firmwareqpa5581_firmwaresa6155pm7150lqpa8821pm8998_firmwarewtr5975_firmwareqcs6125_firmwarepm456_firmwareqpa5580_firmwaremsm8108sa415mwcn3998wcd9371_firmwaremsm8108_firmwarewcn3950sm4125sd720gwtr1605mdm9206_firmwareqsw8573_firmwarewcn3660bqsm8350_firmwareqsw8574_firmwareqsm8350sd460_firmwaresmb2351_firmwareqpa4360_firmwarewcn3998_firmwarepm855pqca6420wtr4605_firmwarepm6150aqpm6670_firmwareqca9367_firmwaremdm8207pm660_firmwarepm8150bsa8155_firmwareqca4004_firmwareqfe2101qca6430qat3522qfe4455fcpmr735awcd9306_firmwarewcd9340sdm830_firmwaresd765gsdr660msm8209_firmwareqfs2630_firmwaresdr865mdm9250_firmwareqdm5620_firmwaresmr545qca6696_firmwareqln5020wcd9371smb1350pmm855au_firmwaresm4350_firmwaresd_8cxwtr3950sa8150ppm6350qdm5621qtc800sqca4004sd865_5g_firmwaresd712pm640p_firmwarewcn6750_firmwareqat5516_firmwarepm6150lpm855l_firmwareqtc410swcn3991qpa8801pm8150l_firmwareqat5533_firmwaresdx55m_firmwareqpa8673_firmwarepm6150smb1354_firmwaresd670_firmwareqca6574qfs2630qpa8842sdr052_firmwarepmm8996auwcd9380qln4640qcs410qpm5579_firmwaresmb1380_firmwarepmk8350_firmwaresmb1381pm855p_firmwaresd690_5g_firmwareqfe3100_firmwarepm7250qca9379_firmwarewtr4905qpa8803sdx24_firmwareqdm2301wcd9340_firmwarewsa8815wcn6850qfe2101_firmwareqdm5621_firmwareqdm2301_firmwareqpm6375sd_8c_firmwaresd835qca1990wcn3980_firmwaresd730qfe3320_firmwarepm660l_firmwarepm6250_firmwarepm8008pm8350b_firmwareqtm525_firmwarepme605_firmwarewtr1605l_firmwarepme605apq8064au_firmwareqpm5621_firmwareqca6234qln1021aq_firmwareqcs603qpa6560_firmwareqpa8802_firmwareqln4640_firmwareqpm5621qpm6582sd670pm8009_firmwareqfs2580_firmwareqcm4290_firmwarepm8150lpmi8998_firmwareqcs610_firmwaresa6145psdr105pm4250ar8031qpm5577mdm8207_firmwarewtr2965mdm9205_firmwareqca6391_firmwaresd820_firmwarepm8150wcd9370_firmwareqat3516_firmwaresdx55csra6640qat3555_firmwarepmi8994qpa8803_firmwareqca9379pm855bqca6234_firmwareqln1031qsm8250_firmwaresmb2351qpm5870pm8909mdm9150_firmwarewsa8830pm660qet6110_firmwareqpm6325pm6125_firmwareqbt1500qpa5581csrb31024mdm9628_firmwaremdm9650pmx24_firmwarefsm10055_firmwareqbt1500_firmwareqpm5870_firmwarepmk8001qcs4290qet6100pmm855aumdm9250qca6420_firmwareapq8009_firmwaresd690_5gsmb1396pm7150amsm8916_firmwaresd675_firmwarepm8350qca6564qpa4361_firmwarepm8350c_firmwareqpa5461_firmwareqca6426wcn3990_firmwareqca9377qpm5641wcd9385_firmwareqdm5650_firmwaresdxr2_5g_firmwarewcd9326_firmwarewhs9410wcn3615_firmwarewtr2955rgr7640au_firmwarepm7250_firmwaresdr845_firmwareqdm5620qln1021aqsmb1380pmk8002_firmwareqsw6310_firmwaresa8155qln1031_firmwareqdm4650_firmwaresdx55_firmwarepmm6155au_firmwareqat5533wcn3615sm7250p_firmwarewcn3610_firmwareqsm7250_firmwaremdm9207qpm6670pm7150l_firmwarewcd9306qca6584aumsm8208qpm4641qat5515_firmwarepm855qpm8830_firmwarepm8250qca9367qfe2082fc_firmwaremdm9607_firmwaremdm9655_firmwareqdm4643qfs2530_firmwaresa415m_firmwarepmx55qpm4641_firmwarewcn3988_firmwaresd205pm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresa8195psdr735_firmwareqpm5677qat5515qca6694wcd9326wcd9335pm6350_firmwarepm8004_firmwaresdr8150_firmwareqcs4290_firmwareqtc800h_firmwareqpm5620qpm4630qca6390wcd9375sd750g_firmwareaqt1000sm6250_firmwarepmm8195auqln4642qpm5677_firmwarewsa8815_firmwaresd888_5g_firmwaresmr525_firmwarepm8998wtr3925_firmwareqpm8820_firmwaremsm8916qln1020_firmwareqpm6621_firmwarepm670a_firmwareqcm6125_firmwarepmx55_firmwarewtr2955_firmwareqbt1000_firmwaresd865_5gpm8019qca6595pm8150_firmwaresmb1398_firmwareqpm8830pmm8996au_firmwareqat5522pm8150cpmr735bsd665_firmwareqpa4360pmk8003_firmwaresc8180xqpa4361qpm4640_firmwaremdm9206qpm5577_firmwareqdm5679_firmwarepm8350csmr525qca6310_firmwarepm6150l_firmwarepmr525pm8150a_firmwareqca6574_firmwarewtr3950_firmwareqln1036aq_firmwaresd665pm6150a_firmwarepm6150_firmwareqca6175asd765qca6574a_firmwarepmd9607qpm4630_firmwareqat3555sd850_firmwareapq8009qpa5461qfe2082fcwtr2965_firmwarepm670_firmwarecsrb31024_firmwareqfs2608qln1036aqqtc801ssc8180x_firmwareqpm5641_firmwareqfe3320sd710mdm9607pm8008_firmwareqln1035bd_firmwareqpm6621pmr735a_firmwarepmx50qca6564_firmwaresdr8250sd768gqln1030_firmwaresmb1350_firmwarepm8004pm640lpmk8002apq8096au_firmwaresd845sdm830pmd9655au_firmwareqcs410_firmwareqca6175a_firmwareqpa5580qpm5579fsm10055qfe2550sa6150p_firmwareqcs610pmi8996qpm5620_firmwareqdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqat3519qbt2000_firmwarepm855a_firmwareqtc800hsa8150p_firmwareqcs2290sdr8250_firmwareqca6335csra6620_firmwareqcs605_firmwareqln1020sd_675_firmwaresmr546_firmwareqdm5671csra6640_firmwarepmc1000hqpm4650_firmwarewtr3905qat3518sdr425_firmwaresmr526_firmwaremdm9628pm640a_firmwareqpa5460wgr7640_firmwareqdm2305_firmwareqpm5670_firmwaresd710_firmwareqca4020qdm5652qca6574au_firmwareqpm8870wcd9375_firmwareqpm5679qbt2000sa6155_firmwarewcd9360pmx50_firmwareqpa8675_firmwarewhs9410_firmwaresdr735gqpa5460_firmwarewcn3999qdm3301_firmwarepm8996qsm7250qcs6125apq8016_firmwaresd662_firmwaresmb1360qcs405qca1990_firmwareqfe3440fcqdm2308_firmwarefsm10056_firmwareqca4020_firmwareqca6436wcn6851sa6155pqcs603_firmwareqpa6560sdr675_firmwarewcd9341qdm4643_firmwaremdm9655qca6431qet4100_firmwaresd750gwcn3910_firmwareqpm5657wtr1605_firmwaremdm9207_firmwareqpm5875_firmwarewsa8830_firmwaresd855_firmwareqdm5650wcn3988wtr3925qfe2080fcsdr052sa8195p_firmwaresmb1390msm8208_firmwareqet4100wcn3610msm8608mdm9640qpa8686_firmwareqpm6585qca8337_firmwarewcd9380_firmwaresmb1355qln4650qtc800t_firmwarewcd9330msm8996au_firmwaresdr735g_firmwarewgr7640qat5568qet5100qdm5671_firmwareqpa8801_firmwareqca6564auqtm527_firmwarepm8005_firmwareqet4101_firmwarepm7250bqln4642_firmwarepmk8001_firmwaresmb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwarepm8996_firmwareqet4200aq_firmwaresdx50m_firmwaresdr735smb1395pm660lsmr526wtr5975qca6430_firmwarepmk8003qtc801s_firmwarewcd9335_firmwareqat3522_firmwarewcn3980qca6335_firmwareqsw8573qcs605qbt1000sd7cqca6320wcn3910mdm9650_firmwareqca6426_firmwarepm8350_firmwarewcn3660b_firmwarepm8009qpa8675sdr051_firmwarewcd9330_firmwaresdx55mpm670aqca6421_firmwarewtr3905_firmwareqat3518_firmwareqsw8574pmi8998sd821_firmwarear8031_firmwarepm855lwcn6851_firmwareqdm5670_firmwarepm7150a_firmwarepm8150b_firmwaresmr545_firmwarepmc1000h_firmwareqca6564a_firmwareqdm2310_firmwareqca6694au_firmwarepm4250_firmwaresdr105_firmwarepm670sd210_firmwarewtr1605lqdm5677pm8005qsm8250pm855_firmwareqdm2302pmm6155ausdxr1pm855b_firmwareapq8096auqca6595_firmwareqcs405_firmwareqpm6582_firmwareqpm6375_firmwarepm640l_firmwarepmi8996_firmwareqln4650_firmwareqpm5875qet5100msa8155psd675wtr4605qet4101qat3516pm670lqpm5658ar8035_firmwareqcm2290qpm5658_firmwarewcn3991_firmwareqdm5652_firmwarepmm8155au_firmwareqfe4465fcsdr051qln5030qcs2290_firmwarepm4125fsm10056pmi632qpa2625_firmwarepm456sd7c_firmwareqfe2081fc_firmwarepm8350bh_firmwarecsra6620pmr735b_firmwareqet5100_firmwareqpm4621smb1360_firmwareqet6100_firmwarepm670l_firmwaresdr660gsd765g_firmwareqpa8686qca6390_firmwaresd730_firmwarewcd9370sdr425pmr525_firmwareqca6584au_firmwarepmi632_firmwaresd_8cx_firmwareqpm5541qat5516smb358_firmwaresd662qpa8821_firmwaresdr660g_firmwarepm8350bhpm3003aqca6320_firmwarewcn3680b_firmwareqca6595auwcn3999_firmwareqca6436_firmwareqtc800tsmb1354qca6564au_firmwareqdm2305sa6155p_firmwareqca6310qpm8820qpm2630qfe2081fcqln5020_firmwaresdxr2_5gsmb1398sd821sa6145p_firmwaresdr675sm6250sd712_firmwarewsa8810_firmwaresmb231sd765_firmwareqdm5677_firmwareqet4200aqqca6174a_firmwarewcd9385qpm6325_firmwareqdm2302_firmwareqat3550_firmwarepmm8155auqln5040_firmwarepm4125_firmwarear8035pm8019_firmwareapq8064auqca6694_firmwareqpa8673qdm2310qfe2550_firmwareqln5030_firmwareqca6694ausd210wcn3620_firmwaresd820smb1396_firmwarewcn6850_firmwarewcn3620wsa8835_firmwaresmb358qca6564asmr546pmx24qet6110qln5040qcm2290_firmwareqpm8895sdr845qpm5670wcn3990sd_675qtm527qfe3440fc_firmwarepmk8350sdx24pmi8994_firmwarepm8350bqdm2307_firmwarewsa8835msm8996auqpm5657_firmwaresd888_5gsm6250prgr7640auqln1035bdpm855asdr660_firmwarepm8909_firmwareqca6574apm8916_firmwaresmb1390_firmwareqca6174aqpm4640wcn6750qet5100m_firmwareqpm4650mdm9205qtm525wtr6955sd855sm4125_firmwarewtr6955_firmwarepm640psd768g_firmwaresdr865_firmwaremsm8209qfe4465fc_firmwarepm8250_firmwaresd460qca6391sdxr1_firmwaresmb1351aqt1000_firmwareqpm8895_firmwareqcm4290sdx50mpm640asdr8150pm8916pmd9655ausmb1395_firmwareqdm4650pmd9655qca6574ausa8155p_firmwaresd205_firmwareqsw6310wcd9341_firmwareqcm6125wsa8810qtc410s_firmwareqpm2630_firmwaresmb231_firmwareqat5568_firmwareqdm2308qat3550mdm9150wtr4905_firmwareqdm5679sd_8cwcn3680bsd835_firmwarepm3003a_firmwareqca6696qtc800s_firmwaresm4350apq8016msm8608_firmwaresd845_firmwaresmb1381_firmwareqpa2625sa6150pqpa8688_firmwarepmm8195au_firmwaresm7250psd720g_firmwareqpm4621_firmwaresd850pm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
CVE-2017-14898
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.41%
||
7 Day CHG~0.00%
Published-05 Dec, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing the QCA_NL80211_VENDOR_SUBCMD_SET_TXPOWER_SCALE vendor command, in which attribute QCA_WLAN_VENDOR_ATTR_TXPOWER_SCALE contains fewer than 1 byte, a buffer overrun occurs.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-14892
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.41%
||
7 Day CHG~0.00%
Published-30 Mar, 2018 | 21:00
Updated-16 Sep, 2024 | 23:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the function msm_pcm_hw_params() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-09-19, the return value of q6asm_open_shared_io() is not checked properly potentially leading to a possible dangling pointer access.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-20
