Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2019-14036

Summary
Assigner-qualcomm
Assigner Org ID-2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At-21 Jan, 2020 | 06:30
Updated At-05 Aug, 2024 | 00:05
Rejected At-
Credits

Possible buffer overflow issue in error processing due to improper validation of array index value in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8064, APQ8096AU, IPQ4019, IPQ8064, IPQ8074, MDM9607, MDM9615, MDM9640, MSM8996AU, QCN7605

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:qualcomm
Assigner Org ID:2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At:21 Jan, 2020 | 06:30
Updated At:05 Aug, 2024 | 00:05
Rejected At:
▼CVE Numbering Authority (CNA)

Possible buffer overflow issue in error processing due to improper validation of array index value in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8064, APQ8096AU, IPQ4019, IPQ8064, IPQ8074, MDM9607, MDM9615, MDM9640, MSM8996AU, QCN7605

Affected Products
Vendor
Qualcomm Technologies, Inc.Qualcomm, Inc.
Product
Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
Versions
Affected
  • APQ8064, APQ8096AU, IPQ4019, IPQ8064, IPQ8074, MDM9607, MDM9615, MDM9640, MSM8996AU, QCN7605
Problem Types
TypeCWE IDDescription
textN/AImproper Validation of Array Index in WLAN Host
Type: text
CWE ID: N/A
Description: Improper Validation of Array Index in WLAN Host
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.qualcomm.com/company/product-security/bulletins/january-2020-bulletin
x_refsource_CONFIRM
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/january-2020-bulletin
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.qualcomm.com/company/product-security/bulletins/january-2020-bulletin
x_refsource_CONFIRM
x_transferred
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/january-2020-bulletin
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:product-security@qualcomm.com
Published At:21 Jan, 2020 | 07:15
Updated At:24 Jan, 2020 | 13:31

Possible buffer overflow issue in error processing due to improper validation of array index value in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8064, APQ8096AU, IPQ4019, IPQ8064, IPQ8074, MDM9607, MDM9615, MDM9640, MSM8996AU, QCN7605

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary2.07.2HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 7.2
Base severity: HIGH
Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
Qualcomm Technologies, Inc.
qualcomm
>>apq8064_firmware>>-
cpe:2.3:o:qualcomm:apq8064_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8064>>-
cpe:2.3:h:qualcomm:apq8064:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8096au_firmware>>-
cpe:2.3:o:qualcomm:apq8096au_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8096au>>-
cpe:2.3:h:qualcomm:apq8096au:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>ipq4019_firmware>>-
cpe:2.3:o:qualcomm:ipq4019_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>ipq4019>>-
cpe:2.3:h:qualcomm:ipq4019:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>ipq8064_firmware>>-
cpe:2.3:o:qualcomm:ipq8064_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>ipq8064>>-
cpe:2.3:h:qualcomm:ipq8064:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>ipq8074_firmware>>-
cpe:2.3:o:qualcomm:ipq8074_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>ipq8074>>-
cpe:2.3:h:qualcomm:ipq8074:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9607_firmware>>-
cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9607>>-
cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9615_firmware>>-
cpe:2.3:o:qualcomm:mdm9615_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9615>>-
cpe:2.3:h:qualcomm:mdm9615:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9640_firmware>>-
cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9640>>-
cpe:2.3:h:qualcomm:mdm9640:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8996au_firmware>>-
cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8996au>>-
cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcn7605_firmware>>-
cpe:2.3:o:qualcomm:qcn7605_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcn7605>>-
cpe:2.3:h:qualcomm:qcn7605:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-129Primarynvd@nist.gov
CWE ID: CWE-129
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.qualcomm.com/company/product-security/bulletins/january-2020-bulletinproduct-security@qualcomm.com
Patch
Vendor Advisory
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/january-2020-bulletin
Source: product-security@qualcomm.com
Resource:
Patch
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

1123Records found
CVE-2018-11886
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.36%
||
7 Day CHG~0.00%
Published-19 Sep, 2018 | 14:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check while calculating the MPDU data length will cause an integer overflow and then to buffer overflow in WLAN function.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-11824
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.46%
||
7 Day CHG~0.00%
Published-26 Oct, 2018 | 13:00
Updated-05 Aug, 2024 | 08:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow can occur in a firmware routine in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SD 845, SD 850, SDA660

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9206sd_850sd_212_firmwaresd_850_firmwaresda660_firmwaresd_845mdm9206_firmwaremdm9607_firmwaremdm9650sd_210mdm9607sd_835_firmwaremdm9650_firmwaresd_835sd_205sda660sd_845_firmwaresd_210_firmwaresd_205_firmwaresd_212Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-33276
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.06% / 19.00%
||
7 Day CHG~0.00%
Published-06 Jan, 2023 | 05:02
Updated-09 Apr, 2025 | 19:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer copy without checking size of input in Modem

Memory corruption due to buffer copy without checking size of input in modem while receiving WMI_REQUEST_STATS_CMDID command.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_8cx_gen3_firmwareqca2066qca8337ar9380qca6431_firmwareipq8173_firmwaresdx65qcn5124qca4024_firmwareipq8078aipq5028_firmwareqca6595au_firmwareqca2062qca6554a_firmwareqam8295pipq8076aqca8386_firmwareqcn6024_firmwaresd_8_gen1_5g_firmwareqca8084_firmwareqsm8350_firmwareqsm8350sm7315_firmwarewcn7850qca6574au_firmwareqcn5164_firmwarewcd9375_firmwareqca8081_firmwareqcn9002qca9986ipq8070_firmwareipq8065ipq8078a_firmwareqrb5165_firmwareipq5028qrb5165m_firmwareipq6010ipq8068qcn6132qca6436wcn6851wcn7851_firmwareqca9888_firmwareqcn6122ipq8068_firmwareqca2066_firmwareqca6431qca6696_firmwaresd870_firmwareipq9008_firmwareqcn5154_firmwaresxr2150p_firmwarewsa8830_firmwareqca9992_firmwaresd865_5g_firmwarewcn7850_firmwaresm8475qcn5022_firmwaresa8295p_firmwarewcn6750_firmwareipq5018_firmwareqca9985_firmwareqca8337_firmwarewcd9380_firmwareipq8072aqca9980_firmwareipq8076a_firmwareipq8078qca6564auqca8084ipq8173qcn9001_firmwaresdx55m_firmwareipq9008wcn6856_firmwareqcn5164qca6574csr8811_firmwarewcd9380qcn5054_firmwareqcn5024qca8072_firmwareqca9985qcn9012_firmwareqcn5052_firmwareqcn9274_firmwarewcn3980ipq6018_firmwarewsa8815wcn6850pmp8074_firmwareqcn6112qca9986_firmwareqca6426_firmwareqca9984ipq6028ipq8064qcn9024pmp8074ipq9574_firmwarewcn3980_firmwaresdx55mipq8064_firmwaresa8295pqca6421_firmwareqca2062_firmwarewcn6740_firmwareipq8078_firmwareqcn5054qrb5165wcn6851_firmwareipq8070qca9994qca9980qcn9024_firmwareipq8174_firmwaresd870wcn6855ipq6018qca9886_firmwareqca6595_firmwareqca6391_firmwareqca2064qca4024sd780g_firmwarewcd9370_firmwaresd888_firmwareqcn5021_firmwaresxr2150par8035_firmwareqcn5024_firmwarewsa8830qcn9070qca8082qcn9072qca8386qca9992qca6390_firmwareqca2064_firmwareipq6000wcd9370qcn5152_firmwareqca6426qca6584au_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwareipq5018wcd9385_firmwaresdxr2_5g_firmwareipq8074aqca2065qcn5124_firmwareqam8295p_firmwareqcn6100_firmwareqcn6102_firmwareqcn9011_firmwareqca8082_firmwareqcn5122_firmwareqca6595auqcn6023_firmwareqca6436_firmwareqrb5165nipq5010qca6564au_firmwareqca6584ausd778gqcn9274ipq8174qca9990qcn9001qcs6490sdxr2_5gqcn5052wcn7851qcn6112_firmwareqcn9074qca6421qca8085sd778g_firmwarewsa8810_firmwareqca8081ipq8071aqcn6023ipq8071a_firmwarewcd9385qca8085_firmwareqca2065_firmwareqcs6490_firmwaresd_8cx_gen3ar8035csr8811qca6390wcd9375qcn9100_firmwareipq5010_firmwareipq8074a_firmwareqcm6490sd888_5g_firmwarewcn6850_firmwarewsa8815_firmwarewsa8835_firmwareqca8072qcn9000sd780gqca6554asd865_5gqca6595ar9380_firmwareqcn9012sd888qcn6122_firmwareipq8065_firmwarewsa8835sd888_5gqcn5154qca8075_firmwareqca6574awcn6855_firmwareqca9889sm7325pqcn6132_firmwareqcn9003_firmwareqca9888qca9994_firmwarewcn6750qcn9003ipq8070a_firmwareipq8076_firmwareqca6574_firmwareqca9886sm7325p_firmwareipq8076qca6574a_firmwareqcn5021qcn5152qrb5165msm7315qca6391qcn6102qcn9100sdx65_firmwareqcm6490_firmwareqcn9070_firmwareipq6028_firmwareipq8072a_firmwareqcn9011qca6574auqca9889_firmwareipq9574qcn5122wsa8810wcn6856qcn5022ipq6010_firmwarewcn6740qca6696qca8075qcn9022_firmwareqcn6024qcn9022qca9990_firmwareipq8070aqcn9002_firmwareqcn6100qcn9072_firmwareipq6000_firmwareqcn9074_firmwareSnapdragon
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2018-11962
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.14%
||
7 Day CHG~0.00%
Published-11 Feb, 2019 | 15:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Use-after-free issue in heap while loading audio effects config in audio effects factory.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-416
Use After Free
CVE-2018-11964
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.68%
||
7 Day CHG~0.00%
Published-20 Dec, 2018 | 15:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Exposing the hashed content in /etc/passwd may lead to security issue.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2018-11838
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.75%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-05 Aug, 2024 | 08:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible double free issue in WLAN due to lack of checking memory free condition. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, MDM9640, SDA660, SDM636, SDM660, SDX20

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-apq8053mdm9640_firmwaresdx20_firmwaresdm636_firmwaresdm636sda660sda660_firmwaresdx20sdm660apq8053_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-415
Double Free
CVE-2022-33231
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.3||CRITICAL
EPSS-0.04% / 12.51%
||
7 Day CHG~0.00%
Published-04 Apr, 2023 | 04:46
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Double free in Core

