Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2019-14048

Summary
Assigner-qualcomm
Assigner Org ID-2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At-05 Mar, 2020 | 08:56
Updated At-05 Aug, 2024 | 00:05
Rejected At-
Credits

Possible out of bound memory access while playing a crafted clip in media player in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in SM8150

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:qualcomm
Assigner Org ID:2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At:05 Mar, 2020 | 08:56
Updated At:05 Aug, 2024 | 00:05
Rejected At:
▼CVE Numbering Authority (CNA)

Possible out of bound memory access while playing a crafted clip in media player in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in SM8150

Affected Products
Vendor
Qualcomm Technologies, Inc.Qualcomm, Inc.
Product
Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Versions
Affected
  • SM8150
Problem Types
TypeCWE IDDescription
textN/ABuffer Copy Without Checking Size of Input in Video
Type: text
CWE ID: N/A
Description: Buffer Copy Without Checking Size of Input in Video
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin
x_refsource_CONFIRM
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin
x_refsource_CONFIRM
x_transferred
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:product-security@qualcomm.com
Published At:05 Mar, 2020 | 09:15
Updated At:05 Mar, 2020 | 18:27

Possible out of bound memory access while playing a crafted clip in media player in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in SM8150

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary2.04.6MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 4.6
Base severity: MEDIUM
Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
Qualcomm Technologies, Inc.
qualcomm
>>sm8150_firmware>>-
cpe:2.3:o:qualcomm:sm8150_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sm8150>>-
cpe:2.3:h:qualcomm:sm8150:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-125Primarynvd@nist.gov
CWE ID: CWE-125
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletinproduct-security@qualcomm.com
Vendor Advisory
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin
Source: product-security@qualcomm.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

1448Records found
CVE-2018-5888
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.34%
||
7 Day CHG~0.00%
Published-06 Jul, 2018 | 17:00
Updated-16 Sep, 2024 | 23:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While processing the system path, an out of bounds access can occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-5887
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.34%
||
7 Day CHG~0.00%
Published-06 Jul, 2018 | 17:00
Updated-16 Sep, 2024 | 17:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While processing the USB StrSerialDescriptor array, an array index out of bounds can occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-21465
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.10% / 27.89%
||
7 Day CHG~0.00%
Published-01 Jul, 2024 | 14:17
Updated-01 Aug, 2024 | 22:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in Trusted Execution Environment

Memory corruption while processing key blob passed by the user.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresnapdragon_850_mobile_compute_platform_firmwaresm7325-ae_firmwaresm6250p_firmwareqca8337qfw7124sg8275p_firmwareqam8775pqamsrv1mqru1052snapdragon_888_5g_mobile_platformwcn3950_firmwareqca6595au_firmwaresa6155video_collaboration_vc3_platformsnapdragon_480_5g_mobile_platformqcm5430_firmwareqcs6125_firmwaresnapdragon_460_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwaresc8180xp-adwcd9371_firmwarewcn3950qcn6024_firmwaresm4125qsm8350_firmwaresnapdragon_460_mobile_platformqsm8350sd460_firmwaresm7315_firmwaresnapdragon_695_5g_mobile_platform_firmwaresdx71m_firmwareqca8081_firmwareqca6420sc8180xp-aa_firmwaresa8155_firmwarerobotics_rb3_platform_firmwareqca4004_firmwareqca6430wcd9306_firmwaresa7775p_firmwarewcd9340qca6698aq_firmwaresnapdragon_690_5g_mobile_platformqca6696_firmwarewcd9371sc8180x-abqru1052_firmwaresd_8cxsa8150pqca4004sd865_5g_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwareqcn7606_firmwaresa8770psnapdragon_750g_5g_mobile_platform_firmwaresnapdragon_675_mobile_platform_firmwaresnapdragon_778g_5g_mobile_platform_firmwaressg2125pqcm85509205_lte_modemsnapdragon_670_mobile_platform_firmwaresd670_firmwareqca6574qdu1110_firmwaresnapdragon_7c\+_gen_3_computewcd9380snapdragon_x72_5g_modem-rf_system_firmwareqcs410sxr1230pvideo_collaboration_vc3_platform_firmwaresc8180xp-ad_firmwareqcn9012_firmwarewsa8845qcm4325_firmwarewcd9340_firmwarewsa8815sm6150-ac_firmwareqcs8250sc8380xpsnapdragon_x62_5g_modem-rf_system_firmwarewcn3980_firmwaresd730sc7180-ac_firmwaresa8295p9205_lte_modem_firmwarewcn6740_firmwareqcs4490_firmwareqca6678aqsnapdragon_x65_5g_modem-rf_systemsa8650p_firmwarefastconnect_6900snapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwaresrv1lsd670qdx1011_firmwareqcn9024_firmwaresdx57msnapdragon_8\+_gen_2_mobile_platformqcm4290_firmwareqdx1010_firmwaresw5100p_firmwareqcs610_firmwareqamsrv1m_firmwareqcm5430sa6145par8031sc8280xp-bbqcs5430_firmwaresnapdragon_750g_5g_mobile_platformqca6391_firmwaresa4150p_firmwarewcd9370_firmwaresm8550p_firmwareqdx1010sdx55csra6640snapdragon_695_5g_mobile_platformvideo_collaboration_vc1_platformsrv1mssg2115p_firmwareqam8620p_firmwareqfw7124_firmwareqam8255psa4155pqdu1210_firmwareqcn7606talynplus_firmwarewsa8830sxr2230p_firmwaresnapdragon_850_mobile_compute_platformsnapdragon_x24_lte_modem_firmwareqam8650pflight_rb5_5g_platformsnapdragon_865_5g_mobile_platformflight_rb5_5g_platform_firmwareqcn6224_firmwareqcs4290srv1l_firmwareqca6420_firmwaresc7180-acsd675_firmwareqca6564qca6426sc8280xp-abwcn3990_firmwareqrb5165n_firmwaresnapdragon_8_gen_2_mobile_platformqca9984_firmwareqca9377wcd9385_firmwarewcd9326_firmwarefastconnect_6200qamsrv1h_firmwaresm7325-afqcn9011_firmwaresa8155snapdragon_x55_5g_modem-rf_systemsdx55_firmwaresa7255psnapdragon_4_gen_2_mobile_platformwsa8845h_firmwaresnapdragon_8_gen_3_mobile_platformqfw7114sm7250p_firmwareqrb5165nwcd9306qca6584ausnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwaresnapdragon_x72_5g_modem-rf_systemsm8250-acwcn3988_firmwaresrv1hqca6421sm7250-aafastconnect_6700_firmwaresa8195psxr1120qcn6224wcd9326snapdragon_x75_5g_modem-rf_systemwcd9335wcd9395_firmwaresdx71msnapdragon_auto_5g_modem-rf_gen_2qcm4490qcs4290_firmwaresa8770p_firmwaresxr2130_firmwareqcs6490_firmwaresm7150-abwcd9375aqt1000sm6250_firmwaresnapdragon_662_mobile_platformwsa8815_firmwarevideo_collaboration_vc5_platform_firmwaresxr1120_firmwaresxr2250p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqcm6125_firmwarerobotics_rb5_platform_firmwaresd865_5gqca6595qdu1010_firmwaresa8530p_firmwaresxr1230p_firmwaresa8540p_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwareqcn6274sc8180xp-acsnapdragon_4_gen_2_mobile_platform_firmwaresxr2130smart_audio_400_platformqca6310_firmwareqru1062sa8650psa9000pqca6574_firmwaresm7325p_firmwaresxr2230psnapdragon_xr2_5g_platform_firmwareqca6574a_firmwaresa8775psnapdragon_665_mobile_platformqrb5165msm7315snapdragon_x55_5g_modem-rf_system_firmwaresc8280xp-ab_firmwaresnapdragon_x35_5g_modem-rf_system_firmwaresnapdragon_690_5g_mobile_platform_firmwareqcn6274_firmwareqcm6490_firmwarewsa8832_firmwaresnapdragon_xr1_platformsc8180xp-af_firmwareqcs8250_firmwaresm7250-aa_firmwaresc8180x-aa_firmwaresm8550psnapdragon_8_gen_1_mobile_platform_firmwaresm8150-ac_firmwaresc8180x-aasm8350-acqca6564_firmwaresc8180x-af_firmwarewcn6740qcs8550sm6150-acsnapdragon_x50_5g_modem-rf_systemsnapdragon_8_gen_3_mobile_platform_firmwareqcn6024qdu1210qcs410_firmwaresnapdragon_wear_1300_platformqam8255p_firmwaresnapdragon_8_gen_1_mobile_platformsa6150p_firmwareqcs610sc8180x-ab_firmwareqca6431_firmwarewsa8840sa8150p_firmwareqcs2290snapdragon_x70_modem-rf_systemqca6335csra6620_firmwaresd_675_firmwarecsra6640_firmwareqep8111_firmwareqam8295psd_8_gen1_5g_firmwaresm7150-acqca6688aqsm7325-aeqca6574au_firmwarewcd9375_firmwaresa6155_firmwaresm6225-adsnapdragon_xr2\+_gen_1_platformsc8180xp-afqca6678aq_firmwaresmart_audio_400_platform_firmwarewcn3999sm6225-ad_firmwareqrb5165m_firmwarewsa8840_firmwareqca6698aqqcs6125sa4155p_firmwaresd662_firmwaresc8380xp_firmwaresm7250-ab_firmwareqru1062_firmwarerobotics_rb3_platformsnapdragon_8\+_gen_1_mobile_platformsnapdragon_720g_mobile_platformsnapdragon_780g_5g_mobile_platformsw5100fsm10056_firmwareqca6436sa6155pqdu1000_firmwaresxr2250psnapdragon_auto_5g_modem-rf_gen_2_firmwarewcd9341qam8775p_firmwaresa8255pqca6431sc8180xp-ab_firmwareqca6797aqwcn3910_firmwaresnapdragon_855_mobile_platform_firmwareqcc710_firmwarerobotics_rb5_platformsm8250-ac_firmwarewsa8830_firmwaresd855_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewcn3988snapdragon_780g_5g_mobile_platform_firmwaresa8195p_firmwaresa8295p_firmwareqca8337_firmwarewcd9380_firmwaresw5100psnapdragon_w5\+_gen_1_wearable_platformqca6564ausc8180xp-aafastconnect_6700sm7150-aa_firmwaresg8275psc8180x-ac_firmwareqca6430_firmwaresm6370_firmwareqfw7114_firmwarewcd9335_firmwarewcn3980qca6335_firmwarewcn3910snapdragon_4_gen_1_mobile_platformqca6426_firmwareqca9984snapdragon_670_mobile_platformsc8180x-adqcn9024snapdragon_xr2\+_gen_1_platform_firmwaresnapdragon_x50_5g_modem-rf_system_firmwaresm7150-aaqca6421_firmwaresnapdragon_xr2_5g_platformar8031_firmwaresm7150-ab_firmwareqca6797aq_firmwareqdu1010qca6564a_firmwaresa7255p_firmwaresa8620psnapdragon_x24_lte_modemsc8180xp-ac_firmwarewsa8832sa8540pqcc710qcs4490qca6595_firmwaresa8145pwcd9395snapdragon_710_mobile_platform_firmwaresm4350-ac_firmwaresd888_firmwaresa8155psd675qcs8155_firmwareqep8111snapdragon_720g_mobile_platform_firmwarear8035_firmwareqcm2290snapdragon_855_mobile_platformsnapdragon_662_mobile_platform_firmwaresa8145p_firmwareqcs2290_firmwarefsm10056csra6620sc8280xp-bb_firmwaresm7250-ac_firmwaresnapdragon_888_5g_mobile_platform_firmwaresd730_firmwarewcd9370ssg2115pqca6584au_firmwareqdu1110sm8250-abqamsrv1hsa8530psd_8cx_firmwaretalynplussd662qam8295p_firmwaresa9000p_firmwaresnapdragon_778g_5g_mobile_platformqca6595ausm7325-af_firmwarewcn3999_firmwareqca6436_firmwaresm4350-acsnapdragon_680_4g_mobile_platform_firmwaresnapdragon_w5\+_gen_1_wearable_platform_firmwareqca6564au_firmwaresa8620p_firmwaresa6155p_firmwareqca6310qcs8155snapdragon_x70_modem-rf_system_firmwaresa8775p_firmwareqcs6490video_collaboration_vc5_platformqcs8550_firmwarevision_intelligence_300_platform_firmwaresa6145p_firmwaresm6250wsa8810_firmwarevision_intelligence_400_platformsc7180-adsnapdragon_x62_5g_modem-rf_systemsnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwaresg4150pqcs7230wsa8845hqca8081snapdragon_x35_5g_modem-rf_systemsa7775pqam8620pqca6174a_firmwareqcs5430snapdragon_wear_1300_platform_firmwarewcd9385snapdragon_665_mobile_platform_firmwaresc8180x-acar8035wcd9390vision_intelligence_400_platform_firmwareqcm6490wsa8835_firmwareqca6564asa4150psg4150p_firmwareqca6688aq_firmwareqcm4325qcm2290_firmwaresnapdragon_845_mobile_platformwcn3990sd_675fastconnect_6800qru1032sm8350-ac_firmwareqcs7230_firmwaresm8150-acqcn9012sd888qdx1011qdu1000wsa8835sc7180-ad_firmwaresd_8_gen1_5gsm6250psnapdragon_4_gen_1_mobile_platform_firmwaressg2125p_firmwareqca6574asc8180x-afqca6174asm7325psm7150-ac_firmwaresm7250-absd855sm4125_firmwaresdx57m_firmwareqru1032_firmwarewsa8845_firmwarefastconnect_6200_firmwarevision_intelligence_300_platformsd460qca6391sm8250-ab_firmwaresnapdragon_710_mobile_platformfastconnect_7800aqt1000_firmwareqcm4490_firmwaresnapdragon_845_mobile_platform_firmwareqcm4290srv1h_firmwareqcn9011video_collaboration_vc1_platform_firmwareqca6574ausa8155p_firmwarewcd9341_firmwarefastconnect_7800_firmwareqcm6125wsa8810sm7250-acsnapdragon_680_4g_mobile_platformsm6370srv1m_firmwaresnapdragon_ar2_gen_1_platformqam8650p_firmwaresnapdragon_675_mobile_platformqca6696sc8180xp-absa6150pwcd9390_firmwaresc8180x-ad_firmwaresm7250psnapdragon_8\+_gen_1_mobile_platform_firmwaresw5100_firmwaresnapdragon_xr1_platform_firmwareSnapdragonqam8255p_firmwareqca9377_firmwaresnapdragon_850_mobile_compute_platform_firmwaresnapdragon_662_mobile_platform_firmwaretalynplus_firmwaresa6150p_firmwaresm6250p_firmwaresa8145p_firmwaresxr2230p_firmwareqcs2290_firmwaresnapdragon_x24_lte_modem_firmwaresg8275p_firmwareqca6431_firmwareflight_rb5_5g_platform_firmwareqcn6224_firmwarewcn3950_firmwaresrv1l_firmwaresnapdragon_888_5g_mobile_platform_firmwaresa8150p_firmwareqca6420_firmwareqca6595au_firmwaresd730_firmwarecsra6620_firmwaresd_675_firmwaresd675_firmwarecsra6640_firmwareqcm5430_firmwareqcs6125_firmwaresnapdragon_460_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwareqca6584au_firmwareqep8111_firmwareqrb5165n_firmwarewcn3990_firmwareqca9984_firmwarequalcomm_video_collaboration_vc3_platform_firmwaresd_8cx_firmwarewcd9371_firmwarewcd9385_firmwareqcn6024_firmwarewcd9326_firmwareqamsrv1h_firmwaresd_8_gen1_5g_firmwareqsm8350_firmwaresd460_firmwareqam8295p_firmwareqcn9011_firmwaresa9000p_firmwaresm7315_firmwaresnapdragon_695_5g_mobile_platform_firmwareqca6574au_firmwaresdx55_firmwaresdx71m_firmwarewcd9375_firmwareqca8081_firmwaresa6155_firmwarewcn3999_firmwaresm7250p_firmwarewsa8845h_firmwareqca6436_firmwaresnapdragon_680_4g_mobile_platform_firmwareqca6564au_firmwaresa8620p_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareqca6678aq_firmwaresmart_audio_400_platform_firmwaresa8775p_firmwaresnapdragon_x70_modem-rf_system_firmwareqrb5165m_firmwarewsa8840_firmwaresa4155p_firmwaresa8155_firmwarerobotics_rb3_platform_firmwareqca4004_firmwareqcs8550_firmwaresc8380xp_firmwaresd662_firmwarevision_intelligence_300_platform_firmwarewcn3988_firmwareqru1062_firmwaresa6145p_firmwarewcd9306_firmwaresa7775p_firmwarefastconnect_6700_firmwarewsa8810_firmwarefsm10056_firmwaresnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwarewcd9395_firmwareqdu1000_firmwareqca6698aq_firmwareqca6174a_firmwareqcs4290_firmwaresa8770p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqam8775p_firmwaresnapdragon_wear_1300_platform_firmwaresxr2130_firmwareqca6696_firmwareqcs6490_firmwaresnapdragon_665_mobile_platform_firmwareqru1052_firmwarewcn3910_firmwaresnapdragon_855_mobile_platform_firmwaresm6250_firmwareqcc710_firmwarevision_intelligence_400_platform_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewsa8815_firmwarewsa8835_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwaresxr1120_firmwareqcn7606_firmwaresa8295p_firmwaresxr2250p_firmwaresg4150p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqca6688aq_firmwareqcm6125_firmwaresnapdragon_675_mobile_platform_firmwareqcm2290_firmwaresnapdragon_750g_5g_mobile_platform_firmwarequalcomm_video_collaboration_vc1_platform_firmwarerobotics_rb5_platform_firmwareqca8337_firmwarewcd9380_firmwaresnapdragon_778g_5g_mobile_platform_firmwareqcs7230_firmwareqdu1010_firmwaresnapdragon_670_mobile_platform_firmwaresa8530p_firmwaresd670_firmwaresxr1230p_firmwareqdu1110_firmwaresa8540p_firmwaresnapdragon_x72_5g_modem-rf_system_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaressg2125p_firmwareqca6310_firmwareqca6430_firmwareqcn9012_firmwareqfw7114_firmwaresm6370_firmwarewcd9335_firmwareqca6335_firmwareqcm4325_firmwareqca6574_firmwarewcd9340_firmwaresm4125_firmwaresm7325p_firmwaresdx57m_firmwareqru1032_firmwaresnapdragon_xr2_5g_platform_firmwarewsa8845_firmwareqca6426_firmwareqca6574a_firmwarefastconnect_6200_firmwaresnapdragon_x62_5g_modem-rf_system_firmwarewcn3980_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresnapdragon_x50_5g_modem-rf_system_firmwareqca6421_firmware9205_lte_modem_firmwareaqt1000_firmwarewcn6740_firmwareqcm4490_firmwaresnapdragon_690_5g_mobile_platform_firmwaresnapdragon_845_mobile_platform_firmwareqcn6274_firmwareqcs4490_firmwaresnapdragon_x35_5g_modem-rf_system_firmwarear8031_firmwareqcm6490_firmwaresa8650p_firmwarewsa8832_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwaresrv1h_firmwareqca6797aq_firmwaresa8155p_firmwareqdx1011_firmwareqca6564a_firmwareqcn9024_firmwaresa7255p_firmwareqcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwareqcm4290_firmwareqdx1010_firmwaresw5100p_firmwareqcs610_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqamsrv1m_firmwaresrv1m_firmwareqam8650p_firmwareqca6564_firmwareqca6595_firmwaresnapdragon_720g_mobile_platform_firmwareqcs5430_firmwareqca6391_firmwaresnapdragon_710_mobile_platform_firmwaresa4150p_firmwarewcd9370_firmwaresm8550p_firmwarequalcomm_video_collaboration_vc5_platform_firmwaresd888_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwaressg2115p_firmwareqcs8155_firmwaresw5100_firmwareqam8620p_firmwareqcs410_firmwareqfw7124_firmwareqdu1210_firmwarear8035_firmwaresnapdragon_xr1_platform_firmware
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-35106
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 27.24%
||
7 Day CHG~0.00%
Published-01 Apr, 2022 | 04:40
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound read due to improper length calculation of WMI message. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055wcn3991_firmwarewsa8830sd678sa6150p_firmwaresa8145p_firmwareqcs610qcs2290_firmwarefsm10056qca8337csrb31024wcd9360_firmwaresdx65csra6620fsm10055_firmwareqcs4290wcn3950_firmwaresa8150p_firmwaresd765g_firmwareqcs2290qca6595au_firmwareqca6390_firmwaresa6155sd690_5gsd730_firmwarewcd9370csra6620_firmwaresd_675_firmwaresd675_firmwarecsra6640_firmwareqcs6125_firmwareqca6426qca6584au_firmwarewcn3990_firmwareqrb5165n_firmwaresa415mwcn3998qca6554a_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcn3950wcd9326_firmwaresd720gsd_8_gen1_5g_firmwaresm6375_firmwaresd662sd460_firmwaresa8155sm7315_firmwareqca6574au_firmwaresdx55_firmwareqca6595auqca8081_firmwaresa6155_firmwarewcd9375_firmwaresm7250p_firmwarewcn3998_firmwarewcn3999_firmwarewcd9360qca6436_firmwareqrb5165nqca6564au_firmwareqca6584ausa6155p_firmwaresd778gsm6225wcn3999sa515m_firmwareqcs6490qrb5165m_firmwareqrb5165_firmwaresdxr2_5gsa4155p_firmwareqcs6125sa8155_firmwaresd662_firmwaresa415m_firmwareqcs405wcn3988_firmwaresa6145p_firmwaresm6250sd778g_firmwaresa8195pwsa8810_firmwaresd765gsw5100sd765_firmwarefsm10056_firmwareqca6436wcd9326wcd9335sa6155pwcn6851qca8081qcs4290_firmwarewcd9385wcd9341qca6696_firmwareqcs6490_firmwaresd750gsd870_firmwarear8035qca6390sd750g_firmwareaqt1000sa8150pwcd9375sm6250_firmwarewcn3910_firmwarewsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988sd660_firmwarewcn6850_firmwarewsa8815_firmwaresa8195p_firmwarewsa8835_firmwaresm8475qca6564awcn6750_firmwaresa4150pqcm6125_firmwareqcm2290_firmwaresm6375wcn3991qca8337_firmwarewcd9380_firmwarewcn3990sd_675sw5100psd780gqca6554asd865_5gqca6595qca6564ausdx55m_firmwarewcn6856_firmwaresd888wsa8835qca6574wcd9380sd888_5gqca6574asd690_5g_firmwarewcn6855_firmwaresm7325pwcd9335_firmwarewcn3980wcn6750sa515mqca6574_firmwaresd855wsa8815sm7325p_firmwarewcn6850wcn3910qca6175asd765qca6426_firmwareqca6574a_firmwaresd768g_firmwareqrb5165mwcn3980_firmwaresm7315sd460qca6391sd730sdx55msdxr1_firmwareaqt1000_firmwarewcn6740_firmwaresdx65_firmwaresd678_firmwarear8031_firmwarecsrb31024_firmwareqcm4290qcm6490_firmwareqrb5165sd480_firmwarewcn6851_firmwaresm6225_firmwareqca6574ausa8155p_firmwareqca6564a_firmwarewcd9341_firmwareqcm6125qcm4290_firmwaresd480sd870wcn6855wsa8810sw5100p_firmwareqcs610_firmwarewcn6856sa6145psdxr1sd768gar8031qca6595_firmwareqcs405_firmwaresa8145pwcn6740qca6696qca6391_firmwaresa4150p_firmwaresd780g_firmwarewcd9370_firmwaresa6150psd888_firmwaresdx55sa8155pcsra6640sd675sm7250psd720g_firmwaresw5100_firmwaresa4155pqca6175a_firmwarear8035_firmwareqcm2290Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-21475
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.55%
||
7 Day CHG~0.00%
Published-06 May, 2025 | 08:32
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in Display