Improper Input Validation
CVE-2017-8245
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.19%
||
7 Day CHG~0.00%
Published-12 May, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all Android releases from CAF using the Linux kernel, while processing a voice SVC request which is nonstandard by specifying a payload size that will overflow its own declared size, an out of bounds memory copy occurs.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2023-43535
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.05% / 16.49%
||
7 Day CHG~0.00%
Published-06 Feb, 2024 | 05:47
Updated-13 Jun, 2025 | 18:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Validation of Array Index in Display

Memory corruption when negative display IDs are sent as input while processing DISPLAYESCAPE event trigger.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_7800wcd9380_firmwarewsa8830wcd9385wsa8840_firmwarefastconnect_6900wcd9385_firmwarewsa8845fastconnect_6900_firmwaresc8380xp_firmwarewsa8830_firmwarewsa8835wsa8840wsa8845_firmwaresnapdragon_7c\+_gen_3_compute_firmwarefastconnect_6700_firmwaresnapdragon_7c\+_gen_3_computewsa8835_firmwarewcd9380sc8380xpfastconnect_7800_firmwarewsa8845hfastconnect_6700wsa8845h_firmwaresnapdragon_8cx_gen_3_compute_platformsnapdragon_8cx_gen_3_compute_platform_firmwareSnapdragon
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2017-14899
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.41%
||
7 Day CHG~0.00%
Published-05 Dec, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing the QCA_NL80211_VENDOR_SUBCMD_SET_TXPOWER_SCALE_DECR_DB vendor command, in which attribute QCA_WLAN_VENDOR_ATTR_TXPOWER_SCALE_DECR_DB contains fewer than 1 byte, a buffer overrun occurs.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-14901
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.41%
||
7 Day CHG~0.00%
Published-05 Dec, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing the QCA_NL80211_VENDOR_SUBCMD_SET_TXPOWER_SCALE vendor command, in which attribute QCA_WLAN_VENDOR_ATTR_TXPOWER_SCALE contains fewer than 1 byte, a buffer overrun occurs.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2023-43546
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.10% / 27.33%
||
7 Day CHG~0.00%
Published-04 Mar, 2024 | 10:48
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Automotive Multimedia

Memory corruption while invoking HGSL IOCTL context create.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1010_firmwareqca6678aq_firmwareqcm8550_firmwareqcs410_firmwaresa6150p_firmwaresw5100pwsa8845_firmwaresnapdragon_480_5g_mobileqca6595qcs610_firmwarewcd9335srv1mqca6678aqqca8081_firmwarewcd9370snapdragon_x35_5g_modem-rfar8035_firmwareqca6696wsa8830_firmwarewcd9340_firmwareqrb5165mwcd9341_firmwaresa4150p_firmwarewcd9395_firmwareqcc710_firmwarefastconnect_6700qca6564auqcs6125_firmwaresnapdragon_685_4g_mobilesa4150pwsa8815_firmwaresa8195p_firmwareqca8337_firmwareqca8337qdu1110wcd9395sg8275p_firmwareqca6574au_firmwareqam8295pwcd9341qca6574auqru1032wcd9390wcn3950wsa8810_firmwarewsa8845h_firmwarecsra6640qcs6125flight_rb5_5gsa9000p_firmwaresrv1hqca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwarewsa8815sa8295p_firmwaresmart_audio_400_firmwaresa4155p_firmwarevideo_collaboration_vc1_platform_firmwaresa4155psa8770pqcm6125_firmwareqca6584auqcn6274_firmwareqcn9011_firmwareqcc710qru1062_firmwaresw5100_firmwareqru1062qfw7114_firmwareqca6595_firmwareqcs7230fastconnect_7800_firmwarefastconnect_6900snapdragon_w5\+_gen_1_wearable_firmwarevideo_collaboration_vc1_platformqru1032_firmwareqep8111sa7255pqfw7114wcd9385_firmwarefastconnect_6900_firmwareqam8255p_firmwarerobotics_rb5_firmwarewcd9380sa6145p_firmwareqam8255psa8150psnapdragon_680_4g_mobilewsa8845sa6155pqcm6125snapdragon_auto_5g_modem-rf_firmwareqca6564au_firmwarewsa8810qam8650pqdu1000_firmwarevideo_collaboration_vc5_platform_firmwaresa9000psrv1h_firmwaresw5100qca6595auvideo_collaboration_vc3_platformsnapdragon_4_gen_1_mobile_firmwareqdu1010sa6155p_firmwaresnapdragon_685_4g_mobile_firmwarewsa8840qam8295p_firmwaresrv1m_firmwareqcs8550_firmwaresnapdragon_x35_5g_modem-rf_firmwareqdu1210_firmwaresnapdragon_8_gen_2_mobile_firmwareqfw7124_firmwareqca6564a_firmwareqca6698aq_firmwarewcd9385qcn9012snapdragon_695_5g_mobile_firmwaresnapdragon_680_4g_mobile_firmwaresa8255pqcs7230_firmwarewcd9390_firmwaresnapdragon_8_gen_2_mobileqep8111_firmwaresg8275pwcd9370_firmwareqdx1011_firmwaresnapdragon_auto_5g_modem-rfqdu1110_firmwareflight_rb5_5g_firmwareqdu1000sa7255p_firmwareqca6574asnapdragon_8\+_gen_2_mobileqru1052qca6174asa8195pwcd9340csra6640