Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2019-14038

Summary
Assigner-qualcomm
Assigner Org ID-2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At-02 Jun, 2020 | 15:05
Updated At-05 Aug, 2024 | 00:05
Rejected At-
Credits

Buffer over-read in ADSP parse function due to lack of check for availability of sufficient data payload received in command response in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8953, QCS605, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM670, SDM710, SDM845, SDX20, SDX24

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:qualcomm
Assigner Org ID:2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At:02 Jun, 2020 | 15:05
Updated At:05 Aug, 2024 | 00:05
Rejected At:
â–¼CVE Numbering Authority (CNA)

Buffer over-read in ADSP parse function due to lack of check for availability of sufficient data payload received in command response in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8953, QCS605, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM670, SDM710, SDM845, SDX20, SDX24

Affected Products
Vendor
Qualcomm Technologies, Inc.Qualcomm, Inc.
Product
Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Versions
Affected
  • APQ8009, APQ8053, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8953, QCS605, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM670, SDM710, SDM845, SDX20, SDX24
Problem Types
TypeCWE IDDescription
textN/ABuffer Over-read Issue in Audio
Type: text
CWE ID: N/A
Description: Buffer Over-read Issue in Audio
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.qualcomm.com/company/product-security/bulletins/may-2020-bulletin
x_refsource_CONFIRM
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/may-2020-bulletin
Resource:
x_refsource_CONFIRM
â–¼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.qualcomm.com/company/product-security/bulletins/may-2020-bulletin
x_refsource_CONFIRM
x_transferred
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/may-2020-bulletin
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:product-security@qualcomm.com
Published At:02 Jun, 2020 | 15:15
Updated At:21 Jul, 2021 | 11:39

Buffer over-read in ADSP parse function due to lack of check for availability of sufficient data payload received in command response in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8953, QCS605, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM670, SDM710, SDM845, SDX20, SDX24

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.1HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Primary2.03.6LOW
AV:L/AC:L/Au:N/C:P/I:N/A:P
Type: Primary
Version: 3.1
Base score: 7.1
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Type: Primary
Version: 2.0
Base score: 3.6
Base severity: LOW
Vector:
AV:L/AC:L/Au:N/C:P/I:N/A:P
CPE Matches
Qualcomm Technologies, Inc.
qualcomm
>>apq8009>>-
cpe:2.3:h:qualcomm:apq8009:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8009_firmware>>-
cpe:2.3:o:qualcomm:apq8009_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8053>>-
cpe:2.3:h:qualcomm:apq8053:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8053_firmware>>-
cpe:2.3:o:qualcomm:apq8053_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8098>>-
cpe:2.3:h:qualcomm:apq8098:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8098_firmware>>-
cpe:2.3:o:qualcomm:apq8098_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9206>>-
cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9206_firmware>>-
cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9207c>>-
cpe:2.3:h:qualcomm:mdm9207c:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9207c_firmware>>-
cpe:2.3:o:qualcomm:mdm9207c_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9607>>-
cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9607_firmware>>-
cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9640>>-
cpe:2.3:h:qualcomm:mdm9640:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9640_firmware>>-
cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9650>>-
cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9650_firmware>>-
cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8905_firmware>>-
cpe:2.3:o:qualcomm:msm8905_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8905>>-
cpe:2.3:h:qualcomm:msm8905:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8909w_firmware>>-
cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8909w>>-
cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8917_firmware>>-
cpe:2.3:o:qualcomm:msm8917_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8917>>-
cpe:2.3:h:qualcomm:msm8917:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8953_firmware>>-
cpe:2.3:o:qualcomm:msm8953_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8953>>-
cpe:2.3:h:qualcomm:msm8953:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcs605_firmware>>-
cpe:2.3:o:qualcomm:qcs605_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcs605>>-
cpe:2.3:h:qualcomm:qcs605:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sda660_firmware>>-
cpe:2.3:o:qualcomm:sda660_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sda660>>-
cpe:2.3:h:qualcomm:sda660:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sda845_firmware>>-
cpe:2.3:o:qualcomm:sda845_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sda845>>-
cpe:2.3:h:qualcomm:sda845:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm429_firmware>>-
cpe:2.3:o:qualcomm:sdm429_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm429>>-
cpe:2.3:h:qualcomm:sdm429:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm429w_firmware>>-
cpe:2.3:o:qualcomm:sdm429w_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm429w>>-
cpe:2.3:h:qualcomm:sdm429w:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm439_firmware>>-
cpe:2.3:o:qualcomm:sdm439_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm439>>-
cpe:2.3:h:qualcomm:sdm439:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm670_firmware>>-
cpe:2.3:o:qualcomm:sdm670_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm670>>-
cpe:2.3:h:qualcomm:sdm670:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm710_firmware>>-
cpe:2.3:o:qualcomm:sdm710_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm710>>-
cpe:2.3:h:qualcomm:sdm710:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm845>>-
cpe:2.3:h:qualcomm:sdm845:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm845_firmware>>-
cpe:2.3:o:qualcomm:sdm845_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdx20_firmware>>-
cpe:2.3:o:qualcomm:sdx20_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdx20>>-
cpe:2.3:h:qualcomm:sdx20:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdx24_firmware>>-
cpe:2.3:o:qualcomm:sdx24_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdx24>>-
cpe:2.3:h:qualcomm:sdx24:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-125Primarynvd@nist.gov
CWE-20Primarynvd@nist.gov
CWE ID: CWE-125
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-20
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.qualcomm.com/company/product-security/bulletins/may-2020-bulletinproduct-security@qualcomm.com
Patch
Vendor Advisory
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/may-2020-bulletin
Source: product-security@qualcomm.com
Resource:
Patch
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

985Records found
CVE-2019-14104
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.1||HIGH
EPSS-0.03% / 9.22%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Slab-out-of-bounds access can occur if the context pointer is invalid due to lack of null check on pointer before accessing it in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile in APQ8053, SC8180X, SDX55, SM8150

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-apq8053sdx55sm8150_firmwaresm8150sdx55_firmwareapq8053_firmwaresc8180xsc8180x_firmwareSnapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-25665
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.10% / 28.01%
||
7 Day CHG~0.00%
Published-12 Oct, 2022 | 00:00
Updated-15 May, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Information disclosure due to buffer over read in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcs605wcn6855_firmwareqca6391_firmwaresd888_5g_firmwaresd850qca6574_firmwaresdx50m_firmwarear8035qca6430sa8155wcn7850_firmwaresdx24_firmwarewcd9375_firmwaresd855_firmwaresa8540p_firmwarewcn3990qca6174a_firmwarewsa8835_firmwareqca6696_firmwareqca8337sa6145pqca6431_firmwarewcn6855qam8295pwsa8830qca6696sm8475sdx65qsm8350_firmwareqca6420sa6155pwcn3998_firmwaresdx55qca6390_firmwaresm7250par8035_firmwaresd765sdx55_firmwareqca6574a_firmwarewcd9385_firmwareqca8081_firmwarewcn3950_firmwareqcs605_firmwaresdx24sdxr2_5g_firmwareqca6436_firmwarewsa8815_firmwaresd678sdx57m_firmwaresa6145p_firmwaresa9000pqca6430_firmwareqca6595sd675_firmwarewcd9370_firmwareaqt1000qca6391wcn3991_firmwaresa8295pqca6174asa8295p_firmwarewsa8835sm7250p_firmwarewcn6851_firmwaresd768g_firmwarewcn3980_firmwareqca6574aqca6564asdx65_firmwareqca6595auwcn6851wcn6850_firmwaresd865_5gwcd9340_firmwaresd865_5g_firmwareqca6564au_firmwareqca9377_firmwarewsa8830_firmwarewcd9341sd845_firmwarewcn3991wcn3998wcn6856_firmwareqca6574auwcn3990_firmwaresdx55mwcd9341_firmwareqcs603_firmwaresd670qca6420_firmwareqca6564ausd_675sa9000p_firmwarewsa8815sd850_firmwaresd_8cx_gen3wcd9326wcn6856qca6564a_firmwarewcn7850sd_8_gen1_5g_firmwareqca6426wcd9380sa8155p_firmwareqsm8350sd_8cx_firmwareqca8337_firmwaresd870_firmwarewcd9326_firmwaresd_8cx_gen3_firmwareqca6574sd_8cx_gen2_firmwaresd870sd765_firmwarewcn7851_firmwaresdx57mqca6426_firmwaresd845qam8295p_firmwaresd_675_firmwaresd768gwsa8810qca6335wcn6850sd855sd_8cx_gen2qca6310_firmwarewcd9380_firmwaresd678_firmwaresd888_5gsa8155_firmwaresd670_firmwareqca6335_firmwareqca6390qca6421sa6155qca6595au_firmwarewsa8810_firmwareqca6310sdx55m_firmwarewcd9375wcd9370sa8150p_firmwarewcn7851wcd9340qca6436qca9377wcd9385sa6155p_firmwaresd_8cxsa8150psd765gwcn3950qca6595_firmwareqcs603sdxr2_5gsa6155_firmwareaqt1000_firmwaresdx50mqca6431sd675wcn3980qca8081qca6574au_firmwaresa8155psa8540pqca6421_firmwaresd765g_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-14101
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.1||HIGH
EPSS-0.04% / 12.88%
||
7 Day CHG~0.00%
Published-30 Jul, 2020 | 11:40
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bounds read can happen in diag event set mask command handler when user provided length in the command request is less than expected length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8096, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCM2150, QCN7605, QCS404, QCS405, QCS605, QM215, Rennell, SA415M, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwarekamorta_firmwaremdm9635m_firmwaremdm9640_firmwareapq8096_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632apq8096sdx24sdm439qcs404_firmwaremdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670qcs605_firmwaresc8180xmdm9206sdm670_firmwareqcs404sdx24_firmwaresdm636sda845_firmwaresa415mmdm9635mapq8098qcn7605mdm9205mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaremsm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresdm660mdm9655_firmwaresc8180x_firmwaresa415m_firmwareqcs405sdm710qm215sc7180_firmwaremdm9607mdm9625_firmwaresdm710_firmwareqcn7605_firmwaremdm9150msm8937msm8996_firmwaremsm8905sm8150_firmwaremsm8909mdm9655apq8096ausdm439_firmwarerennellsc7180qcs405_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwaremdm9625rennell_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940saipan_firmwaresm6150_firmwareapq8096au_firmwaremsm8917_firmwaremsm8998sm8150sdm850kamortamsm8996saipannicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-14043
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.1||HIGH
EPSS-0.04% / 12.88%
||
7 Day CHG~0.00%
Published-02 Jun, 2020 | 15:05
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound read in Fingerprint application due to requested data is being used without length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Kamorta, MDM9150, MDM9205, MDM9650, MSM8998, Nicobar, QCS404, QCS405, QCS605, Rennell, SA415M, SA6155P, SC7180, SC8180X, SDA660, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm850_firmwarekamorta_firmwaremdm9150_firmwaresa6155p_firmwaresdm636_firmwaresdm845msm8998_firmwaresdm660sdx24sdm630qcs404_firmwaresm8250_firmwaremdm9650sc8180x_firmwaresa415m_firmwareqcs405sm7150_firmwaresdm710sc7180_firmwaresm6150sdm710_firmwaresm7150sa6155psdm670mdm9150qcs605_firmwaresc8180xsxr2130sdm670_firmwareqcs404sdx24_firmwaresm8150_firmwaresxr2130_firmwaresdm636qcs405_firmwarerennellsa415msc7180sdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwaremdm9205qcs605sdx55sm6150_firmwaresm8250mdm9650_firmwaremsm8998sm8150sdm850sda660kamortasdx55_firmwaresxr1130_firmwarenicobar_firmwaresxr1130sdm660_firmwarenicobarsdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-33065
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-6.1||MEDIUM
EPSS-0.03% / 7.27%
||
7 Day CHG~0.00%
Published-06 Feb, 2024 | 05:47
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in Audio