Memory corruption due to double free in core while initializing the encryption key.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresd_8cx_gen3_firmwaresm7325-ae_firmwaresa6150p_firmwaresm6250p_firmwareqcs610315_5g_iot_modem_firmwareqca83378098qca6431_firmwarewcd9360_firmwarewcn3950_firmwaresc8180x\+sdx55sa8150p_firmwareqcs2290qca6595au_firmwaresa6155snapdragon_x70_modem-rf_systemqca6335sdm712sdm670sm8350sd_455_firmwarehome_hub_100_platformcsra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaresm7350-ab_firmwarewcn685x-1msm8108sm4375wcn3998wcd9371_firmwaremsm8108_firmwareqam8295pwcn3950qcn6024_firmwaresm4125sd_8cx_gen2_firmwareqca8386_firmwaresm6375_firmwarewcn3660bqca8084_firmwareqsm8350_firmwaresm7150-acqsm8350sd460_firmware8998_firmwaresm7315_firmwaresm7325-aeqca6574au_firmwaresm4250-aasnapdragon_636_mobile_platformwcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwaresm6225-adqca6420wcd9360snapdragon_xr2\+_gen_1_platformsnapdragon_auto_5g_modem-rf_firmware8909smart_audio_400_platform_firmwaresd_8cx_gen2wcn3999sm6225-ad_firmwareqrb5165_firmwareqrb5165m_firmwareqca6698aqqcs6125sa4155p_firmwaresa8155_firmwareqca4004_firmwaresd662_firmwaresm7250-ab_firmwareqca6430snapdragon_630_mobile_platformqts110wcd9306_firmwarewcd9340sw5100home_hub_100_platform_firmwarefsm10056_firmwareqca6436sa6155pqcs603_firmwareqca6698aq_firmwaremsm8209_firmwarewcn685x-1_firmwaresm8150_firmwarewcd9341qca6431qca6696_firmwarewcd9371ipq9008_firmwarewcn3910_firmwaresm4350_firmwaresd_8cxsa8150pqca4004sm8250-ac_firmwarewsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwaresm7225_firmwaresdm850wcn3988sd660_firmwaresm4250-aa_firmwaresa8195p_firmwaresm8475qcn7606_firmwaresm6125_firmwarewcn6750_firmwaresa8295p_firmwarewcn3610snapdragon_675_mobile_platform_firmwaremsm8608sm6375qca8337_firmwarewcd9380_firmwaressg2125psw5100psnapdragon_w5\+_gen_1_wearable_platformqca8084qca6564auipq9008sd670_firmwareqca6574wcd9380qcs410qca9379_firmwaresm7150-aa_firmwaresxr1230pc-v2x_9150_firmwareqcn9012_firmwareqca6430_firmwareqcn9274_firmwarewcd9335_firmwarewcn3980qca6335_firmwaresm7225qcs605wcd9340_firmwarewsa8815sm6150-ac_firmwaresd7cwcn3910qca6320snapdragon_630_mobile_platform_firmwareqca6426_firmwarewcn3660b_firmwareqca9984sd835qcn9024ipq9574_firmwarewcn3980_firmwaresd730snapdragon_xr2\+_gen_1_platform_firmwaresnapdragon_x50_5g_modem-rf_system_firmwaresm7150-aasa8295pqca6421_firmwaresm6350sm8475_firmwarewcn6740_firmwaresm7125smart_audio_200_platformsnapdragon_wear_1300snapdragon_xr2_5g_platformsnapdragon_x65_5g_modem-rf_systemar8031_firmwaresm7150-ab_firmwareqrb51658098_firmwareqcs603sm8350_firmwaresdm660sm6350_firmwarewcn785x-1_firmwaresdm710sd670smart_audio_200_platform_firmwareqcn9024_firmwareqca6564a_firmwarequalcomm_robotics_rb5_platform_firmwaresdx57mqcm4290_firmwaresnapdragon_x24_lte_modemwsa8832sw5100p_firmwaresa8540pqcs610_firmwareqsm8250sa6145par8031qca6595_firmwaresa8145pmdm9205_firmwareqca6391_firmwaresa4150p_firmwarewcd9370_firmwaresm7325_firmwaresm4350-ac_firmwaresdx55sd888_firmwaresm8250csra6640sa8155psd675ssg2115p_firmwareqcs8155_firmwareqca9379sa4155par8035_firmwareqcm2290qsm8250_firmwareqcn7606sdm845_firmwarewsa8830snapdragon_662_mobile_platform_firmware8998sxr2230p_firmwaresa8145p_firmwaresm6125sdm712_firmwaresnapdragon_x24_lte_modem_firmwareqcs2290_firmwarefsm10056wcn785x-5sd7c_firmwarecsrb31024csra6620qca8082sm7250-ac_firmwareqca8386qcs4290qca6420_firmwareqca6390_firmwareapq8009_firmwaresnapdragon_auto_4g_modem_firmwaresd730_firmwarewcd9370sd675_firmwaressg2115pqca6564qca6426wcn3990_firmwareqrb5165n_firmwareqca9984_firmwareqca9377sm8450sm8250-absd_8cx_firmwarewcd9385_firmwarewcd9326_firmwarewcn3615_firmwaresd662qam8295p_firmwaresm7325-afqcn9011_firmwaresa8155snapdragon_x55_5g_modem-rf_systemqca8082_firmwareqca6320_firmwaresdx55_firmwaresnapdragon_208_processor_firmwaresa9000p_firmwarewcn3615wcn3680b_firmwareqca6595ausm7325-af_firmwaresm7250p_firmwarewcn3999_firmwarewcn3610_firmwareqca6436_firmwaresm4350-acqrb5165nsnapdragon_w5\+_gen_1_wearable_platform_firmwarewcd9306sd778gqca6564au_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqca6310qcn9274qcs8155sm6225snapdragon_208_processorsnapdragon_x70_modem-rf_system_firmwareqcs6490sm8250_firmwaresm8250-acwcn3988_firmware315_5g_iot_modemqcn9074sd205sa6145p_firmwareqca6421qca8085sd778g_firmwaresm7250-aasa8195psxr1120sdm710_firmwaresm6250c-v2x_9150wsa8810_firmwaresm4375_firmwaresm8450_firmwarewcd9326wcd9335snapdragon_ar2_gen_1_platform_firmwareqca8081qca6174a_firmwareqcs4290_firmwarewcd9385qca8085_firmwaresxr2130_firmwareqcs6490_firmwaresd_8cx_gen3sm7150-abqca6390wcd9375ar8035aqt10008909_firmwaresc8180x\+sdx55_firmwaresm6250_firmwaresnapdragon_662_mobile_platformsm8150wsa8815_firmwareqcm6490wsa8835_firmwaresnapdragon_636_mobile_platform_firmwaresm7350-absxr1120_firmwareqca6564asa4150pwcn785x-1qcm6125_firmwareqcm2290_firmwarewcn3990sd_675sdm845sd865_5gqca6595sm8350-ac_firmwaresm8150-acqcn9012sd888wsa8835sxr1230p_firmwaresa8540p_firmwaresnapdragon_auto_5g_modem-rfsm6250psxr2130ssg2125p_firmwareqca6574asmart_audio_400_platformwcn685x-5_firmwareqca6174asm7325psdm670_firmwareqca6310_firmwaresm7325wcn6750mdm9205sa9000pqca6574_firmwaresm7150-ac_firmwaresm7250-absd855sm4125_firmwaresm7325p_firmwaresxr2230psdx57m_firmwaresnapdragon_xr2_5g_platform_firmwareqca6574a_firmwaremsm8209qrb5165mwcn785x-5_firmwaresm7315apq8009snapdragon_x55_5g_modem-rf_system_firmwaresd460qca6391sm8250-ab_firmwareaqt1000_firmwaresdm850_firmwaresnapdragon_auto_4g_modemqcm4290csrb31024_firmwareqcm6490_firmwarewsa8832_firmwaresnapdragon_xr1_platformwcn685x-5qcn9011sd_455sm6225_firmwareqca6574ausa8155p_firmwareipq9574sd205_firmwarewcd9341_firmwareqcm6125wsa8810sm7250-aa_firmwaresm7250-acsm8150-ac_firmwaresnapdragon_ar2_gen_1_platformwcn3680bsm8350-acsd835_firmwareqca6564_firmwaresnapdragon_675_mobile_platformwcn6740qca6696sm4350msm8608_firmwaresm6150-acsm7125_firmwaresnapdragon_x50_5g_modem-rf_systemsa6150pqcn6024qualcomm_robotics_rb5_platformsm7250psw5100_firmwareqcn9074_firmwareqcs410_firmwaresnapdragon_wear_1300_firmwaresdm660_firmwaresnapdragon_xr1_platform_firmwareqts110_firmwareSnapdragon
CWE ID-CWE-415
Double Free
CVE-2018-11970
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.75%
||
7 Day CHG~0.00%
Published-04 Apr, 2019 | 15:09
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TZ App dynamic allocations not protected from XBL loader in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9206, MDM9607, MDM9650, MDM9655, QCS605, SD 410/12, SD 636, SD 712 / SD 710 / SD 670, SD 845 / SD 850, SD 8CX, SDA660, SDM630, SDM660, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_712sd_850sd_412sd_670_firmwaresdm660sdm630mdm9607_firmwaresd_710_firmwaresd_636mdm9655_firmwaremdm9650mdm9607sd_636_firmwaresd_845_firmwaresd_410qcs605_firmwaremdm9206sd_850_firmwaremdm9655sd_412_firmwaresd_712_firmwaresdm630_firmwaresd_8cx_firmwaresda660_firmwaresd_845mdm9206_firmwareqcs605sd_8cxsd_670mdm9650_firmwaresd_710sd_410_firmwaresda660sxr1130_firmwaresxr1130sdm660_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CVE-2022-33226
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 8.84%
||
7 Day CHG~0.00%
Published-06 Jun, 2023 | 07:38
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer copy without checking the size of input in Core

Memory corruption due to buffer copy without checking the size of input in Core while processing ioctl commands from diag client applications.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwareqam8255p_firmwarewcn3991wcd9380_firmwarewsa8830wcn785x-5sm8350-ac_firmwaresm8150-acwsa8835wcd9380qca6420_firmwareqca6595au_firmwaresnapdragon_wear_4100\+_platform_firmwaresm8350snapdragon_wear_4100\+_platformwcn685x-5_firmwarewcn685x-1qca6430_firmwaresm8450wcn3980wcn3998wcd9385_firmwaresd855wcn3660bwsa8815wcn3660b_firmwareqca6574au_firmwarewcn3680b_firmwareqca6595auwcn3998_firmwarewcn785x-5_firmwarewcn3980_firmwarewcn3610_firmwareqca6420aqt1000_firmwareqca6698aqsm8350_firmwarewcn685x-5qca6797aq_firmwareqca6430wcn785x-1_firmwareqca6574auwsa8810_firmwarewcd9341_firmwaresm8450_firmwarewsa8810sa8255p_firmwaresm8150-ac_firmwareqca6698aq_firmwarewcn3680bsm8350-acwcn685x-1_firmwarewcd9385sm8150_firmwaresa8255pwcd9341qca6797aqaqt1000wsa8830_firmwaresd855_firmwaresm8150wcn785x-1wsa8815_firmwarewsa8835_firmwareqam8255pwcn3610Snapdragon
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2018-11856
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.07%
||
7 Day CHG~0.00%
Published-29 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 08:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation leads to buffer overwrite in the WLAN function that handles WMI commands in Snapdragon Mobile in version SD 835, SD 845, SD 850.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_835_firmwaresd_850_firmwaresd_835sd_845_firmwaresd_845Snapdragon Mobile
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-11904
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.87%
||
7 Day CHG~0.00%
Published-19 Sep, 2018 | 14:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, asynchronous callbacks received a pointer to a callers local variable. Should the caller return early (e.g., timeout), the callback will dereference an invalid pointer.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2018-11994
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.07%
||
7 Day CHG~0.00%
Published-28 Nov, 2018 | 15:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SMMU secure camera logic allows secure camera controllers to access HLOS memory during session in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24, SXR1130.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_820amsm8996au_firmwaresd_425sdx24sd_430_firmwaremdm9607_firmwaremdm9650sd_625sd_210mdm9607msm8996ausd_820_firmwaresd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwaremdm9206sd_425_firmwaresd_212_firmwaresd_850_firmwaresdx24_firmwaresd_625_firmwaresd_450sda845_firmwaresda660_firmwaresd_845mdm9206_firmwaresd_430sd_835_firmwaremdm9650_firmwaresd_835sd_205sda660sxr1130_firmwaresd_210_firmwaresda845sxr1130sd_205_firmwaresd_212Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CVE-2018-11297
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.26%
||
7 Day CHG~0.00%
Published-18 Sep, 2018 | 18:00
Updated-05 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, a buffer over-read can occur In the WMA NDP event handler functions due to lack of validation of input value event_info which is received from FW.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-11264
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.00%
||
7 Day CHG~0.00%
Published-28 Nov, 2018 | 15:00
Updated-05 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow in Ontario fingerprint code due to lack of input validation for the parameters coming into TZ from HLOS in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SDA660.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_820asd_412msm8996au_firmwaresd_425sd_430_firmwaremdm9607_firmwaremdm9650sd_650_firmwaresd_625sd_210mdm9607msm8996ausd_820_firmwaresd_650sd_820sd_450_firmwaresd_410sd_820a_firmwaremdm9206sd_652sd_425_firmwaresd_212_firmwaresd_625_firmwaresd_450sd_412_firmwaresda660_firmwaremdm9206_firmwaresd_430sd_835_firmwaremdm9650_firmwaresd_410_firmwaresd_835sd_205sda660sd_210_firmwaresd_652_firmwaresd_205_firmwaresd_212Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-11274
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.36%
||
7 Day CHG~0.00%
Published-18 Sep, 2018 | 18:00
Updated-05 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, buffer overflow may occur when payload size is extremely large.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-33248
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.07% / 22.97%
||
7 Day CHG~0.00%
Published-09 Feb, 2023 | 06:58
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Integer overflow to buffer overflow in User Identity Module

Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresm6250p_firmwareqcs610qca8337qca6431_firmwarewcd9360_firmwaresdx65wcn3950_firmwareqcs2290qca6595au_firmwareqca6335msm8917sd_455_firmwarecsra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaremsm8108sa415mwcn3998wcd9371_firmwaremsm8108_firmwarewcn3950qcn6024_firmwaresd720gsd_8cx_gen2_firmwareqsw8573_firmwaresd_8_gen1_5g_firmwarewcn3660bsd710_firmwaresd460_firmwaresm7315_firmwarewcn7850qca6574au_firmwarewcd9375_firmwarewcn3998_firmwareqca8081_firmwaresdx12_firmwaremsm8909wapq8009w_firmwareqca6420wcd9360sd680_firmwaresd_8cx_gen2qcs6125sd662_firmwareqcs405qca6430wcd9340sd765gqualcomm215_firmwaresw5100sd680qca6436wcn6851qcs603_firmwarewcn7851_firmwaremsm8937msm8209_firmwaremdm9250_firmwarewcd9341qca6431qca6696_firmwarewcd9371sd870_firmwaresd750gwcn3910_firmwarewsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwaresnapdragon_4_gen_1sd712wcn3988sd660_firmwarewcn7850_firmwaresm8475msm8208_firmwarewcn6750_firmwarewcn3610msm8608wcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwaresdm429wsw5100pqca6564ausdx55m_firmwarewcn6856_firmwareqet4101_firmwaresd670_firmwarewcd9380qualcomm215qcs410sd690_5g_firmwaresdx50m_firmwaresdx24_firmwareqca6430_firmwarewcd9335_firmwarewcn3980sd439_firmwareqca6335_firmwareqsw8573qcm4325_firmwareqcs605wcd9340_firmwarewsa8815wcn6850sd7cwcn3910qca6320msm8937_firmwaremdm9650_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680sd695sd835qcn9024wcn3980_firmwaresd730sdx55mqcc5100_firmwareqca6421_firmwarewcn6740_firmwaresd678_firmwarewcn3680_firmwarewcn6851_firmwareqcs603sd670sd_636_firmwareqcn9024_firmwareqca6564a_firmwareapq8009wsdx57mqcm4290_firmwaresd480sd870wcn6855sw5100p_firmwaresd210_firmwareqcs610_firmwaresd695_firmwaresdxr1qcs405_firmwaresdm630_firmwareqca6391_firmwarewcd9370_firmwaresd780g_firmwaresdx55sd888_firmwaresd675csra6640sdx70msd439qet4101ar8035_firmwareqcm2290wcn3991_firmwaremdm9150_firmwarewsa8830sd678qcs2290_firmwaresd7c_firmwarecsrb31024snapdragon_4_gen_1_firmwaremdm9650sd_636csra6620qcs4290mdm9250sd765g_firmwareqca6420_firmwareqca6390_firmwareapq8009_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwareqca6426wcn3990_firmwareqca9377sdw2500_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwaresd662apq8037qca6320_firmwarewcn3680b_firmwaresdx55_firmwarewcn3615qca6595ausm7250p_firmwarewcn3610_firmwareqca6436_firmwareqca6564au_firmwaresd778gqca6310msm8208wcn7851sd429sa515m_firmwareqcs6490sdxr2_5gsdm630sa415m_firmwarewcn3988_firmwaresd205sd429_firmwareqca6421sd778g_firmwaresm6250sd712_firmwareapq8017_firmwarewsa8810_firmwaresd765_firmwarewcd9326wcd9335sg4150pqca8081qca6174a_firmwareqcs4290_firmwarewcd9385qcs6490_firmwaresdx70m_firmwareqca6390wcd9375sd750g_firmwareaqt1000ar8035sm6250_firmwaresda429wmsm8917_firmwaresd210wcn3620_firmwaresdx20_firmwarewsa8815_firmwaresd888_5g_firmwareqcm6490wcn6850_firmwarewsa8835_firmwarewcn3620apq8017qcx315qca6564asg4150p_firmwareqcm6125_firmwareqcm4325qcm2290_firmwarewcn3990sd_675sd780gsd865_5gqcc5100sdx24sd888msm8909w_firmwareqcx315_firmwarewsa8835sdm429w_firmwaresd665_firmwaresd888_5gsm6250psc8180xqca6574awcn6855_firmwareqca6174asm7325pqca6310_firmwarewcn6750sa515msd855sm7325p_firmwaresd665sdx57m_firmwaresd765qca6574a_firmwaresd768g_firmwaremsm8209sd850_firmwaresm7315apq8009sd460qca6391sdxr1_firmwareaqt1000_firmwaresdx65_firmwareqcm4290csrb31024_firmwareqcm6490_firmwaresdx50msdx20sd480_firmwaresd_455sc8180x_firmwareqca6574ausd710sd205_firmwarewcd9341_firmwareqcm6125wsa8810mdm9150wcn6856wcn3680bsd835_firmwaresd768gwcn6740qca6696sd845_firmwaremsm8608_firmwaresdw2500qcn6024sd845apq8037_firmwaresm7250psd720g_firmwaresdx12sw5100_firmwareqcs410_firmwaresd850Snapdragon
CWE ID-CWE-680
Integer Overflow to Buffer Overflow
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-33218
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.2||HIGH
EPSS-0.04% / 9.83%
||
7 Day CHG~0.00%
Published-06 Jan, 2023 | 05:02
Updated-09 Apr, 2025 | 19:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in Automotive