Memory corruption while processing escape code, when DisplayId is passed with large unsigned value.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wsa8845_firmwarewsa8840wcd9370snapdragon_7c_gen_2_compute_firmwaresc8180xp-aaab_firmwarewcd9340_firmwarewcd9385sc8380xpwcd9341_firmwaresnapdragon_7c\+_gen_3_compute_firmwarefastconnect_6700qca6420sc8180xp-adsc8280xp-abbbqca6430wsa8815_firmwarewcd9370_firmwaresc8180xp-ad_firmwareqcm6490_firmwaresc8180xp-aaabwcd9340wcd9341qcm6490wsa8810_firmwarewsa8845h_firmwareqca6420_firmwareaqt1000_firmwareqcs6490_firmwaresc8180xp-acafsnapdragon_7c\+_gen_3_computewsa8835wsa8840_firmwareqca6391_firmwareqca6430_firmwarefastconnect_6800_firmwareqcs5430wsa8845hwcd9380_firmwareqcm5430sm6250_firmwaresc8180x-ad_firmwareqcm5430_firmwaresc8180x-acafwsa8815snapdragon_7c_computewsa8830snapdragon_7c_gen_2_computesc8180x\+sdx55_firmwaresnapdragon_7c_compute_firmwaresc8380xp_firmwarefastconnect_6800wcd9375_firmwarefastconnect_7800_firmwarefastconnect_6900qca6391qcs5430_firmwaresc8180x\+sdx55wcd9385_firmwaresm6250fastconnect_6900_firmwarewcd9380fastconnect_6200sc8280xp-abbb_firmwarefastconnect_7800sc8180x-acaf_firmwarewcd9375wsa8845fastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwaresc8180x-adwsa8835_firmwaresc8180x-aaabwsa8810sc8180x-aaab_firmwareqcs6490sc8180xp-acaf_firmwarefastconnect_6200_firmwarewsa8830_firmwarevideo_collaboration_vc3_platformaqt1000Snapdragon
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2021-30259
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.14%
||
7 Day CHG~0.00%
Published-12 Nov, 2021 | 06:15
Updated-03 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound access due to improper validation of function table entries in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresm7250sa6150p_firmwaresm6250p_firmwareqcs610qca8337qca6431_firmwarewcd9360_firmwaresdx65wcn3950_firmwaresc8180x\+sdx55sa8150p_firmwareqcs2290qca6595au_firmwaresa6155qca6335sd_455_firmwarecsra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaresa415mwcn3998wcd9371_firmwarewcn3950sm4125sd720gsm6375_firmwarewcn3660bqsm8350_firmwaresd710_firmwareqsm8350sd460_firmwarewcn7850qca6574au_firmwarewcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwaresdx12_firmwareqca6420wcd9360whs9410_firmwarewcn3999qrb5165_firmwareqcs6125sa8155_firmwareqca4004_firmwaresd662_firmwareqcs405qca6430wcd9306_firmwarewcd9340sdm830_firmwaresd765gqca6436wcn6851sa6155pqcs603_firmwarewcn7851_firmwaremdm9250_firmwarewcd9341mdm9655qca6696_firmwareqca6431wcd9371sd870_firmwaresd750gwcn3910_firmwaresd_8cxsa8150pqca4004wsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwaresd712wcn3988sd660_firmwarewcn7850_firmwaresa8195p_firmwarewcn6750_firmwarewcn3610sm6375wcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwareqca6564ausdx55m_firmwarewcn6856_firmwaresd670_firmwareqca6574wcd9380qcs410sd690_5g_firmwaresdx50m_firmwaresdx24_firmwareqca6430_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqcs605wcd9340_firmwarewsa8815wcn6850sd7cwcn3910qca6320mdm9650_firmwaresd_8c_firmwareqca6426_firmwarewcn3660b_firmwareqca9984sd835wcn3980_firmwaresd730sdx55mqca6421_firmwarewcn6740_firmwaresd678_firmwarear8031_firmwareqrb5165wcn6851_firmwareqcs603sd670sd_636_firmwareqca6564a_firmwareqcm4290_firmwaresd480sd870wcn6855qcs610_firmwareqsm8250sa6145psdxr1ar8031qca6595_firmwareqcs405_firmwaresa8145psdm630_firmwaremdm9205_firmwareqca6391_firmwarewcd9370_firmwaresd780g_firmwaresdx55sd888_firmwaresa8155pcsra6640sd675ar8035_firmwareqcm2290qsm8250_firmwarewcn3991_firmwaremdm9150_firmwarewsa8830sd678sa8145p_firmwareqcs2290_firmwaresm7250_firmwaresd7c_firmwarecsrb31024mdm9650sd_636csra6620qcs4290mdm9250sd765g_firmwareqca6420_firmwareqca6390_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwareqca6564qca6426qca6584au_firmwarewcn3990_firmwareqrb5165n_firmwareqca9984_firmwareqca9377sm8450sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewhs9410wcd9326_firmwaresd662sa8155qca6320_firmwaresdx55_firmwareqca6595auwcn3999_firmwarewcn3610_firmwareqca6436_firmwareqrb5165nwcd9306qca6584ausd778gqca6564au_firmwaresa6155p_firmwareqca6310sm6225wcn7851sa515m_firmwareqcs6490sdxr2_5gsdm630mdm9655_firmwaresa415m_firmwarewcn3988_firmwaresa6145p_firmwareqca6421sd778g_firmwaresm6250sd712_firmwaresa8195pwsa8810_firmwaresm8450_firmwaresd765_firmwarewcd9326wcd9335qca8081qca6174a_firmwareqcs4290_firmwarewcd9385qcs6490_firmwareqca6390wcd9375sd750g_firmwareaqt1000ar8035sc8180x\+sdx55_firmwaresm6250_firmwaresda429wwcn3620_firmwaresdx20_firmwarewsa8815_firmwaresd888_5g_firmwareqcm6490wcn6850_firmwarewsa8835_firmwarewcn3620qcx315qca6564aqcm6125_firmwareqcm2290_firmwarewcn3990sd_675sd780gsd865_5gqca6595sdx24sm8450p_firmwaresd888wsa8835qcx315_firmwaresd665_firmwaresd888_5gsm6250pqca6574awcn6855_firmwareqca6174aqca6310_firmwaresm7325wcn6750mdm9205sa515mqca6574_firmwaresd855sm4125_firmwaresd665qca6175asd765qca6574a_firmwaresd768g_firmwaresd850_firmwaresd460qca6391sdxr1_firmwareaqt1000_firmwaresdx65_firmwareqcm4290csrb31024_firmwareqcm6490_firmwaresdx50msdx20sd480_firmwaresd_455sm6225_firmwareqca6574ausd710sa8155p_firmwarewcd9341_firmwareqcm6125wsa8810sm8450pmdm9150wcn6856sd_8csd835_firmwareqca6564_firmwaresd768gwcn6740qca6696sd845_firmwaresa6150psd845sdm830sd720g_firmwaresdx12qcs410_firmwareqca6175a_firmwaresd850sm7325_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-27055
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.84%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 12:49
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in Camera