_firmwareqcs8250_firmwareqdu1210qamsrv1mrobotics_rb5snapdragon_480\+_5g_mobile_firmwareqca6174a_firmwaresnapdragon_auto_5g_modem-rf_gen_2qam8650p_firmwarevideo_collaboration_vc5_platformsm8550p_firmwareqcm8550wcn3988qcs6490_firmwareqca6584au_firmwarewcd9335_firmwareqcn6274qca6574qfw7124qrb5165n_firmwaresa8775pqca6595au_firmwareqca6391_firmwaresnapdragon_w5\+_gen_1_wearablewsa8835wsa8840_firmwareqdu1010_firmwaresw5100p_firmwareqcn9011sa8775p_firmwareqamsrv1hqca6696_firmwaresmart_audio_400wsa8845hwcd9380_firmwaresa6150pqca6574_firmwareqcs410sa8155p_firmwarecsra6620qca6564aqca8081mdm9628sa8155psg4150pqam8775pqca6797aqmdm9628_firmwaresm8550pwcn3980_firmwaresa6145psnapdragon_x75_5g_modem-rfwsa8830qcm4325_firmwaresa8255p_firmwarear8035qca6574a_firmwareqamsrv1m_firmwaresnapdragon_4_gen_1_mobileqrb5165m_firmwaresa8650p_firmwareqcm4325wcd9375_firmwareqca6391qcn6224qcn9012_firmwareqca6698aqsg4150p_firmwarewcn3950_firmwareqru1052_firmwareqrb5165ncsra6620_firmwaresa8295psa8770p_firmwareqcs8550snapdragon_480\+_5g_mobilefastconnect_6200fastconnect_7800sa8145p_firmwaresa8650pqam8775p_firmwaresnapdragon_480_5g_mobile_firmwaresnapdragon_8\+_gen_2_mobile_firmwareqdx1011wcd9375sa8150p_firmwarewcn3988_firmwarefastconnect_6700_firmwareqamsrv1h_firmwarevideo_collaboration_vc3_platform_firmwaresa8145psnapdragon_x75_5g_modem-rf_firmwarewsa8835_firmwareqcs6490qcs8250snapdragon_695_5g_mobilewcn3980fastconnect_6200_firmwareqdx1010qcn6224_firmwareqcs610Snapdragonqca6574a_firmwaresnapdragon_4_gen_1_mobile_platform_firmwareqca6564au_firmwarewcn3980_firmwarequalcomm_video_collaboration_vc1_platform_firmwaremdm9628_firmwareqcm6125_firmwareqep8111_firmwaresnapdragon_x35_5g_modem-rf_system_firmwareflight_rb5_5g_platform_firmwareqca6696_firmwaresa8150p_firmwaresa8775p_firmwareqcs7230_firmwaresrv1h_firmwarewsa8835_firmwareqca8337_firmwaresa8255p_firmwarewcn3988_firmwarequalcomm_video_collaboration_vc5_platform_firmwarefastconnect_6700_firmwareqca6595au_firmwarewcd9390_firmwareqamsrv1h_firmwaresm8550p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqcs6490_firmwaresa8155p_firmwarefastconnect_6200_firmwaresa4155p_firmwarewcd9395_firmwaresa6145p_firmwareqcn6224_firmwareqdu1010_firmwaresa8295p_firmwaresa4150p_firmwaresg4150p_firmwaresa6150p_firmwareqca6174a_firmwarewcd9375_firmwareqfw7124_firmwareqca6391_firmwareqca6698aq_firmwareqca8081_firmwaresnapdragon_680_4g_mobile_platform_firmwarefastconnect_6900_firmwareqdu1000_firmwaresa8770p_firmwarewcd9385_firmwarewcd9370_firmwarewsa8840_firmwarewcd9380_firmwareqca6584au_firmwareqam8775p_firmwarewsa8810_firmwarefastconnect_7800_firmwarecsra6640_firmwaresw5100p_firmwarewcd9341_firmwarewsa8845h_firmwareqcm4325_firmwareqfw7114_firmwarewsa8830_firmwareqcm8550_firmwareqdu1110_firmwareqam8295p_firmwarecsra6620_firmwareqca6574_firmwarewcd9335_firmwaresg8275p_firmwareqamsrv1m_firmwareqca6595_firmwareqcn6274_firmwaresa7255p_firmwaresa8145p_firmwareqam8650p_firmwareqcn9011_firmwareqru1052_firmwarequalcomm_video_collaboration_vc3_platform_firmwarerobotics_rb5_platform_firmwarewcn3950_firmwareqdu1210_firmwaresnapdragon_480_5g_mobile_platform_firmwareqdx1010_firmwareqcs610_firmwareqca6564a_firmwaresrv1m_firmwareqru1062_firmwarewsa8815_firmwareqrb5165n_firmwareqca6797aq_firmwaresnapdragon_8_gen_2_mobile_platform_firmwaresa8195p_firmwareqcn9012_firmwareqdx1011_firmwaresw5100_firmwareqrb5165m_firmwaresa9000p_firmwarewcd9340_firmwarear8035_firmwaresnapdragon_695_5g_mobile_platform_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewsa8845_firmwareqcs6125_firmwareqcc710_firmwaresmart_audio_400_platform_firmwareqru1032_firmwareqca6574au_firmwaresnapdragon_auto_5g_modem-rf_firmwareqcs410_firmwareqam8255p_firmwaresa6155p_firmwaresa8650p_firmwareqcs8250_firmwareqca6678aq_firmwareqcs8550_firmware
CWE ID-CWE-416
Use After Free
CVE-2023-43541
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.12% / 32.31%
||
7 Day CHG~0.00%
Published-04 Mar, 2024 | 10:48
Updated-10 Jan, 2025 | 20:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NULL Pointer Dereference in Windows Graphics