Memory corruption in Automotive due to improper input validation.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6564au_firmwareqca6584ausa6155p_firmwaresa6150p_firmwaresa8145p_firmwaremsm8996au_firmwareapq8064au_firmwareqca6595qca6564ausa8155_firmwareqca6574ausa6145p_firmwaresa8155p_firmwaremsm8996auqca6564a_firmwaresa8195psa8540p_firmwaresa8150p_firmwareqca6595au_firmwaresa6155sa6155psa8540psa8295p_firmwareqca6574asa6145pqca6584au_firmwareapq8096auqca6696_firmwareqca6595_firmwaresa8145pqca6696qam8295psa9000papq8064ausa8150psa6150papq8096au_firmwaresa8155pqam8295p_firmwaresa8155qca6574a_firmwaresa9000p_firmwareqca6574au_firmwaresa8195p_firmwareqca6595ausa6155_firmwareqca6564asa8295pSnapdragon
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-11289
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.10% / 27.89%
||
7 Day CHG~0.00%
Published-25 Feb, 2019 | 23:00
Updated-05 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Data truncation during higher to lower type conversion which causes less memory allocation than desired can lead to a buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in versions IPQ8074, MDM9150, MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, QCA8081, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632sd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdm439mdm9650sd_636snapdragon_high_med_2016_firmwaremsm8996ausd_820sd_650sd_450_firmwaresd_845_firmwaresd_410sd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_652sd_425_firmwaresd_625_firmwareipq8074sd_450sd_8cx_firmwaresd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sxr1130_firmwaresd_210_firmwaresd_652_firmwareqca8081_firmwaresxr1130sd_205_firmwaresd_212sd_650_firmwaresd_427_firmwaresd_712sd_412sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435mdm9655_firmwaresd_710_firmwaresdm630sd_625ipq8074_firmwaresd_820_firmwaresd_210mdm9607sd_636_firmwaresd_439_firmwareqca8081mdm9150sd_429_firmwaresnapdragon_high_med_2016sd_212_firmwaresd_850_firmwaremdm9655sdm439_firmwaresd_412_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_8cxsd_430sd_427sd_670sd_435_firmwaresd_710sd_410_firmwaresd_205sdm660_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-11281
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 5.58%
||
7 Day CHG~0.00%
Published-18 Sep, 2018 | 18:00
Updated-05 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while calling IPA_IOC_MDFY_RT_RULE IPA IOCTL, header entry is not checked before use. If IPA_IOC_MDFY_RT_RULE IOCTL called for header entries formerly deleted, a Use after free condition will occur.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-416
Use After Free
CVE-2018-11305
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.17%
||
7 Day CHG~0.00%
Published-26 Oct, 2018 | 13:00
Updated-05 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When a series of FDAL messages are sent to the modem, a Use After Free condition can occur in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDA660, SDX20.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaresd_820asd_617_firmwaremsm8996au_firmwaresdx20sd_415sd_616sd_425sd_430_firmwaremdm9607_firmwaresd_615mdm9650sd_650_firmwaresd_625sd_615_firmwaremsm8909w_firmwaremdm9607msm8996ausd_210sd_650sd_820_firmwaresd_820sd_450_firmwaresd_845_firmwaresd_617sd_820a_firmwaremdm9206sd_652sd_425_firmwaresd_212_firmwaresd_625_firmwaresd_450sda660_firmwaresd_845mdm9206_firmwaresd_430sd_835_firmwaremdm9650_firmwaresdx20_firmwaresd_835sd_205sda660sd_210_firmwaresd_415_firmwaresd_652_firmwaremsm8909wsd_616_firmwaresd_205_firmwaresd_212mdm9640Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-416
Use After Free
CVE-2018-11816
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.50%
||
7 Day CHG~0.00%
Published-26 Nov, 2024 | 13:56
Updated-06 Feb, 2025 | 16:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Video

Crafted Binder Request Causes Heap UAF in MediaServer

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-apq8076_firmwarear6003_firmwaresd835sd835_firmwareapq8056_firmwareapq8056sd820apq8039_firmwareaqt1000sd820_firmwareapq8052_firmwareapq8017_firmwareaqt1000_firmwaresd670ar6003apq8016_firmwaresd660_firmwaresd821apq8052apq8016apq8039sd821_firmwaresd660apq8017apq80769206_lte_modem_firmwaresd670_firmware9206_lte_modemSnapdragon9206_lte_modem_firmwareaqt1000_firmwarear6003_firmwaresd835_firmwaresd670_firmwaresd821_firmwareapq8076_firmwareapq8017_firmwaresd660_firmwareapq8052_firmwaresd820_firmwareapq8056_firmwareapq8016_firmwareapq8039_firmware
CWE ID-CWE-416
Use After Free
CVE-2018-11295
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.26%
||
7 Day CHG~0.00%
Published-18 Sep, 2018 | 18:00
Updated-05 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, WMA handler carries a fixed event data from the firmware to the host . If the length and anqp length from this event data exceeds the max length, an OOB write would happen.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-11292
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 30.14%
||
7 Day CHG~0.00%
Published-20 Sep, 2018 | 13:00
Updated-05 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA6574AU, QCA6584, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820A, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_High_Med_2016, lack of input validation in WLANWMI command handlers can lead to integer & heap overflows.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaresdm636_firmwaresdm632_firmwaremsm8996au_firmwaresd430sd625_firmwaresdm632sd650_firmwaresdm660sdm439mdm9607_firmwaresdm630mdm9650sdm429sd616_firmwareqca6574ausd425_firmwaresd205msm8909w_firmwaremdm9607msm8996ausd205_firmwaresd616sd410_firmwaresd820a_firmwaresd652_firmwaresd410sd425sd412sd615_firmwaresd652sd210_firmwaresd427_firmwaresd625mdm9206sd212_firmwaresdm439_firmwaresdm636sd427sd412_firmwaresd212sdm630_firmwaresd415mdm9206_firmwaresd430_firmwaresd450_firmwaresd615qca6584_firmwaresd210sdm429_firmwaremdm9650_firmwareqca6584qca6574au_firmwaresd415_firmwaresd650sd820amsm8909wsd450sdm660_firmwaremdm9640Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-11296
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.26%
||
7 Day CHG~0.00%
Published-18 Sep, 2018 | 18:00
Updated-05 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing a message from firmware in WLAN handler, a buffer overwrite can occur.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-23354
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.13% / 33.06%
||
7 Day CHG-0.01%
Published-06 May, 2024 | 14:32
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Graphics Linux

Memory corruption when the IOCTL call is interrupted by a signal.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm8550_firmwaresw5100pwsa8845_firmwarewsa8832qca6595srv1mwcd9370qca6696wcd9395_firmwaresnapdragon_8\+_gen_1_mobilefastconnect_6700snapdragon_685_4g_mobilewsa8815_firmwarewsa8832_firmwaresa8195p_firmwarewcd9395sg8275p_firmwareqca6574au_firmwareqcm4490_firmwareqca6574auwcd9390sa8620p_firmwarewcn3950wsa8810_firmwarewsa8845h_firmwareflight_rb5_5gsa9000p_firmwaresrv1hqca6797aq_firmwaretalynplus_firmwaresa8770pssg2115psw5100_firmwareqca6595_firmwareqcs7230fastconnect_6900fastconnect_7800_firmwaresnapdragon_w5\+_gen_1_wearable_firmwaresa7255pwcd9385_firmwarefastconnect_6900_firmwareqam8255p_firmwarerobotics_rb5_firmwarewcd9380qam8255psxr2230pqcs4490snapdragon_680_4g_mobilewsa8845sa6155psxr1230pwsa8810qam8650pvideo_collaboration_vc5_platform_firmwaresa9000psrv1h_firmwaresw5100qca6595ausxr2250p_firmwaresa6155p_firmwaresnapdragon_685_4g_mobile_firmwarewsa8840srv1m_firmwareqcs8550_firmwaresnapdragon_8_gen_2_mobile_firmwareqca6698aq_firmwaresnapdragon_4_gen_2_mobile_firmwarewcd9385snapdragon_8_gen_1_mobileqcs4490_firmwaresnapdragon_680_4g_mobile_firmwaresa8255pqcs7230_firmwaresxr1230p_firmwarewcd9390_firmwaresnapdragon_8_gen_2_mobilesg8275pwcd9370_firmwareflight_rb5_5g_firmwaressg2125psa7255p_firmwareqca6574asnapdragon_8\+_gen_2_mobileqcm4490sa8195pqamsrv1mrobotics_rb5talynplusqam8650p_firmwarevideo_collaboration_vc5_platformsm8550p_firmwaresxr2250pqcm8550wcn3988qrb5165n_firmwareqca6574sa8775pwsa8835qca6595au_firmwareqca6391_firmwaresxr2230p_firmwarewsa8840_firmwaresw5100p_firmwaresa8775p_firmwareqamsrv1hqca6696_firmwarewsa8845hwcd9380_firmwareqca6574_firmwaresa8155p_firmwarewsa8815sg4150psa8155psd_8_gen1_5gwsa8830qam8775pqca6797aqsnapdragon_ar2_gen_1_firmwaresm8550pqcm4325_firmwaresa8620psa8255p_firmwareqca6574a_firmwareqamsrv1m_firmwaresnapdragon_4_gen_2_mobilesa8650p_firmwareqcm4325sd_8_gen1_5g_firmwarewcd9375_firmwareqca6391qca6698aqsg4150p_firmwaressg2125p_firmwarewcn3950_firmwaresa8770p_firmwareqrb5165nqcs8550fastconnect_7800sa8650pqam8775p_firmwaresnapdragon_8\+_gen_2_mobile_firmwarewcd9375snapdragon_ar2_gen_1wcn3988_firmwarefastconnect_6700_firmwareqamsrv1h_firmwaresnapdragon_8\+_gen_1_mobile_firmwarewsa8835_firmwaressg2115p_firmwarewsa8830_firmwaresnapdragon_w5\+_gen_1_wearablesnapdragon_8_gen_1_mobile_firmwareSnapdragonqam8255p_firmwarerobotics_rb5_platform_firmwaresa6155p_firmwaresa8620p_firmwareqcm4490_firmwareqcm8550_firmwareqcs4490_firmwaresa8775p_firmwaresa8650p_firmwaresg8275p_firmwaresnapdragonfastconnect_6900_firmwaresrv1h_firmwareqcs7230_firmwareqcs8550_firmwareqca6797aq_firmwareflight_rb5_5g_platform_firmwaresa8155p_firmwarefastconnect_6700_firmwaresa7255p_firmwarefastconnect_7800_firmwareqca6595au_firmwaresnapdragon_8_gen_1_mobile_platform_firmwaresnapdragon_4_gen_2_mobile_platform_firmwareqca6698aq_firmwareqamsrv1m_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqam8650p_firmwaresa8770p_firmwareqam8775p_firmwareqrb5165n_firmwareqca6696_firmwareqca6595_firmwareqca6391_firmwareqcm4325_firmwareqamsrv1h_firmwareqca6574_firmwaresd_8_gen1_5g_firmwaresm8550p_firmwarequalcomm_video_collaboration_vc5_platform_firmwaresa9000p_firmwareqca6574a_firmwareqca6574au_firmwaresa8195p_firmwaresnapdragon_680_4g_mobile_platform_firmware
CWE ID-CWE-416
Use After Free
CVE-2022-25709
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.07% / 20.95%
||
7 Day CHG~0.00%
Published-07 Mar, 2023 | 04:43
Updated-05 Mar, 2025 | 16:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use of Out-of-range Pointer Offset in Data Modem

Memory corruption in modem due to use of out of range pointer offset while processing qmi msg

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830sd678sm6250p_firmwareqca8337qca6431_firmwaresd7c_firmwaresnapdragon_4_gen_1_firmwaresdx65wcn3950_firmwaresd765g_firmwareqca6390_firmwaresd690_5gsd730_firmwarewcd9370sd_675_firmwaresd675_firmwareqca6426wcn3990_firmwarewcn3998wcd9385_firmwaresdxr2_5g_firmwarewcn3950qcn6024_firmwaresd720gsd_8_gen1_5g_firmwarewcn7850qca6320_firmwaresdx55_firmwarewcd9375_firmwareqca8081_firmwarewcn3998_firmwaresm7250p_firmwareqca6436_firmwareqca6310sa515m_firmwarewcn7851sdxr2_5gsd821wcn3988_firmwareqca6421sm6250wcd9340wsa8810_firmwaresd765gsd765_firmwareqca6436wcn6851wcd9335qca8081wcn7851_firmwareqca6174a_firmwarewcd9385wcd9341qca6431sd750gsd870_firmwaresdx70m_firmwareqca6390ar8035sd750g_firmwarewcd9375sm6250_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwaresd820snapdragon_4_gen_1wcn3988wcn6850_firmwarewcn7850_firmwarewsa8815_firmwarewsa8835_firmwareqcx315sm8475wcn3991qca8337_firmwarewcd9380_firmwarewcn3990sd_675sd865_5gsdx55m_firmwarewcn6856_firmwarewsa8835qcx315_firmwarewcd9380sm6250psd690_5g_firmwarewcn6855_firmwareqca6174aqca6310_firmwarewcd9335_firmwarewcn3980sa515mwcd9340_firmwaresd855wsa8815wcn6850sd7cqca6320sd765qca6426_firmwaresd695sd768g_firmwaresd835qcn9024wcn3980_firmwaresd730qca6391sdx55mqca6421_firmwaresdx65_firmwaresd821_firmwaresd678_firmwaresd480_firmwarewcn6851_firmwareqcn9024_firmwarewcd9341_firmwaresd480sd870wsa8810wcn6855wcn6856sd835_firmwaresd695_firmwaresd768gsd820_firmwareqca6391_firmwarewcd9370_firmwaresdx55sd675qcn6024sdx70msm7250psd720g_firmwarear8035_firmwareSnapdragon
CWE ID-CWE-823
Use of Out-of-range Pointer Offset
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-25721
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 11.03%
||
7 Day CHG~0.00%
Published-06 Jan, 2023 | 05:02
Updated-09 Apr, 2025 | 20:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incorrect Type Conversion in Video driver

Memory corruption in video driver due to type confusion error during video playback

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwareqca8337_firmwaresda429w_firmwaresa6150p_firmwarewcn3990sa8145p_firmwareqcs610sdm429wqca8337qca6564ausdm429w_firmwarewcn3950_firmwaresa8150p_firmwareqca6420_firmwarequalcomm215qcs410wcd9370qca6574aqca6564wcn3990_firmwareqca6430_firmwarewcn3980wcn3998wcn3950wcd9326_firmwarewcd9340_firmwarewcn3660bsd855wsa8815wcn3660b_firmwareqca6574a_firmwareqca6574au_firmwaresdx55_firmwarewcn3680b_firmwarewcn3998_firmwarewcn3980_firmwaresdxr1_firmwarewcn3610_firmwareqca6420qca6391aqt1000_firmwareqca6564au_firmwaresa6155p_firmwareqcs8155sd429qca6430qca6574auqcn9074sa6145p_firmwaresd205sd429_firmwaresa8155p_firmwaresd205_firmwarewcd9340sa8195pwsa8810_firmwarequalcomm215_firmwarewcd9341_firmwarewsa8810wcd9326sa6155psd210_firmwareqcs610_firmwaremdm9150sa6145pwcn3680bqca6564_firmwarewcd9341sdxr1qca6696_firmwaresa8145pqca6696qca6391_firmwarewcd9370_firmwareaqt1000sa8150psa6150psdx55sa8155psda429wsd210sd855_firmwarewcn3620_firmwarewsa8815_firmwarewcn3620sa8195p_firmwareqcs8155_firmwareqcn9074_firmwareqcs410_firmwarewcn3610Snapdragon
CWE ID-CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CVE-2022-25715
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 11.03%
||
7 Day CHG~0.00%
Published-06 Jan, 2023 | 04:42
Updated-09 Apr, 2025 | 19:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incorrect type casting in Display driver

Memory corruption in display driver due to incorrect type casting while accessing the fence structure fields