Memory corruption during the image encoding process.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wsa8845_firmwarewsa8840wcd9370snapdragon_7c_gen_2_compute_firmwaresc8180xp-aaab_firmwarewcd9340_firmwarewcd9385sc8380xpwcd9341_firmwaresnapdragon_7c\+_gen_3_compute_firmwarefastconnect_6700qca6420sc8180xp-adsc8280xp-abbbqca6430wsa8815_firmwarewcd9370_firmwaresc8180xp-ad_firmwareqcm6490_firmwaresc8180xp-aaabwcd9340wcd9341qcm6490wsa8810_firmwarewsa8845h_firmwareqca6420_firmwareaqt1000_firmwareqcs6490_firmwaresc8180xp-acafsnapdragon_7c\+_gen_3_computewsa8835wsa8840_firmwareqca6391_firmwareqca6430_firmwarefastconnect_6800_firmwareqcs5430wsa8845hwcd9380_firmwareqcm5430sm6250_firmwaresc8180x-ad_firmwareqcm5430_firmwaresc8180x-acafwsa8815snapdragon_7c_computewsa8830snapdragon_7c_gen_2_computesc8180x\+sdx55_firmwaresnapdragon_7c_compute_firmwaresc8380xp_firmwarefastconnect_6800wcd9375_firmwarefastconnect_7800_firmwarefastconnect_6900qca6391qcs5430_firmwaresc8180x\+sdx55wcd9385_firmwaresm6250fastconnect_6900_firmwarewcd9380fastconnect_6200sc8280xp-abbb_firmwarefastconnect_7800sc8180x-acaf_firmwarewcd9375wsa8845fastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwaresc8180x-adwsa8835_firmwaresc8180x-aaabwsa8810sc8180x-aaab_firmwareqcs6490sc8180xp-acaf_firmwarefastconnect_6200_firmwarewsa8830_firmwarevideo_collaboration_vc3_platformaqt1000Snapdragon
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2025-21438
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 6.47%
||
7 Day CHG~0.00%
Published-07 Apr, 2025 | 10:16
Updated-08 Apr, 2025 | 03:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in Windows WLAN Host

Memory corruption while IOCTL call is invoked from user-space to read board data.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-Snapdragon
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-1952
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.65%
||
7 Day CHG~0.00%
Published-09 Sep, 2021 | 07:35
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer over read occurs due to lack of length check of request buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwaremdm9150_firmwarewsa8830sd678sa6150p_firmwaresm6250p_firmwaresa8145p_firmwareqcs610sm7250qcs2290_firmwareqca8337sm7250_firmwareqca6431_firmwaresd7c_firmwarecsra6620qcs4290wcn3950_firmwaresc8180x\+sdx55sa8150p_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqcs2290qca6390_firmwaresa6155sd690_5gsd730_firmwarewcd9370csra6620_firmwaresd_675_firmwaresd675_firmwarecsra6640_firmwareqcs6125_firmwareqca6426qca6584au_firmwaresa415mwcn3998sd_8cx_firmwarewcd9371_firmwaresdxr2_5g_firmwarewcd9385_firmwaresm4125sd720gwcn3950qsm8350_firmwaresd662qsm8350sd460_firmwaresa8155qca6574au_firmwaresdx55_firmwareqca6595ausa6155_firmwarewcd9375_firmwarewcn3998_firmwarewcn3999_firmwareqca6420qca6436_firmwarewcd9306qca6584ausa6155p_firmwaresd778gwcn3999sa515m_firmwareqcs6490qrb5165_firmwaresdxr2_5gqcs6125sa8155_firmwareqca4004_firmwaresd662_firmwaresa415m_firmwareqcs405qca6430wcn3988_firmwaresa6145p_firmwareqca6421sd778g_firmwaresm6250wcd9306_firmwaresa8195pwcd9340wsa8810_firmwaresd765gsd765_firmwareqca6436wcn6851wcd9335sa6155pqcs4290_firmwarewcd9385qca6431qca6696_firmwareqcs6490_firmwarewcd9371sd750gsd870_firmwareqca6390ar8035sd_8cxaqt1000sa8150psd750g_firmwaresc8180x\+sdx55_firmwaresm6250_firmwarewcd9375wcn3910_firmwareqca4004wsa8830_firmwaresd855_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwareqcx315wcn6750_firmwareqcm6125_firmwareqcm2290_firmwarewcn3991qca8337_firmwarewcd9380_firmwaresd_675sd780gsd865_5gsdx55m_firmwarewcn6856_firmwaresd670_firmwareqca6574qcx315_firmwarewsa8835sd665_firmwarewcd9380sd888_5gsm6250pqcs410qca6574asd690_5g_firmwaresdx50m_firmwarewcn6855_firmwaresm7325qca6430_firmwarewcd9335_firmwarewcn6750mdm9205sa515mqca6574_firmwarewcd9340_firmwaresd855sm4125_firmwarewcn6850sd665sd7cwcn3910wsa8815sd_8c_firmwaresd765qca6426_firmwareqca6574a_firmwaresd768g_firmwaresd460qca6391sd730sdx55mqca6421_firmwareaqt1000_firmwarewcn6740_firmwaresd678_firmwarear8031_firmwareqcm4290qcm6490_firmwaresdx50mqrb5165sd480_firmwarewcn6851_firmwareqca6574ausa8155p_firmwaresd670qcm6125qcm4290_firmwaresd480sd870wcn6855wsa8810qcs610_firmwaremdm9150wcn6856qsm8250sd_8csa6145psd768gar8031qcs405_firmwaresa8145pwcn6740qca6696mdm9205_firmwareqca6391_firmwaresd780g_firmwarewcd9370_firmwaresa6150psdx55sa8155pcsra6640sd675sd720g_firmwareqcs410_firmwarear8035_firmwareqcm2290qsm8250_firmwaresm7325_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-45548
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.31%
||
7 Day CHG~0.00%
Published-06 Jan, 2025 | 10:33
Updated-13 Jan, 2025 | 21:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Windows Host

Memory corruption while processing FIPS encryption or decryption validation functionality IOCTL call.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wsa8840_firmwarefastconnect_7800qcc2073_firmwareqcc2076qcc2076_firmwarewsa8845hfastconnect_7800_firmwarewsa8845h_firmwarewcd9380_firmwarewcd9385_firmwarefastconnect_6900_firmwarewcd9380qcc2073wcd9385fastconnect_6900sc8380xp_firmwaresc8380xpwsa8845_firmwarewsa8840wsa8845Snapdragon
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-45568
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 2.10%
||
7 Day CHG~0.00%
Published-06 May, 2025 | 08:32
Updated-09 May, 2025 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in Camera Driver

Memory corruption due to improper bounds check while command handling in camera-kernel driver.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwaresnapdragon_429_mobile_firmwarefastconnect_7800_firmwarewcn3620_firmwarewcd9385wsa8835sxr2230p_firmwarewcn3660bwcd9385_firmwaresxr2230pwcn3620sdm429w_firmwarewsa8830wsa8830_firmwarewsa8835_firmwaresxr2250p_firmwarewcd9380snapdragon_429_mobilefastconnect_6900sdm429wfastconnect_6900_firmwarewsa8832_firmwarewsa8832wcn3660b_firmwarefastconnect_7800sxr2250pSnapdragon
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2023-28541
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.90%
||
7 Day CHG~0.00%
Published-04 Jul, 2023 | 04:46
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Host