Memory corruption while invoking the SubmitCommands call on Gfx engine during the graphics render.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_7c_gen_2_computewcd9385_firmwaresc8180xp-adfastconnect_7800wcd9385wcd9380sc8180xp-acafwsa8815sc8380xpwsa8845snapdragon_7c\+_gen_3_compute_firmwarewsa8810fastconnect_6900_firmwaresnapdragon_7c_computewsa8845_firmwarefastconnect_6900qca6430_firmwaresc8180x-aaabsc8180x-acafwsa8830_firmwareqca6391aqt1000_firmwaresc8180x-ad_firmwaresc8180xp-aaabsnapdragon_7c_compute_firmwarewsa8835sc8280xp-abbbsc8280xp-abbb_firmwareqca6430wcd9340_firmwareqca6420_firmwarewsa8810_firmwaresnapdragon_7c\+_gen_3_computeqca6391_firmwarewcd9380_firmwarefastconnect_6800_firmwaresm6250_firmwarewsa8830wsa8845hsnapdragon_7c_gen_2_compute_firmwarewsa8840fastconnect_6700qca6420sc8180xp-aaab_firmwarefastconnect_6200sc8180xp-ad_firmwarefastconnect_6800wcd9340sc8180x\+sdx55wcd9341sc8180x-acaf_firmwaresc8380xp_firmwaresc8180x-aaab_firmwarewsa8815_firmwarewsa8845h_firmwarefastconnect_7800_firmwarefastconnect_6200_firmwaresm6250sc8180xp-acaf_firmwarewsa8835_firmwaresc8180x-adwsa8840_firmwareaqt1000fastconnect_6700_firmwarewcd9341_firmwaresc8180x\+sdx55_firmwareSnapdragonfastconnect_7800_firmwarewcd9341_firmwarewsa8845h_firmwarewsa8830_firmwarefastconnect_6200_firmwaresm6250_firmwareqca6420_firmwareqca6430_firmwarewcd9340_firmwarewsa8845_firmwarefastconnect_6800_firmwareqca6391_firmwarewsa8835_firmwaresc8380xp_firmwarefastconnect_6900_firmwarewcd9385_firmwarefastconnect_6700_firmwarewsa8840_firmwarewsa8815_firmwarewcd9380_firmwarewsa8810_firmwareaqt1000_firmware
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2023-43547
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.12% / 32.31%
||
7 Day CHG~0.00%
Published-04 Mar, 2024 | 10:48
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Automotive Multimedia

Memory corruption while invoking IOCTLs calls in Automotive Multimedia.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1010_firmwareqca6678aq_firmwareqcm8550_firmwareqcs410_firmwaresa6150p_firmwaresw5100pwsa8845_firmwaresnapdragon_480_5g_mobileqca6595qcs610_firmwarewcd9335srv1mqca6678aqqca8081_firmwarewcd9370snapdragon_x35_5g_modem-rfar8035_firmwareqca6696wsa8830_firmwarewcd9340_firmwareqrb5165mwcd9341_firmwaresa4150p_firmwarewcd9395_firmwareqcc710_firmwarefastconnect_6700qca6564auqcs6125_firmwaresnapdragon_685_4g_mobilesa4150pwsa8815_firmwaresa8195p_firmwareqca8337_firmwareqca8337qdu1110wcd9395sg8275p_firmwareqca6574au_firmwareqam8295pwcd9341qca6574auqru1032wcd9390wcn3950wsa8810_firmwarewsa8845h_firmwarecsra6640qcs6125flight_rb5_5gsa9000p_firmwaresrv1hqca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwarewsa8815sa8295p_firmwaresmart_audio_400_firmwaresa4155p_firmwarevideo_collaboration_vc1_platform_firmwaresa4155psa8770pqcm6125_firmwareqca6584auqcn6274_firmwareqcn9011_firmwareqcc710qru1062_firmwaresw5100_firmwareqru1062qfw7114_firmwareqca6595_firmwareqcs7230fastconnect_7800_firmwarefastconnect_6900snapdragon_w5\+_gen_1_wearable_firmwarevideo_collaboration_vc1_platformqru1032_firmwareqep8111sa7255pqfw7114wcd9385_firmwarefastconnect_6900_firmwareqam8255p_firmwarerobotics_rb5_firmwarewcd9380sa6145p_firmwareqam8255psa8150psnapdragon_680_4g_mobilewsa8845sa6155pqcm6125snapdragon_auto_5g_modem-rf_firmwareqca6564au_firmwarewsa8810qam8650pqdu1000_firmwarevideo_collaboration_vc5_platform_firmwaresa9000psrv1h_firmwaresw5100qca6595auvideo_collaboration_vc3_platformsnapdragon_4_gen_1_mobile_firmwareqdu1010sa6155p_firmwaresnapdragon_685_4g_mobile_firmwarewsa8840qam8295p_firmwaresrv1m_firmwareqcs8550_firmwaresnapdragon_x35_5g_modem-rf_firmwareqdu1210_firmwaresnapdragon_8_gen_2_mobile_firmwareqfw7124_firmwareqca6564a_firmwareqca6698aq_firmwarewcd9385qcn9012snapdragon_695_5g_mobile_firmwaresnapdragon_680_4g_mobile_firmwaresa8255pqcs7230_firmwarewcd9390_firmwaresnapdragon_8_gen_2_mobileqep8111_firmwaresg8275pwcd9370_firmwareqdx1011_firmwaresnapdragon_auto_5g_modem-rfqdu1110_firmwareflight_rb5_5g_firmwareqdu1000sa7255p_firmwareqca6574asnapdragon_8\+_gen_2_mobileqru1052qca6174asa8195pwcd9340csra6640_firmwareqcs8250_firmwareqdu1210qamsrv1mrobotics_rb5snapdragon_480\+_5g_mobile_firmwareqca6174a_firmwaresnapdragon_auto_5g_modem-rf_gen_2qam8650p_firmwarevideo_collaboration_vc5_platformsm8550p_firmwareqcm8550wcn3988qcs6490_firmwareqca6584au_firmwarewcd9335_firmwareqcn6274qca6574qfw7124qrb5165n_firmwaresa8775pqca6595au_firmwareqca6391_firmwaresnapdragon_w5\+_gen_1_wearablewsa8835wsa8840_firmwareqdu1010_firmwaresw5100p_firmwareqcn9011sa8775p_firmwareqamsrv1hqca6696_firmwaresmart_audio_400wsa8845hwcd9380_firmwaresa6150pqca6574_firmwareqcs410sa8155p_firmwarecsra6620qca6564aqca8081mdm9628sa8155psg4150pqam8775pqca6797aqmdm9628_firmwaresm8550pwcn3980_firmwaresa6145psnapdragon_x75_5g_modem-rfwsa8830qcm4325_firmwaresa8255p_firmwarear8035qca6574a_firmwareqamsrv1m_firmwaresnapdragon_4_gen_1_mobileqrb5165m_firmwaresa8650p_firmwareqcm4325wcd9375_firmwareqca6391qcn6224qcn9012_firmwareqca6698aqsg4150p_firmwarewcn3950_firmwareqru1052_firmwareqrb5165ncsra6620_firmwaresa8295psa8770p_firmwareqcs8550snapdragon_480\+_5g_mobilefastconnect_6200fastconnect_7800sa8145p_firmwaresa8650pqam8775p_firmwaresnapdragon_480_5g_mobile_firmwaresnapdragon_8\+_gen_2_mobile_firmwareqdx1011wcd9375sa8150p_firmwarewcn3988_firmwarefastconnect_6700_firmwareqamsrv1h_firmwarevideo_collaboration_vc3_platform_firmwaresa8145psnapdragon_x75_5g_modem-rf_firmwarewsa8835_firmwareqcs6490qcs8250snapdragon_695_5g_mobilewcn3980fastconnect_6200_firmwareqdx1010qcn6224_firmwareqcs610Snapdragonqca6574a_firmwaresnapdragon_4_gen_1_mobile_platform_firmwareqca6564au_firmwarewcn3980_firmwarequalcomm_video_collaboration_vc1_platform_firmwaremdm9628_firmwareqcm6125_firmwareqep8111_firmwaresnapdragon_x35_5g_modem-rf_system_firmwareflight_rb5_5g_platform_firmwareqca6696_firmwaresa8150p_firmwaresa8775p_firmwareqcs7230_firmwaresrv1h_firmwarewsa8835_firmwareqca8337_firmwaresa8255p_firmwarewcn3988_firmwarequalcomm_video_collaboration_vc5_platform_firmwarefastconnect_6700_firmwareqca6595au_firmwarewcd9390_firmwareqamsrv1h_firmwaresm8550p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqcs6490_firmwaresa8155p_firmwarefastconnect_6200_firmwaresa4155p_firmwarewcd9395_firmwaresa6145p_firmwareqcn6224_firmwareqdu1010_firmwaresa8295p_firmwaresa4150p_firmwaresg4150p_firmwaresa6150p_firmwareqca6174a_firmwarewcd9375_firmwareqfw7124_firmwareqca6391_firmwareqca6698aq_firmwareqca8081_firmwaresnapdragon_680_4g_mobile_platform_firmwarefastconnect_6900_firmwareqdu1000_firmwaresa8770p_firmwarewcd9385_firmwarewcd9370_firmwarewsa8840_firmwarewcd9380_firmwareqca6584au_firmwareqam8775p_firmwarewsa8810_firmwarefastconnect_7800_firmwarecsra6640_firmwaresw5100p_firmwarewcd9341_firmwarewsa8845h_firmwareqcm4325_firmwareqfw7114_firmwarewsa8830_firmwareqcm8550_firmwareqdu1110_firmwareqam8295p_firmwarecsra6620_firmwareqca6574_firmwarewcd9335_firmwaresg8275p_firmwareqamsrv1m_firmwareqca6595_firmwareqcn6274_firmwaresa7255p_firmwaresa8145p_firmwareqam8650p_firmwareqcn9011_firmwareqru1052_firmwarequalcomm_video_collaboration_vc3_platform_firmwarerobotics_rb5_platform_firmwarewcn3950_firmwareqdu1210_firmwaresnapdragon_480_5g_mobile_platform_firmwareqdx1010_firmwareqcs610_firmwareqca6564a_firmwaresrv1m_firmwareqru1062_firmwarewsa8815_firmwareqrb5165n_firmwareqca6797aq_firmwaresnapdragon_8_gen_2_mobile_platform_firmwaresa8195p_firmwareqcn9012_firmwareqdx1011_firmwaresw5100_firmwareqrb5165m_firmwaresa9000p_firmwarewcd9340_firmwarear8035_firmwaresnapdragon_695_5g_mobile_platform_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewsa8845_firmwareqcs6125_firmwareqcc710_firmwaresmart_audio_400_platform_firmwareqru1032_firmwareqca6574au_firmwaresnapdragon_auto_5g_modem-rf_firmwareqcs410_firmwareqam8255p_firmwaresa6155p_firmwaresa8650p_firmwareqcs8250_firmwareqca6678aq_firmwareqcs8550_firmware
CWE ID-CWE-416
Use After Free
CVE-2023-43544
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 5.64%
||
7 Day CHG~0.00%
Published-03 Jun, 2024 | 10:05
Updated-27 Jan, 2025 | 19:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Audio

Memory corruption when IPC callback handle is used after it has been released during register callback by another thread.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6584au_firmwarewsa8835wsa8835_firmwarewcn3988_firmwareqca8337_firmwaresa9000pqfw7124_firmwaresnapdragon_w5\+_gen_1_wearablewsa8830qcc710qca6698aqqca8081_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqca6584auqcn6224_firmwareqfw7114_firmwareqca8081sa8770p_firmwaresnapdragon_w5\+_gen_1_wearable_firmwaresw5100_firmwaresnapdragon_x75_5g_modem-rfqcn6224qcn6274_firmwareqfw7114fastconnect_7800qca6698aq_firmwaresa9000p_firmwareqam8255par8035fastconnect_7800_firmwaresw5100p_firmwaresa8255p_firmwaresnapdragon_auto_5g_modem-rf_gen_2sw5100pwcd9340sa8775pqca8337wcn3980_firmwareqcc710_firmwarear8035_firmwareqcn6274qfw7124wcn3980qam8255p_firmwarewcd9340_firmwaresa8255psa8775p_firmwarewcn3988qam8775psa8770pwsa8830_firmwaresw5100qam8775p_firmwaresnapdragon_x75_5g_modem-rf_firmwareSnapdragonqam8255p_firmwareqca8337_firmwaresa8770p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqam8775p_firmwareqca6584au_firmwareqcn6274_firmwaresa8775p_firmwareqfw7114_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewcd9340_firmwarewcn3988_firmwareqcc710_firmwareqcn6224_firmwarewsa8830_firmwaresa9000p_firmwarewsa8835_firmwarefastconnect_7800_firmwaresw5100_firmwareqca8081_firmwarewcn3980_firmwaresa8255p_firmwareqfw7124_firmwaresw5100p_firmwarear8035_firmwareqca6698aq_firmwaresnapdragon_w5\+_gen_1_wearable_platform_firmware
CWE ID-CWE-416
Use After Free
CVE-2023-43531
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.04% / 13.24%
||
7 Day CHG~0.00%
Published-06 May, 2024 | 14:32
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Access of Uninitialized Pointer in SPS Applications