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwareqca8337_firmwaresda429w_firmwareqcs610sdm429wqca8337sdm429w_firmwarewcn3950_firmwareqca6420_firmwarequalcomm215qcs410wcd9370qca6430_firmwarewcn3980wcn3998wcn3950sa515mwcd9340_firmwaresd855wcn3660bwsa8815wcn3660b_firmwarewcn3680b_firmwaresdx55_firmwarewcn3998_firmwarewcn3980_firmwareqca6391wcn3610_firmwareqca6420aqt1000_firmwareqcs8155sa515m_firmwaresd429qca6430qcn9074sa8155p_firmwaresd205sd429_firmwaresd205_firmwarewcd9340wsa8810_firmwarequalcomm215_firmwarewcd9341_firmwarewsa8810sd210_firmwareqcs610_firmwaremdm9150wcn3680bwcd9341qca6391_firmwarewcd9370_firmwareaqt1000sdx55sa8155psda429wsd210sd855_firmwarewcn3620_firmwarewsa8815_firmwarewcn3620qcs8155_firmwareqcn9074_firmwareqcs410_firmwarewcn3610Snapdragon
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2022-25682
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.07% / 22.44%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwaremdm9310wcn3615_firmwaremsm8996ausd429_firmwareqca6595au_firmwarequalcomm215_firmwaresd730qca6310qsw8573apq8009mdm9607qca6696qca6421wcn7850mdm9205_firmwareqca6564aumsm8937sdx24wcn3660bsd632_firmwaremdm8207_firmwaresd720gqca6426_firmwaresd710_firmwaresd460sd205_firmwaremsm8996au_firmwaremdm9630apq8056msm8940sdx24_firmwarewsa8830msm8920_firmwarewsa8815wcn3680bqca6430wcn3620_firmwaresd855qcs6490_firmwarewcd9340sdx55_firmwaresdxr2_5g_firmwareapq8037msm8976sg_firmwaresd_8cx_gen2_firmwaresc8180x\+sdx55_firmwaremdm9207sd712mdm9650sd765g_firmwareqca6574aqca4004_firmwaremsm8108_firmwaresd865_5g_firmwarewcd9306_firmwareapq8017_firmwareqcm6125_firmwaresdm429w_firmwaresd835_firmwarewcn6750sm7325pmsm8917_firmwaresd_636_firmwarear6003mdm8215sd695_firmwareqcc5100sd_675qca6335sd625_firmwaremsm8108qcs405qca6431_firmwaremsm8208csra6640sd480_firmwaremdm9215_firmwareqet4101qca6430_firmwareqca8081sm7315_firmwaresm7325p_firmwareqca6584auapq8009wsd870mdm9150qca9367qca6390_firmwareqcn9024_firmwaresc8180x\+sdx55wcn6855qca6584_firmwareqcx315_firmwarewcn3910sd870_firmwareqcm6490_firmwaresm6250sdm630_firmwareqca6431qca6595auwcd9370sd821_firmwareqcs4290_firmwaresd888_firmwarewcn3980ar6003_firmwaresd439_firmwaremdm8215msm7315sd765_firmwaresd720g_firmwaresd765gsd670mdm9150_firmwaresdx55mmsm8208_firmwaremsm8917sd450wcn6850_firmwarewcn3660sd_455sm6250pwsa8810_firmwarewsa8815_firmwarewcn3991_firmwaresd625sd850_firmwarewcn6740msm8608_firmwareqca6436msm8952_firmwarewsa8810sdxr1msm8909wsdm630sw5100p_firmwareaqt1000_firmwareqca4004wsa8835_firmwarewcd9335_firmwaresm7250p_firmwaremdm9615mapq8009_firmwareqca6391qcn9024wcn3998_firmwarecsra6620mdm9330_firmwaremdm9310_firmwarewcn6851sd778g_firmwarewcd9370_firmwaresd675qca6420_firmwaresd439mdm9615m_firmwarewcn3660_firmwaresdx57mqcx315qcc5100_firmwaremsm8940_firmwaresd210_firmwareqcm6125mdm9655_firmwareapq8052_firmwaresdx12sd660csrb31024_firmwaresdm429wsdx20qcs610qualcomm215apq8052qca6391_firmwaresd205wcd9326_firmwaresm7250pcsra6620_firmwarewcn3610sdx20_firmwarewcn3910_firmwaremsm8209apq8017wcd9375sd750g_firmwaremsm8976_firmwareqca6696_firmwaremdm9215sm6250p_firmwaresd865_5gqca9377wcn3990_firmwaremdm9230_firmwarewcn3950_firmwarewcn3988sd778gwcd9371_firmwarewcn3615msm8976sd750gsd768g_firmwaremdm8615mqcs605msm8952sd712_firmwaremdm9615_firmwarewcn7851qca6310_firmwaremdm8215m_firmwaresd710mdm9640_firmwareqca6436_firmwareqca9367_firmwaresd_636wcd9341_firmwaresd821sd632wcd9340_firmwaremdm9330sd850apq8037_firmwaresd_675_firmwareqca6174a_firmwareqca6564a_firmwaresd855_firmwaresd662_firmwarewcd9371mdm9650_firmwaresdx50mqcs405_firmwareqcn6024_firmwareqcs6490sdx55sd460_firmwaresd_455_firmwaremsm8956mdm9628wcn3610_firmwareqcm4290_firmwaremsm8976sgsd450_firmwaresd820wcn3660b_firmwaresm4375msm8909w_firmwareqet4101_firmwaresd665_firmwarewcd9360_firmwaresdw2500sdw2500_firmwareqsw8573_firmwaresd626sd768gwcn6740_firmwarewcn6856sd626_firmwareapq8009w_firmwaresda429w_firmwaresdx50m_firmwareqca6390sd480wcd9330wcn7851_firmwaresw5100mdm8215_firmwarewcn6850sa415mwcn3950qcs603_firmwaremsm8608qca6320_firmwareqca6584au_firmwareqcm6490qcn6024qca6174awcd9335sd7c_firmwaresd670_firmwarewcn3680b_firmwaresd835qca6421_firmwareqca6574au_firmwaresd662mdm9250_firmwareqcs610_firmwaremdm9205msm8956_firmwaremdm9207_firmwareqca6174qcm2290_firmwarewcd9380mdm9630_firmwareqcm4290wcn3680mdm9628_firmwaresd660_firmwaresd730_firmwaresd695qca6174_firmwarewcd9375_firmwaresd888ar8035_firmwarewcn6856_firmwareaqt1000mdm9230qcs603sdx12_firmwarear8035wcn6855_firmwaremdm8207wcd9360qca6420sd780g_firmwarewcn3680_firmwareqcm2290sdx65_firmwaremdm9250sa515msd845_firmwaremdm9206sdxr1_firmwaresa515m_firmwaremdm9655mdm9607_firmwarewcn3990apq8076sd429apq8076_firmwaresd690_5gqca8081_firmwaremsm8920wsa8835wcn3998wcd9306apq8056_firmwareqca8337_firmwaremdm9206_firmwareqcs2290sd820_firmwaresd7cwcd9385sd678qca6574auwcn7850_firmwaresdx65wcd9385_firmwaremdm9640apq8096auwcn6750_firmwareqcs410_firmwaresd210sd680sd888_5gsd678_firmwareqcs6125sm4375_firmwarewcn3991qca6574csra6640_firmwareqca6574_firmwaresa415m_firmwareqca6564asd675_firmwareqca6574a_firmwaresd665sda429wsd888_5g_firmwarewsa8830_firmwareqca6320qca8337sd_8_gen1_5g_firmwaresm6250_firmwaresdxr2_5gwcd9341wcn3980_firmwareqcs2290_firmwarewcn6851_firmwarewcd9326sd680_firmwaremsm8937_firmwareqca9377_firmwaremdm8615m_firmwareapq8096au_firmwaresw5100_firmwareqca6584sd780gqca6564au_firmwarecsrb31024qca6426qca6335_firmwaresdx55m_firmwareqcs6125_firmwaresdx57m_firmwaresd690_5g_firmwaresm8475wcn3620sd765qcs605_firmwarewcd9330_firmwarewcn3988_firmwareqcs4290msm8209_firmwaresw5100pmdm9615sd_8cx_gen2sd845qcs410Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-25694
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.07% / 20.95%
||
7 Day CHG~0.00%
Published-07 Mar, 2023 | 04:43
Updated-05 Mar, 2025 | 16:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use of Out-of-range Pointer Offset in MODEM

Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaremdm9640_firmwaresm6250p_firmwareqcs610qca8337qca6431_firmwarewcd9360_firmwaresdx65wcn3950_firmwaresc8180x\+sdx55qcs2290qca6595au_firmwareqca6335msm8917mdm8215sd_455_firmwarecsra6620_firmwareapq8076qcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaremdm8615m_firmwaresd632msm8108sa415mwcn3998wcd9371_firmwaremsm8108_firmwarewcn3950qcn6024_firmwaresd720gsd_8cx_gen2_firmwaremdm9206_firmwareqsw8573_firmwaremdm9628sd_8_gen1_5g_firmwarewcn3660bsd450_firmwaresd710_firmwaresd460_firmwaremdm9230_firmwaresm7315_firmwaremdm8215mwcn7850qca6574au_firmwaremdm9630wcd9375_firmwareqca8081_firmwarewcn3998_firmwaresdx12_firmwaremsm8909wapq8009w_firmwareqca6420wcd9360sd680_firmwareqca9367_firmwaremdm8207sd_8cx_gen2qcs6125apq8056_firmwareqca4004_firmwaresd662_firmwaremdm9615mqca6430qcs405qts110wcd9306_firmwarewcd9340sd626_firmwaresd765gqualcomm215_firmwaresw5100sd680qca6436wcn6851qcs603_firmwarewcn7851_firmwaremsm8937apq8052msm8209_firmwaremdm9250_firmwarewcn3660_firmwarewcd9341qca6431qca6696_firmwarewcd9371sd870_firmwaresd750gmdm8215_firmwarewcn3910_firmwaremdm9207_firmwareqca4004wsa8830_firmwaremdm9330_firmwaresd855_firmwaresd660sd865_5g_firmwaresnapdragon_4_gen_1sd712wcn3988sd660_firmwarewcn7850_firmwaresm8475msm8208_firmwarewcn6750_firmwaresd450wcn3610msm8608mdm9640wcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwaresdm429wsw5100pmsm8996au_firmwarewcd9330sd625_firmwareqca6564ausdx55m_firmwarewcn6856_firmwaremsm8940_firmwareqet4101_firmwaremsm8976_firmwareqca6574sd632_firmwaresd670_firmwarewcd9380qualcomm215mdm9230qcs410sd690_5g_firmwaresdx50m_firmwareqca9379_firmwaresdx24_firmwaresd626qca6174qca6430_firmwaresd439_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqsw8573qcm4325_firmwareqcs605wcd9340_firmwarewsa8815wcn6850sd7cwcn3910msm8956_firmwareqca6584_firmwareqca6320msm8937_firmwaremdm9650_firmwaremdm9215_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680sd695sd835qcn9024wcn3980_firmwaresd730wcd9330_firmwaresdx55mqcc5100_firmwareqca6421_firmwarewcn6740_firmwarear6003_firmwaresd821_firmwaresd678_firmwarewcn3680_firmwarewcn6851_firmwareqcs603sd670sd_636_firmwareqcn9024_firmwareqca6564a_firmwareapq8009wmsm8976sg_firmwaresdx57mqcm4290_firmwaresd480sd870wcn6855sw5100p_firmwaresd210_firmwareqcs610_firmwaresd695_firmwaresdxr1apq8096auqcs405_firmwaremdm8207_firmwaresdm630_firmwaremdm9205_firmwareqca6391_firmwaresd820_firmwarewcd9370_firmwaresd780g_firmwaresdx55sd888_firmwaresd675csra6640sdx70msd439qet4101wcn3660qca9379ar8035_firmwareqcm2290wcn3991_firmwaremdm9150_firmwarewsa8830sd678qcs2290_firmwaresd7c_firmwarecsrb31024mdm9628_firmwaresnapdragon_4_gen_1_firmwaremdm9650sd_636csra6620qcs4290mdm9250sd765g_firmwareqca6420_firmwareqca6390_firmwareapq8009_firmwaresd690_5gqca6174_firmwaresd730_firmwaremdm9310_firmwarewcd9370sd675_firmwaresd625qca6426qca6584au_firmwarewcn3990_firmwareapq8076_firmwareqca9377sdw2500_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwaremdm9615m_firmwarewcn3615_firmwaresd662apq8037qca6320_firmwareqca6584wcn3680b_firmwaresdx55_firmwarewcn3615qca6595ausm7250p_firmwarewcn3610_firmwareqca6436_firmwaremdm9207wcd9306qca6584ausd778gqca6564au_firmwaremsm8208qca6310wcn7851sd429sa515m_firmwareqcs6490sdxr2_5gqca9367sdm630mdm9607_firmwaresd821msm8976sgsa415m_firmwarewcn3988_firmwaresd205sd429_firmwareqca6421sd778g_firmwaresm6250sd712_firmwareapq8017_firmwarewsa8810_firmwaresd765_firmwarewcd9326wcd9335sg4150pqca8081qca6174a_firmwareqcs4290_firmwarewcd9385mdm8615mqcs6490_firmwaresdx70m_firmwareqca6390wcd9375sd750g_firmwareaqt1000msm8956msm8976sc8180x\+sdx55_firmwaresm6250_firmwarear8035msm8952apq8056msm8917_firmwaresda429wsd210wcn3620_firmwaresdx20_firmwarewsa8815_firmwaresd888_5g_firmwaresd820qcm6490wcn6850_firmwarewsa8835_firmwarewcn3620apq8017qcx315ar6003qca6564amdm9630_firmwaresg4150p_firmwareqcm6125_firmwareqcm4325qcm2290_firmwarewcn3990sd_675sd780gsd865_5gqcc5100sdx24sd888msm8952_firmwaremsm8909w_firmwareqcx315_firmwarewsa8835msm8996ausdm429w_firmwaresd665_firmwaresd888_5gsm6250pqca6574amdm9206wcn6855_firmwareqca6174asm7325pqca6310_firmwarewcn6750apq8052_firmwaremdm9615mdm9205sa515mqca6574_firmwaresd855sm7325p_firmwaresd665sdx57m_firmwaresd765qca6574a_firmwaresd768g_firmwaremsm8209sd850_firmwaresm7315apq8009sd460qca6391sdxr1_firmwaremdm9310aqt1000_firmwaremsm8920sdx65_firmwareqcm4290csrb31024_firmwareqcm6490_firmwaresdx50msdx20sd480_firmwaremsm8920_firmwaremdm9215sd_455qca6574ausd710mdm8215m_firmwaremdm9607sd205_firmwarewcd9341_firmwareqcm6125wsa8810mdm9150wcn6856wcn3680bsd835_firmwaresd768gwcn6740qca6696sd845_firmwaremsm8608_firmwaresdw2500msm8940apq8096au_firmwareqcn6024sd845mdm9615_firmwareapq8037_firmwaresm7250psd720g_firmwaresdx12sw5100_firmwareqcs410_firmwaremdm9330sd850qts110_firmwareSnapdragon
CWE ID-CWE-823
Use of Out-of-range Pointer Offset
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-25723
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.09% / 26.24%
||
7 Day CHG~0.00%
Published-17 Oct, 2022 | 00:00
Updated-13 May, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption in multimedia due to use after free during callback registration failure in Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn6855wsa8830wcn6855_firmwaresm8475wcn7851_firmwarewcn6856wsa8830_firmwarewcn7850_firmwarewcn7850wcn6856_firmwarewsa8835sd_8_gen1_5g_firmwarewcd9380wcn7851wsa8835_firmwarewcd9380_firmwareSnapdragon Mobile
CWE ID-CWE-416
Use After Free
CVE-2022-25693
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.09% / 26.24%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 05:25
Updated-03 Aug, 2024 | 04:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption in graphics due to use-after-free while graphics profiling in Snapdragon Connectivity, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm8475_firmwaresm7450_firmwarewcn6855_firmwaresm8475p_firmwarewcd9380_firmwarewsa8830wcd9385wcn6750wcn7851wsa8832_firmwarewcd9385_firmwarewcn6856_firmwarewcd9375wcd9370_firmwaresd_8_gen1_5g_firmwarewsa8830_firmwarewsa8835wsa8835_firmwarewcd9380sm7450wsa8832wcn6855wcd9375_firmwaresm8475wcn6750_firmwarewcd9370wcn7851_firmwarewcn6856sm8475pSnapdragon Connectivity, Snapdragon Mobile
CWE ID-CWE-416
Use After Free
CVE-2022-25713
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.44%
||
7 Day CHG~0.00%
Published-02 May, 2023 | 05:08
Updated-03 Aug, 2024 | 04:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Restriction of Operations within the Bounds of a Memory Buffer in Automotive