Memory Corruption in Data Modem while processing DMA buffer release event about CFR data.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_wear_3100_firmwaresdm429w_firmwareimmersive_home_214robotics_rb3sd865_5gqcs410_firmwaresa6150p_firmwaresw5100pipq9574qcn9000_firmwareqca6595qcn9022qcs610_firmwarewcd9335ipq6028_firmwarewcd9370qca8081_firmwareqcn9001qca8072snapdragon_429_firmwareqca6696wcd9340_firmwarewcd9341_firmwareipq5028_firmwareqcn6024qcn9003_firmwarear9380ipq8076qca6426snapdragon_auto_4gfastconnect_6700ipq6018_firmwareqca9984_firmwareqcn6023qcn5124_firmwareqca8337qca9994_firmwareqca6426_firmwareqcn7605ipq6000qca6574au_firmwareipq8078aqcn7606_firmwareipq8078a_firmwareqam8295pwcd9341qca6574auwsa8810_firmwaresnapdragon_429csra6640snapdragon_865\+_5gqcn9100_firmwarewcn3660b_firmwareqcn5122qca6554afastconnect_6800_firmwaresnapdragon_865\+_5g_firmwaresnapdragon_855\+\/860sd835_firmwareqcn6024_firmwaresdx20mqca9886_firmwaresnapdragon_x65_5gvideo_collaboration_vc1_platform_firmwareqca9880qcm6125_firmwarec-v2x_9150qcn9000qcn6132_firmwaresnapdragon_xr2_5g_firmwareqcn5054snapdragon_660_firmwarefastconnect_6900video_collaboration_vc1_platformqcn5052qca9980wcd9385_firmwareqca6421ipq9574_firmwareqca6310qam8255p_firmwareipq8064ipq8074a_firmwareipq8076awcd9360qcn5164qca6335snapdragon_wear_3100mdm9250sa6155pqca6421_firmwareqcm6125qca6564au_firmwarecsr8811_firmwarewsa8810qca8075snapdragon_855_firmwareqca8085qca6595ausnapdragon_865_5g_firmwaresnapdragon_wear_2500sa6155p_firmwaremdm9640_firmwaresd835snapdragon_835qca6436_firmwareqcn9012ipq8070a_firmwareqcn9070mdm9650_firmwareqca8084qca6420sdx65mwcd9370_firmwarecsrb31024mdm9250_firmwarewcn3660bqca6574awcn3620_firmwareqca6174asa8195pqca9898_firmwarewcd9340qca6335_firmwareqcm6490qcn6122_firmwareqcn5154_firmwareqca7500snapdragon_x55_5g_firmwarewcn3988ipq4019qcn5122_firmwareqcn9274qcn9024ipq8076a_firmwareqca6574ar9380_firmwareqca6430_firmwareipq4029_firmwareqcn9011smart_audio_400qcn9024_firmwareqca8082snapdragon_820_firmwaresa6150pqcs410sa8155p_firmwareqca6564asa8155pqca8072_firmwaresnapdragon_wear_2100_firmwaresnapdragon_870_5g_firmwarewsa8830sa6145psnapdragon_x65_5g_firmwaresnapdragon_wear_2100qcn9074_firmwareipq8174immersive_home_318_firmwareqcn6122sa8255p_firmwareipq8174_firmwareipq8072aqrb5165m_firmwareimmersive_home_216_firmwarewcn3620qca9985immersive_home_316ipq8071aqca6698aqwcn3950_firmwareqrb5165nfastconnect_6200sa8145p_firmwarewcd9360_firmwaresa8150p_firmwaresnapdragon_835_firmwarefastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwarewcn3990robotics_rb3_firmwareqcn6023_firmwareqcn5164_firmwareqcn9002ipq8078qcs6490qcn5152_firmwarefastconnect_6200_firmwarear8031_firmwareqcn9072wsa8830_firmwareipq4028_firmwareqca6431qca6678aq_firmwareqca8386_firmwaresd660_firmwareqca8082_firmwareqca9880_firmwareimmersive_home_216sxr2130_firmwareqca6678aqqcn5022_firmwareqca9992qrb5165mqca6320qca4024_firmwareqca9898snapdragon_845_firmwareipq9008qca6564auqcs6125_firmwareqca9992_firmwareqca9990ipq8070ipq9008_firmwareqcn9074wsa8815_firmwaresnapdragon_865_5gsa8195p_firmwareqca8337_firmwaresnapdragon_665_firmwaresnapdragon_auto_4g_firmwareqcn5054_firmwareqca9888ar8031qca9377_firmwareipq8173qcm6490_firmwareipq8072a_firmwaresnapdragon_665snapdragon_w5\+_gen_1ipq6010_firmwarewcn3950qcs6125flight_rb5_5gqca6797aq_firmwareipq5028qca8085_firmwareqcn9070_firmwaresa8295p_firmwaresmart_audio_400_firmwareqca9984ipq5010_firmwareqcn9022_firmwareqca9886qcn6132csrb31024_firmwareipq6018snapdragon_auto_5g_firmwaresnapdragon_x20qca6584auqca6320_firmwareqcn9011_firmwaresnapdragon_wear_2500_firmwaresw5100_firmwareipq8065qca6310_firmwarefastconnect_6800qca4024qca6595_firmwarefastconnect_7800_firmwareimmersive_home_214_firmwareqcn9001_firmwaresnapdragon_855\+\/860_firmwareipq8070afastconnect_6900_firmwarerobotics_rb5_firmwarewcd9380ipq4028qam8255psa6145p_firmwareqca9990_firmwaresnapdragon_xr2_5gqca7500_firmwaresa8150pqcn9003qca8075_firmwareqcn5052_firmwareipq6010sdx65m_firmwarevideo_collaboration_vc3_platformsw5100aqt1000c-v2x_9150_firmwareqca9980_firmwareqca9985_firmwareqam8295p_firmwaresd855qca6431_firmwaresnapdragon_8_gen_1_firmwarewcn3990_firmwareqca6175a_firmwareqca6698aq_firmwaresdx20m_firmwareqca6564a_firmwareqcn7606qca9994wcd9385msm8909w_firmwareqca8084_firmwareqcn7605_firmwaresnapdragon_8_gen_1sa8255pipq4018qcn5024qca6430snapdragon_855mdm9650sdx55_firmwaresnapdragon_x55_5gipq8071a_firmwareflight_rb5_5g_firmwareipq4019_firmwareqca6554a_firmwaresxr2130ipq6028snapdragon_870_5gcsra6640_firmwareqcn9100robotics_rb5ipq4029qca6174a_firmwaresnapdragon_845qca6420_firmwareaqt1000_firmwareqcs6490_firmwareipq4018_firmwareipq8076_firmwaresd855_firmwarewcd9335_firmwaremdm9640qca6436qrb5165n_firmwarewcn3980_firmwarewsa8835sdm429wqca6391_firmwareqca6584au_firmwareqca6595au_firmwaresw5100p_firmwareipq8068qca6696_firmwarewcd9380_firmwaresnapdragon_x20_firmwareqca6574_firmwarecsra6620sd660qca8081mdm9628wsa8815qcn5124qca9377snapdragon_auto_5gipq8064_firmwaremdm9628_firmwareqca6797aqqcn5152ipq8065_firmwaresnapdragon_660qca6574a_firmwaresdx55qcn9072_firmwaresnapdragon_820qca9888_firmwareipq8074aqca9889qca6175aqcn5024_firmwarewcd9375_firmwareqcn9002_firmwareqca8386qca6391snapdragon_w5\+_gen_1_firmwareimmersive_home_318ipq5010qcn9274_firmwareipq8173_firmwareqcn9012_firmwarecsra6620_firmwaresa8295pipq8068_firmwareipq6000_firmwarefastconnect_7800sd865_5g_firmwarewcd9375ipq8078_firmwareqca9889_firmwarewcn3988_firmwareimmersive_home_316_firmwareipq8070_firmwaresa8145pqcn5154wsa8835_firmwarecsr8811qcn5022wcn3980msm8909wqcs610Snapdragonqcn5024_firmwareqam8255p_firmwareqca9377_firmwaremdm9640_firmwaresa6150p_firmwaresa8145p_firmwareipq4028_firmwareipq8173_firmwareqca6431_firmwaremdm9628_firmwaresnapdragon_820_automotive_platform_firmwarewcd9360_firmwareflight_rb5_5g_platform_firmwareqca4024_firmwaresnapdragon_wear_2100_platform_firmwareqca9880_firmwaresnapdragon_x20_lte_modem_firmwareimmersive_home_318_platform_firmwarewcn3950_firmwareipq5028_firmwaresa8150p_firmwareqca6420_firmwareqca6595au_firmwaresnapdragon_auto_4g_modem_firmwarecsra6620_firmwarecsra6640_firmwareqcn5152_firmwareqcs6125_firmwareqca6584au_firmwarewcn3990_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwareqca6554a_firmwarequalcomm_video_collaboration_vc3_platform_firmwarewcd9385_firmwareqcn6024_firmwareqca8386_firmwareimmersive_home_316_platform_firmwareqca8084_firmwaresnapdragon_660_mobile_platform_firmwareqcn5124_firmwareqam8295p_firmwareqcn9011_firmwareqca8082_firmwareqca6320_firmwaresnapdragon_429_mobile_platform_firmwareqca6574au_firmwareqcn5122_firmwareqcn5164_firmwaresdx55_firmwaresnapdragon_835_mobile_pc_platform_firmwareqca8081_firmwareqcn6023_firmwarewcd9375_firmwareqca6436_firmwareqca6564au_firmwaresnapdragon_auto_5g_modem-rf_firmwareipq8070_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareipq8078a_firmwareqca6678aq_firmwaresmart_audio_400_platform_firmwareqrb5165m_firmwareipq4029_firmwarerobotics_rb3_platform_firmwarewcn3988_firmwaresa6145p_firmwarefastconnect_6700_firmwarewsa8810_firmwaresa8255p_firmwareqca6698aq_firmwaresdx65m_firmwareqca6174a_firmwareipq8071a_firmwaremdm9250_firmwareqca8085_firmwareqca9888_firmwareipq8068_firmwaresxr2130_firmwareqca6696_firmwareqcs6490_firmwareipq9008_firmwareqcn5154_firmwaresnapdragon_665_mobile_platform_firmwareqca9898_firmwaresnapdragon_855_mobile_platform_firmwareqcn9100_firmwarewsa8830_firmwareqca9992_firmwaresd855_firmwaresd865_5g_firmwareipq5010_firmwareipq8074a_firmwarewcn3620_firmwarewsa8815_firmwaresd660_firmwarewsa8835_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwareqcn5022_firmwareqcn7606_firmwaresa8295p_firmwareimmersive_home_216_platform_firmwareqcm6125_firmwarequalcomm_video_collaboration_vc1_platform_firmwareqca9985_firmwarerobotics_rb5_platform_firmwareipq4018_firmwareqca8337_firmwarewcd9380_firmwareqca7500_firmwareqca9980_firmwareipq8076a_firmwarear9380_firmwareqcn9001_firmwaremsm8909w_firmwareipq8065_firmwareqcn6122_firmwaresdm429w_firmwarecsr8811_firmwareqcn5054_firmwareqca8075_firmwareipq4019_firmwareqcn6132_firmwareqcn9003_firmwarec-v2x_9150_firmwareqca6310_firmwareqca8072_firmwareqca6430_firmwareqca9994_firmwareqcn5052_firmwareqcn9012_firmwareipq8070a_firmwareqcn9274_firmwarewcd9335_firmwareqca6335_firmwareipq6018_firmwareipq8076_firmwareqca6574_firmwarewcd9340_firmwaremdm9650_firmwaresnapdragon_xr2_5g_platform_firmwareqca6426_firmwarewcn3660b_firmwareqca6574a_firmwarefastconnect_6200_firmwareipq9574_firmwarewcn3980_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareipq8064_firmwareqca6421_firmwareaqt1000_firmwaresnapdragon_845_mobile_platform_firmwarear8031_firmwarecsrb31024_firmwareqcm6490_firmwareipq8078_firmwareqcn9070_firmwarefastconnect_6900_firmwareipq6028_firmwareipq8072a_firmwareqca6797aq_firmwareqca9889_firmwaresa8155p_firmwareqca6564a_firmwareipq8174_firmwareqcn9024_firmwarewcd9341_firmwarefastconnect_7800_firmwaresdx20m_firmwareqcn7605_firmwaresw5100p_firmwareqcs610_firmwaresnapdragon_8_gen_1_mobile_platform_firmwaresd835_firmwareqca9886_firmwareipq6010_firmwaresnapdragon_wear_2500_platform_firmwareqca6595_firmwareqca6391_firmwareimmersive_home_214_platform_firmwarewcd9370_firmwareqcn9022_firmwareqca9990_firmwareqcn9002_firmwareqcn9072_firmwareipq6000_firmwaresnapdragon_wear_3100_platform_firmwaresw5100_firmwareqcn9074_firmwareqcs410_firmwareqca6175a_firmware
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2023-28542
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.90%
||
7 Day CHG~0.00%
Published-04 Jul, 2023 | 04:46
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN HOST