Information disclosure in Audio while accessing AVCS services from ADSP payload.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm429w_firmwareqcs410_firmwaresa6150p_firmwaresd865_5gsnapdragon_429_mobile_platform_firmwareqcs610_firmwarewcd9335sxr2130_firmwaresrv1mqca8081_firmwarewcd9370ar8035_firmwareqca6696wcd9340_firmwaresnapdragon_888_5g_mobile_platformwcd9341_firmwareqca6320sd888_firmwareqcc710_firmwareqca6426wcn6740_firmwarefastconnect_6700qca6564auwcn3610qcn9074wsa8815_firmwaresa8195p_firmwareqca8337_firmwareqca8337qca6426_firmwareqca6574au_firmwareqam8295pwcd9341qca6574ausnapdragon_855_mobile_platformwcn3950wsa8810_firmwaresnapdragon_xr2_5g_platformsnapdragon_429_mobile_platformsa9000p_firmwaresrv1hsnapdragon_835_mobile_pc_platform_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_7c\+_gen_3_computewcn3660b_firmwaresnapdragon_780g_5g_mobile_platformfastconnect_6800_firmwaresa8295p_firmwaresd835_firmwarevideo_collaboration_vc1_platform_firmwaresnapdragon_778g\+_5g_mobile_platformsa8770psnapdragon_780g_5g_mobile_platform_firmwarec-v2x_9150qca6584auqca6320_firmwareqcn6274_firmwaresd888qcc710wcn6740qca6310_firmwarefastconnect_6800qfw7114_firmwarefastconnect_7800_firmwarefastconnect_6900video_collaboration_vc1_platformqfw7114snapdragon_782g_mobile_platform_firmwarewcd9385_firmwaresnapdragon_x55_5g_modem-rf_systemfastconnect_6900_firmwareqca6310qam8255p_firmwarewcd9380sa6145p_firmwareqam8255psnapdragon_888_5g_mobile_platform_firmwaresnapdragon_xr2_5g_platform_firmwaresa8150psnapdragon_778g_5g_mobile_platformmsm8996au_firmwaresa6155psnapdragon_835_mobile_pc_platformqca6564au_firmwarewsa8810qam8650psnapdragon_865\+_5g_mobile_platformsa9000psrv1h_firmwarevideo_collaboration_vc3_platformaqt1000sm7315_firmwaresnapdragon_865_5g_mobile_platform_firmwarec-v2x_9150_firmwaresa6155p_firmwareqam8295p_firmwaresrv1m_firmwaresd855sd835wcn3990_firmwaresm7315snapdragon_870_5g_mobile_platform_firmwareqfw7124_firmwareqca6564a_firmwareqca6436_firmwareqca6698aq_firmwaresnapdragon_wear_4100\+_platform_firmwarewcd9385mdm9650_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewcn3610_firmwaresa8255psnapdragon_855\+\/860_mobile_platform_firmwaresnapdragon_778g\+_5g_mobile_platform_firmwareqca6420snapdragon_865\+_5g_mobile_platform_firmwareqca6430wcd9370_firmwaremdm9650snapdragon_x55_5g_modem-rf_system_firmwarewcn3660bqca6574asxr2130wcn3620_firmwaresa8195pwcd9340qamsrv1msnapdragon_820_automotive_platform_firmwaresnapdragon_auto_5g_modem-rf_gen_2sm7325pqam8650p_firmwaresnapdragon_855_mobile_platform_firmwareqca6420_firmwareaqt1000_firmwaresdm429wqca6584au_firmwaresd855_firmwareqcn6274qca6436qfw7124sa8775psnapdragon_x75_5g_modem-rf_systemwcd9335_firmwareqca6391_firmwarewcn3980_firmwarewsa8835qca6430_firmwaresnapdragon_870_5g_mobile_platformsa8775p_firmwaresnapdragon_782g_mobile_platformqamsrv1hqca6696_firmwaresnapdragon_865_5g_mobile_platformwcd9380_firmwaresa6150pqcs410sa8155p_firmwareqca8081qca6564awsa8815sa8155pwsa8830qam8775psa6145pqcn9074_firmwaresa8255p_firmwarear8035qca6574a_firmwareqamsrv1m_firmwaremsm8996ausa8650p_firmwarewcn3620wcd9375_firmwareqca6391qcn6224snapdragon_778g_5g_mobile_platform_firmwareqca6698aqwcn3950_firmwaresa8770p_firmwaresa8295pfastconnect_6200fastconnect_7800sa8145p_firmwaresa8650pqam8775p_firmwaresd865_5g_firmwaresm7325p_firmwarewcn3680bsnapdragon_888\+_5g_mobile_platformwcd9375sa8150p_firmwaresnapdragon_855\+\/860_mobile_platformfastconnect_6700_firmwareqamsrv1h_firmwarevideo_collaboration_vc3_platform_firmwaresa8145pwcn3990snapdragon_wear_4100\+_platformsnapdragon_888\+_5g_mobile_platform_firmwarewsa8835_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewcn3980snapdragon_820_automotive_platformfastconnect_6200_firmwarewsa8830_firmwarewcn3680b_firmwareqcn6224_firmwareqcs610Snapdragonqam8255p_firmwarequalcomm_video_collaboration_vc1_platform_firmwareqca8337_firmwarewcd9380_firmwaresa6150p_firmwaresnapdragon_778g_5g_mobile_platform_firmwaresa8145p_firmwaremsm8996au_firmwaresnapdragon_820_automotive_platform_firmwareqcn6224_firmwaresdm429w_firmwarewcn3950_firmwaresnapdragon_888_5g_mobile_platform_firmwaresa8150p_firmwareqca6420_firmwareqca6584au_firmwarewcn3990_firmwarec-v2x_9150_firmwareqca6310_firmwareqca6430_firmwarewcd9335_firmwareqfw7114_firmwarequalcomm_video_collaboration_vc3_platform_firmwarewcd9385_firmwareqamsrv1h_firmwarewcd9340_firmwaresm7325p_firmwareqam8295p_firmwaremdm9650_firmwaresnapdragon_xr2_5g_platform_firmwareqca6426_firmwarewcn3660b_firmwaresa9000p_firmwareqca6320_firmwaresm7315_firmwareqca6574au_firmwaresnapdragon_429_mobile_platform_firmwaresnapdragon_835_mobile_pc_platform_firmwarewcn3680b_firmwarewcd9375_firmwareqca8081_firmwareqca6574a_firmwarefastconnect_6200_firmwarewcn3980_firmwaresnapdragon_x55_5g_modem-rf_system_firmwarewcn3610_firmwareqca6436_firmwareaqt1000_firmwareqca6564au_firmwarewcn6740_firmwaresa6155p_firmwareqcn6274_firmwaresa8775p_firmwaresa8650p_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwaresrv1h_firmwaresa6145p_firmwaresa8155p_firmwarefastconnect_6700_firmwareqca6564a_firmwarewsa8810_firmwarewcd9341_firmwarefastconnect_7800_firmwaresa8255p_firmwareqcs610_firmwareqca6698aq_firmwareqamsrv1m_firmwaresrv1m_firmwaresd835_firmwareqam8650p_firmwaresa8770p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqam8775p_firmwaresxr2130_firmwareqca6696_firmwareqca6391_firmwaresnapdragon_855_mobile_platform_firmwarewcd9370_firmwaresd888_firmwareqcc710_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewcn3620_firmwarewsa8815_firmwarewsa8835_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwareqcn9074_firmwarefastconnect_6800_firmwareqcs410_firmwaresa8295p_firmwareqfw7124_firmwarear8035_firmware
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2019-14039
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.1||HIGH
EPSS-0.04% / 12.88%
||
7 Day CHG~0.00%
Published-02 Jun, 2020 | 15:05
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound read in adm call back function due to incorrect boundary check for payload in command response in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8053, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8953, QCS605, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM670, SDM710, SDM845, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaremsm8953sdm845_firmwaresdm429wapq8098_firmwaresdm845sdx20sdx24sdm439mdm9607_firmwaremdm9650sdm429sdm710msm8909w_firmwaremdm9607sdm429w_firmwaresdm710_firmwaremsm8917sdm670qcs605_firmwaremdm9207c_firmwaremdm9206msm8905mdm9207csdm670_firmwaresdx24_firmwaresdm439_firmwaresda845_firmwareapq8098sda660_firmwaremdm9206_firmwareqcs605msm8953_firmwareapq8053msm8917_firmwaresdm429_firmwaremdm9650_firmwaresdx20_firmwaremsm8905_firmwaresda660msm8909wapq8053_firmwaresda845mdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-14053
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.1||HIGH
EPSS-0.04% / 12.88%
||
7 Day CHG~0.00%
Published-02 Jun, 2020 | 15:05
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When attempting to create a new XFRM policy, a stack out-of-bounds read will occur if the user provides a template where the mode is set to a value that does not resolve to a valid XFRM mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8953, MSM8996AU, QCA4531, QCN7605, QCS605, QM215, SA415M, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca4531_firmwaremdm9640_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429sm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150apq8009_firmwaremsm8917sxr2130qcs605_firmwaresc8180xipq4019_firmwaremdm9206sdx24_firmwareipq8074sdm636sda845_firmwaresa415mqca4531apq8098qcn7605mdm9206_firmwareqcs605sdm429_firmwaremdm9650_firmwaremsm8905_firmwaresda660sdx55_firmwaremsm8909wapq8009apq8053_firmwaresda845msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20sdm660sdm630mdm9607_firmwaresm8250_firmwaresc8180x_firmwaresa415m_firmwareipq8074_firmwareqm215mdm9607qcn7605_firmwaremdm9207c_firmwaremsm8905mdm9207csm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwaresdm630_firmwaresda660_firmwareqm215_firmwareipq4019sdx55msm8953_firmwareapq8053sm6150_firmwareapq8096au_firmwaresm8250msm8917_firmwaresm8150sdx20_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-14081
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.1||HIGH
EPSS-0.03% / 9.22%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Over-read when WLAN module gets a WMI message for SAR limits with invalid number of limits to be enforced in Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in APQ8098, IPQ8074, MSM8998, QCA8081, QCN7605, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm850_firmwaresdm636_firmwareapq8098_firmwaresdm845msm8998_firmwaresdm660sdm630ipq8074_firmwaresdm710sdm710_firmwareqcn7605_firmwaresdm670qca8081qcs605_firmwaresdm670_firmwaresm8150_firmwareipq8074sdm636sda845_firmwaresdm630_firmwareapq8098qcn7605sda660_firmwareqcs605msm8998sm8150sdm850sda660sxr1130_firmwareqca8081_firmwaresxr1130sdm660_firmwaresda845sdm845_firmwareSnapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-10574
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.1||HIGH
EPSS-0.06% / 18.28%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of boundary checks for data offsets received from HLOS can lead to out-of-bound read in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8016, APQ8017, APQ8053, APQ8076, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, QCM2150, QCS605, QM215, Rennell, SC7180, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwareapq8096_firmwaremdm9640_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632apq8096sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwareapq8076mdm9206sdm670_firmwareapq8076_firmwaresdm636sda845_firmwareapq8098mdm9205mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845sdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaremsm8998_firmwareqcm2150apq8016_firmwaresdm630mdm9607_firmwaremsm8920_firmwaremdm9655_firmwaresdm660sdm710qm215sc7180_firmwaremdm9607apq8017_firmwaresdm710_firmwaremdm9150msm8937mdm9207c_firmwaremsm8996_firmwaremsm8905mdm9207csm8150_firmwaremsm8909sxr2130_firmwaremdm9655apq8096ausdm439_firmwarerennellsc7180sdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwareapq8016qm215_firmwaremsm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaremsm8998sm8150sdm850apq8017msm8996sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-35085
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 10.87%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 09:50
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow due to lack of buffer length check during management frame Rx handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830qca8337csrb31024wcd9360_firmwaresdx65qcs4290wcn3950_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqca6390_firmwaresd690_5gwcd9370qca6426sa415mwcn3998wcd9385_firmwaresdxr2_5g_firmwarewcn3950sd_8_gen1_5g_firmwaresd662sd460_firmwarewcn7850qca6574au_firmwaresdx55_firmwareqca6595auqca8081_firmwarewcd9375_firmwarewcn3998_firmwaresm7250p_firmwareqca6420qca6436_firmwarewcd9360qca6564au_firmwaresd680_firmwaresa6155p_firmwaresd778gsa515m_firmwarewcn7851sdxr2_5gsd662_firmwaresa415m_firmwarewcn3988_firmwareqca6430sd778g_firmwaresa8195pwsa8810_firmwaresd765gsd765_firmwareqca6436sd680wcn6851sa6155pqca8081wcn7851_firmwareqcs4290_firmwarewcd9385wcd9341qca6696_firmwaresd750gsd870_firmwareqca6390ar8035sd750g_firmwareaqt1000wcd9375wsa8830_firmwaresd855_firmwaresd865_5g_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwarewcn7850_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresm8475wcn6750_firmwarewcn3991qca8337_firmwarewcd9380_firmwaresd780gsd865_5gqca6564ausdx55m_firmwarewcn6856_firmwarewsa8835qca6574wcd9380sd888_5gqca6574asd690_5g_firmwarewcn6855_firmwaresm7325pqca6430_firmwarewcn6750sa515mqca6574_firmwaresd855wsa8815sm7325p_firmwarewcn6850qca6175asd765qca6426_firmwareqca6574a_firmwaresd695sd768g_firmwaresd460qca6391sdx55maqt1000_firmwarewcn6740_firmwaresdx65_firmwareqcm4290csrb31024_firmwaresd480_firmwarewcn6851_firmwareqca6574ausa8155p_firmwarewcd9341_firmwareqcm4290_firmwaresd480sd870wcn6855wsa8810wcn6856sd695_firmwaresd768gwcn6740qca6696qca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55sa8155psm7250pqca6175a_firmwarear8035_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-35084
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 10.01%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 09:50
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound read due to lack of length check of data length for a DIAG event in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwarewsa8830qcs610qca8337csrb31024wcd9360_firmwaresdx65csra6620qcs4290wcn3950_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqca6390_firmwaresd690_5gwcd9370csra6620_firmwareqcs605_firmwarecsra6640_firmwareqcs6125_firmwareqca6426wcn3990_firmwareqrb5165n_firmwareqca9377sa415mwcn3998qcn7605sdxr2_5g_firmwarewcd9385_firmwarewcn3950sd_8_gen1_5g_firmwaresd662sd460_firmwarewcn7850qca6574au_firmwaresdx55_firmwareqca6595auqca8081_firmwaresdx12_firmwarewcd9375_firmwaresm7250p_firmwarewcn3998_firmwarewcn3999_firmwareqca6420qca6436_firmwarewcd9360qrb5165nqca6564au_firmwaresd680_firmwaresa6155p_firmwaresd778gwcn3999sa515m_firmwarewcn7851qrb5165_firmwareqrb5165m_firmwaresdxr2_5gqcs6125sd662_firmwaresa415m_firmwareqcs405qca6430wcn3988_firmwaresd778g_firmwaresa8195pwsa8810_firmwaresd765gsd765_firmwareqca6436sd680wcd9335sa6155pwcn6851qca8081wcn7851_firmwareqca6174a_firmwareqcs4290_firmwarewcd9385wcd9341qca6696_firmwaresd750gsd870_firmwareqca6390ar8035sd750g_firmwareaqt1000wcd9375wsa8830_firmwaresd855_firmwaresd865_5g_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwarewcn7850_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresm8475qcn7606_firmwarewcn6750_firmwareqcm6125_firmwarewcn3991qca8337_firmwarewcd9380_firmwarewcn3990sd780gsd865_5gqca6564ausdx55m_firmwarewcn6856_firmwarewsa8835qca6574wcd9380sd888_5gqcs410qca6574asd690_5g_firmwarewcn6855_firmwareqca9379_firmwareqca6174asm7325pqca6430_firmwarewcd9335_firmwarewcn3980wcn6750sa515mqca6574_firmwareqcs605sd855wsa8815sm7325p_firmwarewcn6850qca6175asd765qca6426_firmwareqca6574a_firmwaresd695sd768g_firmwareqrb5165mwcn3980_firmwaresd460qca6391sdx55maqt1000_firmwarewcn6740_firmwaresdx65_firmwarear8031_firmwarecsrb31024_firmwareqcm4290qrb5165sd480_firmwarewcn6851_firmwareqca6574ausa8155p_firmwarewcd9341_firmwareqcm6125qcm4290_firmwaresd480sd870wcn6855qcn7605_firmwarewsa8810qcs610_firmwarewcn6856sd695_firmwaresd768gar8031qcs405_firmwarewcn6740qca6696qca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55sa8155pcsra6640sm7250psdx12qcs410_firmwareqca9379qca6175a_firmwarear8035_firmwareqcn7606Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-30306
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.04% / 12.88%
||
7 Day CHG~0.00%
Published-20 Oct, 2021 | 06:31
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer over read due to improper buffer allocation for file length passed from user space in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwarewsa8830sm7250sa6150p_firmwaresa8145p_firmwaresm7250_firmwarewcn3950_firmwaresa8150p_firmwaresd765g_firmwareqca6595au_firmwareqca6390_firmwaresa6155sd690_5gwcd9370qca6426qca9377wcn3998wcd9385_firmwarewcn3950wcd9326_firmwarewcn3615_firmwaresd662sd460_firmwaresa8155qca6574au_firmwarewcn3680b_firmwareqca6595ausa6155_firmwaresdx12_firmwarewcd9375_firmwarewcn3615wcn3998_firmwareapq8053_firmwaresd778gsa6155p_firmwareqcs6490qrb5165_firmwaresa8155_firmwaresd662_firmwarewcn3988_firmwaresa6145p_firmwaresd778g_firmwaresa8195pwsa8810_firmwaresd765gsd765_firmwarewcd9326wcd9335sa6155pwcn6851qca6174a_firmwarewcd9385wcd9341qca6696_firmwareqcs6490_firmwaresd750gsd870_firmwareqca6390wcd9375sd750g_firmwaresa8150pmsm8953_firmwarewsa8830_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwarewcn6750_firmwarewcn3991wcd9380_firmwaresd780gsd865_5gsdx55m_firmwarewcn6856_firmwaresd888wsa8835qca6574wcd9380sd888_5gqca6574asd690_5g_firmwarewcn6855_firmwareqca6174asm7325wcd9335_firmwarewcn6750qca6574_firmwarewsa8815wcn6850sd765qca6426_firmwareqca6574a_firmwaresd768g_firmwaresd460qca6391sdx55mwcn6740_firmwaremsm8953qcm6490_firmwareqrb5165sd480_firmwarewcn6851_firmwareqca6574ausa8155p_firmwarewcd9341_firmwaresd480sd870wsa8810wcn6855wcn6856sa6145pwcn3680bsd768gsa8145pwcn6740qca6696qca6391_firmwaresd780g_firmwarewcd9370_firmwaresa6150psd888_firmwareapq8053sa8155psdx12sm7325_firmwareSnapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-10622
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.18% / 39.04%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-04 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound memory access can happen while parsing ADSP message due to lack of check of size of payload received from userspace in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8096AU, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, QCN7605, QCS605, SC8180X, SDM710, SDX24, SDX55, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaresdx24mdm9607_firmwaresm8250_firmwaremdm9650sc8180x_firmwareipq8074_firmwaresdm710mdm9607sdm710_firmwareapq8009_firmwareqcn7605_firmwaresxr2130qcs605_firmwareipq4019_firmwaremdm9207c_firmwaresc8180xipq6018mdm9206mdm9207csm8150_firmwaresdx24_firmwaresxr2130_firmwareipq8074apq8096auqcn7605ipq6018_firmwaremdm9206_firmwareqcs605ipq4019sdx55apq8096au_firmwaresm8250mdm9650_firmwaresm8150ipq8064sdx55_firmwareapq8009ipq8064_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-1930
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 12.22%
||
7 Day CHG~0.00%
Published-08 Sep, 2021 | 11:25
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bounds read due to incorrect validation of incoming buffer length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwarewsa8830sd678sa6150p_firmwaresm6250p_firmwaresa8145p_firmwareqcs610sm7250qcs2290_firmwaresm7250_firmwareqca6431_firmwaresd7c_firmwarecsrb31024qcs4290wcn3950_firmwaresa8150p_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqcs2290qca6390_firmwaresa6155sd690_5gsd730_firmwarewcd9370sd_675_firmwaresd675_firmwareqcs6125_firmwareqca6426qca6584au_firmwarewcn3990_firmwareqca9377sa415mwcn3998wcd9371_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcn3950sm4125sd720gwcd9326_firmwareqsm8350_firmwaresd662sd710_firmwareqsm8350sd460_firmwaresa8155qca6574au_firmwaresdx55_firmwareqca6595ausa6155_firmwarewcd9375_firmwarewcn3998_firmwareqca6420qca6436_firmwareqca6564au_firmwareqca6584ausa6155p_firmwaresd778gqrb5165_firmwaresdxr2_5gqcs6125sa8155_firmwaresd662_firmwaresa415m_firmwarewcn3988_firmwareqca6430sa6145p_firmwareqca6421sd778g_firmwaresm6250sa8195pwsa8810_firmwaresd765gsd765_firmwareqca6436wcd9326wcn6851sa6155pqca6174a_firmwareqcs4290_firmwarewcd9385wcd9341qca6431qca6696_firmwarewcd9371sd750gsd870_firmwareqca6390wcd9375sd750g_firmwareaqt1000sa8150pwcn3910_firmwaresm6250_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwarewcn6750_firmwareqcm6125_firmwareqcm2290_firmwarewcn3991wcd9380_firmwarewcn3990sd_675sd780gsd865_5gqca6564ausdx24sdx55m_firmwarewcn6856_firmwaresd670_firmwareqca6574wsa8835sd665_firmwarewcd9380sd888_5gsm6250pqcs410qca6574asd690_5g_firmwaresdx50m_firmwarewcn6855_firmwareqca6174asdx24_firmwaresm7325qca6430_firmwarewcn3980wcn6750qca6574_firmwaresd855sm4125_firmwarewcn6850sd665sd7cwcn3910wsa8815sd765qca6426_firmwareqca6574a_firmwaresd768g_firmwarewcn3980_firmwaresd460qca6391sd730sdx55mqca6421_firmwareaqt1000_firmwarewcn6740_firmwaresd678_firmwareqcm4290csrb31024_firmwaresdx50mqrb5165sd480_firmwarewcn6851_firmwareqca6574ausa8155p_firmwaresd710sd670wcd9341_firmwareqcm6125qcm4290_firmwaresd480sd870wcn6855wsa8810qcs610_firmwarewcn6856qsm8250sa6145psd768gsa8145pwcn6740qca6696qca6391_firmwaresd780g_firmwarewcd9370_firmwaresa6150psdx55sa8155psd675sd720g_firmwareqcs410_firmwareqcm2290qsm8250_firmwaresm7325_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-3664
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-6||MEDIUM
EPSS-0.02% / 6.11%
||
7 Day CHG~0.00%
Published-22 Feb, 2021 | 06:26
Updated-04 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound read access in hypervisor due to an invalid read access attempt by passing invalid addresses in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qca9377_firmwareqpm5679_firmwaresm6250p_firmwareqca8337qfs2530qpm8870_firmwareqln1030qpa8688pm6125qat5522_firmwarewcn3950_firmwarepm8150aqdm5670qca6595au_firmwareqpm5541_firmwareqpa5581_firmwaresa6155pm7150lqpa8821pm8998_firmwarewtr5975_firmwarepm456_firmwareqpa5580_firmwaresa415mwcn3998wcd9371_firmwarewcn3950sm4125sd720gqsw8573_firmwareqsw8574_firmwaresd460_firmwaresmb2351_firmwaresd6905gqpa4360_firmwareqca8081_firmwarewcn3998_firmwarepm855pqca6420pm6150apm660_firmwarepm8150bsa8155_firmwareqca4004_firmwareqca6430qat3522pmr735awcd9306_firmwarewcd9340sdm830_firmwaresd765gsdr660sdr865qdm5620_firmwaresmr545qca6696_firmwareqln5020wcd9371pmm855au_firmwaresm4350_firmwaresa8150ppm6350qdm5621qtc800sqca4004sd712pm640p_firmwareqcn5121qcn5022_firmwarewcn6750_firmwareqat5516_firmwarepm6150lsd8885gpm855l_firmwareqtc410swcn3991qpa8801pm8150l_firmwareqat5533_firmwaresdx55m_firmwaresdxr25gqpa8673_firmwarepm6150smb1354_firmwaresd670_firmwareqca6574qpa8842csr8811_firmwaresdr052_firmwarewcd9380qln4640qcs410qpm5579_firmwaresmb1380_firmwaresmb1381pm855p_firmwarepm7250qpa8803sdx24_firmwaresdxr25g_firmwareqdm2301ipq6018_firmwarewcd9340_firmwarewsa8815wcn6850qdm5621_firmwareqdm2301_firmwareqpm6375ipq6028wcn3980_firmwaresd730pm660l_firmwarepm6250_firmwarepm8008qtm525_firmwarepme605_firmwarepme605qpm5621_firmwareqln1021aq_firmwareqcs603qpa6560_firmwareqpa8802_firmwareqln4640_firmwareqpm5621qpm6582sd670pm8009_firmwareqfs2580_firmwareqcm4290_firmwarepm8150lpmi8998_firmwareqcs610_firmwaresa6145psdr105pm4250ar8031qpm5577wtr2965mdm9205_firmwareqca6391_firmwarepm8150qca4024wcd9370_firmwareqat3516_firmwaresdx55qcn5021_firmwarecsra6640qat3555_firmwareqpa8803_firmwarepm855bsmb2351qln1031qsm8250_firmwarewsa8830pm660qet6110_firmwareqpm6325pm6125_firmwareqbt1500qpa5581csrb31024pmx24_firmwarefsm10055_firmwareqbt1500_firmwareqcs4290qet6100pmm855auqca6420_firmwaresmb1396pm7150asd675_firmwarepm8350qca6564qpa4361_firmwareqca6426wcn3990_firmwareqca9984_firmwareqca9377wcd9385_firmwareqdm5650_firmwarewhs9410wcd9326_firmwarepm7250_firmwaresdr845_firmwareqdm5620qln1021aqsmb1380pmk8002_firmwareqsw6310_firmwaresa8155qln1031_firmwareqcn5122_firmwarepmm6155au_firmwareqat5533sdx55_firmwaresm7250p_firmwareqsm7250_firmwarepm7150l_firmwarewcd9306qca6584auqat5515_firmwarepm855qpm8830_firmwarepm8250qcn5052qfs2530_firmwaresa415m_firmwarepmx55wcn3988_firmwareqcn9074pm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresa8195psdr735_firmwareqpm5677qat5515wcd9326wcd9335pm6350_firmwarepm8004_firmwaresdr8150_firmwareqcs4290_firmwareqtc800h_firmwareqpm5620qca6390wcd9375sd750g_firmwareaqt1000sm6250_firmwarepmm8195auqln4642qpm5677_firmwarewsa8815_firmwarewtr3925_firmwaresmr525_firmwarepm8998qpm8820_firmwareqln1020_firmwarepm670a_firmwarepmx55_firmwareqca6595pm8150_firmwareqpm8830qat5522pm8150cpmr735bsd665_firmwareqpa4360pmk8003_firmwareqca8075_firmwaresc8180xqpa4361ipq6005_firmwareqpm5577_firmwareqdm5679_firmwaresmr525qca6310_firmwarepm6150l_firmwarepmr525pm8150a_firmwareqca6574_firmwareqln1036aq_firmwaresd665pm6150a_firmwarepm6150_firmwareqca6175asd765qca6574a_firmwareqat3555sd850_firmwaresd8c_firmwarewtr2965_firmwarepm670_firmwarecsrb31024_firmwareqln1036aqqtc801sipq6028_firmwaresc8180x_firmwaresd710qcn5122pm8008_firmwarepmr735a_firmwarepmx50qcn5022qca6564_firmwaresdr8250sd768gqln1030_firmwarepm8004pm640lpmk8002qca8075sd845sdm830ipq6000_firmwareqcs410_firmwareqca6175a_firmwareqpa5580qpm5579fsm10055sa6150p_firmwareqcs610qpm5620_firmwareqdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqat3519qbt2000_firmwareqca4024_firmwarepm855a_firmwareqtc800hsa8150p_firmwareqcs2290sdr8250_firmwareqca6335csra6620_firmwareqcs605_firmwareqln1020smr546_firmwareqdm5671csra6640_firmwarepmc1000hqpm4650_firmwareqat3518sd8csdr425_firmwaresmr526_firmwareqpa5460pm640a_firmwarewgr7640_firmwareqdm2305_firmwareqpm5670_firmwaresd710_firmwareqdm5652qca6574au_firmwareqpm8870wcd9375_firmwareqpm5679qbt2000sa6155_firmwarewcd9360pmx50_firmwareqpa8675_firmwarewhs9410_firmwaresdr735gqpa5460_firmwarewcn3999qdm3301_firmwareqsm7250ipq6010sd662_firmwareqcs405qdm2308_firmwarefsm10056_firmwareqca6436wcn6851sa6155pqcs603_firmwareqpa6560sdr675_firmwarewcd9341qca6431qet4100_firmwaresd750gwcn3910_firmwareqpm5657wsa8830_firmwaresd855_firmwareqdm5650wcn3988wtr3925sdr052sa8195p_firmwaresmb1390qet4100qpa8686_firmwareqpm6585qca8337_firmwarewcd9380_firmwaresmb1355qln4650sdr735g_firmwarewgr7640qet5100qdm5671_firmwareqpa8801_firmwareqca6564auqtm527_firmwarepm8005_firmwareqet4101_firmwarepm7250bqln4642_firmwaresmb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwareqet4200aq_firmwaresdx50m_firmwaresdr735smb1395pm660lsmr526qca8072_firmwarewtr5975qca6430_firmwarepmk8003qcn5052_firmwareqtc801s_firmwareqat3522_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqsw8573qcs605sd7cwcn3910qca6426_firmwarepm8350_firmwareqca9984pm8009qpa8675sdr051_firmwaresdx55mpm670aqca6421_firmwareqat3518_firmwareqsw8574pmi8998sd6905g_firmwarear8031_firmwarepm855lwcn6851_firmwareqdm5670_firmwaresd8655gpm7150a_firmwarepm8150b_firmwaresmr545_firmwarepmc1000h_firmwareqca6564a_firmwareqdm2310_firmwarepm4250_firmwaresdr105_firmwareqcn5121_firmwaresd8885g_firmwarepm670qdm5677pm8005qsm8250ipq6018pm855_firmwareqdm2302pmm6155ausdxr1pm855b_firmwareqca6595_firmwareqcs405_firmwareqpm6582_firmwareqpm6375_firmwarepm640l_firmwareqln4650_firmwareqet5100msa8155psd675qet4101qat3516pm670lqpm5658ar8035_firmwareqcm2290qpm5658_firmwarewcn3991_firmwareqdm5652_firmwarepmm8155au_firmwaresdr051qln5030qcs2290_firmwarepm4125fsm10056pmi632qpa2625_firmwarepm456sd7c_firmwarepmr735b_firmwarecsra6620qet5100_firmwareqet6100_firmwarepm670l_firmwaresdr660gsd765g_firmwareqpa8686qca6390_firmwareipq6000sd730_firmwarewcd9370qcn5152_firmwaresdr425pmr525_firmwareqca6584au_firmwareqcn9000_firmwarepmi632_firmwareqpm5541qat5516sd662qpa8821_firmwaresdr660g_firmwarepm3003aqca6595auwcn3999_firmwareqca6436_firmwaresmb1354qca6564au_firmwareqdm2305sa6155p_firmwareqca6310qpm8820qpm2630qln5020_firmwaresa6145p_firmwaresdr675sm6250sd712_firmwarewsa8810_firmwaresmb231sd765_firmwareqdm5677_firmwareqca8081qet4200aqqca6174a_firmwarewcd9385qpm6325_firmwareqdm2302_firmwareqat3550_firmwarepmm8155auqln5040_firmwarepm4125_firmwarear8035csr8811qpa8673qdm2310qln5030_firmwaresmb1396_firmwarewcn6850_firmwarewsa8835_firmwareqca6564asmr546pmx24qet6110qln5040qca8072qcm2290_firmwareqpm8895sdr845qpm5670wcn3990qcn9000qtm527sdx24qdm2307_firmwarewsa8835qpm5657_firmwaresm6250ppm855asdr660_firmwareqca6574asmb1390_firmwareqca6174awcn6750qet5100m_firmwareqpm4650mdm9205qtm525wtr6955sd855sm4125_firmwaresd8cxwtr6955_firmwarepm640pqcn5021qcn5152sd768g_firmwaresdr865_firmwarepm8250_firmwaresd460qca6391sd8cx_firmwaresdxr1_firmwaresmb1351ipq6005aqt1000_firmwareqpm8895_firmwareqcm4290sdx50mpm640asdr8150smb1395_firmwarepmd9655qca6574ausa8155p_firmwareqsw6310sd8655g_firmwarewcd9341_firmwarewsa8810qtc410s_firmwareqpm2630_firmwaresmb231_firmwareqdm2308qat3550qdm5679ipq6010_firmwarepm3003a_firmwareqca6696qtc800s_firmwaresm4350sd845_firmwaresmb1381_firmwareqpa2625sa6150pqpa8688_firmwarepmm8195au_firmwaresm7250psd720g_firmwareqcn9074_firmwaresd850pm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-3617
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.1||HIGH
EPSS-0.03% / 9.22%
||
7 Day CHG~0.00%
Published-09 Sep, 2020 | 06:25
Updated-04 Aug, 2024 | 07:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Buffer over-read Issue in Q6 testbus framework due to diag packet length is not completely validated before accessing the field and leads to Information disclosure.' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in Kamorta, Nicobar, QCS605, QCS610, Rennell, SC7180, SDA660, SDM630, SDM636, SDM660, SDM670, SDM710, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-kamorta_firmwareqcs610sdm636_firmwaresdm660sdm630sm7150_firmwaresdm710sc7180_firmwaresm6150sdm710_firmwaresm7150sdm670qcs610_firmwareqcs605_firmwaresdm670_firmwaresm8150_firmwaresdm636rennellsc7180sdm630_firmwaresda660_firmwarerennell_firmwareqcs605sm6150_firmwaresm8150sda660kamortasxr1130_firmwarenicobar_firmwaresxr1130sdm660_firmwarenicobarSnapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
CVE-2020-11132
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.1||HIGH
EPSS-0.04% / 12.88%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 10:00
Updated-04 Aug, 2024 | 11:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Buffer over read in boot due to size check ignored before copying GUID attribute from request to response' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8096AU, APQ8098, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9650, MSM8108, MSM8208, MSM8209, MSM8608, MSM8905, MSM8909, MSM8998, QCM4290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QSM8250, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC8180X, SC8180X+SDX55, SC8180XP, SDA640, SDA670, SDA845, SDA855, SDM1000, SDM640, SDM670, SDM710, SDM712, SDM830, SDM845, SDM850, SDX24, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaresm7250sa6150p_firmwaresm6250p_firmwareqcs610sm6125sdm712_firmwaresdm640sm7250_firmwaremdm9628_firmwaremdm9650qcs4290mdm9250sa8150p_firmwaresa6155apq8009_firmwaresdm712sdm670qcs605_firmwaresm6115sm7150psda845_firmwaremsm8108sa415mapq8098msm8108_firmwaresm4250sc8180xpmdm9628sm4125mdm9206_firmwaresda855sa8155msm8905_firmwaresdx55_firmwaresa6155_firmwaresdm1000sm7250p_firmwaresxr1130sxr2130psda845mdm9207sa6155p_firmwaremsm8208sxr2130p_firmwaresda640mdm8207sa515m_firmwareapq8098_firmwaremsm8998_firmwaresa8155_firmwaremdm9607_firmwaresm8250_firmwaresa415m_firmwareqcs405sa6145p_firmwaresc7180_firmwaresm4250_firmwaresm6250sa8195psdm830_firmwaresdm710_firmwaresxr1120sa6155pqcs603_firmwaremsm8209_firmwaremsm8905mdm9250_firmwareqcs4290_firmwaresm8150_firmwaremsm8909sm7150p_firmwaresxr2130_firmwaresc7180sc8180xp_firmwaresa8150psm6250_firmwaremdm9207_firmwaresm6150_firmwaremsm8998sm7225_firmwaresm8150sdm850sa8195p_firmwaresdm640_firmwaremsm8208_firmwaresxr1120_firmwaresm6125_firmwaresm8150pmsm8608sm6115_firmwarewcd9330sdm845sdx24sdx55m_firmwaresm6115p_firmwaresm7150_firmwaresm6150sm7150sm6250pqcs410sda640_firmwaresc8180xsxr2130sdx50m_firmwaremdm9206sdm670_firmwaresdx24_firmwaresda670sm7225mdm9205sa515mqcs605sm6115psm4125_firmwaremdm9650_firmwaresxr1130_firmwaremsm8209sda855_firmwareapq8009wcd9330_firmwaremsm8909_firmwaresdx55msm6150p_firmwaresm6350sm7125sdm850_firmwaresm4250p_firmwareqcm4290sdx50mqcs603sc8180x_firmwaresm6350_firmwaresa8155p_firmwaresdm710mdm9607sda670_firmwareqcm4290_firmwareqcs610_firmwaremdm9150qsm8250sa6145psm4250papq8096auqcs405_firmwaremdm8207_firmwaremdm9205_firmwaremsm8608_firmwaresm7125_firmwaresa6150psdx55apq8096au_firmwaresa8155psm8250sm8150p_firmwaresdm1000_firmwaresm7250psdm830qcs410_firmwaresm6150pqsm8250_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-11304
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.88%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 06:20
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound read in DRM due to improper buffer length check. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarefsm10055sa6150p_firmwaresm6250p_firmwareqcs610qca8337qca6431_firmwarewcd9360_firmwarewcn3950_firmwaresc8180x\+sdx55sa8150p_firmwareqcs2290qca6595au_firmwaresa6155qca6335sd_455_firmwarecsra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaremsm8108sa415mwcn3998wcd9371_firmwaremsm8108_firmwarewcn3950sm4125sd720gmdm9628mdm9206_firmwarewcn3660bqsm8350_firmwaresd710_firmwareqsm8350sd460_firmwareqca4020qca6574au_firmwarewcd9375_firmwarewcn3998_firmwaresa6155_firmwareqca6420wcd9360qca9367_firmwarewhs9410_firmwaremdm8207wcn3999qcs6125sa8155_firmwareqca4004_firmwaresd662_firmwareqcs405qca6430wcd9306_firmwarewcd9340sdm830_firmwaresd765gfsm10056_firmwareqca4020_firmwareqca6436wcn6851sa6155pqcs603_firmwaremsm8209_firmwaremdm9250_firmwarewcd9341qca6431qca6696_firmwarewcd9371sd870_firmwaresd750gwcn3910_firmwaresd_8cxsa8150pmdm9207_firmwareqca4004wsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwaresd712wcn3988sd660_firmwaresa8195p_firmwaremsm8208_firmwarewcn6750_firmwarewcn3610msm8608wcn3991qca8337_firmwarewcd9380_firmwarewcd9330qca6564ausdx55m_firmwarewcn6856_firmwaresd670_firmwareqca6574wcd9380qcs410sd690_5g_firmwaresdx50m_firmwareqca9379_firmwaresdx24_firmwareqca6430_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqcs605wcd9340_firmwarewsa8815wcn6850sd7cwcn3910qca6320mdm9650_firmwaresd_8c_firmwareqca6426_firmwarewcn3660b_firmwareqca9984sd835wcn3980_firmwaresd730wcd9330_firmwaresdx55mqca6421_firmwaresd678_firmwarear8031_firmwarewcn6851_firmwareqcs603sd670sd_636_firmwareqca6564a_firmwareqcm4290_firmwaresd480sd870wcn6855sd210_firmwareqcs610_firmwareqsm8250sa6145psdxr1ar8031apq8096auqca6595_firmwareqcs405_firmwaresa8145pmdm8207_firmwaresdm630_firmwaremdm9205_firmwareqca6391_firmwarewcd9370_firmwaresdx55sd888_firmwaresa8155pcsra6640sd675qca9379ar8035_firmwareqcm2290qsm8250_firmwarewcn3991_firmwaremdm9150_firmwarewsa8830sd678sa8145p_firmwareqcs2290_firmwarefsm10056sd7c_firmwarecsrb31024mdm9628_firmwaremdm9650sd_636csra6620fsm10055_firmwareqcs4290mdm9250sd765g_firmwareqca6420_firmwareqca6390_firmwareapq8009_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwareqca6564qca6426qca6584au_firmwarewcn3990_firmwareqca9984_firmwareqca9377sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewhs9410wcd9326_firmwarewcn3615_firmwaresd662sa8155qca6320_firmwarewcn3680b_firmwaresdx55_firmwarewcn3615qca6595auwcn3999_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwaremdm9207wcd9306qca6584ausd778gqca6564au_firmwaremsm8208sa6155p_firmwareqca6310sa515m_firmwaresdxr2_5gqca9367sdm630mdm9607_firmwaresa415m_firmwarewcn3988_firmwaresd205sa6145p_firmwareqca6421sd778g_firmwaresm6250sd712_firmwaresa8195pwsa8810_firmwaresd765_firmwarewcd9326wcd9335qca6174a_firmwareqcs4290_firmwarewcd9385qca6390wcd9375sd750g_firmwareaqt1000ar8035sc8180x\+sdx55_firmwaresm6250_firmwaresd210wsa8815_firmwaresd888_5g_firmwarewcn6850_firmwarewsa8835_firmwareqca6564aqcm6125_firmwareqcm2290_firmwarewcn3990sd_675sd865_5gqca6595sdx24sd888wsa8835sd665_firmwaresd888_5gsm6250pqca6574amdm9206wcn6855_firmwareqca6174asm7325pqca6310_firmwarewcn6750mdm9205sa515mqca6574_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665qca6175asd765qca6574a_firmwaresd768g_firmwaremsm8209sd850_firmwareapq8009sd460qca6391sdxr1_firmwareaqt1000_firmwareqcm4290csrb31024_firmwaresdx50msd480_firmwaresd_455qca6574ausd710sa8155p_firmwaremdm9607sd205_firmwarewcd9341_firmwareqcm6125wsa8810mdm9150wcn6856sd_8cwcn3680bsd835_firmwareqca6564_firmwaresd768gqca6696sd845_firmwaremsm8608_firmwaresa6150papq8096au_firmwaresd845sm7250psdm830sd720g_firmwareqcs410_firmwareqca6175a_firmwaresd850Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-11161
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.1||HIGH
EPSS-0.04% / 12.88%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 05:00
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds memory access can occur while calculating alignment requirements for a negative width from external components in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qca9377_firmwareqpm5679_firmwareqcs610pmd9607_firmwareqdm5579qdm2307qfs2608_firmwareqfs2530qpm8870_firmwareqln1030qpa8802qpm6585_firmwarepm6125qat3519qbt2000_firmwareqat5522_firmwarewcn3950_firmwarepm8150aqtc800hqdm5670sdr8250_firmwareqpa5581_firmwareqpa8821pm8998_firmwarecsra6620_firmwareqcs605_firmwareqdm5671wtr5975_firmwarecsra6640_firmwareqpm4650_firmwareqat3518qpa5580_firmwaresdr425_firmwarewcn3998smr526_firmwarewcn3950qsw8573_firmwarewcn3660bwgr7640_firmwareqpm5670_firmwareqsw8574_firmwaresd460_firmwarepm8953_firmwareqca6574au_firmwareqpa4360_firmwareqpm8870wcd9375_firmwarewcn3998_firmwareqpm5679qbt2000apq8053_firmwaresdx20mqpm6670_firmwareqca9367_firmwaresdr735gwcn3999pm8150bqdm3301_firmwaresd662_firmwareqcs405qat3522pmr735awcd9340qualcomm215_firmwareqdm2308_firmwaresdr660qca6436wcn6851sa6155pqcs603_firmwareqpa6560qfs2630_firmwaresdr865qdm5620_firmwaresmb1358wcd9341pmi8952qdm4643_firmwaresm7350_firmwareqln5020qet4100_firmwaresmb1350qdm3302qdm5621qpm5875_firmwareqat3514_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewcn3988wtr3925smb1390wcn6750_firmwareqat5516_firmwarepm6150lpm855l_firmwareqet4100wcn3610qpm6585qtc410swcd9380_firmwaresmb1355qln4650qpa8801wcd9330msm8996au_firmwaresdr735g_firmwarepm8350bhs_firmwarewgr7640qat5568qet5100qdm5671_firmwareqpa8801_firmwareqca6564aupm8150l_firmwaresdx55m_firmwarewcn6856_firmwarepm8005_firmwareqpa8673_firmwarepm6150qet4101_firmwaresmb1354_firmwareqca6574qln4642_firmwareqfs2630qpa8842pmm8996auwcd9380smb1355_firmwaresmb1351_firmwarepmd9655_firmwarequalcomm215qcs410pmk8350_firmwaresmb1381sdr735qca9379_firmwarewtr4905smb1395qpa8803ar8151smr526wtr5975wcd9335_firmwarewcn3980qtc801s_firmwareqat3522_firmwarepm7350c_firmwareqdm2301qsw8573qcs605wcd9340_firmwarewsa8815wcn6850qdm5621_firmwareqdm2301_firmwaremdm9650_firmwaresmb1394qca6426_firmwarepm8350_firmwarewcn3660b_firmwarewcn3680sd835pm8009wcn3980_firmwarewcd9330_firmwaresdx55mpm670awcn6740_firmwarepm8008pm8350b_firmwareqtm525_firmwareqat3518_firmwareqsw8574pme605_firmwarepme605apq8064au_firmwarear8031_firmwarewcn3680_firmwareqpm5621_firmwarepm855lwcn6851_firmwareqcs603qdm5670_firmwareqpa6560_firmwareqpa8802_firmwarepm8150b_firmwareqpm5621qca6564a_firmwarepm8009_firmwareqdm2310_firmwareqfs2580_firmwarepm670pm8150lsd210_firmwareqcs610_firmwareqdm5677pm8005qsm8250sa6145ppm855_firmwarepm215qdm2302pmm6155aupm855b_firmwarear8031apq8096auqcs405_firmwarewtr2965qca6391_firmwarepmx20_firmwarewcd9370_firmwareqln4650_firmwareqat3516_firmwareqpm5875sdx55qet5100mapq8053csra6640pm8350bhsqet4101qat3555_firmwareqat3516pm670lqpa8803_firmwareqca9379pm855bqsm8250_firmwareqpm5870pm8909wsa8830qet6110_firmwareqdm5579_firmwareqln5030pm6125_firmwareqpa5581pmi632qpa2625_firmwaremdm9650pm8350bh_firmwarecsra6620pmr735b_firmwareqet5100_firmwareqpm4621qpm5870_firmwareqet6100_firmwareqet6100pm670l_firmwaresmb1358_firmwaresmb1394_firmwareqca6390_firmwaresmb1396wcd9370pm8350qca6564qpa4361_firmwarepm8350c_firmwareqpa5461_firmwareqca6426sdr425pmr525_firmwarewcn3990_firmwareqca9377qpm5641ar8151_firmwarepmi632_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwareqat5516wcn3615_firmwarergr7640au_firmwareqdm5620sd662qpa8821_firmwarepm8350bhpmk8002_firmwareqsw6310_firmwarepm3003aqdm4650_firmwaresdx55_firmwarepmm6155au_firmwarewcn3680b_firmwarewcn3615wcn3999_firmwarewcn3610_firmwareqca6436_firmwaresm7350qpm6670smb1354qca6564au_firmwaresa6155p_firmwareqpm8820qpm4641qat5515_firmwareqln5020_firmwarepm855sdxr2_5gpm8250qca9367smb1398qdm4643qfs2530_firmwarewcn3988_firmwarepmx55qpm4641_firmwaresd205sa6145p_firmwarepm8150c_firmwareqpa8842_firmwareqdm3301sdr735_firmwareqat3519_firmwarewsa8810_firmwarepm8953qat5515qpm5677smb231qat3514wcd9326wcd9335qdm5677_firmwareqca6174a_firmwarewcd9385qtc800h_firmwareqdm2302_firmwarepmk7350_firmwareqln5040_firmwareqpm4630qca6390wcd9375apq8064auqpa8673qdm2310qln5030_firmwareqln4642sd210qpm5677_firmwaresdx20_firmwarewsa8815_firmwaresd888_5g_firmwaresmr525_firmwarepm8998pmk7350wtr3925_firmwareqpm8820_firmwaresmb1396_firmwarewcn6850_firmwarewsa8835_firmwareqpm6621_firmwareqca6564apm670a_firmwareqet6110pmi8952_firmwareqln5040qpm5670wcn3990pmx55_firmwaresd865_5gpmk8350smb1398_firmwareqdm3302_firmwarepm8350bpmm8996au_firmwareqat5522qdm2307_firmwarewsa8835msm8996aupm8150cpmr735bsd665_firmwaresd888_5grgr7640auqpa4360sdr660_firmwarepm8909_firmwareqpa4361qca6574aqpm4640_firmwaresmb1390_firmwareqdm5679_firmwareqca6174apm8350csmr525qpm4640wcn6750pm6150l_firmwarepmr525pm7350cpm8150a_firmwareqet5100m_firmwareqpm4650qtm525qca6574_firmwaresd855sd665pm6150_firmwarepmx20pmd9607qca6574a_firmwareqpm4630_firmwaresdr865_firmwareqat3555pm8250_firmwaresd460qca6391smb1351smb1357_firmwareqpa5461pm215_firmwarewtr2965_firmwarepm670_firmwareqfs2608sdx20qtc801ssmb1395_firmwareqdm4650pmd9655qca6574auqpm5641_firmwaresd205_firmwareqsw6310pm8008_firmwarewcd9341_firmwaresdx20m_firmwareqpm6621wsa8810qtc410s_firmwaresmb231_firmwarepmr735a_firmwareqat5568_firmwareqdm2308wtr4905_firmwarewcn6856qdm5679wcn3680bsd835_firmwareqca6564_firmwaresdr8250pm3003a_firmwareqln1030_firmwaresmb1350_firmwarewcn6740smb1381_firmwareqpa2625pmk8002apq8096au_firmwaresmb1357qpm4621_firmwareqcs410_firmwareqpa5580Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-11293
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-5.1||MEDIUM
EPSS-0.05% / 14.30%
||
7 Day CHG~0.00%
Published-07 May, 2021 | 09:10
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound read can happen in Widevine TA while copying data to buffer from user data due to lack of check of buffer length received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100qfe2080fc_firmwareqca9377_firmwareqfs2580mdm9640_firmwaresm6250p_firmwareqfe4455fc_firmwareqca8337qfs2530qpm8870_firmwareqln1030qpa8688pm6125qat5522_firmwarewcn3950_firmwarepm8150asc8180x\+sdx55qca6595au_firmwaresa6155qpa8821pm8998_firmwarewtr5975_firmwarepm456_firmwaresa415mwcn3998wcd9371_firmwarewcn3950sm4125sd720gqsw8573_firmwarewcn3660bsd450_firmwareqfe4320qcc112qsw8574_firmwaresd460_firmwaresmb2351_firmwarepm8953_firmwareqpa4360_firmwarewcn3998_firmwareqfe2520_firmwarepm855pqca6420apq8053_firmwarepm6150apm660_firmwarepm8150bsa8155_firmwareqca4004_firmwareqfe2101qca6430qat3522qfe4455fcpmr735awcd9306_firmwarewcd9340sdm830_firmwaresdr660sdr865smb1358smr545qca6696_firmwarewcd9371sd870_firmwaresmb1350pmm855au_firmwarewtr3950sa8150ppm6350qfe3340qtc800sqca4004qat3514_firmwaresd660sd865_5g_firmwareqet6105sd712pm640p_firmwaresd660_firmwareqat5516_firmwarepm6150lsd450pm855l_firmwareqtc410swcn3991qpa8801sdm429wpm8150l_firmwaresdx55m_firmwareqpa8673_firmwarepm6150smb1354_firmwaresd670_firmwareqca6574sd632_firmwaresdr052_firmwarepmm8996auwcd9380sd850qualcomm215qln4640qcs410smb1380_firmwareqfe4309_firmwaresmb1381pm855p_firmwareqfe3100_firmwareqca9379_firmwarewtr4905qpa8803sdx24_firmwaresd439_firmwareqdm2301wcd9340_firmwarewsa8815wcn6850qfe2101_firmwareqdm2301_firmwaremsm8937_firmwaresd835wcn3980_firmwaresd730pm660l_firmwarepm6250_firmwarepm8008qtm525_firmwarepme605_firmwarepme605sd678_firmwareapq8064au_firmwareqca6234qln1021aq_firmwareqcs603rsw8577qpa6560_firmwareqpa8802_firmwareqln4640_firmwareqfe4308_firmwaresd670pm8009_firmwareqfe4303qfs2580_firmwareqcm4290_firmwarepm8150lpmi8998_firmwareqcs610_firmwaresa6145ppm660a_firmwarepm215pm4250sdr105ar8031wtr2965sdm630_firmwaremdm9205_firmwareqca6391_firmwaresa2150psd820_firmwarepm8150pmi8937_firmwarewcd9370_firmwaresdx55apq8053csra6640qat3555_firmwarepmi8994qpa8803_firmwarewcn3660qca9379pm855bqca6234_firmwareqln1031smb2351pm660pm6125_firmwareqbt1500csrb31024mdm9650pmx24_firmwarefsm10055_firmwareqbt1500_firmwarepmk8001qcs4290qet6100pmm855auqca6420_firmwaresmb1396sd675_firmwarepm8350qca6564qpa4361_firmwareqca6426wcn3990_firmwareqca9984_firmwareqca9377qpa5373_firmwarewcd9385_firmwareqpa4340_firmwaresdxr2_5g_firmwarewcd9326_firmwarewhs9410wcn3615_firmwarewtr2955rgr7640au_firmwaresdr845_firmwareqln1021aqsmb1380pmk8002_firmwareqsw6310_firmwaresa8155qln1031_firmwaresdx55_firmwarepmm6155au_firmwarewcn3615wcn3610_firmwarepm8940wcd9306qca6584auqat5515_firmwarepm855sd429pm8250qfe2082fc_firmwaresdm630mdm9655_firmwareqfs2530_firmwaresa415m_firmwarepmx55wcn3988_firmwaresd429_firmwarepm8150c_firmwareqca6421sdr735_firmwareqat3519_firmwaresa8195ppm8953qat5515qca6694qat3514wcd9326wcd9335pm6350_firmwarepm8004_firmwaresdr8150_firmwareqcs4290_firmwarepm439qtc800h_firmwareqca6390wcd9375aqt1000sc8180x\+sdx55_firmwarepmm8195ausm6250_firmwaremsm8917_firmwarewsa8815_firmwaresd888_5g_firmwarepmi8937pm8998smr525_firmwarewtr3925_firmwareqpm8820_firmwareqfe4301_firmwareapq8017qcc112_firmwareqln1020_firmwarepm670a_firmwarepmx55_firmwarewtr2955_firmwareqbt1000_firmwareqfe4373fc_firmwaresd865_5gpm8019qca6595pm8150_firmwarepmm8996au_firmwareqat5522pm8150csd665_firmwareqpa4360pmk8003_firmwareqpa4361smr525qca6310_firmwareqfe4305_firmwarepm6150l_firmwarepmr525pm8150a_firmwareqca6574_firmwarewtr3950_firmwareqln1036aq_firmwaresd665pm6150a_firmwarepm6150_firmwareqca6175aqca6574a_firmwareqat3555sd850_firmwareqfe2082fcsd8c_firmwarewtr2965_firmwarepm670_firmwarecsrb31024_firmwaresd480_firmwareqln1036aqqtc801spmi8940_firmwaresd710pm8008_firmwareqln1035bd_firmwarepmr735a_firmwarepmw3100pmx50qca6564_firmwaresdr8250qln1030_firmwaresmb1350_firmwarepmw3100_firmwarepm8004pm640lmsm8940pmk8002apq8096au_firmwaresd845sd455_firmwaresdm830qcs410_firmwareqca6175a_firmwarefsm10055qfe2550sa6150p_firmwareqcs610pmi8996qdm2307qca6431_firmwareqpa8802wcd9360_firmwareqat3519qbt2000_firmwarepm855a_firmwareqtc800hsa8150p_firmwareqcs2290sdr8250_firmwareqca6335msm8917csra6620_firmwareqcs605_firmwareqln1020smr546_firmwarewtr3905csra6640_firmwarepmc1000hqat3518sd8csd632sdr425_firmwaresmr526_firmwareqpa5460pm640a_firmwarewgr7640_firmwaresd710_firmwareqca4020qca6574au_firmwareqpm8870wcd9375_firmwaresa6155_firmwareqbt2000wcd9360pmx50_firmwareqpa8675_firmwarewhs9410_firmwaresdr735gqpa5460_firmwarewcn3999pm8940_firmwarepm8996sd662_firmwaresmb1360qcs405qualcomm215_firmwareqfe3440fcqdm2308_firmwarersw8577_firmwarefsm10056_firmwarepm439_firmwareqca4020_firmwareqca6436sa6155pqcs603_firmwareqpa6560msm8937sdr675_firmwarewcn3660_firmwarewcd9341pmi8952mdm9655pm8937_firmwareqca6431qet4100_firmwareqfe4320_firmwarewcn3910_firmwaresd855_firmwarewcn3988wtr3925qfe2080fcsdr052sa8195p_firmwaresmb1390qet4100wcn3610mdm9640qpa8686_firmwareqca8337_firmwaresda429w_firmwarewcd9380_firmwaresmb1355qtc800t_firmwaremsm8996au_firmwaresdr735g_firmwarewgr7640sd636qet5100qpa8801_firmwareqca6564aupm8005_firmwaremsm8940_firmwareqet4101_firmwarepm7250bpmk8001_firmwaresmb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwarepm8996_firmwareqet4200aq_firmwaresdx50m_firmwaresdr735pm660lar8151smr526wtr5975qca6430_firmwarepmk8003qtc801s_firmwarewcd9335_firmwareqat3522_firmwarewcn3980qca6335_firmwareqsw8573qcs605qbt1000sd7cqca6320wcn3910mdm9650_firmwareqca6426_firmwarepm8350_firmwarewcn3660b_firmwareqca9984qfe4309pm8009qpa8675sdr051_firmwaresdx55mpm670aqca6421_firmwarewtr3905_firmwareqfe4373fcmsm8953qat3518_firmwarepmi8998qfe2520qsw8574sd821_firmwarear8031_firmwarepm855lqfe4302pm8150b_firmwaresmr545_firmwarepmc1000h_firmwareqca6564a_firmwareqdm2310_firmwareqca6694au_firmwarepm4250_firmwaresdr105_firmwaresd480sd870pm670pm8005pm855_firmwareqdm2302pmm6155ausdxr1pm855b_firmwareapq8096auqca6595_firmwareqcs405_firmwarepm640l_firmwarepmi8996_firmwareqet5100msa8155psd675sd439qet4101pm670lar8035_firmwareqcm2290wcn3991_firmwarepmm8155au_firmwareqfe4465fcsd678sdr051qln5030qcs2290_firmwarepm4125fsm10056pmi632pm456sd7c_firmwareqfe2081fc_firmwaresmb1360_firmwarecsra6620qet5100_firmwareqpa5373qet6100_firmwarepm670l_firmwaresdr660gsd455qpa8686smb1358_firmwareqca6390_firmwaresd730_firmwarewcd9370sdr425pmr525_firmwareqca6584au_firmwareqfe3340_firmwarear8151_firmwarepmi632_firmwareqat5516sd662qpa8821_firmwareqfe4308sdr660g_firmwareapq8037pm3003aqca6320_firmwarewcn3680b_firmwareqca6595auwcn3999_firmwareqca6436_firmwareqtc800tsmb1354qca6564au_firmwaresa6155p_firmwareqca6310qpm8820pm8937qpm2630qfe2081fcsa515m_firmwaresdxr2_5gsd821sa6145p_firmwaresdr675sm6250sd712_firmwareapq8017_firmwarewsa8810_firmwaresmb231qet4200aqqca6174a_firmwarewcd9385qdm2302_firmwareqat3550_firmwarepmm8155aupm4125_firmwarear8035pm8019_firmwareapq8064auqca6694_firmwareqpa8673qdm2310qfe2550_firmwaremsm8953_firmwareqln5030_firmwareqca6694ausda429wwcn3620_firmwareqfe4302_firmwaresd820smb1396_firmwarewcn6850_firmwarewcn3620qca6564asmr546pmx24pmi8952_firmwareqcm2290_firmwaresdr845wcn3990qfe3440fc_firmwaresdx24pmi8994_firmwareqdm2307_firmwaremsm8996ausdm429w_firmwarepmi8940sd888_5gsm6250prgr7640auqln1035bdpm855asdr660_firmwareqca6574apm8916_firmwaresmb1390_firmwareqca6174aqfe4303_firmwareqet5100m_firmwareqtm525mdm9205sa515mwtr6955sa2150p_firmwaresd855sm4125_firmwaresd8cxqfe4305wtr6955_firmwarepm640psdr865_firmwareqfe4465fc_firmwarepm8250_firmwaresd460qca6391sd8cx_firmwaresdxr1_firmwaresmb1351aqt1000_firmwarepm215_firmwaremsm8920pm660aqpa4340qcm4290sdx50mpm640asdr8150pm8916msm8920_firmwarepmd9655qca6574ausa8155p_firmwareqsw6310qet6105_firmwarewcd9341_firmwarewsa8810qtc410s_firmwareqpm2630_firmwaresmb231_firmwareqdm2308wtr4905_firmwareqat3550wcn3680bsd835_firmwarepm3003a_firmwareqca6696qfe4301qtc800s_firmwaresmb1381_firmwaresd845_firmwaresa6150pqpa8688_firmwareapq8037_firmwarepmm8195au_firmwaresd720g_firmwaresd636_firmwarepm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-14042
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.1||HIGH
EPSS-0.04% / 12.88%
||
7 Day CHG~0.00%
Published-02 Jun, 2020 | 15:05
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound read in in fingerprint application due to requested data assigned to a local buffer without length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Kamorta, MDM9205, Nicobar, QCS404, QCS405, QCS605, Rennell, SA415M, SA6155P, SC7180, SC8180X, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm850_firmwarekamorta_firmwaresa6155p_firmwaresdm845sdx24qcs404_firmwaresm8250_firmwaresc8180x_firmwaresa415m_firmwareqcs405sm7150_firmwaresdm710sc7180_firmwaresm6150sdm710_firmwaresm7150sa6155psdm670sxr2130qcs605_firmwaresc8180xsdm670_firmwareqcs404sdx24_firmwaresm8150_firmwaresxr2130_firmwareqcs405_firmwarerennellsa415msc7180mdm9205_firmwarerennell_firmwaremdm9205qcs605sdx55sm6150_firmwaresm8250sm8150sdm850sxr1130_firmwarekamortasdx55_firmwarenicobar_firmwaresxr1130nicobarsdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-10625
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.1||HIGH
EPSS-0.04% / 12.88%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-04 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound access in diag services when DCI command buffer reallocation is not done properly with required capacity in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8009, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, QCS605, Rennell, SC8180X, SDM429W, SDM710, SDX55, SM7150, SM8150