Memory corruption in Automotive due to Improper Restriction of Operations within the Bounds of a Memory Buffer while exporting a shared key.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wsa8830qca8337_firmwaresa6150p_firmwarewcd9380_firmwaresa8145p_firmwareqca8337sd865_5gqca6431_firmwaresm8350-ac_firmwarewsa8835sm7250-ac_firmwareqca6574sa8540p_firmwaresd_8_gen1_5gwcd9380sa8150p_firmwareqca6595au_firmwareqca6390_firmwaresm8350sxr2130qca6574awcn685x-5_firmwareqca6426wcn685x-1snapdragon_8cx_gen_3_compute_platform__firmwaresm8450sm8250-abwcn3998wcd9385_firmwareqam8295psa9000pqca6574_firmwaresd_8_gen1_5g_firmwaresm7250-abwsa8815qsm8350_firmwareqsm8350qam8295p_firmwaresnapdragon_xr2_5g_platform_firmwareqca6426_firmwaresa9000p_firmwaresnapdragon_x55_5g_modem-rf_systemqca6574a_firmwareqca6574au_firmwareqca6595auwcn3998_firmwareqca8081_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresm7250p_firmwaresm8250-ab_firmwareqca6391qca6436_firmwaresa8295pqca6421_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwaresnapdragon_xr2_5g_platformsnapdragon_x65_5g_modem-rf_systemqca6698aqsa4155p_firmwaresm8350_firmwarewcn685x-5sm8250_firmwaresm7250-ab_firmwaresm8250-acqca6574ausa6145p_firmwaresa8155p_firmwareqca6421sm7250-aasa8195pwsa8810_firmwaresm8450_firmwarewsa8810sm7250-aa_firmwareqca6436sa6155psa8540psm7250-acqca8081qca6698aq_firmwaresa6145psm8350-acwcn685x-1_firmwarewcd9385sxr2130_firmwareqca6431qca6696_firmwaresa8145pqca6696qca6391_firmwaresa4150p_firmwareqca6390ar8035sa8150psa6150psa8155psm8250-ac_firmwarewsa8830_firmwaresm8250sd865_5g_firmwarewsa8815_firmwarewsa8835_firmwaresm7250psnapdragon_8cx_gen_3_compute_platform_sa8195p_firmwaresa8295p_firmwaresa4155psa4150par8035_firmwareSnapdragon
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-25661
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.08% / 25.51%
||
7 Day CHG~0.00%
Published-12 Oct, 2022 | 00:00
Updated-15 May, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption due to untrusted pointer dereference in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcs605wcn6855_firmwareqca6391_firmwaresd888_5g_firmwaresd850qca6574_firmwaresdx50m_firmwarear8035qca6430sa8155wcn7850_firmwaresdx24_firmwarewcd9375_firmwaresd855_firmwaresa8540p_firmwarewcn3990qca6174a_firmwarewsa8835_firmwareqca6696_firmwareqca8337sa6145pqca6431_firmwarewcn6855qam8295pwsa8830qca6696sm8475sdx65sd778g_firmwaresm7325pqsm8350_firmwareqca6420sa6155pwcn3998_firmwarewcn6750_firmwaresdx55qca6390_firmwaresm7250par8035_firmwarewcn6740_firmwaresd765sdx55_firmwareqca6574a_firmwarewcd9385_firmwareqca8081_firmwarewcn3950_firmwareqcs605_firmwaresdx24sdxr2_5g_firmwareqca6436_firmwarewsa8815_firmwareqcm6490sd678sdx57m_firmwaresa6145p_firmwaresa9000pqca6430_firmwareqca6595sd675_firmwarewcd9370_firmwareaqt1000qca6391wcn3991_firmwaresa8295pqca6174asa8295p_firmwarewsa8835sm7250p_firmwarewcn6851_firmwaresd768g_firmwarewcn3980_firmwaresm7315_firmwareqca6574awcn6750qca6564aqcn9012_firmwareqrb5165msdx65_firmwareqca6595auwcn6851qcn9012qcs6490_firmwaresd865_5gwcd9340_firmwarewcn6850_firmwaresd865_5g_firmwareqca6564au_firmwareqca9377_firmwarewsa8830_firmwarewcd9341sd845_firmwarewcn3991wcn3998wcn6856_firmwareqca6574ausd888_firmwaresm7315wcn3990_firmwaresdx55mwcd9341_firmwareqcs603_firmwaresd670qca6420_firmwareqca6564ausd_675sa9000p_firmwarewsa8815sd850_firmwaresd_8cx_gen3wcd9326wcn6856wcn6740qca6564a_firmwarewcn7850sd_8_gen1_5g_firmwareqca6426wcd9380qrb5165nqcn9011_firmwareqrb5165_firmwaresa8155p_firmwareqsm8350sd_8cx_firmwaresd780g_firmwareqca8337_firmwaresd870_firmwarewcd9326_firmwareqcn9011sd_8cx_gen3_firmwareqca6574sd_8cx_gen2_firmwaresd870sd765_firmwarewcn7851_firmwaresdx57mqca6426_firmwaresd845qrb5165n_firmwareqcs6490sd778gqam8295p_firmwaresd_675_firmwaresd768gwsa8810qca6335wcn6850sd855sd_8cx_gen2qca6310_firmwarewcd9380_firmwaresd678_firmwaresd888_5gsa8155_firmwaresd670_firmwaresd780gqca6335_firmwareqca6390qca6421qrb5165sa6155qca6595au_firmwareqcm6490_firmwarewsa8810_firmwareqca6310sdx55m_firmwarewcd9375wcd9370sa8150p_firmwarewcn7851qrb5165m_firmwarewcd9340qca6436qca9377wcd9385sa6155p_firmwaresd_8cxsa8150psd765gwcn3950qca6595_firmwareqcs603sdxr2_5gsa6155_firmwareaqt1000_firmwaresd888sdx50mqca6431sd675wcn3980sm7325p_firmwareqca8081qca6574au_firmwaresa8155psa8540pqca6421_firmwaresd765g_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-25655
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.07% / 20.95%
||
7 Day CHG~0.00%
Published-07 Mar, 2023 | 04:43
Updated-03 Aug, 2024 | 04:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer copy without checking the size of input in WLAN HAL.

Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaremdm9640_firmwaresm6250p_firmwaresa6150p_firmwareqcs610ipq4028_firmwareqcn5550ar9380ipq8173_firmwarewcd9360_firmwareqca9561_firmwareqcn5124qca4024_firmwaremsm8992_firmwarewcn3950_firmwaresc8180x\+sdx55ipq8078aipq5028_firmwaresa8150p_firmwareqcs2290qca6595au_firmwaresa6155qca6335qcn5064mdm8215sd_455_firmwarecsra6620_firmwareapq8076qcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwareqca9987_firmwaresa415mwcn3998qca6554a_firmwarewcd9371_firmwarewcn3950qcn6024_firmwaresd720gsm4125mdm9206_firmwaresd_8cx_gen2_firmwareipq8076amdm9628wcn3660bsd710_firmwaresd460_firmwareqca4020qca6428qca6574au_firmwareqcn5164_firmwareipq8071wcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwareqca6420wcd9360sdx20mqca6438_firmwareqca9986sd680_firmwareipq8070_firmwareqca9367_firmwareipq8065ipq8078a_firmwarewcn3999sd_8cx_gen2ipq5028qca7500ipq8072_firmwareipq4029_firmwareqcs6125sa8155_firmwareipq6010sd662_firmwareipq8068qcs405qca6430wcd9340qcn6132sd765gqca1990_firmwaresw5100sd680qca4020_firmwaresa6155pqcs603_firmwaremdm9250_firmwareqca9888_firmwareqcn6122wcd9341ipq8068_firmwareqca6696_firmwarewcd9371sd750gqcn5154_firmwaremdm8215_firmwarewcn3910_firmwaresd_8cxsa8150pqfe1922wsa8830_firmwaremdm9330_firmwareqca9992_firmwaresd660sd855_firmwaresnapdragon_4_gen_1sd712wcn3988qca6438sd660_firmwaresa8195p_firmwareqcn5121qcn5022_firmwareqca9898ipq4028qca4010_firmwarewcn3610mdm9640qca6428_firmwareipq5018_firmwareqca9985_firmwarewcn3991ipq4018_firmwarewcd9380_firmwareipq8072aqca7500_firmwareqca9980_firmwaresw5100pmsm8996au_firmwarewcd9330ipq8076a_firmwareipq8078qca6564ausdx55m_firmwareipq8173qcn5164qca9558msm8976_firmwareqca6574sd670_firmwarecsr8811_firmwarewcd9380qcn5054_firmwareqcs410qcn5024sd690_5g_firmwareipq4019_firmwaresdx50m_firmwareqca9379_firmwareqca9985qcn9012_firmwareqca6174qca6430_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980qca6335_firmwareipq6018_firmwareqcm4325_firmwareqcs605wcd9340_firmwarewsa8815sd7cwcn3910qca6320qca6584_firmwaremdm9650_firmwareqca9986_firmwaremdm9215_firmwarewcn3660b_firmwaresd695ipq6028ipq8064sd835qca9984qcn9024qca1990wcn3980_firmwaresd730qcn5550_firmwarewcd9330_firmwaresdx55mipq8064_firmwareqcc5100_firmwareqcn5064_firmwaresd678_firmwarear8031_firmwareipq8078_firmwareqcn5054qcs603ipq8070qca9994qca6164_firmwareqca9887_firmwareqca9980sd670qcn9024_firmwareipq8174_firmwaresd_636_firmwareqca6564a_firmwareqca9880qcm4290_firmwaresd480qcn5121_firmwaresw5100p_firmwareqcs610_firmwareapq8084_firmwaresa6145pipq6018qca9886_firmwaresd695_firmwaresdxr1ar8031apq8096auqca6595_firmwareqcs405_firmwaresa8145pqca6164sdm630_firmwaresd820_firmwareqca6391_firmwareqca4024wcd9370_firmwaresdx55qcn5021_firmwaresa8155pcsra6640sd675qca9531_firmwareqca9379qcm2290qcn5024_firmwarewcn3991_firmwarewsa8830sd678qca9561qcn9070sa8145p_firmwareqcs2290_firmwaresd7c_firmwarecsrb31024mdm9628_firmwaresnapdragon_4_gen_1_firmwaremdm9650sd_636csra6620qca9987qcn9072qca9880_firmwareqca9992qcs4290mdm9250sd765g_firmwareqca6420_firmwareipq8069_firmwareapq8009_firmwareqca6390_firmwaresd690_5gipq6000qca6174_firmwaremdm9310_firmwaresd730_firmwaresd675_firmwarewcd9370ipq8072qcn5152_firmwareqca6564qca6584au_firmwarewcn3990_firmwareapq8076_firmwareqcn9000_firmwareqca9984_firmwareqca9377ipq5018sd_8cx_firmwarewcd9385_firmwarewcd9326_firmwarewcn3615_firmwareipq8074asd662qcn5124_firmwareqca9982qfe1952_firmwareapq8094sa8155qca6320_firmwareqca6584wcn3680b_firmwareqcn5122_firmwaresdx55_firmwarewcn3615qcn6023_firmwareqca6595auwcn3999_firmwaresm7250p_firmwarewcn3610_firmwareipq5010qca6564au_firmwareqca6584ausa6155p_firmwareqfe1952qca6310ipq8174sa515m_firmwareqca9990qcn5052qca9367mdm9235m_firmwareapq8092apq8084sdm630mdm9607_firmwaresa415m_firmwarewcn3988_firmwaremsm8994_firmwareqcn9074sa6145p_firmwaremsm8992sm6250sd712_firmwaresa8195papq8017_firmwarewsa8810_firmwaresd765_firmwarewcd9326wcd9335qca4010sg4150pqca8081qca9982_firmwareqcn6023ipq8071aqca6174a_firmwareipq8071a_firmwareqcs4290_firmwarewcd9385qca6390qca9898_firmwaresd750g_firmwareaqt1000msm8976wcd9375sc8180x\+sdx55_firmwaresm6250_firmwarecsr8811ipq4019qcn9100_firmwaremsm8994apq8092_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwaresd820wsa8835_firmwareapq8017qca6564amdm9235msg4150p_firmwareqcm6125_firmwareqcm4325qca9882qcm2290_firmwaremdm9635m_firmwarewcn3990qcn9000sd_675qca6554aqca6595ar9380_firmwareqcc5100qcn9012qca9558_firmwareqcn6122_firmwareipq8065_firmwarewsa8835msm8996ausd665_firmwaresm6250pqcn5154qca8075_firmwareipq4018qca6574aipq6005_firmwaremdm9206qca9889qca6174aqcn6132_firmwareqca9888qca6310_firmwareipq8074apq8094_firmwareqca9994_firmwaremdm9635mipq8070a_firmwaremdm9615ipq8076_firmwaresa515mqca6574_firmwareqca9886sd855sm4125_firmwaresd665ipq8076qfe1922_firmwareqca6175asd765qca9887qca6574a_firmwareqcn5021ipq8069qcn5152sd768g_firmwaresd850_firmwareapq8009sd460qca6391sdxr1_firmwaremdm9310ipq6005aqt1000_firmwareqcn9100qcm4290csrb31024_firmwaresdx50mqca9882_firmwareqcn9070_firmwaresd480_firmwareipq6028_firmwareipq8072a_firmwaremdm9215sd_455qca9531ipq8074_firmwareqca6574auqca9889_firmwaresd710mdm9607qcn5122sa8155p_firmwarewcd9341_firmwaresdx20m_firmwareqcm6125wsa8810qcn5022wcn3680bsd835_firmwareqca6564_firmwaresd768gipq6010_firmwareqca6696sd845_firmwaresa6150pqca8075qcn9022_firmwareapq8096au_firmwareqcn6024qcn9022sd845mdm9615_firmwareqca9990_firmwareipq8070aqcn9072_firmwaresm7250pipq6000_firmwaresd720g_firmwareipq8071_firmwareqcn9074_firmwareqcs410_firmwaresw5100_firmwaremdm9330ipq4029qca6175a_firmwaresd850Snapdragon
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-25660
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.08% / 25.51%
||
7 Day CHG~0.00%
Published-12 Oct, 2022 | 00:00
Updated-15 May, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption due to double free issue in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcs605wcn6855_firmwareqca6391_firmwaresd888_5g_firmwaresd850qca6574_firmwaresdx50m_firmwarear8035qca6430sa8155wcn7850_firmwaresdx24_firmwarewcd9375_firmwaresd855_firmwaresa8540p_firmwarewcn3990qca6174a_firmwarewsa8835_firmwareqca6696_firmwareqca8337sa6145pqca6431_firmwarewcn6855qam8295pwsa8830qca6696sm8475sdx65sd778g_firmwaresm7325pqsm8350_firmwareqca6420sa6155pwcn3998_firmwarewcn6750_firmwaresdx55qca6390_firmwaresm7250par8035_firmwarewcn6740_firmwaresd765sdx55_firmwareqca6574a_firmwarewcd9385_firmwareqca8081_firmwarewcn3950_firmwareqcs605_firmwaresdx24sdxr2_5g_firmwareqca6436_firmwarewsa8815_firmwareqcm6490sd678sdx57m_firmwaresa6145p_firmwaresa9000pqca6430_firmwareqca6595sd675_firmwarewcd9370_firmwareaqt1000qca6391wcn3991_firmwaresa8295pqca6174asa8295p_firmwarewsa8835sm7250p_firmwarewcn6851_firmwaresd768g_firmwarewcn3980_firmwaresm7315_firmwareqca6574awcn6750qca6564asdx65_firmwareqca6595auwcn6851qcs6490_firmwaresd865_5gwcd9340_firmwarewcn6850_firmwaresd865_5g_firmwareqca6564au_firmwareqca9377_firmwarewsa8830_firmwarewcd9341sd845_firmwarewcn3991wcn3998wcn6856_firmwareqca6574ausd888_firmwaresm7315wcn3990_firmwaresdx55mwcd9341_firmwareqcs603_firmwaresd670qca6420_firmwareqca6564ausd_675sa9000p_firmwarewsa8815sd850_firmwaresd_8cx_gen3wcd9326wcn6856wcn6740qca6564a_firmwarewcn7850sd_8_gen1_5g_firmwareqca6426wcd9380sa8155p_firmwareqsm8350sd_8cx_firmwaresd780g_firmwareqca8337_firmwaresd870_firmwarewcd9326_firmwaresd_8cx_gen3_firmwareqca6574sd_8cx_gen2_firmwaresd870sd765_firmwarewcn7851_firmwaresdx57mqca6426_firmwaresd845qcs6490sd778gqam8295p_firmwaresd_675_firmwaresd768gwsa8810qca6335wcn6850sd855sd_8cx_gen2qca6310_firmwarewcd9380_firmwaresd678_firmwaresd888_5gsa8155_firmwaresd670_firmwaresd780gqca6335_firmwareqca6390qca6421sa6155qca6595au_firmwareqcm6490_firmwarewsa8810_firmwareqca6310sdx55m_firmwarewcd9375wcd9370sa8150p_firmwarewcn7851wcd9340qca6436qca9377wcd9385sa6155p_firmwaresd_8cxsa8150psd765gwcn3950qca6595_firmwareqcs603sdxr2_5gsa6155_firmwareaqt1000_firmwaresd888sdx50mqca6431sd675wcn3980sm7325p_firmwareqca8081qca6574au_firmwaresa8155psa8540pqca6421_firmwaresd765g_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-415
Double Free
CVE-2022-25743
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.06% / 19.97%
||
7 Day CHG~0.00%
Published-15 Nov, 2022 | 00:00
Updated-22 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption in graphics due to use-after-free while importing graphics buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwarewcn3615_firmwaremsm8996ausd429_firmwareqca6595au_firmwarequalcomm215_firmwaresd730qca6310apq8009mdm9607qca6696qca6421qsm8250_firmwareqca6564ausdx24wcn3660bqca6426_firmwaresd632_firmwaresd720gsa6150psd460sd710_firmwaresd205_firmwaremsm8996au_firmwareapq8056sdx24_firmwarewsa8830wsa8815wcn3680bqca6430wcn3620_firmwaresd855qcs6490_firmwarewcd9340sdx55_firmwaresdxr2_5g_firmwaremsm8976sg_firmwaremdm9650sd765g_firmwareqca6574amsm8108_firmwaresd865_5g_firmwareapq8017_firmwareqcm6125_firmwaresdm429w_firmwaresd835_firmwarewcn6750sa8295p_firmwaresm7325pmsm8917_firmwaresd_636_firmwaresd695_firmwareqcc5100sd_675qca6335sd625_firmwaremsm8108qcs405qca6595qca6431_firmwaremsm8208csra6640sd480_firmwareapq8064au_firmwareqca6430_firmwareqca8081sm7315_firmwaresm7325p_firmwareqca6584auapq8009wsd870mdm9150qca9367qca6390_firmwareqcn9024_firmwaresa6155_firmwarewcn6855wcn3910sd870_firmwareqcm6490_firmwaresm6250qcs8155sdm630_firmwareqca6431qca6595auwcd9370sd821_firmwareqcs4290_firmwaresd888_firmwarewcn3980sm4125_firmwaresd439_firmwaresm7315sd765_firmwaresd720g_firmwaresd765gsd670mdm9150_firmwaresdx55mmsm8208_firmwaremsm8917qam8295psd450wcn6850_firmwarewcn3660sm6250pwsa8810_firmwarewsa8815_firmwarewcn3991_firmwaresa8150psd625wcn6740msm8608_firmwareqca6436apq8064aumsm8952_firmwaresa8155psdxr1wsa8810msm8909wsdm630sw5100p_firmwareaqt1000_firmwarewsa8835_firmwarewcd9335_firmwaresm7250p_firmwareapq8009_firmwareqca6391qcn9024wcn3998_firmwarecsra6620wcn6851sd778g_firmwarewcd9370_firmwaresd675qca6420_firmwaresd439wcn3660_firmwareqcc5100_firmwaresd210_firmwareqcm6125apq8052_firmwareqca4020_firmwaresdx12sd660csrb31024_firmwaresa4150p_firmwaresdm429wsdx20qcs610qualcomm215apq8052qca6391_firmwaresd205wcd9326_firmwaresm7250psa8155p_firmwarecsra6620_firmwarewcn3610sdx20_firmwaresa6145pwcn3910_firmwaremsm8209apq8017wcd9375sd750g_firmwaremsm8976_firmwareqca6696_firmwaresm6250p_firmwaresd865_5gqca9377wcn3990_firmwarewcn3950_firmwarewcn3988sd778gwcd9371_firmwarewcn3615msm8976sd750gsd768g_firmwareqcs605msm8952qca6310_firmwaresd710qcs8155_firmwareqca6436_firmwaresa8195p_firmwareqca4020qca9367_firmwaresd_636wcd9341_firmwaresd821sd632wcd9340_firmwaresd_675_firmwareqca6174a_firmwareqca6564a_firmwaresd855_firmwaresd662_firmwarewcd9371mdm9650_firmwaresdx50mqcs405_firmwareqcn6024_firmwareqcs6490sdx55sd460_firmwaremsm8956mdm9628wcn3610_firmwaresa6155qcm4290_firmwaremsm8976sgsd450_firmwaresd820wcn3660b_firmwaresm4375msm8909w_firmwaresdx20m_firmwarewcd9360_firmwaresdw2500sdw2500_firmwaresa6145p_firmwaresd626sd768gwcn6740_firmwarewcn6856sd626_firmwaresm4125sda429w_firmwaresdx50m_firmwareapq8009w_firmwaresa6155pqca6390sa8150p_firmwaresd480wcd9330sa8145p_firmwaresw5100wcn6850sa8145psa415mwcn3950msm8608qca6320_firmwareqca6584au_firmwareqcm6490qcn6024qca6174awcd9335wcn3999sd835sd670_firmwarewcn3680b_firmwareqca6595_firmwareqca6421_firmwareqca6574au_firmwaresd662mdm9250_firmwareqam8295p_firmwareqca6564_firmwaresa8295pqcs610_firmwaremsm8956_firmwareqca6174qcm2290_firmwarewcd9380ar8031qcm4290wcn3680mdm9628_firmwaresd660_firmwaresd730_firmwaresd695qca6174_firmwarewcd9375_firmwaresd888sa6150p_firmwarear8035_firmwarewcn6856_firmwareaqt1000sdx12_firmwarear8035wcn6855_firmwareqsm8250qca6420wcd9360sd780g_firmwarewcn3680_firmwareqcm2290sdx65_firmwaremdm9250sa515msd845_firmwaremdm9206sdxr1_firmwaresa515m_firmwaremdm9607_firmwarewcn3990apq8076sd429apq8076_firmwaresd690_5gqca8081_firmwarewsa8835wcn3998ar8031_firmwareapq8056_firmwareqca8337_firmwaremdm9206_firmwareqcs2290sd820_firmwarewcd9385sd678qca6574ausdx65wcd9385_firmwareapq8096auwcn6750_firmwareqcs410_firmwaresd210sd680sd888_5gsd678_firmwareqca9379wcn3999_firmwareqcs6125sm4375_firmwarewcn3991qca6574csra6640_firmwareqca6574_firmwaresa415m_firmwareqca6564asdx20msa8195psd675_firmwareqca6574a_firmwaresda429wsa8155_firmwarewsa8830_firmwaresd888_5g_firmwareqca6320qca8337sm6250_firmwaresdxr2_5gwcd9341wcn3980_firmwareqcs2290_firmwarewcn6851_firmwarewcd9326sd680_firmwareqca9379_firmwaresa6155p_firmwaresa4150pqca9377_firmwareapq8096au_firmwaresw5100_firmwaresd780gqca6564au_firmwarecsrb31024qca6426qca6335_firmwaresdx55m_firmwareqcs6125_firmwaresd690_5g_firmwaresa8155wcn3620sd765qcs605_firmwareqca6564wcd9330_firmwarewcn3988_firmwareqcs4290msm8209_firmwaresw5100psd845qcs410Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2022-25681
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.08% / 24.08%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible memory corruption in kernel while performing memory access due to hypervisor not correctly invalidated the processor translation caches in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwarewcd9340_firmwareqca6595au_firmwareqca6310sd850qca6174a_firmwareqca6564a_firmwaresd_675_firmwaresd855_firmwaresdx50mqcs6490sdx55qca6696qca6421wcn7850sa6155qca6564auqca6426_firmwaresdx24qrb5165m_firmwaresa6145p_firmwareqsm8350_firmwaresdx24_firmwarewsa8830sd768gwcn6740_firmwarewcn6856wsa8815qca6390sdx50m_firmwaresa6155psa8150p_firmwareqca6430wcn7851_firmwaresd855qcs6490_firmwaresd_8cx_gen3_firmwarewcd9340wcn6850sdx55_firmwarewcn3950sd_8cx_firmwareqcs603_firmwaresdxr2_5g_firmwaresd_8cx_gen2_firmwareqcm6490qca6174asd670_firmwaresd765g_firmwareqca6574aqca6595_firmwareqrb5165nsd865_5g_firmwareqca6421_firmwareqrb5165qca6574au_firmwareqrb5165n_firmwareqam8295p_firmwaresa8295pwcn6750sa8295p_firmwaresm7325pwcd9380sd_675qca6335sa9000p_firmwareqca6595qca6431_firmwaresd_8cx_gen3qca6430_firmwareqca8081ar8035_firmwaresd888sm7315_firmwaresm7325p_firmwarewcd9375_firmwarewcn6856_firmwaresd870aqt1000qcs603qca6390_firmwarear8035wcn6855_firmwareqcn9011_firmwareqca6420sa6155_firmwaresd780g_firmwarewcn6855sdx65_firmwareqcn9011sd870_firmwareqcm6490_firmwaresd845_firmwareqca6431qca6595auwcd9370sd888_firmwarewcn3990wcn3980sm7315qca8081_firmwaresd765_firmwaresd765gsd670wsa8835sdx55mqam8295pwcn3998wcn6850_firmwarewsa8810_firmwareqca8337_firmwarewsa8815_firmwarewcn3991_firmwaresa8150psd850_firmwareqrb5165mwcn6740wcd9385qca6436sd678qca6574auwcn7850_firmwaresdx65wcd9385_firmwarewcn6750_firmwaresa8155pwsa8810sd888_5gaqt1000_firmwareqcn9012wsa8835_firmwaresd678_firmwaresm7250p_firmwareqca6391qsm8350qca6574wcn3991wcn3998_firmwaresd_8cxqca6574_firmwarewcn6851sd778g_firmwareqca6564asd675wcd9370_firmwareqca6420_firmwaresd675_firmwareqca6574a_firmwaresdx57msa9000psa8155_firmwaresd888_5g_firmwarewsa8830_firmwaresa8540p_firmwareqca8337sd_8_gen1_5g_firmwaresdxr2_5gwcd9341wcn3980_firmwarewcn6851_firmwarewcd9326sa6155p_firmwareqca6391_firmwarewcd9326_firmwareqcn9012_firmwaresa8540psa8155p_firmwaresm7250psa6145pqca9377_firmwareqrb5165_firmwarewcd9375qca6696_firmwaresd865_5gsd780gqca6564au_firmwareqca6426qca9377qca6335_firmwaresdx55m_firmwaresdx57m_firmwaresm8475sd778gwcn3950_firmwarewcn3990_firmwaresa8155sd765sd768g_firmwareqcs605_firmwareqcs605wcn7851qca6310_firmwareqca6436_firmwaresd_8cx_gen2sd845wcd9341_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-9690
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.90%
||
7 Day CHG~0.00%
Published-16 Nov, 2017 | 22:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a qbt1000 ioctl handler, an incorrect buffer size check has an integer overflow vulnerability potentially leading to a buffer overflow.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-25746
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.1||HIGH
EPSS-0.04% / 11.67%
||
7 Day CHG~0.00%
Published-06 Jan, 2023 | 05:02
Updated-09 Apr, 2025 | 19:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input in Kernel