Memory corruption while verifying the serialized header when the key pairs are generated.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1010_firmwareqcm8550_firmwaresa6150p_firmwaresw5100psd865_5gqca6595wcd9370qca8081_firmwareqca6696wcd9340_firmwaresa8530pwcd9395_firmwareqcc710_firmwareqca6426snapdragon_8\+_gen_1_mobilefastconnect_6700wsa8832_firmwareqca8337qdu1110qca6426_firmwarewcd9395qca6574au_firmwaresnapdragon_x72_5g_modem-rfqam8295pqca6574auwcd9390sa8620p_firmwaresnapdragon_888\+_5g_mobile_firmwarewsa8810_firmwaresa9000p_firmwaresrv1hfastconnect_6800_firmwareqcs5430qcm5430qcm5430_firmwaresa8770pssg2115pqcc710snapdragon_xr2_5g_firmwaresa8540pqsm8350_firmwarefastconnect_6900snapdragon_w5\+_gen_1_wearable_firmwareqru1032_firmwareqep8111sa7255pqfw7114wcd9385_firmwareqca6421qam8255p_firmwaresnapdragon_x65_5g_modem-rfqcs4490wsa8845sa6155pqca6421_firmwarewsa8810qam8650pqdu1000_firmwaresa9000psrv1h_firmwaresnapdragon_888_5g_mobile_firmwareqca6595ausnapdragon_888_5g_mobileqdu1010sa6155p_firmwarewsa8840srv1m_firmwareqcs8550_firmwaresnapdragon_x35_5g_modem-rf_firmwareqdu1210_firmwaresnapdragon_8_gen_2_mobile_firmwaresnapdragon_x55_5g_modem-rfqfw7124_firmwaresnapdragon_4_gen_2_mobile_firmwareqca6436_firmwareqcs4490_firmwaresnapdragon_x55_5g_modem-rf_firmwaresnapdragon_8_gen_2_mobilewcd9370_firmwareqdu1110_firmwareqdu1000sa7255p_firmwareqca6574asnapdragon_8\+_gen_2_mobilesnapdragon_x72_5g_modem-rf_firmwareqca6174asa8195pwcd9340qdu1210talynplussnapdragon_auto_5g_modem-rf_gen_2qcm6490sa8540p_firmwaresm8550p_firmwareqcm8550wcn3988snapdragon_765_5g_mobile_firmwaresa8775pqca6574sa8775p_firmwareqamsrv1hsa6150psa8155p_firmwaresa8155psnapdragon_765g_5g_mobile_firmwarewsa8830sm8550psa6145psnapdragon_768g_5g_mobile_firmwaresa8255p_firmwarear8035qamsrv1m_firmwaresnapdragon_4_gen_2_mobilesa8650p_firmwaresnapdragon_8cx_gen_3_computeqcn6224snapdragon_865\+_5g_mobile_firmwareqca6698aqssg2125p_firmwarewcn3950_firmwaresa8530p_firmwarefastconnect_6200sa8145p_firmwareqdx1011sa8150p_firmwarefastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwaresnapdragon_x75_5g_modem-rf_firmwareqcs6490snapdragon_8_gen_3_mobilefastconnect_6200_firmwarewsa8830_firmwareqcn6224_firmwareqca6431qca6678aq_firmwarewsa8845_firmwarewsa8832sxr2130_firmwaresrv1mqca6678aqsnapdragon_x35_5g_modem-rfar8035_firmwaresc8380xpwsa8815_firmwaresa8195p_firmwareqca8337_firmwaresg8275p_firmwareqcm6490_firmwaresm7250p_firmwareqcm4490_firmwareqru1032wcn3950snapdragon_870_5g_mobile_firmwareqca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaretalynplus_firmwaresa8295p_firmwaresnapdragon_870_5g_mobilesm7250pqca6584auqcn6274_firmwareqru1062_firmwaresw5100_firmwaresnapdragon_768g_5g_mobilesc8380xp_firmwareqru1062snapdragon_8_gen_3_mobile_firmwarefastconnect_6800qfw7114_firmwareqca6595_firmwarefastconnect_7800_firmwaresnapdragon_865_5g_mobile_firmwarefastconnect_6900_firmwarewcd9380sa6145p_firmwareqam8255psnapdragon_xr2_5gsa8150psxr1230psw5100video_collaboration_vc3_platformqam8295p_firmwareqca6431_firmwaresnapdragon_8cx_gen_3_compute_firmwareqca6698aq_firmwarewcd9385snapdragon_888\+_5g_mobileqsm8350snapdragon_8_gen_1_mobilesa8255psxr1230p_firmwarewcd9390_firmwaresnapdragon_865\+_5g_mobileqep8111_firmwaresg8275psnapdragon_765_5g_mobileqdx1011_firmwaressg2125pqru1052sxr2130qcm4490snapdragon_x65_5g_modem-rf_firmwareqamsrv1mqca6174a_firmwareqam8650p_firmwareqcs6490_firmwareqca6584au_firmwarewcn3980_firmwareqcn6274qca6436qfw7124wsa8835qca6595au_firmwareqca6391_firmwarewsa8840_firmwareqdu1010_firmwaresw5100p_firmwareqca6696_firmwarewcd9380_firmwareqca6574_firmwareqca8081wsa8815sd_8_gen1_5gqam8775pqca6797aqsnapdragon_ar2_gen_1_firmwaresnapdragon_x75_5g_modem-rfsa8620pqca6574a_firmwaresnapdragon_865_5g_mobilesd_8_gen1_5g_firmwarewcd9375_firmwareqca6391qcs5430_firmwareqru1052_firmwaresa8770p_firmwaresa8295pqcs8550fastconnect_7800sa8650pqam8775p_firmwaresd865_5g_firmwaresnapdragon_8\+_gen_2_mobile_firmwarewcd9375snapdragon_765g_5g_mobilesnapdragon_ar2_gen_1wcn3988_firmwareqamsrv1h_firmwaresa8145psnapdragon_8\+_gen_1_mobile_firmwarewsa8835_firmwaressg2115p_firmwarewcn3980qdx1010snapdragon_w5\+_gen_1_wearablesnapdragon_8_gen_1_mobile_firmwareSnapdragonqam8255p_firmwaretalynplus_firmwareqca8337_firmwarewcd9380_firmwaresa6150p_firmwaresa8145p_firmwaresg8275p_firmwareqca6431_firmwareqdu1010_firmwarear8035_firmwaresa8530p_firmwareqcn6224_firmwaresxr1230p_firmwareqdu1110_firmwarewcn3950_firmwaresa8540p_firmwaresnapdragon_888_5g_mobile_platform_firmwaresa8150p_firmwareqca6595au_firmwaresnapdragon_x72_5g_modem-rf_system_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaressg2125p_firmwareqcm5430_firmwareqca6584au_firmwareqep8111_firmwareqfw7114_firmwarequalcomm_video_collaboration_vc3_platform_firmwarewcd9385_firmwareqamsrv1h_firmwareqca6574_firmwaresd_8_gen1_5g_firmwarewcd9340_firmwareqsm8350_firmwareqru1032_firmwareqam8295p_firmwaresnapdragon_xr2_5g_platform_firmwarewsa8845_firmwareqca6426_firmwaresa9000p_firmwareqca6574a_firmwarefastconnect_6200_firmwareqca6574au_firmwarewcd9375_firmwareqca8081_firmwarewsa8845h_firmwarewcn3980_firmwaresm7250p_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareqca6436_firmwareqca6421_firmwaresa8620p_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareqcm4490_firmwaresnapdragon_x35_5g_modem-rf_system_firmwareqca6678aq_firmwareqcn6274_firmwareqcs4490_firmwaresa8775p_firmwareqcm6490_firmwarewsa8840_firmwaresa8650p_firmwarewsa8832_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwaresrv1h_firmwareqcs8550_firmwaresc8380xp_firmwarewcn3988_firmwareqru1062_firmwareqca6797aq_firmwaresa6145p_firmwaresa8155p_firmwareqdx1011_firmwarefastconnect_6700_firmwaresa7255p_firmwarewsa8810_firmwarefastconnect_7800_firmwaresnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwarewcd9395_firmwareqdx1010_firmwareqdu1000_firmwaresw5100p_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqca6698aq_firmwareqamsrv1m_firmwaresrv1m_firmwareqca6174a_firmwareqam8650p_firmwaresa8770p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqam8775p_firmwaresxr2130_firmwareqca6696_firmwareqcs6490_firmwareqca6595_firmwareqcs5430_firmwareqca6391_firmwareqru1052_firmwarewcd9370_firmwaresm8550p_firmwareqcc710_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwarewsa8830_firmwaresd865_5g_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwaressg2115p_firmwaresw5100_firmwarefastconnect_6800_firmwareqfw7124_firmwaresa8295p_firmwareqdu1210_firmwaresnapdragon_8_gen_2_mobile_platform_firmware
CWE ID-CWE-824
Access of Uninitialized Pointer
CVE-2023-43540
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.12% / 32.31%
||
7 Day CHG~0.00%
Published-04 Mar, 2024 | 10:48
Updated-10 Jan, 2025 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input in Bluetooth HOST

Memory corruption while processing the IOCTL FM HCI WRITE request.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_8c_compute_firmwaresnapdragon_7c\+_gen_3_computesnapdragon_7c_gen_2_computeqca6391_firmwarewcd9380_firmwarewcd9385_firmwarefastconnect_6800_firmwaresnapdragon_8c_computesm6250_firmwarewsa8830fastconnect_7800wsa8845hsnapdragon_8cx_gen_3_firmwaresnapdragon_7c_gen_2_compute_firmwaresnapdragon_8cx_computewsa8840fastconnect_6700qca6420snapdragon_8cx_gen_2_5g_firmwarewcd9385fastconnect_6200wcd9380wsa8815sc8380xpwsa8845snapdragon_7c\+_gen_3_compute_firmwarewsa8810fastconnect_6900_firmwarefastconnect_6800snapdragon_8cx_compute_firmwarewcd9340snapdragon_7c_computewcd9341wsa8845_firmwarefastconnect_6900sc8380xp_firmwareqca6430_firmwarewsa8815_firmwarewsa8830_firmwareqca6391snapdragon_8cx_gen_3wsa8845h_firmwareaqt1000_firmwarefastconnect_7800_firmwarefastconnect_6200_firmwaresm6250snapdragon_7c_compute_firmwarewsa8835_firmwarewsa8835wsa8840_firmwareqca6430aqt1000qca6420_firmwarefastconnect_6700_firmwaresnapdragon_8cx_gen_2_5gwcd9340_firmwarewcd9341_firmwarewsa8810_firmwareSnapdragonfastconnect_7800_firmwarewcd9341_firmwarewsa8845h_firmwarewsa8830_firmwarefastconnect_6200_firmwaresm6250_firmwareqca6420_firmwareqca6430_firmwarewcd9340_firmwarewsa8845_firmwarefastconnect_6800_firmwareqca6391_firmwarewsa8835_firmwaresc8380xp_firmwarefastconnect_6900_firmwarewcd9385_firmwarefastconnect_6700_firmwarewsa8840_firmwarewsa8815_firmwarewcd9380_firmwarewsa8810_firmwareaqt1000_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-43524
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 6.99%
||
7 Day CHG~0.00%
Published-06 May, 2024 | 14:32
Updated-15 Jan, 2025 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Audio

Memory corruption when the bandpass filter order received from AHAL is not within the expected range.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-Snapdragonqam8255p_firmwareqca9377_firmwaresa6155p_firmwareqca8337_firmwareqca9367_firmwaresa6150p_firmwareqamsrv1m_firmwareqam8650p_firmwareqcn6274_firmwareqam8775p_firmwareqca6584au_firmwareqca6696_firmwareqfw7114_firmwareqca6391_firmwarefastconnect_6900_firmwareqamsrv1h_firmwareqcc710_firmwareqcn6224_firmwaresa6145p_firmwareqam8295p_firmwareqca6426_firmwareqca6574au_firmwarefastconnect_7800_firmwareqca8081_firmwarefastconnect_6800_firmwareqfw7124_firmwareqca6436_firmwarear8035_firmwareqca6698aq_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2017-11072
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.74%
||
7 Day CHG~0.00%
Published-16 Jan, 2018 | 16:00
Updated-17 Sep, 2024 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while calculating CRC for GPT header fields with partition entries greater than 16384 buffer overflow occurs.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
  • Previous
  • 1
  • 2
  • ...
  • 5
  • 6
  • 7
  • ...
  • 25
  • 26
  • Next
Details not found