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9206mdm9207csc8180xmdm9640_firmwaresm8150_firmwareapq8096ausdm429wrennellrennell_firmwaremdm9206_firmwaremdm9607_firmwareqcs605mdm9650sc8180x_firmwaresdx55sm7150_firmwareapq8096au_firmwaresdm710mdm9607mdm9650_firmwaresdm429w_firmwaresm8150sdm710_firmwaresdx55_firmwaresm7150apq8009_firmwareapq8009qcs605_firmwaremdm9207c_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-1985
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.04% / 12.88%
||
7 Day CHG~0.00%
Published-20 Oct, 2021 | 06:31
Updated-03 Aug, 2024 | 16:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer over read due to lack of data length check in QVR Service configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830sd678sm7250sm6250p_firmwareqcs610qcs2290_firmwaresm7250_firmwaresd_636qcs4290wcn3950_firmwaresd765g_firmwareqca6420_firmwareqcs2290qca6390_firmwareqca6335msm8917sd690_5gsd730_firmwaresd_455_firmwarewcd9370qcs605_firmwaresd_675_firmwaresd675_firmwareqcs6125_firmwareqca6426sd632wcn3998wcd9371_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcn3950sm4125sd720gwcn3615_firmwarewcn3660bsd662sd460_firmwareqca6320_firmwareqca6574au_firmwaresdx55_firmwarewcn3680b_firmwarewcd9375_firmwarewcn3615wcn3998_firmwarewcn3610_firmwareqca6420qca6436_firmwareapq8053_firmwareqca6564au_firmwaresd778gqca6310qcs6490sd429sdxr2_5gqcs6125sd662_firmwaresdm630wcn3988_firmwareqca6430sd205sd429_firmwaresm6250sd778g_firmwareapq8017_firmwarequalcomm215_firmwaresd765gsd765_firmwareqca6436wcn6851qcs603_firmwareqcs4290_firmwarewcd9385qcs6490_firmwarewcd9371sd750gsd870_firmwareqca6390wcd9375sd750g_firmwareaqt1000apq8064auwcn3910_firmwaresm6250_firmwaremsm8953_firmwarewsa8830_firmwaremsm8917_firmwaresd210sd855_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewsa8835_firmwareapq8017qca6564awcn6750_firmwarewcn3610qcm6125_firmwareqcm2290_firmwarewcn3991wcd9380_firmwaresd_675msm8996au_firmwaresd780gsd865_5gqca6564ausdx55m_firmwarewcn6856_firmwaresd888wsa8835sd632_firmwaremsm8996ausd665_firmwarewcd9380sd888_5gsm6250pqualcomm215qca6574asd690_5g_firmwaresdx50m_firmwarewcn6855_firmwareqca6310_firmwaresm7325qca6430_firmwarewcn6750sd439_firmwareqca6335_firmwareqcs605sd855sm4125_firmwarewcn6850sd665wcn3910qca6320sd765qca6426_firmwarewcn3660b_firmwarewcn3680qca6574a_firmwaresd768g_firmwaresd460qca6391sd730sdx55msdxr1_firmwareaqt1000_firmwarewcn6740_firmwaremsm8953sd678_firmwareapq8064au_firmwareqcm4290qcm6490_firmwaresdx50mwcn3680_firmwaresd480_firmwareqcs603wcn6851_firmwaresd_455qca6574ausd_636_firmwaresd205_firmwareqca6564a_firmwareqcm6125qcm4290_firmwaresd480sd870wcn6855sd210_firmwareqcs610_firmwarewcn6856wcn3680bsdxr1sd768gapq8096auwcn6740sdm630_firmwareqca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55sd888_firmwareapq8053apq8096au_firmwaresd675sd439sd720g_firmwareqcm2290sm7325_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-1928
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-4.6||MEDIUM
EPSS-0.04% / 13.65%
||
7 Day CHG~0.00%
Published-08 Sep, 2021 | 11:25
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer over read could occur due to incorrect check of buffer size while flashing emmc devices in Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn5024_firmwareqca9377_firmwareqcn5500qca9561qcn9070ipq4028_firmwareqcn5550ar9380ipq8173_firmwareqca9563_firmwareqca9561_firmwareqcn5124qca4024_firmwareqcn9072qca9880_firmwareqca9992ipq8078aipq8069_firmwareapq8009_firmwareqca6335ipq6000qcn5064ipq8072qcn5152_firmwareqcn9000_firmwareqca9984_firmwareipq5018qca9377ipq8076aqcn6024_firmwarewcd9326_firmwaremdm9206_firmwareqca9563wcn3660bipq8074aqcn5124_firmwareqca9982qfe1952_firmwareqca6428qca6320_firmwareqcn5164_firmwareqcn5122_firmwareipq8071wcn3680b_firmwareqca8081_firmwareqcn6023_firmwarewcn3610_firmwareapq8053_firmwareqca6438_firmwareipq5010ipq8070_firmwareqca6310qca9367_firmwareipq8065ipq8078a_firmwareqfe1952ipq8174qca9990qca7500ipq4029_firmwareipq8072_firmwareqca9367qcn5052ipq6010ipq8068qcn9074sd205wcd9340wsa8810_firmwarequalcomm215_firmwareqca6694wcd9326qca8081qca9982_firmwareipq8071aqcn6023ipq8071a_firmwareqca9888_firmwareipq8068_firmwareqcn5154_firmwareqca9898_firmwarecsr8811ipq4019qca6694_firmwareqcn9100_firmwareqfe1922sda429wsd210qca9992_firmwarewcn3620_firmwareipq5010_firmwareipq8074a_firmwareqca6438wsa8815_firmwarewcn3620qcn5121qca9898qcn5022_firmwareipq4028wcn3610qca6428_firmwareipq5018_firmwareqca8072qca9882qca9985_firmwareipq4018_firmwaresda429w_firmwareqcn9000ipq8072aqca7500_firmwareqca9980_firmwarewcd9330ipq8076a_firmwarear9380_firmwareipq8078ipq8173qcn9012qcn5164qca9558qca9558_firmwareqca9896_firmwareipq8065_firmwarecsr8811_firmwareqcn5054_firmwarequalcomm215qcn5154qca8075_firmwareipq4019_firmwareipq4018ipq6005_firmwaremdm9206qcn5024qca9889ipq8074qca6310_firmwareqca8072_firmwareqca9888qca9985qca9994_firmwareqcn5052_firmwareipq8070a_firmwareqcn9012_firmwarewcn3980qca6335_firmwareipq6018_firmwareipq8076_firmwareqca9886qcn5502_firmwarewcd9340_firmwarewsa8815pmp8074_firmwareqca6320ipq8076qfe1922_firmwareqca9887wcn3660b_firmwareqca9984ipq6028ipq8064ipq8069pmp8074qcn5021qcn5152qcn9024wcn3980_firmwareapq8009qcn5550_firmwarewcd9330_firmwareipq8064_firmwareipq6005qcn9100qcn5064_firmwareqca9882_firmwareipq8078_firmwareqcn5054qcn9070_firmwareipq8070qca9896ipq6028_firmwareipq8072a_firmwareqcn5502qca9994qca9531qca9887_firmwareipq8074_firmwareqca9889_firmwareqca9980qcn5122qcn9024_firmwareipq8174_firmwaresd205_firmwareqca9880wsa8810qcn5121_firmwareqcn5500_firmwaresd210_firmwareipq6018qcn5022wcn3680bqca9886_firmwareipq6010_firmwareqca4024qca8075apq8053qcn5021_firmwareqcn6024qcn9022_firmwareqcn9022qca9990_firmwareipq8070aqcn9072_firmwareqca9531_firmwareipq6000_firmwareipq8071_firmwareqcn9074_firmwareipq4029Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-10623
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.1||HIGH
EPSS-0.04% / 12.88%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-04 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible integer overflow can happen in host driver while processing user controlled string due to improper validation on data received. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in QCN7605, QCS605, Rennell, SC8180X, SDA845, SDM710, SDX24, SDX55, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm8150_firmwaresdx24_firmwaresxr2130_firmwaresda845_firmwareqcs605_firmwarerennellqcn7605rennell_firmwaresdx24sm8250_firmwareqcs605sc8180x_firmwaresdx55sm7150_firmwaresm8250sdm710sm8150sdm710_firmwaresdx55_firmwaresm7150qcn7605_firmwaresxr2130sc8180xsda845Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-30297
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.04% / 12.88%
||
7 Day CHG~0.00%
Published-20 Oct, 2021 | 06:31
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound read due to improper validation of packet length while handling data transfer in VR service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830sd678sm7250sm6250p_firmwareqcs610qcs2290_firmwaresm7250_firmwaresd_636qcs4290wcn3950_firmwaresd765g_firmwareqca6420_firmwareqcs2290qca6390_firmwareqca6335msm8917sd690_5gsd730_firmwarewcd9370qcs605_firmwaresd_675_firmwaresd675_firmwareqcs6125_firmwareqca6426sd632wcn3998wcd9385_firmwaresdxr2_5g_firmwarewcn3950sm4125sd720gwcn3615_firmwarewcn3660bsd662sd460_firmwareqca6320_firmwareqca6574au_firmwaresdx55_firmwarewcn3680b_firmwarewcd9375_firmwarewcn3615wcn3998_firmwarewcn3610_firmwareqca6420qca6436_firmwareapq8053_firmwareqca6564au_firmwaresd778gqca6310sd429sdxr2_5gqcs6125sd662_firmwaresdm630wcn3988_firmwareqca6430sd205sd429_firmwaresm6250sd778g_firmwareapq8017_firmwarequalcomm215_firmwaresd765gsd765_firmwareqca6436wcn6851qcs603_firmwareqcs4290_firmwarewcd9385sd750gsd870_firmwareqca6390wcd9375sd750g_firmwareaqt1000wcn3910_firmwaresm6250_firmwaremsm8953_firmwarewsa8830_firmwaremsm8917_firmwaresd210sd855_firmwaresd865_5g_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwarewsa8835_firmwareapq8017qca6564awcn6750_firmwarewcn3610qcm6125_firmwareqcm2290_firmwarewcn3991wcd9380_firmwaresd_675msm8996au_firmwaresd780gsd865_5gqca6564ausdx55m_firmwarewcn6856_firmwaresd888wsa8835sd632_firmwaremsm8996ausd665_firmwarewcd9380sd888_5gsm6250pqualcomm215qca6574asd690_5g_firmwaresdx50m_firmwarewcn6855_firmwareqca6310_firmwaresm7325qca6430_firmwarewcn6750sd439_firmwareqca6335_firmwareqcs605sd855sm4125_firmwarewcn6850sd665wcn3910qca6320sd765qca6426_firmwarewcn3660b_firmwarewcn3680qca6574a_firmwaresd768g_firmwaresd460qca6391sd730sdx55msdxr1_firmwareaqt1000_firmwarewcn6740_firmwaremsm8953sd678_firmwareqcm4290sdx50mwcn3680_firmwarewcn6851_firmwareqcs603qca6574ausd_636_firmwaresd205_firmwareqca6564a_firmwareqcm6125qcm4290_firmwaresd870wcn6855sd210_firmwareqcs610_firmwarewcn6856wcn3680bsdxr1sd768gapq8096auwcn6740sdm630_firmwareqca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55sd888_firmwareapq8053apq8096au_firmwaresd675sd439sd720g_firmwareqcm2290sm7325_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-11203
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.1||HIGH
EPSS-0.05% / 16.88%
||
7 Day CHG~0.00%
Published-22 Feb, 2021 | 06:25
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack overflow may occur if GSM/WCDMA broadcast config size received from user is larger than variable length array in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa6150p_firmwareqca8337pm6125qat3519qbt2000_firmwarewcn3950_firmwareqtc800hsa8150p_firmwareqca6595au_firmwarepm8998_firmwareqcs605_firmwarewtr5975_firmwareqat3518pm456_firmwarewcn3998smr526_firmwarewcn3950qpa5460pm640a_firmwaresd720gqsw8573_firmwarewcn3660bwgr7640_firmwareqsw8574_firmwareqca6574au_firmwareqpa4360_firmwarewcd9375_firmwarewcn3998_firmwareqbt2000msm8909wpm855papq8009w_firmwareqca6420pm6150apmx50_firmwareqpa5460_firmwaresa8155_firmwareqca6430qat3522pmr735awcd9340sdm830_firmwarequalcomm215_firmwaresdr660wcn6851sa6155pqpa6560sdr675_firmwaresdr865wcd9341qca6696_firmwarepmm855au_firmwaresa8150pqtc800ssd855_firmwarewcn3988wtr3925pm640p_firmwaresdr052sa8195p_firmwaresmb1390sdw3100_firmwarewcn6750_firmwareqat5516_firmwarepm6150lpm855l_firmwarewcn3610qtc410sqca8337_firmwaresda429w_firmwarewcd9380_firmwarewcn3991smb1355sdm429wmsm8996au_firmwarewgr7640qet5100qca6564auqtm527_firmwaresdx55m_firmwarepm8005_firmwarepm6150qet4101_firmwareqca6574sdr052_firmwarepmm8996auwcd9380smb1355_firmwarequalcomm215smb1381pm855p_firmwaresdx50m_firmwarewtr4905smr526wtr5975qca6430_firmwarewcn3980qtc801s_firmwareqat3522_firmwareqdm2301qsw8573qcs605wcd9340_firmwarewsa8815wcn6850qdm2301_firmwarewcn3660b_firmwarewcn3680pm8009wcn3980_firmwaresd730sdr051_firmwaresdx55mpm6250_firmwarepm8008qtm525_firmwareqat3518_firmwareqsw8574pmi8998apq8064au_firmwarewcn3680_firmwarepm855lwcn6851_firmwareqpa6560_firmwareqca6564a_firmwarepm8009_firmwareapq8009wpm670pmi8998_firmwarepm8005pm855_firmwaresa6145ppm215qdm2302pmm6155aupm855b_firmwareapq8096auqca6595_firmwarewtr2965pm640l_firmwareqca6391_firmwarewcd9370_firmwaresdx55sa8155psd675qet4101qat3555_firmwarepm670lpm855bwcn3991_firmwarepmm8155au_firmwaresdr051pm6125_firmwareqbt1500pmi632pm456qbt1500_firmwareqet5100_firmwarepm670l_firmwarepmm855ausdr660gqca6420_firmwaresd730_firmwarewcd9370sd675_firmwareqca6564qpa4361_firmwarewcn3990_firmwarepmi632_firmwareqat5516wcd9326_firmwarewcn3615_firmwarewtr2955rgr7640au_firmwaresdr660g_firmwarepmk8002_firmwareqsw6310_firmwaresa8155sdx55_firmwarepmm6155au_firmwareqca6595auwcn3615wcn3610_firmwareqca6564au_firmwaresa6155p_firmwareqat5515_firmwarepm855sd429wcn3988_firmwarepmx55sa6145p_firmwaresd429_firmwaresdr675sm6250qat3519_firmwaresa8195pwsa8810_firmwareqat5515smb231wcd9326pm8004_firmwaresdr8150_firmwareqtc800h_firmwareqdm2302_firmwareqat3550_firmwarepmm8155auwcd9375apq8064auaqt1000sm6250_firmwarepmm8195ausda429wwcn3620_firmwarewtr3925_firmwarewcn6850_firmwarewsa8815_firmwarepm8998sdw3100wcn3620qca6564awcn3990pmx55_firmwareqtm527wtr2955_firmwareqca6595pmm8996au_firmwaremsm8909w_firmwaremsm8996ausdm429w_firmwaresd665_firmwarergr7640auqpa4360sdr660_firmwareqca6574aqpa4361pm8916_firmwaresmb1390_firmwarewcn6750pm6150l_firmwareqtm525qca6574_firmwaresd855sd665pm6150a_firmwarepm6150_firmwarepm640pqca6574a_firmwaresdr865_firmwareqat3555qca6391aqt1000_firmwarepm215_firmwarewtr2965_firmwarepm670_firmwaresdx50mpm640asdr8150pm8916qtc801sqca6574ausa8155p_firmwareqsw6310pm8008_firmwarewcd9341_firmwarewsa8810qtc410s_firmwaresmb231_firmwarepmr735a_firmwarewtr4905_firmwarepmw3100pmx50qat3550qca6564_firmwareqca6696qtc800s_firmwaresmb1381_firmwarepmw3100_firmwarepm8004pm640lpmk8002sa6150papq8096au_firmwarepmm8195au_firmwaresdm830sd720g_firmwarepm6250Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-13910
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.22%
||
7 Day CHG~0.00%
Published-14 Jun, 2019 | 17:02
Updated-05 Aug, 2024 | 09:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-Bounds access in TZ due to invalid index calculated to check against DDR in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, QCA8081, Qualcomm 215, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 650/52, SD 820, SD 820A, SDM439, Snapdragon_High_Med_2016