Memory corruption in kernel due to missing checks when updating the access rights of a memextent mapping.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresd_8cx_gen3_firmwarewcn3991_firmwarewsa8830sd678qca8337qca6431_firmwaresdx65wcn3950_firmwaresa8150p_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqca6390_firmwaresa6155qca6335wcd9370qcs605_firmwaresd_675_firmwaresd675_firmwareqca6426wcn3990_firmwareqrb5165n_firmwareqca9377wcn3998sd_8cx_firmwarewcd9385_firmwareqam8295psd_8cx_gen2_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3950sd_8_gen1_5g_firmwareqsm8350_firmwareqsm8350qam8295p_firmwareqcn9011_firmwaresa8155sa9000p_firmwaresm7315_firmwareqca6574au_firmwaresdx55_firmwarewcn7850qca6595auqca8081_firmwaresa6155_firmwarewcd9375_firmwaresm7250p_firmwarewcn3998_firmwareqca6420qca6436_firmwareqrb5165nqca6564au_firmwaresd778gsa6155p_firmwareqca6310sd_8cx_gen2wcn7851qcs6490qrb5165_firmwareqrb5165m_firmwaresdxr2_5gsa8155_firmwareqca6430sa6145p_firmwareqca6421sd778g_firmwarewcd9340wsa8810_firmwaresd765gsd765_firmwareqca6436wcd9326wcn6851sa6155pqca8081qcs603_firmwarewcn7851_firmwareqca6174a_firmwarewcd9385wcd9341qca6431qca6696_firmwareqcs6490_firmwaresd870_firmwaresd_8cx_gen3qca6390ar8035sd_8cxaqt1000sa8150pwcd9375wsa8830_firmwaresd855_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn6850_firmwarewcn7850_firmwarewsa8815_firmwarewsa8835_firmwaresm8475qca6564asa8295p_firmwarewcn6750_firmwarewcn3991qca8337_firmwarewcd9380_firmwarewcn3990sd_675sd780gsd865_5gqca6595qca6564ausdx24sdx55m_firmwarewcn6856_firmwareqcn9012sd888sd670_firmwareqca6574wsa8835sa8540p_firmwarewcd9380sd888_5gqca6574asdx50m_firmwarewcn6855_firmwareqca6174asm7325psdx24_firmwareqca6310_firmwareqca6430_firmwareqcn9012_firmwarewcn3980wcn6750qca6335_firmwaresa9000pqca6574_firmwareqcs605wcd9340_firmwaresd855wsa8815sm7325p_firmwarewcn6850sdx57m_firmwaresd765qca6426_firmwareqca6574a_firmwaresd768g_firmwareqrb5165msd850_firmwarewcn3980_firmwaresm7315qca6391sdx55msa8295pqca6421_firmwareaqt1000_firmwarewcn6740_firmwaresdx65_firmwaresd678_firmwareqcm6490_firmwaresdx50mqrb5165wcn6851_firmwareqcs603qcn9011qca6574ausa8155p_firmwaresd670qca6564a_firmwaresdx57mwcd9341_firmwarewsa8810sd870wcn6855sa8540pwcn6856sa6145psd768gqca6595_firmwarewcn6740qca6696qca6391_firmwaresd845_firmwaresd780g_firmwarewcd9370_firmwaresdx55sd888_firmwaresa8155psd675sd845sm7250par8035_firmwaresd850Snapdragon
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-25698
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.04% / 12.72%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption in SPI buses due to improper input validation while reading address configuration from spi buses in Snapdragon Mobile, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd429wcd9380_firmwaresd429_firmwarewcn3980_firmwaresdm429w_firmwaresdm429wwsa8835wcd9380wcn3610_firmwarewcn3610wcn7850wcn3660bwcn7850_firmwarewcn3660b_firmwarewcn6856_firmwarewsa8830wcn6856sm8475sda429w_firmwarewcn3680bwsa8835_firmwarewcn7851_firmwarewcn3620_firmwarewcn3620wcn6855_firmwarewcn6855wcn7851sda429wwsa8830_firmwaresd_8_gen1_5g_firmwarewcn3680b_firmwarewcn3980Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-22068
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.04% / 9.63%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 09:51
Updated-03 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

kernel event may contain unexpected content which is not generated by NPU software in asynchronous execution mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwaremdm9150_firmwarewsa8830sd678sm6250p_firmwarewcn3998_firmwareqcs610qcs2290_firmwareqca8337wcd9360_firmwaresdx65csra6620qcs4290wcn3950_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqcs2290qca6390_firmwaresa6155sd690_5gsd730_firmwarewcd9370csra6620_firmwaresd_675_firmwaresd675_firmwarecsra6640_firmwareqca6564qca6426wcn3990_firmwareqrb5165n_firmwareqca9377sa415mwcn3998wcd9371_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcn3950sm4125sd720gwcd9326_firmwarewcn3615_firmwarewcn3660bsd662sd460_firmwaresa8155sm7315_firmwarewcn7850qca6574au_firmwaresdx55_firmwarewcn3680b_firmwareqca6595auqca8081_firmwaresa6155_firmwaresdx12_firmwaresm7250p_firmwarewcd9375_firmwarewcn3615qca6420qca6436_firmwareapq8053_firmwareqrb5165nwcd9360qca6564au_firmwaresd680_firmwaresa6155p_firmwaresd778gwcn3999sa515m_firmwarewcn7851qrb5165_firmwareqrb5165m_firmwaresdxr2_5gsa8155_firmwaresd662_firmwaresa415m_firmwareqcs405qca6430wcn3988_firmwaresa6145p_firmwaresm6250sd778g_firmwaresa8195pwsa8810_firmwarequalcomm215_firmwaresd765gsw5100sd765_firmwareqca6436sd680wcd9326sa6155pwcd9335wcn6851qca8081wcn7851_firmwareqca6174a_firmwareqcs4290_firmwarewcd9385wcd9341qca6696_firmwarewcd9371sd750gsd870_firmwarear8035qca6390sd750g_firmwareaqt1000wcd9375wcn3910_firmwaresm6250_firmwaremsm8953_firmwarewsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwaresd660_firmwarewcn7850_firmwarewsa8815_firmwaresa8195p_firmwarewsa8835_firmwareqca6564awcn6750_firmwareqcm2290_firmwarewcn3991qca8337_firmwarewcd9380_firmwarewcn3990sd_675sw5100psd780gsd865_5gqca6564ausdx55m_firmwarewcn6856_firmwaresd888wsa8835qca6574sd665_firmwarewcd9380sd888_5gsm6250pwcn3999_firmwarequalcomm215qcs410qca6574asd690_5g_firmwaresdx50m_firmwarewcn6855_firmwareqca6174asm7325pqca6430_firmwarewcd9335_firmwarewcn3980sd439_firmwarewcn6750sa515mqca6574_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665wcn3910wcn6850wsa8815sd765qca6426_firmwarewcn3660b_firmwareqca6574a_firmwaresd695sd768g_firmwareqrb5165mwcn3980_firmwaresm7315sd460qca6391sd730sdx55maqt1000_firmwarewcn6740_firmwaremsm8953sdx65_firmwaresd678_firmwarear8031_firmwareqcm4290sdx50mqrb5165sd480_firmwarewcn6851_firmwareqca6574ausa8155p_firmwareqca6564a_firmwarewcd9341_firmwareqcm4290_firmwaresd480sd870wcn6855wsa8810sw5100p_firmwareqcs610_firmwaremdm9150wcn6856sa6145pwcn3680bqca6564_firmwaresd695_firmwaresd768gar8031qcs405_firmwarewcn6740qca6696qca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55sd888_firmwareapq8053sa8155pcsra6640sd675sd439sm7250psd720g_firmwaresdx12sw5100_firmwareqcs410_firmwarear8035_firmwareqcm2290Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2022-22061
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.97%
||
7 Day CHG~0.00%
Published-02 Sep, 2022 | 11:31
Updated-03 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bounds writing is possible while verifying device IDs due to improper length check before copying the data in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca8337_firmwarewcd9380_firmwarewsa8830qca8337sd865_5gqca6431_firmwaresdx55m_firmwarewcn6856_firmwaresdx65wsa8835wcd9380sd888_5gqca6390_firmwarewcd9370wcn6855_firmwaresm8475p_firmwareqca6426wcn6750wcd9385_firmwaresdxr2_5g_firmwaresd_8_gen1_5g_firmwarewsa8815qca6426_firmwarewcd9375_firmwareqca8081_firmwareqca6391sdx55mqca6436_firmwareqca6421_firmwaresm8475_firmwaresm7450_firmwaresdx65_firmwarewcn7851sdxr2_5gwsa8832_firmwareqca6421wsa8810_firmwarewcd9341_firmwarewsa8810sd870wsa8832qca6436wcn6855qca8081wcn7851_firmwarewcn6856wcd9385wcd9341qca6431sd870_firmwareqca6391_firmwareqca6390ar8035wcd9370_firmwarewcd9375wsa8830_firmwaresd865_5g_firmwarewsa8815_firmwaresd888_5g_firmwarewsa8835_firmwaresm7450sm8475wcn6750_firmwarear8035_firmwaresm8475pSnapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile
CVE-2022-22093
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.08% / 24.24%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 05:25
Updated-03 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption or temporary denial of service due to improper handling of concurrent hypervisor operations to attach or detach IRQs from virtual interrupt sources in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewcn3991wsa8830wcd9380_firmwaresd780gsd865_5gqca6431_firmwaresdx55m_firmwarewcn6856_firmwaresd888wsa8835wcd9380sd765g_firmwaresd888_5gqca6420_firmwareqca6390_firmwarewcd9370wcn6855_firmwaresm8475p_firmwaresm7325pqca6426qrb5165n_firmwareqca6430_firmwarewcn6750wcn3998sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwaresd_8cx_gen2_firmwaresd_8_gen1_5g_firmwarewcd9340_firmwarewsa8815sm7325p_firmwareqsm8350_firmwarewcn6850qsm8350sd765qca6426_firmwaresm7315_firmwarewcn7850sd768g_firmwarewcd9375_firmwarewcn3998_firmwareqrb5165msm7315sm7250p_firmwareqca6391sdx55mqca6420qca6436_firmwareqrb5165nqca6421_firmwaresm8475_firmwaresm7450_firmwareaqt1000_firmwaresd778gwcn6740_firmwaresd_8cx_gen2wcn7851qcs6490qrb5165_firmwareqrb5165m_firmwaresdxr2_5gqcm6490_firmwarewsa8832_firmwareqrb5165wcn6851_firmwareqca6430qca6421sd778g_firmwarewcd9340wsa8810_firmwaresd765gwcd9341_firmwarewsa8810sd765_firmwaresd870qca6436wcn6851wsa8832wcn6855wcn7851_firmwarewcn6856wcd9385wcd9341sd768gqca6431qcs6490_firmwaresd870_firmwarewcn6740qca6391_firmwareqca6390wcd9375sd_8cxaqt1000sd780g_firmwarewcd9370_firmwaresd888_firmwarewsa8830_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn6850_firmwarewcn7850_firmwarewsa8815_firmwarewsa8835_firmwaresm7250psm7450sm8475wcn6750_firmwaresm8475pSnapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2022-22072
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.46%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 09:51
Updated-03 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow can occur due to improper validation of NDP application information length in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaremdm9150_firmwarewcn3990wcd9330qca6564ausdx24mdm9628_firmwaremdm9650csra6620sd670_firmwareqca6574mdm9250apq8009_firmwareqca6335csra6620_firmwareqcs605_firmwareqca6574amdm9206csra6640_firmwareqca9379_firmwareqca6174asdx24_firmwarewcn3990_firmwareqca6310_firmwarewcd9335_firmwareqca9377wcn3980wcn3998qca6335_firmwarewcd9326_firmwaremdm9628wcn3615_firmwaremdm9206_firmwaresa515mqca6574_firmwareqcs605wcn3660bwcd9340_firmwarewsa8815sd710_firmwareqca6320msm8937_firmwaremdm9650_firmwareqca6175aqca4020wcn3660b_firmwareqca6320_firmwareqca6574a_firmwareqca6574au_firmwarewcn3680b_firmwaresd835wcn3615sdx12_firmwarewcn3998_firmwarewcn3999_firmwarewcn3980_firmwareapq8009wcn3610_firmwaresdxr1_firmwareapq8053_firmwarewcd9330_firmwareqca6564au_firmwareqca6310qca9367_firmwarepm8937mdm9626wcn3999sa515m_firmwarear8031_firmwareqca9367sdx20qcs603mdm9607_firmwareqcs405mdm9626_firmwareqca6574ausd710mdm9607sd670wcd9340qca6564a_firmwareapq8017_firmwarewsa8810_firmwarewcd9341_firmwarewsa8810qca4020_firmwarewcd9326wcd9335qcs603_firmwaremdm9150msm8937wcn3680bsd835_firmwareqca6174a_firmwaremdm9250_firmwarewcd9341sdxr1pm8937_firmwareapq8096auar8031qcs405_firmwaresd820_firmwaresd845_firmwareapq8053apq8096au_firmwarecsra6640sd845sd820sdx20_firmwarewsa8815_firmwaresdx12apq8017qca6564aqca9379qca6175a_firmwarewcn3610Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-1284
Improper Validation of Specified Quantity in Input
CVE-2022-22080
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.05% / 16.03%
||
7 Day CHG~0.00%
Published-02 Sep, 2022 | 11:31
Updated-03 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper validation of backend id in PCM routing process can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwaremdm9150_firmwarewcd937sd678mdm9640_firmwaresm6250p_firmwarewsa8830qcs610qcs2290_firmwareqca8337mdm9628_firmwarewcn361mdm9650csra6620qcs4290wcn3950_firmwaresd765g_firmwarewcd934qca6420_firmwareqca6595au_firmwareqcs2290qca6390_firmwaresa6155sd690_5gsd730_firmwarecsra6620_firmwaresd_675_firmwaresd675_firmwarecsra6640_firmwareqca6564qca6426wcn3990_firmwareqrb5165n_firmwareqca9377sa415mwcn3998sdxr2_5g_firmwarewcn3950sm4125mdm9628sd720gsd662sd460_firmwaresa8155sm7315_firmwarewcn7850qca6574au_firmwaresdx55_firmwarewcn3680b_firmwareqca6595ausa6155_firmwaresdx12_firmwarewcn3998_firmwaresm7250p_firmwarewcn3999_firmwareqca6420qca6436_firmwareapq8053_firmwareqrb5165nqca6564au_firmwaresd680_firmwaresa6155p_firmwaresd778gwcn3999sa515m_firmwareqcs6490qrb5165_firmwareqrb5165m_firmwaresdxr2_5gwcn7851wcd936wcn361_firmwaresa8155_firmwaresd662_firmwaresa415m_firmwareqcs405qca6430wcn3988_firmwaresa6145p_firmwaresm6250sd778g_firmwaresa8195pwsa8810_firmwaresd765gsd765_firmwareqca6436sd680wcd937_firmwaresa6155pwcn6851wcn7851_firmwareqca6174a_firmwareqcs4290_firmwareqca6696_firmwareqcs6490_firmwaresd750gsd870_firmwarewcd938_firmwarear8035qca6390sd750g_firmwareaqt1000wcn3910_firmwaresm6250_firmwaremsm8953_firmwarewsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988sd660_firmwarewcn6850_firmwarewcn7850_firmwaresa8195p_firmwarewsa8815_firmwarewsa8835_firmwareqca6564awcn6750_firmwarewcd936_firmwarewcd938mdm9640qcm2290_firmwarewcn3991qca8337_firmwarewcn3990sd_675sd780gsd865_5gqca6564ausdx55m_firmwarewcn6856_firmwaresd888wsa8835qca6574sd888_5gsm6250pqcs410qca6574asd690_5g_firmwaresdx50m_firmwarewcn6855_firmwareqca6174asm7325qca6430_firmwarewcn3980wcn6750sd439_firmwarewcd934_firmwaresa515mqca6574_firmwaresd855sm4125_firmwarewcn6850wcd932_firmwarewcn3910wsa8815mdm9650_firmwaresd765wcd932qca6426_firmwareqca6574a_firmwaresd695sd768g_firmwareqrb5165mwcd933wcn3980_firmwaresm7315sd460qca6391sd730sdx55maqt1000_firmwarewcn6740_firmwaremsm8953sd678_firmwarear8031_firmwareqcm4290qcm6490_firmwaresdx50mqrb5165sd480_firmwarewcn6851_firmwareqca6574ausa8155p_firmwareqca6564a_firmwareqcm4290_firmwaresd480sd870wcn6855wsa8810qcs610_firmwaremdm9150wcn6856sa6145pwcn3680bqca6564_firmwaresd695_firmwaresd768gapq8096auar8031qcs405_firmwarewcn6740qca6696qca6391_firmwaresd780g_firmwaresdx55sd888_firmwareapq8053apq8096au_firmwarecsra6640sa8155psd675sd439sm7250psd720g_firmwaresdx12qcs410_firmwarear8035_firmwareqcm2290wcd933_firmwaresm7325_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-22074
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.09% / 27.08%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 05:25
Updated-03 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory Corruption during wma file playback due to integer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaremdm9640_firmwareqcs610qca8337qca6431_firmwaresdx65wcn3950_firmwareqcs2290qca6595au_firmwaresa6155msm8917csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaresd632sa415mwcn3998wcd9371_firmwarewcn3950sd_8cx_gen2_firmwaremdm9628mdm9206_firmwaresd_8_gen1_5g_firmwarewcn3660bsd450_firmwaresd460_firmwareqca4020wcn7850qca6574au_firmwarewcd9375_firmwarewcn3998_firmwareqca8081_firmwaresa6155_firmwaremsm8909wapq8009w_firmwareqca6420apq8053_firmwaresm7450_firmwaresd680_firmwareqca9367_firmwarewcn3999sd_8cx_gen2qrb5165_firmwareqrb5165m_firmwareqcs6125sa8155_firmwaresd662_firmwareqcs405qca6430wcd9340sd765gqualcomm215_firmwaresw5100sd680qca4020_firmwareqca6436wcn6851sa6155pqcs603_firmwarewcn7851_firmwaremsm8937mdm9250_firmwarewcn3660_firmwarewcd9341pm8937_firmwareqca6696_firmwareqca6431wcd9371sd870_firmwaresd750gwcn3910_firmwarewsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwarewcn3988sd660_firmwarewcn7850_firmwaresa8195p_firmwaresm8475wcn6750_firmwaresd450wcn3610mdm9640wcn3991qca8337_firmwarewcd9380_firmwaresdm429wsw5100pmsm8996au_firmwarewcd9330qca6564ausdx55m_firmwarewcn6856_firmwareqca6574sd632_firmwarewcd9380qualcomm215qcs410sd690_5g_firmwareqca9379_firmwaresdx24_firmwareqca6430_firmwarewcd9335_firmwarewcn3980sd439_firmwareqcs605wcd9340_firmwarewsa8815wcn6850wcn3910qca6320qca6584_firmwaremsm8937_firmwaremdm9650_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680sd835wcn3980_firmwaresd730wcd9330_firmwaresdx55mqca6421_firmwaresm8475_firmwarewcn6740_firmwaremsm8953sd678_firmwarear8031_firmwarewcn3680_firmwareqrb5165wcn6851_firmwareqcs603sd_636_firmwareqca6564a_firmwareapq8009wqcm4290_firmwaresd480sd870wcn6855wsa8832sw5100p_firmwareqcs610_firmwaresa6145psdxr1ar8031apq8096auqcs405_firmwaresdm630_firmwareqca6391_firmwarewcd9370_firmwaresd780g_firmwaresdx55apq8053sa8155pcsra6640sd675sd439wcn3660sm8475p_firmwareqca9379ar8035_firmwareqcm2290wcn3991_firmwaremdm9150_firmwarewsa8830sd678qcs2290_firmwarecsrb31024mdm9628_firmwaremdm9650sd_636csra6620qcs4290mdm9250sd765g_firmwareqca6420_firmwareqca6390_firmwareapq8009_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwareqca6426wcn3990_firmwareqrb5165n_firmwareqca9377sdw2500_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwaresd662sa8155qca6320_firmwareqca6584wcn3680b_firmwaresdx55_firmwarewcn3615qca6595auwcn3999_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwareqrb5165nqca6564au_firmwaresa6155p_firmwareqca6310pm8937wcn7851sd429sdxr2_5gqca9367sdm630mdm9607_firmwaresa415m_firmwarewcn3988_firmwaresd429_firmwaresa6145p_firmwareqca6421sa8195papq8017_firmwarewsa8810_firmwaresd765_firmwarewcd9326wcd9335qca8081qca6174a_firmwareqcs4290_firmwarewcd9385qca6390wcd9375sd750g_firmwareaqt1000ar8035msm8953_firmwaremsm8917_firmwarewcn3620_firmwaresdx20_firmwarewsa8815_firmwaresd888_5g_firmwarewcn6850_firmwarewsa8835_firmwarewcn3620sm7450apq8017qca6564aqcm6125_firmwareqcm2290_firmwarewcn3990sd_675sd780gsd865_5gsdx24msm8909w_firmwarewsa8835msm8996ausdm429w_firmwaresd665_firmwaresd888_5gqca6574amdm9206wcn6855_firmwareqca6174aqca6310_firmwarewcn6750qca6574_firmwaresd855sd665sd765qca6574a_firmwaresd768g_firmwareqrb5165mapq8009sd460qca6391sdxr1_firmwareaqt1000_firmwaresdx65_firmwaremdm9626qcm4290csrb31024_firmwarewsa8832_firmwaresdx20sd480_firmwaremdm9626_firmwareqca6574ausa8155p_firmwaremdm9607wcd9341_firmwareqcm6125wsa8810mdm9150wcn6856wcn3680bsd835_firmwaresd768gwcn6740qca6696sdw2500apq8096au_firmwaresm7250psw5100_firmwareqcs410_firmwaresm8475pSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-22066
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.09% / 27.08%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 05:25
Updated-03 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption occurs while processing command received from HLOS due to improper length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresd_8cx_gen3_firmwaresm6250p_firmwareqcs610qca8337qca6431_firmwarewcd9360_firmwaresdx65wcn3950_firmwaresc8180x\+sdx55qcs2290qca6595au_firmwaresa6155csra6620_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaresa415mwcn3998wcd9371_firmwaresd_8cx_gen2_firmwaresm4125sd720gwcn3950sd_8_gen1_5g_firmwareqsm8350_firmwaresd710_firmwareqsm8350sd460_firmwaresm7315_firmwarewcn7850qca6574au_firmwarewcd9375_firmwareqca8081_firmwaresa6155_firmwarewcn3998_firmwareqca6420wcd9360sm7450_firmwaresd680_firmwarewcn3999sd_8cx_gen2qrb5165_firmwareqrb5165m_firmwareqcs6125sa8155_firmwaresd662_firmwareqcs405qca6430wcd9340sd765gsw5100qca6436sd680wcn6851sa6155pwcn7851_firmwarewcd9341qca6431qca6696_firmwarewcd9371sd750gsd870_firmwarewcn3910_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewcn3988wcn7850_firmwaresa8195p_firmwaresm8475wcn6750_firmwarewcn3991qca8337_firmwarewcd9380_firmwaresw5100pqca6564ausdx55m_firmwarewcn6856_firmwareqca6574wcd9380qcs410sd690_5g_firmwaresdx50m_firmwaresdx24_firmwareqca6430_firmwarewcd9335_firmwarewcn3980wcd9340_firmwarewsa8815wcn6850sd7cwcn3910qca6426_firmwaresd695wcn3980_firmwaresd730sdx55mqca6421_firmwaresm8475_firmwarewcn6740_firmwaresd678_firmwarear8031_firmwareqrb5165wcn6851_firmwareqca6564a_firmwareqcm4290_firmwaresd480sd870wcn6855wsa8832sw5100p_firmwareqcs610_firmwaresa6145psd695_firmwarear8031qca6595_firmwareqcs405_firmwareqca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55sd888_firmwaresa8155pcsra6640sd675sm8475p_firmwarear8035_firmwareqcm2290wcn3991_firmwaremdm9150_firmwarewsa8830sd678qcs2290_firmwaresd7c_firmwarecsrb31024csra6620qcs4290sd765g_firmwareqca6420_firmwareqca6390_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwareqca6564qca6426wcn3990_firmwareqrb5165n_firmwareqca9377wcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwaresd662sa8155sdx55_firmwareqca6595auwcn3999_firmwaresm7250p_firmwareqca6436_firmwareqrb5165nqca6564au_firmwaresd778gsa6155p_firmwaresa515m_firmwareqcs6490wcn7851sdxr2_5gsa415m_firmwarewcn3988_firmwaresa6145p_firmwareqca6421sd778g_firmwaresm6250sa8195pwsa8810_firmwaresd765_firmwarewcd9326wcd9335qca8081qca6174a_firmwareqcs4290_firmwarewcd9385qcs6490_firmwaresd_8cx_gen3ar8035qca6390sd750g_firmwareaqt1000wcd9375sc8180x\+sdx55_firmwaresm6250_firmwareqcm6490sd888_5g_firmwarewcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresm7450qca6564aqcm6125_firmwareqcm2290_firmwarewcn3990sd_675sd780gsd865_5gqca6595sdx24sd888wsa8835sd665_firmwaresd888_5gsm6250pqca6574awcn6855_firmwareqca6174asm7325pwcn6750sa515mqca6574_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665qca6175asd765qca6574a_firmwaresd768g_firmwareqrb5165msm7315sd460qca6391aqt1000_firmwaresdx65_firmwareqcm4290csrb31024_firmwareqcm6490_firmwaresdx50mwsa8832_firmwaresd480_firmwareqca6574ausa8155p_firmwaresd710wcd9341_firmwareqcm6125wsa8810mdm9150wcn6856qca6564_firmwaresd768gwcn6740qca6696sm7250psd720g_firmwaresw5100_firmwareqcs410_firmwareqca6175a_firmwaresm8475pSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-22100
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.09% / 27.08%
||
7 Day CHG~0.00%
Published-02 Sep, 2022 | 11:31
Updated-03 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption in multimedia due to improper check on received export descriptors in Snapdragon Auto