Memory Corruption in WLAN HOST while fetching TX status information.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-robotics_rb3qcs410_firmwaresa6150p_firmwaresd865_5gsw5100psxr1120qca6595qcs610_firmwaresnapdragon_8\+_gen_1wcd9335wcd9370qca8081_firmwaresnapdragon_730gqca6696wcd9340_firmwarewcd9341_firmwareqcn6024qca6426snapdragon_auto_4gwcn6740_firmwaresnapdragon_720g_firmwarefastconnect_6700snapdragon_695_5gsa4150psnapdragon_888_5gwsa8832_firmwareqca8337qca6426_firmwaresnapdragon_4_gen_2_firmwareqca6574au_firmwareqca6564_firmwareqam8295pwcd9341qca6574au315_5g_iot_firmwaresd730_firmwarewsa8810_firmwarecsra6640snapdragon_690_5gsnapdragon_778g\+_5g_firmwaresnapdragon_865\+_5gsnapdragon_765_5gsd730qca6554afastconnect_6800_firmwaresnapdragon_x24_firmwaresnapdragon_865\+_5g_firmwaresnapdragon_855\+\/860sd835_firmwareqcn6024_firmwaresdx20msnapdragon_x65_5gsnapdragon_636_firmwarevideo_collaboration_vc1_platform_firmwaresa4155psnapdragon_888\+_5g_firmwareqcm6125_firmwarec-v2x_9150snapdragon_x50_5gsnapdragon_xr2_5g_firmwaresnapdragon_xr1_firmwaresxr1120_firmwaresnapdragon_710snapdragon_730snapdragon_765g_5g_firmwaresnapdragon_660_firmwaresnapdragon_4_gen_2fastconnect_6900video_collaboration_vc1_platformwcd9385_firmwareqca6421qca6310qam8255p_firmwaresnapdragon_778g_5gsnapdragon_670snapdragon_678_firmwaresa8155_firmwarewcd9360qca6335snapdragon_x5_firmwaresnapdragon_732g_firmwaresnapdragon_662_firmwaresnapdragon_x50_5g_firmwaresnapdragon_x24mdm9250sa6155pqca6421_firmwareqcm6125qca6564au_firmwarewsa8810video_collaboration_vc5_platform_firmwaresnapdragon_670_firmwaresnapdragon_855_firmwaresnapdragon_678qca6595ausm7315_firmwaresnapdragon_865_5g_firmwarewcd9326_firmwaresa6155p_firmwaresnapdragon_730g_firmwaresd835snapdragon_835qca6436_firmwareqcn9012mdm9650_firmwarewcd9371_firmwarewcn3910_firmwaresnapdragon_675_firmwaresm4125_firmwaresnapdragon_680_4gqca6420wcn3910apq8064au_firmwarewcd9370_firmwarecsrb31024qca9367mdm9250_firmwaresnapdragon_480\+_5g_firmwaresnapdragon_765_5g_firmwareqca6574aqca6174aqca6584_firmwaresnapdragon_695_5g_firmwaresnapdragon_750g_5g_firmwarewcd9340qcs8250_firmwareqcm2290sa8195pqca6335_firmwareqcm6490snapdragon_x55_5g_firmwarewcn3988qcn9024qca6574sd675_firmwareqca6430_firmwareqcn9011smart_audio_400qcn9024_firmwaresnapdragon_820_firmwaresa6150pwcd9326qcs410qcm2290_firmwaresa8155p_firmwareqca6564asa8155pwsa8830snapdragon_870_5g_firmwaresa6145psnapdragon_x65_5g_firmwareqcn9074_firmwaresa8255p_firmwaresnapdragon_888\+_5gsnapdragon_720gar8035msm8996auqca6564sa6155qrb5165m_firmwareapq8064ausnapdragon_782gqca6698aqwcn3950_firmwaresm6250qrb5165nfastconnect_6200sd670sm7325p_firmwaresa8145p_firmwarewcd9360_firmwaresnapdragon_630sa8150p_firmwaresnapdragon_835_firmwarefastconnect_6700_firmwaresnapdragon_768g_5gvideo_collaboration_vc3_platform_firmwarewcn3990robotics_rb3_firmwaresnapdragon_778g_5g_firmwaresnapdragon_780g_5gsd670_firmwareqcs6490qcs8250snapdragon_778g\+_5gfastconnect_6200_firmwarear8031_firmwarewsa8830_firmwareqca6431sd660_firmwaresnapdragon_7c\+_gen_3wsa8832sxr2130_firmwarear8035_firmwareqrb5165msnapdragon_680_4g_firmwareqca6320sa4150p_firmwaresd888_firmwaresnapdragon_845_firmwaresnapdragon_630_firmwareqca6564auqcs6125_firmwaresnapdragon_460snapdragon_636sm6250p_firmwareqcn9074wsa8815_firmwaresnapdragon_865_5gsa8195p_firmwareqca8337_firmwaresnapdragon_665_firmwaresnapdragon_auto_4g_firmwareqcm4290snapdragon_480_5g_firmwaresnapdragon_4_gen_1_firmwarear8031snapdragon_685_4gqca9377_firmwareqcm6490_firmwaresnapdragon_xr2\+_gen_1snapdragon_w5\+_gen_1snapdragon_665sm7250p_firmwaresm4125vision_intelligence_400_firmwarewcn3950qcs6125flight_rb5_5gsnapdragon_690_5g_firmwareqca6797aq_firmwaresa8295p_firmwaresmart_audio_400_firmwaresd_675_firmwaresnapdragon_460_firmwaresa4155p_firmwaresnapdragon_auto_5g_firmwaresm7250pcsrb31024_firmwaresa8155sm6250_firmwaresnapdragon_768g_5g_firmwaresnapdragon_x20snapdragon_710_firmwareqca6584ausd888qca6320_firmwareqcn9011_firmwaresw5100_firmwarewcn6740snapdragon_732gqca6310_firmwarefastconnect_6800snapdragon_662qca6595_firmwarefastconnect_7800_firmwarewcd9371snapdragon_855\+\/860_firmwarefastconnect_6900_firmwarerobotics_rb5_firmwarewcd9380sa6145p_firmwareqam8255psa6155_firmwaresnapdragon_xr2_5gsa8150psnapdragon_888_5g_firmwaresnapdragon_765g_5gmsm8996au_firmwaresnapdragon_x5sw5100video_collaboration_vc3_platformaqt1000c-v2x_9150_firmwareqam8295p_firmwaresd855qca6431_firmwaresnapdragon_8_gen_1_firmwarewcn3990_firmwaresm7315qca6175a_firmwaresnapdragon_750g_5gqca6698aq_firmwareqcs2290qca6564a_firmwaresdx20m_firmwarewcd9385qcs2290_firmwaresnapdragon_xr2\+_gen_1_firmwareqca9367_firmwaresnapdragon_8_gen_1sa8255pqcs4290qca6430sm6250psnapdragon_782g_firmwaresnapdragon_855mdm9650sdx55_firmwaresnapdragon_x55_5gflight_rb5_5g_firmwareqca6554a_firmwaresxr2130snapdragon_4_gen_1snapdragon_870_5gcsra6640_firmwarerobotics_rb5snapdragon_480\+_5gqca6174a_firmwaresnapdragon_685_4g_firmwaresm7325psnapdragon_845video_collaboration_vc5_platformqca6420_firmwareaqt1000_firmwareqcs6490_firmwaresnapdragon_480_5gsd855_firmwarewcd9335_firmwareqrb5165n_firmwareqca6436wcn3980_firmwareqca6584au_firmwarewsa8835qca6595au_firmwareqca6391_firmwaresw5100p_firmwareqca6696_firmwareqcs4290_firmwarewcd9380_firmwaresnapdragon_x20_firmwareqca6574_firmwarecsra6620qca8081sd660mdm9628wsa8815sd_8_gen1_5gsnapdragon_ar2_gen_1_firmwareqca9377snapdragon_auto_5gqca6797aqmdm9628_firmwaresnapdragon_730_firmwaresnapdragon_660qca6574a_firmwaresdx55qcm4290_firmwaresnapdragon_820snapdragon_8\+_gen_1_firmwaresd675qca6175asd_8_gen1_5g_firmwarewcd9375_firmwaresnapdragon_7c\+_gen_3_firmwareqca6391snapdragon_w5\+_gen_1_firmwareqcn9012_firmwareqca6584snapdragon_780g_5g_firmwarecsra6620_firmwaresa8295psnapdragon_675fastconnect_7800sd865_5g_firmwaresnapdragon_xr1wcd9375snapdragon_ar2_gen_1wcn3988_firmware315_5g_iotsa8145psd_675vision_intelligence_400wsa8835_firmwarewcn3980qcs610Snapdragonqam8255p_firmwareqca9377_firmwaresnapdragon_662_mobile_platform_firmwaresa6150p_firmwaresm6250p_firmwaresa8145p_firmware315_5g_iot_modem_firmwareqcs2290_firmwaresnapdragon_x24_lte_modem_firmwareqca6431_firmwaremdm9628_firmwaresnapdragon_820_automotive_platform_firmwarewcd9360_firmwareflight_rb5_5g_platform_firmwaresnapdragon_x20_lte_modem_firmwarewcn3950_firmwaresnapdragon_888_5g_mobile_platform_firmwaresa8150p_firmwareqca6420_firmwareqca6595au_firmwaresd730_firmwaresnapdragon_auto_4g_modem_firmwarecsra6620_firmwaresd_675_firmwaresd675_firmwarecsra6640_firmwaresnapdragon_460_mobile_platform_firmwareqcs6125_firmwaresnapdragon_480_5g_mobile_platform_firmwareqca6584au_firmwarewcn3990_firmwareqrb5165n_firmwareqca6554a_firmwarequalcomm_video_collaboration_vc3_platform_firmwarewcd9371_firmwarewcd9385_firmwareqcn6024_firmwarewcd9326_firmwaresd_8_gen1_5g_firmwaresnapdragon_660_mobile_platform_firmwareqam8295p_firmwareqcn9011_firmwaresm7315_firmwareqca6320_firmwaresnapdragon_695_5g_mobile_platform_firmwareqca6574au_firmwaresdx55_firmwaresnapdragon_835_mobile_pc_platform_firmwarewcd9375_firmwareqca8081_firmwaresa6155_firmwaresm7250p_firmwareqca6436_firmwaresnapdragon_680_4g_mobile_platform_firmwareqca6564au_firmwaresnapdragon_auto_5g_modem-rf_firmwaresa6155p_firmwareqca9367_firmwaresnapdragon_x65_5g_modem-rf_system_firmwaresmart_audio_400_platform_firmwaresnapdragon_x5_lte_modem_firmwareqrb5165m_firmwaresa4155p_firmwaresa8155_firmwarerobotics_rb3_platform_firmwarewcn3988_firmwaresa6145p_firmwarefastconnect_6700_firmwarewsa8810_firmwaresnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwareqca6698aq_firmwareqca6174a_firmwaremdm9250_firmwareqcs4290_firmwaresxr2130_firmwareqca6696_firmwareqcs6490_firmwaresnapdragon_665_mobile_platform_firmwarewcn3910_firmwaresnapdragon_855_mobile_platform_firmwaresm6250_firmwarevision_intelligence_400_platform_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewsa8815_firmwarewsa8835_firmwaresd660_firmwaresnapdragon_636_mobile_platform_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwaresxr1120_firmwaresa8295p_firmwaresnapdragon_750g_5g_mobile_platform_firmwareqcm6125_firmwaresnapdragon_675_mobile_platform_firmwareqcm2290_firmwarequalcomm_video_collaboration_vc1_platform_firmwarerobotics_rb5_platform_firmwareqca8337_firmwarewcd9380_firmwaresnapdragon_778g_5g_mobile_platform_firmwaremsm8996au_firmwaresnapdragon_670_mobile_platform_firmwaresd670_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_4_gen_2_mobile_platform_firmwarec-v2x_9150_firmwareqca6310_firmwareqca6430_firmwareqcn9012_firmwarewcd9335_firmwareqca6335_firmwareqca6574_firmwarewcd9340_firmwaresm4125_firmwaresm7325p_firmwareqca6584_firmwaremdm9650_firmwaresnapdragon_630_mobile_platform_firmwaresnapdragon_xr2_5g_platform_firmwareqca6426_firmwareqca6574a_firmwarefastconnect_6200_firmwarewcn3980_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresnapdragon_x50_5g_modem-rf_system_firmwareqca6421_firmwareaqt1000_firmwarewcn6740_firmwaresnapdragon_690_5g_mobile_platform_firmwaresnapdragon_845_mobile_platform_firmwarear8031_firmwareapq8064au_firmwarecsrb31024_firmwareqcm6490_firmwarewsa8832_firmwarefastconnect_6900_firmwareqca6797aq_firmwaresa8155p_firmwareqca6564a_firmwareqcn9024_firmwareqcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwareqcm4290_firmwaresdx20m_firmwaresw5100p_firmwareqcs610_firmwaresnapdragon_8_gen_1_mobile_platform_firmwaresd835_firmwareqca6564_firmwareqca6595_firmwareqca6391_firmwaresnapdragon_710_mobile_platform_firmwaresa4150p_firmwarewcd9370_firmwarequalcomm_video_collaboration_vc5_platform_firmwaresd888_firmwaresw5100_firmwareqcn9074_firmwareqcs410_firmwaresnapdragon_720g_mobile_platform_firmwareqca6175a_firmwarear8035_firmwaresnapdragon_xr1_platform_firmware