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_427_firmwaresd_632sd_820asd_412msm8996au_firmwaresd_439sd_425sd_429sd_430_firmwaremdm9607_firmwaresd_435mdm9655_firmwaremdm9650sdm439sd_625ipq8074_firmwaresnapdragon_high_med_2016_firmwareqm215mdm9607msm8996ausd_820_firmwaresd_650sd_820sd_450_firmwaresd_410sd_439_firmwaresd_820a_firmwareqca8081sd_429_firmwaremdm9206sd_652sd_425_firmwaresnapdragon_high_med_2016sd_625_firmwareipq8074mdm9655sd_450sd_412_firmwaresdm439_firmwareqm215_firmwaremdm9206_firmwaresd_427sd_430sd_435_firmwaresd_632_firmwaremdm9650_firmwaresd_410_firmwaresd_652_firmwareqca8081_firmwaresd_650_firmwareSnapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-13904
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.39% / 59.57%
||
7 Day CHG~0.00%
Published-25 Feb, 2019 | 23:00
Updated-05 Aug, 2024 | 09:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in SCM handler to access storage in TZ can lead to unauthorized access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in versions MDM9206, MDM9607, MDM9650, MDM9655, QCS605, SD 410/12, SD 675, SD 712 / SD 710 / SD 670, SD 8CX, SXR1130.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_712mdm9206sd_675mdm9655sd_12sd_712_firmwaresd_8cx_firmwaresd_670_firmwaremdm9206_firmwaremdm9607_firmwaresd_710_firmwaremdm9655_firmwaremdm9650qcs605sd_8cxsd_670mdm9607mdm9650_firmwaresd_710sd_410_firmwaresd_12_firmwaresxr1130_firmwaresd_410sxr1130qcs605_firmwaresd_675_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-20
Improper Input Validation
CVE-2018-13906
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.23% / 45.78%
||
7 Day CHG~0.00%
Published-14 Jun, 2019 | 17:02
Updated-05 Aug, 2024 | 09:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The HMAC authenticating the message from QSEE is vulnerable to timing side channel analysis leading to potentially forged application message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8074, MDM9150, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCA8081, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632mdm9635m_firmwaremdm9640_firmwaresd_820amsm8996au_firmwaresd_439sd_670_firmwaresd_429sdm439mdm9650sd_636sd_615_firmwaresnapdragon_high_med_2016_firmwaremsm8909w_firmwaremsm8996ausd_820sd_650sd_450_firmwaresd_845_firmwaresd_410sd_820a_firmwareqcs605_firmwareipq4019_firmwaremdm9206sd_652sd_425_firmwaresd_625_firmwareipq8074sd_450mdm9635msd_8cx_firmwaresd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sxr1130_firmwaresd_210_firmwaresd_415_firmwaresd_652_firmwareqca8081_firmwaresxr1130msm8909wsd_616_firmwaresd_205_firmwaresd_415sd_212sd_650_firmwaresd_427_firmwaresd_712sd_855sd_412qualcomm_215sdx20sd_616sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435mdm9655_firmwaresd_615sd_710_firmwareqcs405sdm630sd_625ipq8074_firmwaresd_820_firmwaresd_210mdm9607sd_636_firmwaresd_439_firmwareqca8081qualcomm_215_firmwaremdm9150sd_429_firmwaresnapdragon_high_med_2016sd_212_firmwaresd_850_firmwaremdm9655sdm439_firmwareqcs405_firmwaresd_712_firmwaresd_412_firmwaresd_855_firmwaresdm630_firmwaresda660_firmwaresd_8cxsd_430ipq4019sd_427sd_670sd_435_firmwaresdx20_firmwaresd_710sd_410_firmwaresd_205sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-417
Not Available
CWE ID-CWE-20
Improper Input Validation
CVE-2024-21458
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.15% / 35.84%
||
7 Day CHG~0.00%
Published-01 Jul, 2024 | 14:17
Updated-01 Aug, 2024 | 22:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN HOST