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6564au_firmwaresa6155p_firmwaresa6150p_firmwaresa8145p_firmwareqca6564auqca6574ausa6145p_firmwaresa8155p_firmwareqca6564a_firmwaresa8195psa8540p_firmwaresa8150p_firmwaresa6155psa8540psa8295p_firmwareqca6574asa6145papq8096auqca6696_firmwaresa8145pqca6696qam8295psa9000psa8150psa6150papq8096au_firmwaresa8155pqam8295p_firmwaresa9000p_firmwareqca6574a_firmwareqca6574au_firmwaresa8195p_firmwareqca6564asa8295pSnapdragon Auto
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-22070
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.07% / 22.31%
||
7 Day CHG~0.00%
Published-02 Sep, 2022 | 11:31
Updated-03 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption in audio due to lack of check of invalid routing address into APR Routing table in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresm6250p_firmwareqcs610qca8337qca6431_firmwarewcd9360_firmwaresdx65wcn3950_firmwaresc8180x\+sdx55qcs2290qca6595au_firmwaresa6155qca6335csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaresa415mwcn3998wcd9371_firmwaresd_8cx_gen2_firmwaresm4125sd720gwcn3950sd_8_gen1_5g_firmwaresd710_firmwaresd460_firmwaresm7315_firmwareqca6574au_firmwarewcd9375_firmwareqca8081_firmwaresa6155_firmwaresdx12_firmwarewcn3998_firmwareqca6420wcd9360sm7450_firmwaresd680_firmwarewcn3999sd_8cx_gen2qrb5165_firmwareqrb5165m_firmwareqcs6125sa8155_firmwaresd662_firmwareqcs405qca6430wcd9340sd765gsw5100qca6436sd680wcn6851sa6155pqcs603_firmwarewcn7851_firmwaremdm9250_firmwarewcd9341qca6431qca6696_firmwarewcd9371sd750gsd870_firmwarewcn3910_firmwaresd_8cxwsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwaresd712wcn3988sd660_firmwaresa8195p_firmwaresm8475wcn6750_firmwarewcn3991qca8337_firmwarewcd9380_firmwaresw5100pqca6564ausdx55m_firmwarewcn6856_firmwaresd670_firmwareqca6574wcd9380qcs410sd690_5g_firmwaresdx50m_firmwaresdx24_firmwareqca6430_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqcs605wcd9340_firmwarewsa8815wcn6850sd7cwcn3910qca6320mdm9650_firmwareqca6426_firmwaresd695sd835wcn3980_firmwaresd730sdx55mqca6421_firmwaresm8475_firmwarewcn6740_firmwaresd678_firmwarear8031_firmwareqrb5165wcn6851_firmwareqcs603sd_636_firmwaresd670qca6564a_firmwareqcm4290_firmwaresd480sd870wcn6855wsa8832sw5100p_firmwareqcs610_firmwaresa6145psd695_firmwaresdxr1ar8031qca6595_firmwareqcs405_firmwaresdm630_firmwareqca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55sd888_firmwaresa8155pcsra6640sd675sm8475p_firmwarear8035_firmwareqcm2290wcn3991_firmwaremdm9150_firmwarewsa8830sd678qcs2290_firmwaresd7c_firmwarecsrb31024mdm9650sd_636csra6620qcs4290mdm9250sd765g_firmwareqca6420_firmwareqca6390_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwareqca6564qca6426wcn3990_firmwareqrb5165n_firmwareqca9377sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwaresd662sa8155qca6320_firmwaresdx55_firmwareqca6595auwcn3999_firmwaresm7250p_firmwareqca6436_firmwareqrb5165nqca6564au_firmwaresd778gsa6155p_firmwareqca6310sa515m_firmwareqcs6490wcn7851sdxr2_5gsdm630sa415m_firmwarewcn3988_firmwaresa6145p_firmwareqca6421sd712_firmwaresd778g_firmwaresm6250sa8195pwsa8810_firmwaresd765_firmwarewcd9326wcd9335qca8081qca6174a_firmwareqcs4290_firmwarewcd9385qcs6490_firmwarear8035qca6390sd750g_firmwareaqt1000wcd9375sc8180x\+sdx55_firmwaresm6250_firmwaresdx20_firmwareqcm6490sd888_5g_firmwarewcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresm7450qca6564aqcm6125_firmwareqcm2290_firmwarewcn3990sd_675sd780gsd865_5gqca6595sdx24sd888wsa8835sd665_firmwaresd888_5gsm6250pqca6574awcn6855_firmwareqca6174asm7325pqca6310_firmwarewcn6750sa515mqca6574_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665qca6175asd765qca6574a_firmwaresd768g_firmwareqrb5165msd850_firmwaresm7315sd460qca6391sdxr1_firmwareaqt1000_firmwaresdx65_firmwareqcm4290csrb31024_firmwareqcm6490_firmwaresdx50mwsa8832_firmwaresdx20sd480_firmwareqca6574ausa8155p_firmwaresd710wcd9341_firmwareqcm6125wsa8810mdm9150wcn6856sd835_firmwareqca6564_firmwaresd768gwcn6740qca6696sd845_firmwaresd845sm7250psd720g_firmwaresdx12sw5100_firmwareqcs410_firmwareqca6175a_firmwaresd850sm8475pSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • ...
  • 22
  • 23
  • Next
Details not found