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2022-22066
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.09% / 27.06%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 05:25
Updated-03 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption occurs while processing command received from HLOS due to improper length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresd_8cx_gen3_firmwaresm6250p_firmwareqcs610qca8337qca6431_firmwarewcd9360_firmwaresdx65wcn3950_firmwaresc8180x\+sdx55qcs2290qca6595au_firmwaresa6155csra6620_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaresa415mwcn3998wcd9371_firmwaresd_8cx_gen2_firmwaresm4125sd720gwcn3950sd_8_gen1_5g_firmwareqsm8350_firmwaresd710_firmwareqsm8350sd460_firmwaresm7315_firmwarewcn7850qca6574au_firmwarewcd9375_firmwareqca8081_firmwaresa6155_firmwarewcn3998_firmwareqca6420wcd9360sm7450_firmwaresd680_firmwarewcn3999sd_8cx_gen2qrb5165_firmwareqrb5165m_firmwareqcs6125sa8155_firmwaresd662_firmwareqcs405qca6430wcd9340sd765gsw5100qca6436sd680wcn6851sa6155pwcn7851_firmwarewcd9341qca6431qca6696_firmwarewcd9371sd750gsd870_firmwarewcn3910_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewcn3988wcn7850_firmwaresa8195p_firmwaresm8475wcn6750_firmwarewcn3991qca8337_firmwarewcd9380_firmwaresw5100pqca6564ausdx55m_firmwarewcn6856_firmwareqca6574wcd9380qcs410sd690_5g_firmwaresdx50m_firmwaresdx24_firmwareqca6430_firmwarewcd9335_firmwarewcn3980wcd9340_firmwarewsa8815wcn6850sd7cwcn3910qca6426_firmwaresd695wcn3980_firmwaresd730sdx55mqca6421_firmwaresm8475_firmwarewcn6740_firmwaresd678_firmwarear8031_firmwareqrb5165wcn6851_firmwareqca6564a_firmwareqcm4290_firmwaresd480sd870wcn6855wsa8832sw5100p_firmwareqcs610_firmwaresa6145psd695_firmwarear8031qca6595_firmwareqcs405_firmwareqca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55sd888_firmwaresa8155pcsra6640sd675sm8475p_firmwarear8035_firmwareqcm2290wcn3991_firmwaremdm9150_firmwarewsa8830sd678qcs2290_firmwaresd7c_firmwarecsrb31024csra6620qcs4290sd765g_firmwareqca6420_firmwareqca6390_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwareqca6564qca6426wcn3990_firmwareqrb5165n_firmwareqca9377wcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwaresd662sa8155sdx55_firmwareqca6595auwcn3999_firmwaresm7250p_firmwareqca6436_firmwareqrb5165nqca6564au_firmwaresd778gsa6155p_firmwaresa515m_firmwareqcs6490wcn7851sdxr2_5gsa415m_firmwarewcn3988_firmwaresa6145p_firmwareqca6421sd778g_firmwaresm6250sa8195pwsa8810_firmwaresd765_firmwarewcd9326wcd9335qca8081qca6174a_firmwareqcs4290_firmwarewcd9385qcs6490_firmwaresd_8cx_gen3ar8035qca6390sd750g_firmwareaqt1000wcd9375sc8180x\+sdx55_firmwaresm6250_firmwareqcm6490sd888_5g_firmwarewcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresm7450qca6564aqcm6125_firmwareqcm2290_firmwarewcn3990sd_675sd780gsd865_5gqca6595sdx24sd888wsa8835sd665_firmwaresd888_5gsm6250pqca6574awcn6855_firmwareqca6174asm7325pwcn6750sa515mqca6574_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665qca6175asd765qca6574a_firmwaresd768g_firmwareqrb5165msm7315sd460qca6391aqt1000_firmwaresdx65_firmwareqcm4290csrb31024_firmwareqcm6490_firmwaresdx50mwsa8832_firmwaresd480_firmwareqca6574ausa8155p_firmwaresd710wcd9341_firmwareqcm6125wsa8810mdm9150wcn6856qca6564_firmwaresd768gwcn6740qca6696sm7250psd720g_firmwaresw5100_firmwareqcs410_firmwareqca6175a_firmwaresm8475pSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-22059
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.11% / 29.37%
||
7 Day CHG~0.00%
Published-02 Sep, 2022 | 11:31
Updated-03 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption due to out of bound read while parsing a video file in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830sd678qcs610qcs2290_firmwaresd_636qcs4290wcn3950_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqcs2290qca6390_firmwaremsm8917sd690_5gsd730_firmwarewcd9370sd_675_firmwaresd675_firmwareqca6426sd632wcn3990_firmwarewcn3998wcd9385_firmwaresdxr2_5g_firmwarewcn3950wcd9326_firmwaresd720gwcn3615_firmwaresd_8_gen1_5g_firmwarewcn3660bsd662sd460_firmwarewcn7850qca6574au_firmwaresdx55_firmwarewcn3680b_firmwareqca6595auwcd9375_firmwarewcn3615wcn3998_firmwaresm7250p_firmwareqca6420qca6436_firmwareapq8053_firmwaresm7450_firmwaresd680_firmwaresd778gsa6155p_firmwarewcn7851sd429sdxr2_5gsd662_firmwaresdm630wcn3988_firmwareqca6430sd429_firmwaresm6250sd778g_firmwarewcd9340sa8195papq8017_firmwarewsa8810_firmwarequalcomm215_firmwaresd765gsd765_firmwareqca6436sd680wcd9326sa6155pwcd9335wcn6851wcn7851_firmwareqcs4290_firmwarewcd9385wcd9341qca6696_firmwaresd750gsd870_firmwareqca6390wcd9375sd750g_firmwareaqt1000wcn3910_firmwaresm6250_firmwaremsm8953_firmwarewsa8830_firmwaremsm8917_firmwaresd855_firmwaresd660sd865_5g_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwaresd660_firmwarewcn7850_firmwarewsa8815_firmwaresa8195p_firmwaresm7450wsa8835_firmwareapq8017sm8475wcn6750_firmwareqcm2290_firmwarewcn3991wcd9380_firmwarewcn3990sd_675sd780gsd865_5gsdx55m_firmwarewcn6856_firmwarewsa8835qca6574sd632_firmwarewcd9380sd888_5gqualcomm215qca6574asd690_5g_firmwaresdx50m_firmwarewcn6855_firmwaresm7325pqca6430_firmwarewcd9335_firmwarewcn3980sd439_firmwarewcn6750qca6574_firmwarewcd9340_firmwaresd855wsa8815sm7325p_firmwarewcn6850wcn3910sd765qca6426_firmwarewcn3660b_firmwarewcn3680qca6574a_firmwaresd768g_firmwaresd835wcn3980_firmwaresd460qca6391sd730sdx55msm8475_firmwareaqt1000_firmwarewcn6740_firmwaremsm8953sd678_firmwareqcm4290sdx50mwcn3680_firmwarewsa8832_firmwaresd480_firmwarewcn6851_firmwareqca6574ausa8155p_firmwaresd_636_firmwarewcd9341_firmwareqcm4290_firmwaresd480sd870wcn6855wsa8810wsa8832qcs610_firmwarewcn6856wcn3680bsd835_firmwaresd768gwcn6740qca6696sdm630_firmwareqca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55apq8053sa8155psd675sd439sm7250psd720g_firmwaresm8475p_firmwareqcm2290sm8475pSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-11195
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.65%
||
7 Day CHG~0.00%
Published-22 Feb, 2021 | 06:25
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound write and read in TA while processing command from NS side due to improper length check on command and response buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100qfe2080fc_firmwareqca9377_firmwareqfs2580qpm5679_firmwaremdm9640_firmwaresm6250p_firmwarepmd9607_firmwareqfe4455fc_firmwareqca8337qfs2608_firmwareqfs2530qpm8870_firmwareqln1030qpa8688pm6125qat5522_firmwarewcn3950_firmwarepm8150aqdm5670qca6595au_firmwareqpm5541_firmwareqpa5581_firmwaresa6155pm7150lqpa8821pm8998_firmwarewtr5975_firmwareqcs6125_firmwarepm456_firmwareqpa5580_firmwaremsm8108sa415mwcn3998wcd9371_firmwaremsm8108_firmwarewcn3950sm4125sd720gwtr1605mdm9206_firmwareqsw8573_firmwarewcn3660bqsm8350_firmwareqsw8574_firmwareqsm8350sd460_firmwaresmb2351_firmwareqpa4360_firmwarewcn3998_firmwarepm855pqca6420wtr4605_firmwarepm6150aqpm6670_firmwareqca9367_firmwaremdm8207pm660_firmwarepm8150bsa8155_firmwareqca4004_firmwareqfe2101qca6430qat3522qfe4455fcpmr735awcd9306_firmwarewcd9340sdm830_firmwaresd765gsdr660msm8209_firmwareqfs2630_firmwaresdr865mdm9250_firmwareqdm5620_firmwaresmr545qca6696_firmwareqln5020wcd9371smb1350pmm855au_firmwaresm4350_firmwaresd_8cxwtr3950sa8150ppm6350qdm5621qtc800sqca4004sd865_5g_firmwaresd712pm640p_firmwarewcn6750_firmwareqat5516_firmwarepm6150lpm855l_firmwareqtc410swcn3991qpa8801pm8150l_firmwareqat5533_firmwaresdx55m_firmwareqpa8673_firmwarepm6150smb1354_firmwaresd670_firmwareqca6574qfs2630qpa8842sdr052_firmwarepmm8996auwcd9380qln4640qcs410qpm5579_firmwaresmb1380_firmwarepmk8350_firmwaresmb1381pm855p_firmwaresd690_5g_firmwareqfe3100_firmwarepm7250qca9379_firmwarewtr4905qpa8803sdx24_firmwareqdm2301wcd9340_firmwarewsa8815wcn6850qfe2101_firmwareqdm5621_firmwareqdm2301_firmwareqpm6375sd_8c_firmwaresd835qca1990wcn3980_firmwaresd730qfe3320_firmwarepm660l_firmwarepm6250_firmwarepm8008pm8350b_firmwareqtm525_firmwarepme605_firmwarewtr1605l_firmwarepme605apq8064au_firmwareqpm5621_firmwareqca6234qln1021aq_firmwareqcs603qpa6560_firmwareqpa8802_firmwareqln4640_firmwareqpm5621qpm6582sd670pm8009_firmwareqfs2580_firmwareqcm4290_firmwarepm8150lpmi8998_firmwareqcs610_firmwaresa6145psdr105pm4250ar8031qpm5577mdm8207_firmwarewtr2965mdm9205_firmwareqca6391_firmwaresd820_firmwarepm8150wcd9370_firmwareqat3516_firmwaresdx55csra6640qat3555_firmwarepmi8994qpa8803_firmwareqca9379pm855bqca6234_firmwareqln1031qsm8250_firmwaresmb2351qpm5870pm8909mdm9150_firmwarewsa8830pm660qet6110_firmwareqpm6325pm6125_firmwareqbt1500qpa5581csrb31024mdm9628_firmwaremdm9650pmx24_firmwarefsm10055_firmwareqbt1500_firmwareqpm5870_firmwarepmk8001qcs4290qet6100pmm855aumdm9250qca6420_firmwareapq8009_firmwaresd690_5gsmb1396pm7150amsm8916_firmwaresd675_firmwarepm8350qca6564qpa4361_firmwarepm8350c_firmwareqpa5461_firmwareqca6426wcn3990_firmwareqca9377qpm5641wcd9385_firmwareqdm5650_firmwaresdxr2_5g_firmwarewcd9326_firmwarewhs9410wcn3615_firmwarewtr2955rgr7640au_firmwarepm7250_firmwaresdr845_firmwareqdm5620qln1021aqsmb1380pmk8002_firmwareqsw6310_firmwaresa8155qln1031_firmwareqdm4650_firmwaresdx55_firmwarepmm6155au_firmwareqat5533wcn3615sm7250p_firmwarewcn3610_firmwareqsm7250_firmwaremdm9207qpm6670pm7150l_firmwarewcd9306qca6584aumsm8208qpm4641qat5515_firmwarepm855qpm8830_firmwarepm8250qca9367qfe2082fc_firmwaremdm9607_firmwaremdm9655_firmwareqdm4643qfs2530_firmwaresa415m_firmwarepmx55qpm4641_firmwarewcn3988_firmwaresd205pm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresa8195psdr735_firmwareqpm5677qat5515qca6694wcd9326wcd9335pm6350_firmwarepm8004_firmwaresdr8150_firmwareqcs4290_firmwareqtc800h_firmwareqpm5620qpm4630qca6390wcd9375sd750g_firmwareaqt1000sm6250_firmwarepmm8195auqln4642qpm5677_firmwarewsa8815_firmwaresd888_5g_firmwaresmr525_firmwarepm8998wtr3925_firmwareqpm8820_firmwaremsm8916qln1020_firmwareqpm6621_firmwarepm670a_firmwareqcm6125_firmwarepmx55_firmwarewtr2955_firmwareqbt1000_firmwaresd865_5gpm8019qca6595pm8150_firmwaresmb1398_firmwareqpm8830pmm8996au_firmwareqat5522pm8150cpmr735bsd665_firmwareqpa4360pmk8003_firmwaresc8180xqpa4361qpm4640_firmwaremdm9206qpm5577_firmwareqdm5679_firmwarepm8350csmr525qca6310_firmwarepm6150l_firmwarepmr525pm8150a_firmwareqca6574_firmwarewtr3950_firmwareqln1036aq_firmwaresd665pm6150a_firmwarepm6150_firmwareqca6175asd765qca6574a_firmwarepmd9607qpm4630_firmwareqat3555sd850_firmwareapq8009qpa5461qfe2082fcwtr2965_firmwarepm670_firmwarecsrb31024_firmwareqfs2608qln1036aqqtc801ssc8180x_firmwareqpm5641_firmwareqfe3320sd710mdm9607pm8008_firmwareqln1035bd_firmwareqpm6621pmr735a_firmwarepmx50qca6564_firmwaresdr8250sd768gqln1030_firmwaresmb1350_firmwarepm8004pm640lpmk8002apq8096au_firmwaresd845sdm830pmd9655au_firmwareqcs410_firmwareqca6175a_firmwareqpa5580qpm5579fsm10055qfe2550sa6150p_firmwareqcs610pmi8996qpm5620_firmwareqdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqat3519qbt2000_firmwarepm855a_firmwareqtc800hsa8150p_firmwareqcs2290sdr8250_firmwareqca6335csra6620_firmwareqcs605_firmwareqln1020sd_675_firmwaresmr546_firmwareqdm5671csra6640_firmwarepmc1000hqpm4650_firmwarewtr3905qat3518sdr425_firmwaresmr526_firmwaremdm9628pm640a_firmwareqpa5460wgr7640_firmwareqdm2305_firmwareqpm5670_firmwaresd710_firmwareqca4020qdm5652qca6574au_firmwareqpm8870wcd9375_firmwareqpm5679qbt2000sa6155_firmwarewcd9360pmx50_firmwareqpa8675_firmwarewhs9410_firmwaresdr735gqpa5460_firmwarewcn3999qdm3301_firmwarepm8996qsm7250qcs6125apq8016_firmwaresd662_firmwaresmb1360qcs405qca1990_firmwareqfe3440fcqdm2308_firmwarefsm10056_firmwareqca4020_firmwareqca6436wcn6851sa6155pqcs603_firmwareqpa6560sdr675_firmwarewcd9341qdm4643_firmwaremdm9655qca6431qet4100_firmwaresd750gwcn3910_firmwareqpm5657wtr1605_firmwaremdm9207_firmwareqpm5875_firmwarewsa8830_firmwaresd855_firmwareqdm5650wcn3988wtr3925qfe2080fcsdr052sa8195p_firmwaresmb1390msm8208_firmwareqet4100wcn3610msm8608mdm9640qpa8686_firmwareqpm6585qca8337_firmwarewcd9380_firmwaresmb1355qln4650qtc800t_firmwarewcd9330msm8996au_firmwaresdr735g_firmwarewgr7640qat5568qet5100qdm5671_firmwareqpa8801_firmwareqca6564auqtm527_firmwarepm8005_firmwareqet4101_firmwarepm7250bqln4642_firmwarepmk8001_firmwaresmb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwarepm8996_firmwareqet4200aq_firmwaresdx50m_firmwaresdr735smb1395pm660lsmr526wtr5975qca6430_firmwarepmk8003qtc801s_firmwarewcd9335_firmwareqat3522_firmwarewcn3980qca6335_firmwareqsw8573qcs605qbt1000sd7cqca6320wcn3910mdm9650_firmwareqca6426_firmwarepm8350_firmwarewcn3660b_firmwarepm8009qpa8675sdr051_firmwarewcd9330_firmwaresdx55mpm670aqca6421_firmwarewtr3905_firmwareqat3518_firmwareqsw8574pmi8998sd821_firmwarear8031_firmwarepm855lwcn6851_firmwareqdm5670_firmwarepm7150a_firmwarepm8150b_firmwaresmr545_firmwarepmc1000h_firmwareqca6564a_firmwareqdm2310_firmwareqca6694au_firmwarepm4250_firmwaresdr105_firmwarepm670sd210_firmwarewtr1605lqdm5677pm8005qsm8250pm855_firmwareqdm2302pmm6155ausdxr1pm855b_firmwareapq8096auqca6595_firmwareqcs405_firmwareqpm6582_firmwareqpm6375_firmwarepm640l_firmwarepmi8996_firmwareqln4650_firmwareqpm5875qet5100msa8155psd675wtr4605qet4101qat3516pm670lqpm5658ar8035_firmwareqcm2290qpm5658_firmwarewcn3991_firmwareqdm5652_firmwarepmm8155au_firmwareqfe4465fcsdr051qln5030qcs2290_firmwarepm4125fsm10056pmi632qpa2625_firmwarepm456sd7c_firmwareqfe2081fc_firmwarepm8350bh_firmwarecsra6620pmr735b_firmwareqet5100_firmwareqpm4621smb1360_firmwareqet6100_firmwarepm670l_firmwaresdr660gsd765g_firmwareqpa8686qca6390_firmwaresd730_firmwarewcd9370sdr425pmr525_firmwareqca6584au_firmwarepmi632_firmwaresd_8cx_firmwareqpm5541qat5516smb358_firmwaresd662qpa8821_firmwaresdr660g_firmwarepm8350bhpm3003aqca6320_firmwarewcn3680b_firmwareqca6595auwcn3999_firmwareqca6436_firmwareqtc800tsmb1354qca6564au_firmwareqdm2305sa6155p_firmwareqca6310qpm8820qpm2630qfe2081fcqln5020_firmwaresdxr2_5gsmb1398sd821sa6145p_firmwaresdr675sm6250sd712_firmwarewsa8810_firmwaresmb231sd765_firmwareqdm5677_firmwareqet4200aqqca6174a_firmwarewcd9385qpm6325_firmwareqdm2302_firmwareqat3550_firmwarepmm8155auqln5040_firmwarepm4125_firmwarear8035pm8019_firmwareapq8064auqca6694_firmwareqpa8673qdm2310qfe2550_firmwareqln5030_firmwareqca6694ausd210wcn3620_firmwaresd820smb1396_firmwarewcn6850_firmwarewcn3620wsa8835_firmwaresmb358qca6564asmr546pmx24qet6110qln5040qcm2290_firmwareqpm8895sdr845qpm5670wcn3990sd_675qtm527qfe3440fc_firmwarepmk8350sdx24pmi8994_firmwarepm8350bqdm2307_firmwarewsa8835msm8996auqpm5657_firmwaresd888_5gsm6250prgr7640auqln1035bdpm855asdr660_firmwarepm8909_firmwareqca6574apm8916_firmwaresmb1390_firmwareqca6174aqpm4640wcn6750qet5100m_firmwareqpm4650mdm9205qtm525wtr6955sd855sm4125_firmwarewtr6955_firmwarepm640psd768g_firmwaresdr865_firmwaremsm8209qfe4465fc_firmwarepm8250_firmwaresd460qca6391sdxr1_firmwaresmb1351aqt1000_firmwareqpm8895_firmwareqcm4290sdx50mpm640asdr8150pm8916pmd9655ausmb1395_firmwareqdm4650pmd9655qca6574ausa8155p_firmwaresd205_firmwareqsw6310wcd9341_firmwareqcm6125wsa8810qtc410s_firmwareqpm2630_firmwaresmb231_firmwareqat5568_firmwareqdm2308qat3550mdm9150wtr4905_firmwareqdm5679sd_8cwcn3680bsd835_firmwarepm3003a_firmwareqca6696qtc800s_firmwaresm4350apq8016msm8608_firmwaresd845_firmwaresmb1381_firmwareqpa2625sa6150pqpa8688_firmwarepmm8195au_firmwaresm7250psd720g_firmwareqpm4621_firmwaresd850pm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
CVE-2020-11304
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.95%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 06:20
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound read in DRM due to improper buffer length check. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarefsm10055sa6150p_firmwaresm6250p_firmwareqcs610qca8337qca6431_firmwarewcd9360_firmwarewcn3950_firmwaresc8180x\+sdx55sa8150p_firmwareqcs2290qca6595au_firmwaresa6155qca6335sd_455_firmwarecsra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaremsm8108sa415mwcn3998wcd9371_firmwaremsm8108_firmwarewcn3950sm4125sd720gmdm9628mdm9206_firmwarewcn3660bqsm8350_firmwaresd710_firmwareqsm8350sd460_firmwareqca4020qca6574au_firmwarewcd9375_firmwarewcn3998_firmwaresa6155_firmwareqca6420wcd9360qca9367_firmwarewhs9410_firmwaremdm8207wcn3999qcs6125sa8155_firmwareqca4004_firmwaresd662_firmwareqcs405qca6430wcd9306_firmwarewcd9340sdm830_firmwaresd765gfsm10056_firmwareqca4020_firmwareqca6436wcn6851sa6155pqcs603_firmwaremsm8209_firmwaremdm9250_firmwarewcd9341qca6431qca6696_firmwarewcd9371sd870_firmwaresd750gwcn3910_firmwaresd_8cxsa8150pmdm9207_firmwareqca4004wsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwaresd712wcn3988sd660_firmwaresa8195p_firmwaremsm8208_firmwarewcn6750_firmwarewcn3610msm8608wcn3991qca8337_firmwarewcd9380_firmwarewcd9330qca6564ausdx55m_firmwarewcn6856_firmwaresd670_firmwareqca6574wcd9380qcs410sd690_5g_firmwaresdx50m_firmwareqca9379_firmwaresdx24_firmwareqca6430_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqcs605wcd9340_firmwarewsa8815wcn6850sd7cwcn3910qca6320mdm9650_firmwaresd_8c_firmwareqca6426_firmwarewcn3660b_firmwareqca9984sd835wcn3980_firmwaresd730wcd9330_firmwaresdx55mqca6421_firmwaresd678_firmwarear8031_firmwarewcn6851_firmwareqcs603sd670sd_636_firmwareqca6564a_firmwareqcm4290_firmwaresd480sd870wcn6855sd210_firmwareqcs610_firmwareqsm8250sa6145psdxr1ar8031apq8096auqca6595_firmwareqcs405_firmwaresa8145pmdm8207_firmwaresdm630_firmwaremdm9205_firmwareqca6391_firmwarewcd9370_firmwaresdx55sd888_firmwaresa8155pcsra6640sd675qca9379ar8035_firmwareqcm2290qsm8250_firmwarewcn3991_firmwaremdm9150_firmwarewsa8830sd678sa8145p_firmwareqcs2290_firmwarefsm10056sd7c_firmwarecsrb31024mdm9628_firmwaremdm9650sd_636csra6620fsm10055_firmwareqcs4290mdm9250sd765g_firmwareqca6420_firmwareqca6390_firmwareapq8009_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwareqca6564qca6426qca6584au_firmwarewcn3990_firmwareqca9984_firmwareqca9377sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewhs9410wcd9326_firmwarewcn3615_firmwaresd662sa8155qca6320_firmwarewcn3680b_firmwaresdx55_firmwarewcn3615qca6595auwcn3999_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwaremdm9207wcd9306qca6584ausd778gqca6564au_firmwaremsm8208sa6155p_firmwareqca6310sa515m_firmwaresdxr2_5gqca9367sdm630mdm9607_firmwaresa415m_firmwarewcn3988_firmwaresd205sa6145p_firmwareqca6421sd778g_firmwaresm6250sd712_firmwaresa8195pwsa8810_firmwaresd765_firmwarewcd9326wcd9335qca6174a_firmwareqcs4290_firmwarewcd9385qca6390wcd9375sd750g_firmwareaqt1000ar8035sc8180x\+sdx55_firmwaresm6250_firmwaresd210wsa8815_firmwaresd888_5g_firmwarewcn6850_firmwarewsa8835_firmwareqca6564aqcm6125_firmwareqcm2290_firmwarewcn3990sd_675sd865_5gqca6595sdx24sd888wsa8835sd665_firmwaresd888_5gsm6250pqca6574amdm9206wcn6855_firmwareqca6174asm7325pqca6310_firmwarewcn6750mdm9205sa515mqca6574_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665qca6175asd765qca6574a_firmwaresd768g_firmwaremsm8209sd850_firmwareapq8009sd460qca6391sdxr1_firmwareaqt1000_firmwareqcm4290csrb31024_firmwaresdx50msd480_firmwaresd_455qca6574ausd710sa8155p_firmwaremdm9607sd205_firmwarewcd9341_firmwareqcm6125wsa8810mdm9150wcn6856sd_8cwcn3680bsd835_firmwareqca6564_firmwaresd768gqca6696sd845_firmwaremsm8608_firmwaresa6150papq8096au_firmwaresd845sm7250psdm830sd720g_firmwareqcs410_firmwareqca6175a_firmwaresd850Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-33115
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.90%
||
7 Day CHG+0.02%
Published-01 Apr, 2024 | 15:05
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in Trusted Execution Environment