Information disclosure while handling SA query action frame.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn5024_firmwareqam8255p_firmwareqcn9070qca8337qam8650pqfw7124ipq8173_firmwareqam8775pqcf8001qamsrv1mqcn6224_firmwareqcn5124qca4024_firmwareqca8082qcn9072qca8386immersive_home_318_platform_firmwareipq8078aipq5028_firmwareqca6595au_firmwareipq6000qcn5152_firmwareqca0000_firmwareqca6584au_firmwareqcn9000_firmwareipq9554qamsrv1hqca6554a_firmwareimmersive_home_216_platformipq8076aimmersive_home_316_platformimmersive_home_316_platform_firmwareqamsrv1h_firmwareqca8386_firmwareqcn6024_firmwareqca8084_firmwareimmersive_home_318_platformipq8074aqcn6412qcn5124_firmwareqca8082_firmwaresa9000p_firmwareqca6574au_firmwareqcn5122_firmwareqcn5164_firmwareqcn6422_firmwareqca6595auqca8081_firmwareqcn6023_firmwareqfw7114sa7255psdx55_firmwareipq5010qca6564au_firmwareqca6584ausa8620p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareipq8078a_firmwareqcn9274qca6678aq_firmwaresnapdragon_x72_5g_modem-rf_systemsa8775p_firmwareipq8174ipq5028qca6698aqqcn5052qca0000qcf8001_firmwareipq6010qcn6112_firmwareqcn9074srv1hqca8085sa7775p_firmwaresdx65mwcd9340qcn6132qcn6224sa8255p_firmwaresnapdragon_x75_5g_modem-rf_systemqca8081qcf8000qca6698aq_firmwareipq8071aqcn6023sa7775psdx65m_firmwareipq5312ipq8071a_firmwaresnapdragon_auto_5g_modem-rf_gen_2immersive_home_3210_platformqca8085_firmwareipq5300qam8775p_firmwareqca9888_firmwareqcn6122qca6696_firmwaresa8255psa8770p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareipq9008_firmwareipq9570qcn5154_firmwarear8035csr8811qcc710_firmwareqcn9100_firmwareipq5010_firmwareipq8074a_firmwareqcn5022_firmwareimmersive_home_216_platform_firmwaresa8770pqca8337_firmwareqcn9000ipq8072aqcf8000_firmwareqca6554aipq8076a_firmwareqca6595ipq8078qca6564auqca8084ipq8173ipq9008qcn5164immersive_home_326_platform_firmwareqcn6122_firmwareqca6574qcn6402_firmwarecsr8811_firmwareqcn6274qcn6422ipq9554_firmwaresnapdragon_x72_5g_modem-rf_system_firmwareqcn5154qca8075_firmwareqca6574aqcn5024qca9889qcn6132_firmwareqca9888qcn5052_firmwareqcn9274_firmwareqcc2076_firmwareipq8070a_firmwareqfw7114_firmwareqcc2073_firmwareipq6018_firmwareipq8076_firmwaresa8650pqca6574_firmwaresa9000pwcd9340_firmwareqcn6112ipq8076qca6574a_firmwareqcn5152ipq6028sa8775pqcn9024ipq9574_firmwareimmersive_home_3210_platform_firmwareipq5302fastconnect_7800qcn9100qcn6274_firmwareqca6678aqsnapdragon_x65_5g_modem-rf_systemipq5300_firmwareipq8078_firmwareipq9570_firmwareqcn9070_firmwaresa8650p_firmwaresnapdragon_x75_5g_modem-rf_system_firmwaresrv1h_firmwareipq6028_firmwareipq8072a_firmwareqcn6432_firmwareipq5312_firmwareqca6574auqca9889_firmwareipq9574qcn5122qcn9024_firmwareipq8174_firmwaresa7255p_firmwarefastconnect_7800_firmwaresa8620pqcn6412_firmwareipq5332_firmwareipq5332ipq5302_firmwareimmersive_home_326_platformqamsrv1m_firmwareipq6018qcn5022srv1m_firmwareqam8650p_firmwareqcc710ipq6010_firmwareimmersive_home_214_platformqca6595_firmwareqca6696immersive_home_214_platform_firmwareqca4024sdx55qca8075qcn6402qcn9022_firmwareqcn6024qcn9022qcc2076ipq8070aqcn9072_firmwareipq6000_firmwaresrv1mqcn9074_firmwareqfw7124_firmwareqam8255pqcc2073qcn6432ar8035_firmwareSnapdragonqcn5024_firmwareqam8255p_firmwareqca8337_firmwareqcf8000_firmwareipq8076a_firmwareipq8173_firmwareqcn6224_firmwareqca4024_firmwareimmersive_home_326_platform_firmwareqcn6122_firmwareqcn6402_firmwareimmersive_home_318_platform_firmwarecsr8811_firmwareipq5028_firmwareqca6595au_firmwareipq9554_firmwaresnapdragon_x72_5g_modem-rf_system_firmwareqca8075_firmwareqcn5152_firmwareqca0000_firmwareqcn6132_firmwareqca6584au_firmwareqcn9000_firmwareqcn5052_firmwareqcn9274_firmwareqcc2076_firmwareipq8070a_firmwareqca6554a_firmwareqfw7114_firmwareqcn6024_firmwareqca8386_firmwareqcc2073_firmwareimmersive_home_316_platform_firmwareqamsrv1h_firmwareipq6018_firmwareipq8076_firmwareqca6574_firmwareqca8084_firmwarewcd9340_firmwareqcn5124_firmwareqca8082_firmwaresa9000p_firmwareqca6574a_firmwareqca6574au_firmwareqcn5122_firmwareqcn5164_firmwareqcn6422_firmwaresdx55_firmwareqca8081_firmwareqcn6023_firmwareipq9574_firmwareimmersive_home_3210_platform_firmwareqca6564au_firmwaresa8620p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareipq8078a_firmwareqca6678aq_firmwareqcn6274_firmwaresa8775p_firmwareipq5300_firmwareipq8078_firmwareipq9570_firmwareqcn9070_firmwaresa8650p_firmwaresnapdragon_x75_5g_modem-rf_system_firmwareqcf8001_firmwaresrv1h_firmwareipq6028_firmwareipq8072a_firmwareqcn6112_firmwareqcn6432_firmwareipq5312_firmwareqca9889_firmwaresa7775p_firmwareqcn9024_firmwareipq8174_firmwaresa7255p_firmwarefastconnect_7800_firmwaresa8255p_firmwareqcn6412_firmwareipq5332_firmwareipq5302_firmwareqca6698aq_firmwareqamsrv1m_firmwaresdx65m_firmwaresrv1m_firmwareipq8071a_firmwareqam8650p_firmwaresa8770p_firmwareqca8085_firmwareqam8775p_firmwareqca9888_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareipq6010_firmwareqca6696_firmwareqca6595_firmwareipq9008_firmwareqcn5154_firmwareimmersive_home_214_platform_firmwareqcc710_firmwareqcn9100_firmwareqcn9022_firmwareipq5010_firmwareipq8074a_firmwareqcn9072_firmwareipq6000_firmwareqcn9074_firmwareqcn5022_firmwareqfw7124_firmwareimmersive_home_216_platform_firmwarear8035_firmware
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-11953
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.27% / 49.72%
||
7 Day CHG~0.00%
Published-24 May, 2019 | 16:44
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While processing ssid IE length from remote AP, possible out-of-bounds access may occur due to crafted ssid IE length in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 650/52, SD 820, SD 820A, SDM439, SDX20

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaremdm9150_firmwaresd_632mdm9640_firmwaresd_820amsm8996au_firmwaresd_439sdx20sd_415sd_616sd_425sd_429sdm439mdm9607_firmwaresd_615mdm9650sd_650_firmwaresd_625qca6574ausd_615_firmwaremsm8909w_firmwaremdm9607msm8996auqm215sd_210sd_650sd_820_firmwaresd_820sd_450_firmwaresd_439_firmwaresd_820a_firmwaremdm9150sd_429_firmwaremdm9206sd_652qca6174a_firmwareqca6174aqca9379_firmwaresd_212_firmwaresd_425_firmwaresd_625_firmwaresd_450sdm439_firmwareqca9377mdm9206_firmwareqm215_firmwaresd_632_firmwaremdm9650_firmwaresdx20_firmwaresd_205qca6574au_firmwaresd_210_firmwaresd_415_firmwaresd_652_firmwaremsm8909wqca9379sd_616_firmwaresd_205_firmwaresd_212mdm9640Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-11950
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 26.50%
||
7 Day CHG~0.00%
Published-26 Oct, 2018 | 13:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unapproved TrustZone applications can be loaded and executed in Snapdragon Mobile in version SD 845, SD 850

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850_firmwaresd_845sd_850sd_845_firmwareSnapdragon Mobile
CWE ID-CWE-20
Improper Input Validation
CVE-2018-11955
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.32% / 54.81%
||
7 Day CHG~0.00%
Published-14 Jun, 2019 | 17:02
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of check on length of reason-code fetched from payload may lead driver access the memory not allocated to the frame and results in out of bound read in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 665, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDM439, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresd_850mdm9150_firmwaresd_632mdm9640_firmwaresd_820amsm8996au_firmwaresd_439sd_670_firmwaresd_429sdx24sdm439mdm9650sd_636sd_615_firmwaremsm8909w_firmwaremsm8996ausd_820sd_650sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaremdm9206sd_652sd_425_firmwareqca9379_firmwareqca6174asd_665sdx24_firmwaresd_625_firmwaresd_450qca9377sd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835qca6574au_firmwaresd_210_firmwaresd_600sd_652_firmwaresd_415_firmwaremsm8909wsd_665_firmwaresd_616_firmwaresd_205_firmwaresd_415sd_212sd_650_firmwaresd_427_firmwaresd_712sd_855sd_730_firmwarequalcomm_215sdx20sd_616sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_615sd_710_firmwareqcs405sd_625qca6574ausd_820_firmwaresd_210mdm9607sd_636_firmwaresd_439_firmwarequalcomm_215_firmwaremdm9150sd_429_firmwareqca6174a_firmwaresd_730sd_212_firmwaresd_850_firmwaresd_855_firmwaresdm439_firmwareqcs405_firmwaresd_712_firmwaresd_430sd_427sd_670sd_435_firmwaresdx20_firmwaresd_710sd_600_firmwaresd_205qca9379sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-11937
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.27% / 49.72%
||
7 Day CHG~0.00%
Published-24 May, 2019 | 16:35
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of input validation before copying can lead to a buffer over read in WLAN function in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24, SM7150

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_427_firmwaresd_712sd_850mdm9150_firmwaresd_855mdm9640_firmwaresd_820asd_675msm8996au_firmwaresdx20sd_670_firmwaresd_425sdm660sdx24sd_430_firmwaremdm9607_firmwaresd_435mdm9650sd_636sd_710_firmwaresdm630sd_625qca6574ausm7150_firmwaremdm9607msm8996ausd_636_firmwaresd_450_firmwaresd_845_firmwaresm7150sd_820a_firmwaremdm9150qcs605_firmwaresd_675_firmwaremdm9206sd_425_firmwaresd_850_firmwaresdx24_firmwaresd_625_firmwaresd_450sd_855_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_845mdm9206_firmwareqcs605sd_427sd_430sd_670sd_435_firmwaresd_835_firmwaremdm9650_firmwaresd_710sdx20_firmwaresd_835qca6574au_firmwaresda660sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-11873
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.22%
||
7 Day CHG~0.00%
Published-29 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation leads to buffer overwrite in the WLAN function that handles WLAN roam buffer in Snapdragon Mobile in version SD 845.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd845_firmwaresd845Snapdragon Mobile
CWE ID-CWE-20
Improper Input Validation
CVE-2018-11898
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.83%
||
7 Day CHG~0.00%
Published-19 Sep, 2018 | 14:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing start bss request from upper layer, out of bounds read occurs if ssid length is greater than maximum.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-11872
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.22%
||
7 Day CHG~0.00%
Published-29 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation leads to buffer overwrite in the WLAN function that handles WMI commands in Snapdragon Mobile in version SD 845, SD 850, SDA660

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_850_firmwaresda660sd_845_firmwaresda660_firmwaresd_845Snapdragon Mobile
CWE ID-CWE-20
Improper Input Validation
CVE-2018-11897
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.79%
||
7 Day CHG~0.00%
Published-19 Sep, 2018 | 14:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing diag event after associating to a network out of bounds read occurs if ssid of the network joined is greater than max limit.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-38420
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-8.8||HIGH
EPSS-0.03% / 9.77%
||
7 Day CHG~0.00%
Published-03 Feb, 2025 | 16:51
Updated-05 Feb, 2025 | 13:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in Hypervisor

Memory corruption while configuring a Hypervisor based input virtual device.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_7800_firmwareqca6421snapdragon_678_mobilesnapdragon_ar2_gen_1qcm6490_firmwaresd675qcn6224_firmwareqca6420snapdragon_670_mobile_firmwaresa7775p_firmwaresa8775pqca6574au_firmwaresc8180x-ad_firmwaresd670_firmwareqam8775pqca6584ausnapdragon_x65_5g_modem-rf_firmwarewcd9326qca6430sa8255pqdu1210_firmwaresnapdragon_x62_5g_modem-rfwcd9370_firmwaresnapdragon_888_5g_mobileqcc710_firmwareqru1052qdu1000_firmwaresc8180xp-acafsa8540p_firmwarerobotics_rb3_firmwaresd675_firmwaresnapdragon_865\+_5g_mobilesnapdragon_675_mobileqep8111_firmwaresd_8_gen1_5g_firmwarerobotics_rb3qru1032sxr2130qca6574ssg2115p_firmwareqcm8550sa8650psa8770p_firmwareqca6698aq_firmwaresa8775p_firmwaresnapdragon_x55_5g_modem-rf_firmwareqamsrv1m_firmwaresnapdragon_865_5g_mobilewcd9326_firmwaresnapdragon_670_mobileqca6421_firmwaresnapdragon_xr2_5gfastconnect_6800wsa8810qdx1011snapdragon_8_gen_3_mobile_firmwareqam8255p_firmwaresnapdragon_888\+_5g_mobilewcd9375snapdragon_855_mobilesnapdragon_870_5g_mobile_firmwaresc8180x-aaabqdu1000sa6155fastconnect_6200_firmwarevision_intelligence_300snapdragon_855\+_mobilesa6155psnapdragon_765g_5g_mobile_firmwareqca6335_firmwarevideo_collaboration_vc3_platformqamsrv1h_firmwaresnapdragon_860_mobile_firmwarewsa8830_firmwareqca8081qdu1110_firmwaresc8380xpwcd9385wsa8840_firmwareqfw7124_firmwarewsa8840qca6426qfw7124qca6696sa8155p_firmwareqca6595snapdragon_678_mobile_firmwareqca8337snapdragon_845_mobile_firmwareqca8337_firmwareqam8650psxr1230p_firmwaresxr2330pvision_intelligence_400_firmwaresnapdragon_x24_lte_modemsrv1mqcs5430_firmwareqru1062qam8775p_firmwaresnapdragon_ar1_gen_1sm7250p_firmwaresnapdragon_x50_5g_modem-rf_firmwareqcm5430qcs9100qca6335sa8295p_firmwaresd855_firmwareqca9377sa9000pwsa8835aqt1000_firmwareqca8081_firmwareqca6797aq_firmwarefastconnect_7800wcd9340snapdragon_xr2_5g_firmwareqca6174aqca6574ausnapdragon_765_5g_mobilesnapdragon_auto_5g_modem-rf_gen_2qca6584au_firmwaresd_675_firmwarewcn3990fastconnect_6700qca6696_firmwaresnapdragon_x72_5g_modem-rf_firmwareqdx1011_firmwareqcs9100_firmwareqru1032_firmwaresrv1m_firmwarewsa8832fastconnect_6700_firmwarewcd9390_firmwareqcn6274sc8180x-adsc8280xp-abbb_firmwarewsa8815snapdragon_768g_5g_mobile_firmwaresxr1230pqru1062_firmwaresdx57mqca6574a_firmwaresdx55_firmwaresa8620pqca6430_firmwaresrv1lsrv1h_firmwareqcs6490sa8540psa6155_firmwaresc8180x-acaf_firmwaresa9000p_firmwaresa7775psnapdragon_auto_5g_modem-rf_gen_2_firmwarewsa8835_firmwaresnapdragon_855_mobile_firmwareqep8111sa7255psnapdragon_x35_5g_modem-rfqdu1210qamsrv1mqcs5430qam8295p_firmwareqcs8550_firmwareqcm6490qru1052_firmwareqdu1010_firmwaresnapdragon_x50_5g_modem-rfssg2125p_firmwaresa8650p_firmwareqcn6274_firmwarewcn3950_firmwareqca6391snapdragon_x65_5g_modem-rfvision_intelligence_400qcn9274_firmwareqca6564aqca6310qdu1110sdx57m_firmwarewcn3950video_collaboration_vc3_platform_firmwarewsa8845_firmwaresnapdragon_x55_5g_modem-rfqca6574_firmwareqcm8550_firmwaresa8150p_firmwarear8035qca6564a_firmwaresrv1l_firmwaresc8180xp-aaab_firmwarewsa8845hsa6155p_firmwarewcd9341wcd9395_firmwaresa8155sc8180x-aaab_firmwarewcn3990_firmwarefastconnect_6900qca6574aqca6431wcd9375_firmwarewcd9385_firmwareqam8650p_firmwaresnapdragon_855\+_mobile_firmwareqcn9274snapdragon_850_mobile_computesnapdragon_860_mobileqca6310_firmwaresa8295psa6145p_firmwaresa6145psdx80msa8620p_firmwaresnapdragon_888_5g_mobile_firmwaresdx80m_firmwaresa7255p_firmwareqca6595_firmwaresnapdragon_765g_5g_mobilevision_intelligence_300_firmwareqamsrv1hsdx55sc8180xp-acaf_firmwaresnapdragon_865\+_5g_mobile_firmwarewcd9380snapdragon_x75_5g_modem-rf_firmwareqsm8350qca6436_firmwaresa8155pwsa8832_firmwaresd_8cxqca6564ausc8180xp-adsxr2130_firmwareqcs6490_firmwareqca6595au_firmwareqcn6224sa8255p_firmwareqca6595ausc8180xp-ad_firmwareqam8255psc8280xp-abbbqca6431_firmwaresrv1hsnapdragon_845_mobileqam8620par8035_firmwaresc8380xp_firmwareqsm8350_firmwaresd865_5g_firmwaresd865_5gwsa8845h_firmwaresnapdragon_675_mobile_firmwareqdx1010_firmwaresnapdragon_x62_5g_modem-rf_firmwarewsa8845snapdragon_ar2_gen_1_firmwarewcd9380_firmwaresd855qca6391_firmwareqca6174a_firmwareqdx1010qdu1010wcn3980wcd9370wcd9340_firmwaresc8180x-acafqca6426_firmwaressg2125pqca6678aqsnapdragon_765_5g_mobile_firmwaresnapdragon_x75_5g_modem-rfwcd9341_firmwaresa8155_firmwaresnapdragon_8_gen_1_mobilesnapdragon_870_5g_mobilesnapdragon_865_5g_mobile_firmwareqca6564au_firmwareqam8295pqam8620p_firmwaresnapdragon_888\+_5g_mobile_firmwareqca6797aqqcs8550sa8150psnapdragon_768g_5g_mobileqcm5430_firmwaresnapdragon_8_gen_1_mobile_firmwaresd_8_gen1_5gsnapdragon_ar1_gen_1_firmwarewsa8810_firmwaresd_8cx_firmwareqcc710sm7250pssg2115psnapdragon_8_gen_3_mobilesnapdragon_x72_5g_modem-rfqca6420_firmwareqca9377_firmwaresc8180xp-aaabsnapdragon_850_mobile_compute_firmwaresd670wsa8830wsa8815_firmwaresa8770psnapdragon_x24_lte_modem_firmwarefastconnect_6200wcn3980_firmwaresnapdragon_x35_5g_modem-rf_firmwareqca6678aq_firmwareqca6698aqqca6436fastconnect_6900_firmwareqfw7114sd_675aqt1000fastconnect_6800_firmwarewcd9390wcd9395qfw7114_firmwaresxr2330p_firmwareSnapdragon
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-38404
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.16% / 37.02%
||
7 Day CHG~0.00%
Published-03 Feb, 2025 | 16:51
Updated-05 Feb, 2025 | 13:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in Multi Mode Call Processor

Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in modem.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_7800_firmwarewsa8840qfw7124sdm429war8035_firmwareqcn6224_firmwaresm7675wsa8845h_firmwareqca8337wcn3620_firmwareqca8337_firmwarewsa8845snapdragon_x72_5g_modem-rf_system_firmwarewcn3680bwcn3610_firmwarewcn3610qcn6274_firmwareqca6584auwcn3660bsm8635psdm429w_firmwarewcn3980sm8635p_firmwarewsa8845_firmwarewcd9370wcd9340_firmwareqcc710_firmwaresm7675_firmwarewcn6755_firmwarear8035snapdragon_429_mobile_firmwarewsa8835wsa8845hqca8081_firmwarefastconnect_7800wcd9340snapdragon_x75_5g_modem-rf_systemqca6698aq_firmwarewcd9395_firmwaresnapdragon_x72_5g_modem-rf_systemqfw7114_firmwaresm7675psnapdragon_auto_5g_modem-rf_gen_2qca6584au_firmwaresnapdragon_429_mobilewcd9375_firmwaresm7675p_firmwarewcn3680b_firmwarewsa8832wcd9390_firmwareqcn6274sm8635qcc710snapdragon_8_gen_3_mobile_firmwarewcd9375sdx80msm8635_firmwaresnapdragon_8_gen_3_mobilesdx80m_firmwaresnapdragon_wear_4100\+wsa8830snapdragon_wear_4100\+_firmwarewsa8832_firmwarewsa8830_firmwarewcn3620wcn6755wcn3980_firmwareqca8081qca6698aqsnapdragon_x75_5g_modem-rf_system_firmwareqcn6224qfw7114wcd9390wsa8840_firmwarewcd9395qfw7124_firmwarewcn3660b_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwarewsa8835_firmwarewcd9370_firmwareSnapdragon
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-11830
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.22%
||
7 Day CHG~0.00%
Published-04 Apr, 2019 | 15:09
Updated-05 Aug, 2024 | 08:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in QCPE create function may lead to integer overflow in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, SD 410/12, SD 820A

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9206sd_820asd_412mdm9655msm8996au_firmwaresd_412_firmwaremdm9206_firmwaremdm9607_firmwaremdm9655_firmwaremdm9650mdm9607mdm9650_firmwaremsm8996ausd_410_firmwaresd_410sd_820a_firmwareSnapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-20
Improper Input Validation
CVE-2024-38417
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-6.1||MEDIUM
EPSS-0.03% / 8.80%
||
7 Day CHG~0.00%
Published-03 Feb, 2025 | 16:51
Updated-05 Feb, 2025 | 13:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in Automotive Multimedia

Information disclosure while processing IO control commands.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_7800_firmwareqfw7124sdm429war8035_firmwareqca6696sa8195p_firmwareqcn6224_firmwareqcs610qam8295p_firmwaresa8155p_firmwarec-v2x_9150_firmwareqca8337sa8145p_firmwareqcn9074_firmwarewcn3620_firmwareqca8337_firmwarevideo_collaboration_vc1_platform_firmwareqca9367_firmwarewcn3680bwcd9380_firmwareqca6574au_firmwaresa8195pqcn6274_firmwareqca6584auwcn3950_firmwarewcn3660bsdm429w_firmwarec-v2x_9150wcn3980wcn3950video_collaboration_vc3_platform_firmwaresw5100wcd9370wcd9340_firmwareqcc710_firmwaresa8540p_firmwaresw5100p_firmwaresa8295p_firmwarear8035sa8150p_firmwaresnapdragon_429_mobile_firmwarewsa8835qca9377sa9000pqca8081_firmwareqcn9074fastconnect_7800snapdragon_x75_5g_modem-rfsa6155p_firmwarewcd9341_firmwaresnapdragon_8_gen_1_mobilewcd9340qam8295pwcd9341wcn3988qca6698aq_firmwareqca6574auqfw7114_firmwaresa8150psa6150p_firmwarefastconnect_6900wcn3988_firmwaresw5100_firmwaresnapdragon_auto_5g_modem-rf_gen_2qca6584au_firmwaresnapdragon_429_mobileqcs410_firmwaresa8530p_firmwareqca6696_firmwaresnapdragon_8_gen_1_mobile_firmwaresnapdragon_x72_5g_modem-rf_firmwarewsa8810_firmwaresa6150pwcn3680b_firmwarewsa8810qcn6274qcc710sa8295psa6145p_firmwareqcs610_firmwaresa6145pqca9367wsa8815snapdragon_x72_5g_modem-rfqcs410qca9377_firmwaresa6155psnapdragon_x75_5g_modem-rf_firmwarewcd9380video_collaboration_vc3_platformwsa8830wsa8815_firmwaresa8155psa8145psw5100psa8530pwsa8830_firmwarewcn3620wcn3980_firmwareqca8081qca6698aqvideo_collaboration_vc1_platformfastconnect_6900_firmwaresa8540pqcn6224sa9000p_firmwareqfw7114qfw7124_firmwarewcn3660b_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwarewsa8835_firmwarewcd9370_firmwareSnapdragon
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-11935
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.18% / 39.85%
||
7 Day CHG~0.00%
Published-25 Feb, 2019 | 23:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation might result in incorrect app id returned to the caller Instead of returning failure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in versions MDM9607, MDM9650, MDM9655, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM630, SDM660, SXR1130.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_712sd_850sd_16sd_820asd_675msm8996au_firmwaresd_12sd_415sd_670_firmwaresdm660sdm630mdm9607_firmwaresd_615mdm9655_firmwaremdm9650sd_636sd_710_firmwaresd_615_firmwaresd_210mdm9607msm8996ausd_636_firmwaresd_820_firmwaresd_820sd_845_firmwaresd_410sd_820a_firmwareqcs605_firmwaresd_675_firmwaresd_212_firmwaresd_850_firmwaremdm9655sd_16_firmwaresd_712_firmwaresdm630_firmwaresd_8cx_firmwaresda660_firmwaresd_845sd_8cxqcs605sd_670sd_835_firmwaremdm9650_firmwaresd_710sd_410_firmwaresd_12_firmwaresd_205sd_835sda660sd_210_firmwaresd_415_firmwaresxr1130_firmwaresxr1130sd_205_firmwaresdm660_firmwaresd_212Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-20
Improper Input Validation
CVE-2024-38397
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.22% / 44.58%
||
7 Day CHG~0.00%
Published-07 Oct, 2024 | 12:58
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Host Communication

Transient DOS while parsing probe response and assoc response frame.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_8_gen_3_mobile_platform_firmwareqcm8550_firmwarewsa8845_firmwareqca8386_firmwareqca6678aq_firmwarewsa8832qcn9000_firmwareqca8082_firmwareipq9574srv1lqca6595wcd9370srv1mqcn6432_firmwareqca8081_firmwareqca6678aqar8035_firmwareqca6696qam8620p_firmwarewcd9340_firmwarewcd9395_firmwareqca0000_firmwareqcc710_firmwareipq9554ipq9008qca6564aufastconnect_6700qcn6422_firmwareipq9008_firmwareqcn9074qcn5124_firmwareipq5300_firmwarewsa8832_firmwaresa8195p_firmwareqca8337_firmwareqca8337wcd9395ipq5332sg8275p_firmwareqcm6490_firmwareqca6574au_firmwareqam8295psnapdragon_x72_5g_modem-rf_system_firmwarewcd9390qca6574auipq5312sa8620p_firmwareflight_rb5_5g_platformwsa8845h_firmwaresa9000p_firmwaresrv1hsnapdragon_x65_5g_modem-rf_system_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqca6797aq_firmwareqca8085_firmwareqcf8001_firmwareqca6554aqcs5430sa8295p_firmwareqcm5430qcm5430_firmwaresa8770pqcn9000qcn6274_firmwaressg2115pqca6584auqcc710snapdragon_x72_5g_modem-rf_systemqfw7114_firmwareqcs7230qca6595_firmwareqcn6402qcn6422fastconnect_7800_firmwareqcn6432fastconnect_6900ipq5332_firmwaresa7255pipq5302_firmwareqfw7114ipq5300wcd9385_firmwareipq9574_firmwarefastconnect_6900_firmwareqam8255p_firmwarewcd9380qam8255psxr2230psnapdragon_ar2_gen_1_platform_firmwareqca8075_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwarewsa8845qcf8000sa6155pimmersive_home_3210_platform_firmwareqca6564au_firmwaresxr1230pqca8075video_collaboration_vc5_platform_firmwareqam8650psa9000psnapdragon_8\+_gen_2_mobile_platformsrv1h_firmwareqca8085sdx65m_firmwarevideo_collaboration_vc3_platformqca6595ausxr2250p_firmwaresa6155p_firmwarewsa8840qca6688aqqam8295p_firmwaresrv1m_firmwareqcs8550_firmwareqcn6402_firmwareqam8620pqfw7124_firmwarewcd9385qca6698aq_firmwareqca8084_firmwaresnapdragon_8_gen_2_mobile_platformqcf8001sa8255pqcs7230_firmwareqca8084sxr1230p_firmwarewcd9390_firmwaresnapdragon_8_gen_3_mobile_platformsdx65msg8275pwcd9370_firmwaressg2125pqca6554a_firmwaresa7255p_firmwareqca6574aipq9570sa8195pwcd9340qcs8250_firmwareqamsrv1msnapdragon_auto_5g_modem-rf_gen_2immersive_home_326_platformqcm6490ipq5302qam8650p_firmwarevideo_collaboration_vc5_platformsxr2250psm8550p_firmwareqcm8550immersive_home_3210_platformqcs6490_firmwaresnapdragon_x65_5g_modem-rf_systemqcn9274qcn9024qca6584au_firmwaresa8775pqrb5165n_firmwaresnapdragon_x75_5g_modem-rf_systemqfw7124wsa8835wsa8840_firmwaresxr2230p_firmwareqcn6274qca6595au_firmwareqca6574qca6391_firmwareqca0000ipq9570_firmwaresa8775p_firmwaresnapdragon_ar2_gen_1_platformqcn6412_firmwareqca6696_firmwarewsa8845hqcn9024_firmwareqamsrv1hwcd9380_firmwareqca8082qca6574_firmwaresa8155p_firmwareqca8081sa8155pwsa8830qcn5124qca6797aqqam8775psm8550pqcf8000_firmwareipq5312_firmwareqcn9074_firmwareqcn6412sa8620psa8255p_firmwareflight_rb5_5g_platform_firmwareqca6574a_firmwarear8035qamsrv1m_firmwaresa8650p_firmwarewcd9375_firmwarerobotics_rb5_platformsa7775psrv1l_firmwareqca8386qca6391qcn6224qcn9274_firmwareqcs5430_firmwaressg2125p_firmwaresa7775p_firmwareqca6698aqsnapdragon_8_gen_2_mobile_platform_firmwaresa8770p_firmwaresa8295pqrb5165nrobotics_rb5_platform_firmwareqcs8550fastconnect_7800sa8650pqam8775p_firmwarewcd9375qca6688aq_firmwarefastconnect_6700_firmwareqamsrv1h_firmwarevideo_collaboration_vc3_platform_firmwarewsa8835_firmwaressg2115p_firmwaresnapdragon_x75_5g_modem-rf_system_firmwareqcs6490qcs8250immersive_home_326_platform_firmwareipq9554_firmwarewsa8830_firmwareqcn6224_firmwareSnapdragonqam8255p_firmwarerobotics_rb5_platform_firmwareqca8337_firmwarewcd9380_firmwaresxr2230p_firmwareqcf8000_firmwaresg8275p_firmwareqcs7230_firmwarear8035_firmwareflight_rb5_5g_platform_firmwareqcn6224_firmwareimmersive_home_326_platform_firmwaresxr1230p_firmwareqcn6402_firmwaresrv1l_firmwareqca6595au_firmwareipq9554_firmwaresnapdragon_x72_5g_modem-rf_system_firmwareqca8075_firmwaressg2125p_firmwareqca0000_firmwareqcm5430_firmwareqca6584au_firmwareqrb5165n_firmwareqcn9000_firmwareqcn9274_firmwareqfw7114_firmwareqca6554a_firmwarequalcomm_video_collaboration_vc3_platform_firmwarewcd9385_firmwareqca8386_firmwareqamsrv1h_firmwareqca6574_firmwarewcd9340_firmwareqca8084_firmwareqcn5124_firmwarewsa8845_firmwareqam8295p_firmwareqca8082_firmwaresa9000p_firmwareqca6574a_firmwareqca6574au_firmwareqcn6422_firmwarewcd9375_firmwareqca8081_firmwarewsa8845h_firmwareipq9574_firmwareimmersive_home_3210_platform_firmwareqca6564au_firmwaresa8620p_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareqca6678aq_firmwareqcn6274_firmwaresa8775p_firmwareipq5300_firmwareqcm6490_firmwarewsa8840_firmwaresa8650p_firmwareipq9570_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewsa8832_firmwareqcf8001_firmwarefastconnect_6900_firmwaresrv1h_firmwareqcs8550_firmwareqca6797aq_firmwareipq5312_firmwareqcn6432_firmwaresa8155p_firmwaresa7775p_firmwarefastconnect_6700_firmwareqcn9024_firmwaresa7255p_firmwareqcs8250_firmwarefastconnect_7800_firmwaresnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwarewcd9395_firmwareqcn6412_firmwareipq5332_firmwareipq5302_firmwareqca6698aq_firmwareqamsrv1m_firmwaresdx65m_firmwaresrv1m_firmwareqam8650p_firmwaresa8770p_firmwareqca8085_firmwareqam8775p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqca6696_firmwareqcs6490_firmwareqca6595_firmwareqcs5430_firmwareipq9008_firmwareqca6391_firmwarewcd9370_firmwaresm8550p_firmwarequalcomm_video_collaboration_vc5_platform_firmwareqcc710_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwarewsa8830_firmwaresxr2250p_firmwarewsa8835_firmwaresa8195p_firmwaressg2115p_firmwareqcn9074_firmwareqam8620p_firmwareqfw7124_firmwaresa8295p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqca6688aq_firmware
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2018-11285
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.21% / 43.77%
||
7 Day CHG~0.00%
Published-20 Sep, 2018 | 13:00
Updated-05 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016, while parsing FLAC file with corrupted picture block, a buffer over-read can occur.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd810sdm632_firmwaremsm8996au_firmwaresd430sd625_firmwaresdm632sd650_firmwaresdm439mdm9650sdm429sd616_firmwaresd616sd820a_firmwaremsm8909w_firmwaremsm8996ausd427_firmwaresd625mdm9206sd435_firmwaresdm636sd427mdm9206_firmwaresd430_firmwaresd450_firmwaresd615sdm429_firmwaremdm9650_firmwaresda660sd835sd820amsm8909wsdm636_firmwaresdx20sdm660sdm630mdm9607_firmwaresd425_firmwaresd205sdm710mdm9607sd205_firmwaresdm710_firmwaresd615_firmwaresd425sd210_firmwaresd435sd212_firmwaresd835_firmwaresdm439_firmwaresd212sd810_firmwaresdm630_firmwaresd820_firmwaresda660_firmwaresd415sd845_firmwaresd845sd210sd820sdx20_firmwaresd415_firmwaresd650sd450sdm660_firmwareSnapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-38405
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.44% / 62.67%
||
7 Day CHG~0.00%
Published-04 Nov, 2024 | 10:04
Updated-07 Nov, 2024 | 20:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Host

Transient DOS while processing the CU information from RNR IE.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qam8255p_firmwarewsa8830qca6777aqsxr2230p_firmwareqca8337qam8650pqfw7124qam8775pqamsrv1mqca6777aq_firmwareqcn6224_firmwarewsa8840srv1l_firmwarewcn6755_firmwareqca6595au_firmwarevideo_collaboration_vc3_platformwcd9370ssg2115pqcm5430_firmwareqca6584au_firmwaresnapdragon_8_gen_2_mobile_platformqamsrv1hsa8530pqca6554a_firmwarewcd9385_firmwareqam8295pwcn7881_firmwareqamsrv1h_firmwareqca6688aqqam8295p_firmwaresa9000p_firmwareqca6574au_firmwaresa7255pwsa8845h_firmwarewcd9375_firmwaresnapdragon_8_gen_3_mobile_platformqfw7114qca8081_firmwareqca6595auwcn7860qca6564au_firmwaresa8620p_firmwaresa6155p_firmwareqca6584auqcm8550_firmwareqcn9274wcn7881snapdragon_x72_5g_modem-rf_systemqca6678aq_firmwaresa8775p_firmwareqcs6490wsa8840_firmwareqca6698aqvideo_collaboration_vc5_platformqcs8550_firmwaresm8635wcn7880_firmwaresrv1hsa7775p_firmwarewcd9340sa8195pfastconnect_6700_firmwareqcn6224wsa8845hwcn6755wcd9395_firmwaresnapdragon_x75_5g_modem-rf_systemsnapdragon_ar2_gen_1_platform_firmwaresm8750p_firmwaresm8750_firmwaresa8255p_firmwaresa6155pqcs7230qca8081snapdragon_auto_5g_modem-rf_gen_2qca6698aq_firmwaresa7775psxr2250pqcs5430qam8620pwcd9385snapdragon_auto_5g_modem-rf_gen_2_firmwaresa8770p_firmwaresa8255pqam8775p_firmwareqca6696_firmwareqcs6490_firmwareqca6797aqar8035wcd9375wcd9390qcc710_firmwarewsa8830_firmwareqcm6490wsa8835_firmwaresa8195p_firmwarevideo_collaboration_vc5_platform_firmwaresxr2250p_firmwaresa8295p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwarewcn7880sa8770pqca6787aq_firmwareqca6688aq_firmwarewcd9380_firmwareqca8337_firmwaressg2125pqca6554aqca6595qcm8550qca6564auqcs7230_firmwaresa8530p_firmwarewsa8835qca6574sxr1230p_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwaresa8540p_firmwarewcd9380qcn6274snapdragon_x72_5g_modem-rf_system_firmwarefastconnect_6700ssg2125p_firmwaresm8635_firmwareqca6574asxr1230pvideo_collaboration_vc3_platform_firmwareqfw7114_firmwareqcn9274_firmwareqcc2076_firmwarewsa8845qcc2073_firmwaresa8650psa9000pqca6574_firmwarewcd9340_firmwaresxr2230pwsa8845_firmwareqcs8250sm8750psa8775pqca6574a_firmwareqcs9100_firmwareqca6391sa8295pfastconnect_7800qcn6274_firmwareqca6678aqwcn7861_firmwareqcm6490_firmwarewsa8832_firmwaresa8650p_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900srv1h_firmwarefastconnect_6900_firmwareqca6797aq_firmwareqca6574ausa8155p_firmwaresrv1lsa7255p_firmwareqcs8250_firmwaresnapdragon_8\+_gen_2_mobile_platformfastconnect_7800_firmwaresa8620pwsa8832sa8540psm8550psrv1m_firmwaresnapdragon_ar2_gen_1_platformqcm5430qamsrv1m_firmwaresm8750qam8650p_firmwareqcc710wcn7860_firmwareqca6595_firmwarewcn7861wcd9395qcs5430_firmwareqca6787aqqca6696qca6391_firmwareqcs8550wcd9370_firmwaresm8550p_firmwarewcd9390_firmwaresnapdragon_8_gen_3_mobile_platform_firmwaresa8155pqcs9100qcc2076srv1mssg2115p_firmwareqam8620p_firmwareqfw7124_firmwareqam8255pqcc2073ar8035_firmwareSnapdragonqam8255p_firmwareqca8337_firmwarewcd9380_firmwaresxr2230p_firmwareqcs7230_firmwarear8035_firmwareqca6777aq_firmwaresa8530p_firmwareqcn6224_firmwaresxr1230p_firmwaresa8540p_firmwaresrv1l_firmwarewcn6755_firmwareqca6595au_firmwaresnapdragon_x72_5g_modem-rf_system_firmwaressg2125p_firmwaresm8635_firmwareqcm5430_firmwareqca6584au_firmwareqcn9274_firmwareqcc2076_firmwareqfw7114_firmwareqca6554a_firmwarequalcomm_video_collaboration_vc3_platform_firmwarewcd9385_firmwarewcn7881_firmwareqcc2073_firmwareqamsrv1h_firmwareqca6574_firmwarewcd9340_firmwarewsa8845_firmwareqam8295p_firmwaresa9000p_firmwareqca6574a_firmwareqca6574au_firmwareqcs9100_firmwarewcd9375_firmwareqca8081_firmwarewsa8845h_firmwareqca6564au_firmwaresa8620p_firmwaresa6155p_firmwareqcm8550_firmwareqca6678aq_firmwareqcn6274_firmwaresa8775p_firmwarewcn7861_firmwareqcm6490_firmwarewsa8840_firmwaresa8650p_firmwarewsa8832_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwaresrv1h_firmwareqcs8550_firmwareqca6797aq_firmwarewcn7880_firmwaresa8155p_firmwaresa7775p_firmwarefastconnect_6700_firmwaresa7255p_firmwareqcs8250_firmwarefastconnect_7800_firmwaresnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwaresm8750_firmwaresm8750p_firmwarewcd9395_firmwareqca6698aq_firmwareqamsrv1m_firmwaresrv1m_firmwareqam8650p_firmwaresa8770p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqam8775p_firmwareqca6696_firmwareqcs6490_firmwarewcn7860_firmwareqca6595_firmwareqcs5430_firmwareqca6391_firmwarewcd9370_firmwaresm8550p_firmwarequalcomm_video_collaboration_vc5_platform_firmwareqcc710_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwarewsa8830_firmwaresxr2250p_firmwarewsa8835_firmwaresa8195p_firmwaressg2115p_firmwareqam8620p_firmwareqfw7124_firmwaresa8295p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqca6688aq_firmwareqca6787aq_firmware
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-11293
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-5.7||MEDIUM
EPSS-0.06% / 17.66%
||
7 Day CHG~0.00%
Published-18 Sep, 2018 | 18:00
Updated-05 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, in wma_ndp_confirm_event_handler and wma_ndp_indication_event_handler, ndp_cfg len and num_ndp_app_info is from fw. If they are not checked, it may cause buffer over-read once the value is too large.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-38416
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-6.1||MEDIUM
EPSS-0.03% / 8.80%
||
7 Day CHG~0.00%
Published-03 Feb, 2025 | 16:51
Updated-05 Feb, 2025 | 13:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in Audio

Information disclosure during audio playback.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_7800_firmwareqcn6224_firmwareqam8295p_firmwarec-v2x_9150_firmwareqcn9074_firmwareqcs8550_firmwareqca9367_firmwarewcn3680bqca6574au_firmwareqsm8250_firmwaresa8195pqcn6274_firmwareqca6391qca6584auwcn3950_firmwarewcn3660bqca6564amsm8996auwcn3950video_collaboration_vc3_platform_firmwaresxr2230pqcc710_firmwaresa8540p_firmwaresnapdragon_x55_5g_modem-rfsnapdragon_865\+_5g_mobilear8035sa8150p_firmwareqca6564a_firmwaresxr2230p_firmwaresxr2130snapdragon_xr2_5g_platformsa6155p_firmwarewcd9341qca6698aq_firmwaresnapdragon_x55_5g_modem-rf_firmwaresnapdragon_865_5g_mobilefastconnect_6900qca6574afastconnect_6800qcs410_firmwaresa8530p_firmwarewcd9385_firmwaresa6150pwcn3680b_firmwarewsa8810snapdragon_820_automotivesa8295psa6145p_firmwaresa6145psnapdragon_870_5g_mobile_firmwareqcs410sdx55sa6155psnapdragon_865\+_5g_mobile_firmwaresnapdragon_x75_5g_modem-rf_firmwarewcd9380video_collaboration_vc3_platformqca6436_firmwaresa8155pwsa8832_firmwarewsa8830_firmwareqca6564ausxr2130_firmwaresnapdragon_xr2_5g_platform_firmwareqca8081qcn6224wcd9385qfw7124_firmwarewcn3660b_firmwaresxr2250p_firmwareqca6426qfw7124ar8035_firmwareqca6696sa8195p_firmwaresd865_5g_firmwareqcs610sa8155p_firmwaresd865_5gqca8337sa8145p_firmwareqca8337_firmwarevideo_collaboration_vc1_platform_firmwarewcd9380_firmwareqca6391_firmwarec-v2x_9150wcn3980wcd9370wcd9340_firmwaresa8295p_firmwarewsa8835qca9377sa9000pqsm8250qca6426_firmwareqca8081_firmwareqcn9074fastconnect_7800snapdragon_x75_5g_modem-rfwcd9341_firmwareqca6564au_firmwaresnapdragon_870_5g_mobilesnapdragon_865_5g_mobile_firmwarewcd9340qam8295pqca6574auqcs8550sa8150psa6150p_firmwaresxr2250psnapdragon_auto_5g_modem-rf_gen_2qca6584au_firmwareqca6696_firmwaresnapdragon_x72_5g_modem-rf_firmwarewsa8810_firmwarewsa8832qcn6274qcc710qcs610_firmwareqca9367wsa8815snapdragon_x72_5g_modem-rfsnapdragon_auto_5g_modem-rf_gen_2_firmwaremsm8996au_firmwareqca9377_firmwareqca6574a_firmwaresdx55_firmwarewsa8830wsa8815_firmwaresa8145psa8530pwcn3980_firmwareqca6698aqvideo_collaboration_vc1_platformqca6436fastconnect_6900_firmwaresa8540psa9000p_firmwareqfw7114fastconnect_6800_firmwareqfw7114_firmwaresnapdragon_820_automotive_firmwarewsa8835_firmwarewcd9370_firmwareSnapdragon
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-11278
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.1||HIGH
EPSS-0.01% / 2.79%
||
7 Day CHG~0.00%
Published-18 Sep, 2018 | 18:00
Updated-05 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Venus HW searches for start code when decoding input bit stream buffers. If start code is not found in entire buffer, there is over-fetch beyond allocation length. This leads to page fault.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-125
Out-of-bounds Read
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 19
  • 20
  • Next
Details not found