Memory corruption while processing buffer initialization, when trusted report for certain report types are generated.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1010_firmwarerobotics_rb3sd865_5gqca6595wcd9370qca8081_firmwaresnapdragon_670_mobileqca6696wcd9340_firmwarewcd9341_firmwarewcd9395_firmwareqcc710_firmwareqca6426wcn6740_firmwarefastconnect_6700snapdragon_780g_5g_mobilesnapdragon_x50_5g_modem-rf_firmwaresnapdragon_782g_mobile_firmwarewsa8832_firmwareqca8337qdu1110qca6426_firmwarewcd9395sc8180xp-aaabqca6574au_firmwareqam8295pwcd9341qca6574auwcd9390snapdragon_888\+_5g_mobile_firmwaresa8620p_firmwarewsa8810_firmwarewsa8845h_firmwaresnapdragon_778g_5g_mobile_firmwaresa9000p_firmwaresc8180xp-acafsrv1hsnapdragon_850_mobile_computefastconnect_6800_firmwareqcs5430qcm5430qcm5430_firmwaresa8770psnapdragon_678_mobile_firmwaressg2115pqcc710snapdragon_xr2_5g_firmwaresa8540pqsm8350_firmwarefastconnect_6900qru1032_firmwareqep8111sa7255pqfw7114wcd9385_firmwareqca6421qca6310qam8255p_firmwaresa8155_firmwareqca6335snapdragon_x65_5g_modem-rfwsa8845sa6155pqca6421_firmwaresc8180x-adqca6564au_firmwarewsa8810qam8650pvideo_collaboration_vc5_platform_firmwaresa9000pqdu1000_firmwaresrv1h_firmwaresnapdragon_888_5g_mobile_firmwareqca6595ausnapdragon_888_5g_mobilesxr2250p_firmwaresm7315_firmwareqdu1010wcd9326_firmwaresa6155p_firmwaresnapdragon_845_mobile_firmwarewsa8840srv1m_firmwaresnapdragon_x35_5g_modem-rf_firmwaresnapdragon_782g_mobileqdu1210_firmwaresnapdragon_x55_5g_modem-rfqfw7124_firmwareqca6436_firmwareqcn9012snapdragon_x55_5g_modem-rf_firmwaresnapdragon_7c\+_gen_3_compute_firmwareqca6420wcd9370_firmwareqdu1110_firmwareqdu1000sa7255p_firmwareqca6574aqca6174awcd9340qcs8250_firmwareqdu1210snapdragon_auto_5g_modem-rf_gen_2qca6335_firmwareqcm6490sa8540p_firmwaresxr2250psnapdragon_765_5g_mobile_firmwarevision_intelligence_300_firmwaresa8775pqca6574sxr2230p_firmwaresd675_firmwaresnapdragon_855_mobile_firmwareqca6430_firmwareqcn9011sa8775p_firmwareqamsrv1hsdx57mwsa8845hwcd9326sa8155p_firmwareqca6564asa8155psnapdragon_765g_5g_mobile_firmwarewsa8830sa6145psnapdragon_768g_5g_mobile_firmwaresa8255p_firmwarear8035qamsrv1m_firmwaresa6155qrb5165m_firmwaresa8650p_firmwareqcn6224snapdragon_865\+_5g_mobile_firmwareqca6698aqwcn3950_firmwaressg2125p_firmwareqrb5165nfastconnect_6200sd670sm7325p_firmwaresc8180x-acaf_firmwareqdx1011sa8150p_firmwarefastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwarewcn3990robotics_rb3_firmwaresnapdragon_x75_5g_modem-rf_firmwaresd670_firmwaresnapdragon_8_gen_3_mobilesnapdragon_855_mobileqcs6490qcs8250sc8180xp-acaf_firmwaresnapdragon_778g_5g_mobilefastconnect_6200_firmwarewsa8830_firmwareqcn6224_firmwareqca6431qca6678aq_firmwarewsa8845_firmwarewsa8832sdx57m_firmwaresxr2130_firmwaresrv1mqca6678aqsnapdragon_860_mobile_firmwaresnapdragon_x35_5g_modem-rfar8035_firmwaresc8180xp-aaab_firmwaresnapdragon_778g\+_5g_mobileqrb5165msc8380xpsd888_firmwareqca6564ausc8180xp-adsc8280xp-abbbwsa8815_firmwareqca8337_firmwareqca9377_firmwareqcm6490_firmwaresm7250p_firmwareqru1032vision_intelligence_400_firmwarewcn3950flight_rb5_5gsnapdragon_870_5g_mobile_firmwareqca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_7c\+_gen_3_computesnapdragon_778g\+_5g_mobile_firmwaresa8295p_firmwaresnapdragon_870_5g_mobilesd_675_firmwaresnapdragon_678_mobilesm7250psc8180x-acafsa8155sd_8cx_firmwaresc8180x-ad_firmwareqca6584ausd888qcn6274_firmwareqcn9011_firmwareqru1062_firmwaresnapdragon_850_mobile_compute_firmwaresnapdragon_675_mobile_firmwarewcn6740snapdragon_768g_5g_mobilesc8380xp_firmwaresnapdragon_780g_5g_mobile_firmwareqru1062qca6310_firmwaresnapdragon_845_mobilesnapdragon_8_gen_3_mobile_firmwarefastconnect_6800qfw7114_firmwareqcs7230qca6595_firmwarefastconnect_7800_firmwaresnapdragon_675_mobilesnapdragon_865_5g_mobile_firmwarefastconnect_6900_firmwarerobotics_rb5_firmwarewcd9380sa6145p_firmwareqam8255psa6155_firmwaresxr2230psnapdragon_xr2_5gsa8150psnapdragon_x24_lte_modemsc8180x-aaabsxr1230psc8180x-aaab_firmwarevideo_collaboration_vc3_platformaqt1000qam8295p_firmwaresd855qca6431_firmwarewcn3990_firmwaresm7315qca6698aq_firmwareqca6564a_firmwarewcd9385snapdragon_888\+_5g_mobileqsm8350snapdragon_8_gen_1_mobilesa8255pqcs7230_firmwaresxr1230p_firmwarewcd9390_firmwaresnapdragon_865\+_5g_mobileqep8111_firmwareqca6430snapdragon_855\+_mobilesnapdragon_765_5g_mobileqdx1011_firmwaresnapdragon_860_mobilesc8180xp-ad_firmwaresdx55_firmwareflight_rb5_5g_firmwaressg2125pqru1052sxr2130snapdragon_x65_5g_modem-rf_firmwareqamsrv1mrobotics_rb5qca6174a_firmwaresm7325psnapdragon_x50_5g_modem-rfqam8650p_firmwarevideo_collaboration_vc5_platformsnapdragon_670_mobile_firmwareqca6420_firmwareaqt1000_firmwareqcs6490_firmwaresd855_firmwarewcn3980_firmwareqrb5165n_firmwareqca6436qca6584au_firmwareqcn6274snapdragon_x24_lte_modem_firmwarewsa8835qca6391_firmwarewsa8840_firmwareqfw7124qca6595au_firmwareqdu1010_firmwareqca6696_firmwarewcd9380_firmwareqca6574_firmwareqca8081wsa8815sd_8_gen1_5gqam8775pqca9377snapdragon_ar2_gen_1_firmwareqca6797aqsnapdragon_x75_5g_modem-rfsa8620pqca6574a_firmwaresdx55snapdragon_865_5g_mobilesnapdragon_855\+_mobile_firmwaresd675sd_8_gen1_5g_firmwarewcd9375_firmwareqca6391qcn9012_firmwareqcs5430_firmwareqru1052_firmwaresa8770p_firmwaresa8295psc8280xp-abbb_firmwarefastconnect_7800sa8650pqam8775p_firmwaresd865_5g_firmwarewcd9375vision_intelligence_300snapdragon_ar2_gen_1snapdragon_765g_5g_mobileqamsrv1h_firmwaresd_675sd_8cxvision_intelligence_400ssg2115p_firmwarewsa8835_firmwarewcn3980qdx1010snapdragon_8_gen_1_mobile_firmwareSnapdragonqam8255p_firmwareqca9377_firmwaresnapdragon_850_mobile_compute_platform_firmwaresxr2230p_firmwaresnapdragon_x24_lte_modem_firmwareqca6431_firmwareflight_rb5_5g_platform_firmwareqcn6224_firmwarewcn3950_firmwaresnapdragon_888_5g_mobile_platform_firmwaresa8150p_firmwareqca6420_firmwareqca6595au_firmwaresd_675_firmwaresd675_firmwareqcm5430_firmwareqca6584au_firmwareqep8111_firmwareqrb5165n_firmwarewcn3990_firmwarequalcomm_video_collaboration_vc3_platform_firmwaresd_8cx_firmwarewcd9385_firmwarewcd9326_firmwareqamsrv1h_firmwaresd_8_gen1_5g_firmwareqsm8350_firmwareqam8295p_firmwareqcn9011_firmwaresa9000p_firmwaresm7315_firmwareqca6574au_firmwaresdx55_firmwarewcd9375_firmwareqca8081_firmwaresa6155_firmwarewsa8845h_firmwaresm7250p_firmwareqca6436_firmwareqca6564au_firmwaresa8620p_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqca6678aq_firmwaresa8775p_firmwareqrb5165m_firmwarewsa8840_firmwaresa8155_firmwarerobotics_rb3_platform_firmwaresc8380xp_firmwarevision_intelligence_300_platform_firmwareqru1062_firmwaresa6145p_firmwarefastconnect_6700_firmwarewsa8810_firmwaresnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwarewcd9395_firmwareqdu1000_firmwareqca6698aq_firmwareqca6174a_firmwaresa8770p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqam8775p_firmwaresxr2130_firmwareqca6696_firmwareqcs6490_firmwareqru1052_firmwaresnapdragon_855_mobile_platform_firmwareqcc710_firmwarevision_intelligence_400_platform_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewsa8815_firmwarewsa8835_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwaresa8295p_firmwaresxr2250p_firmwaresnapdragon_675_mobile_platform_firmwarerobotics_rb5_platform_firmwareqca8337_firmwarewcd9380_firmwaresnapdragon_778g_5g_mobile_platform_firmwareqcs7230_firmwareqdu1010_firmwaresnapdragon_670_mobile_platform_firmwaresd670_firmwaresxr1230p_firmwareqdu1110_firmwaresa8540p_firmwaressg2125p_firmwareqca6310_firmwareqca6430_firmwareqcn9012_firmwareqfw7114_firmwareqca6335_firmwareqca6574_firmwarewcd9340_firmwaresm7325p_firmwaresdx57m_firmwareqru1032_firmwaresnapdragon_xr2_5g_platform_firmwarewsa8845_firmwareqca6426_firmwareqca6574a_firmwarefastconnect_6200_firmwarewcn3980_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresnapdragon_x50_5g_modem-rf_system_firmwareqca6421_firmwareaqt1000_firmwarewcn6740_firmwaresnapdragon_x35_5g_modem-rf_system_firmwaresnapdragon_845_mobile_platform_firmwareqcn6274_firmwareqcm6490_firmwaresa8650p_firmwarewsa8832_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwaresrv1h_firmwareqca6797aq_firmwaresa8155p_firmwareqdx1011_firmwareqca6564a_firmwaresa7255p_firmwareqcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwareqdx1010_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqamsrv1m_firmwaresrv1m_firmwareqam8650p_firmwareqca6595_firmwareqcs5430_firmwareqca6391_firmwarewcd9370_firmwarequalcomm_video_collaboration_vc5_platform_firmwaresd888_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwaressg2115p_firmwareqfw7124_firmwareqdu1210_firmwarear8035_firmware
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2019-2277
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.76%
||
7 Day CHG~0.00%
Published-22 Jul, 2019 | 13:47
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound read can happen due to lack of NULL termination on user controlled data in WLAN in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MSM8996AU, QCS405, QCS605, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_427_firmwaresd_712sd_850sd_855sd_730_firmwaresd_820asd_675msm8996au_firmwaresd_670_firmwaresd_425sdm660sdx24sd_430_firmwaresd_710_firmwaresd_435sd_636sdm630qcs405sd_625sd_210msm8996ausd_636_firmwaresd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaresd_425_firmwaresd_730sd_212_firmwaresd_665sd_850_firmwaresdx24_firmwaresd_625_firmwaresd_450qcs405_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_845sd_427qcs605sd_430sd_670sd_435_firmwaresd_835_firmwaresd_710sd_835sd_205sda660sd_210_firmwaresd_665_firmwaresd_205_firmwaresdm660_firmwaresd_212sd_855_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-2306
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.25%
||
7 Day CHG~0.00%
Published-25 Jul, 2019 | 16:33
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper casting of structure while handling the buffer leads to out of bound read in display in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632sd_820asd_675msm8996au_firmwaresd_670_firmwaresdm439mdm9650sd_636sd_615_firmwaremsm8909w_firmwaremsm8996ausd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_425_firmwaresd_665sd_625_firmwaresd_450sd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sd_210_firmwaresd_415_firmwaremsm8909wsd_665_firmwaresd_616_firmwaresd_205_firmwaresd_415sd_212sd_427_firmwaresd_712sd_855sd_730_firmwarequalcomm_215sdx20sd_616sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_615sd_710_firmwaresdm630qcs405sd_625sd_820_firmwaresd_210mdm9607sd_636_firmwarequalcomm_215_firmwaremdm9150sd_730sd_212_firmwaresd_850_firmwaresdm439_firmwareqcs405_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_430sd_427sd_670sd_435_firmwaresdx20_firmwaresd_710sd_205sdm660_firmwaresd_855_firmwareSnapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2019-2301
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.76%
||
7 Day CHG~0.00%
Published-25 Jul, 2019 | 16:33
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possibility of out-of-bound read if id received from SPI is not in range of FIFO in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9980, QCS605, Qualcomm 215, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 712 / SD 710 / SD 670, SD 820A, SD 845 / SD 850, SD 855, SDM439, SDM660, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_712sd_850sd_632sd_855sd_820aqualcomm_215qca9980_firmwaremsm8996au_firmwaresd_439sd_670_firmwaresd_425sd_429sdm660sdm439sd_710_firmwaresdx24sd_636sd_625msm8909w_firmwaremsm8996auqca9980sd_636_firmwaresd_450_firmwaresd_845_firmwaresd_439_firmwaresd_820a_firmwarequalcomm_215_firmwaresd_429_firmwareqcs605_firmwareipq4019_firmwaresd_425_firmwaresd_850_firmwaresdx24_firmwaresd_625_firmwaresd_450sdm439_firmwaresdm660_firmwaresd_712_firmwaresd_845qcs605ipq4019sd_670sd_632_firmwaresd_710ipq8064msm8909wipq8064_firmwaresd_855_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-30257
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.09% / 27.24%
||
7 Day CHG~0.00%
Published-20 Oct, 2021 | 06:31
Updated-03 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound read or write in VR service due to lack of validation of DSP selection values in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830sd678sm7250qcs2290_firmwaresm7250_firmwaresd_636qcs4290wcn3950_firmwaresd765g_firmwareqca6420_firmwareqcs2290qca6390_firmwaremsm8917sd690_5gsd730_firmwarewcd9370qcs605_firmwaresd_675_firmwaresd675_firmwareqcs6125_firmwareqca6426sd632wcn3998wcd9385_firmwaresdxr2_5g_firmwarewcn3950sm4125sd720gwcn3615_firmwarewcn3660bsd662sd460_firmwarewcn3680b_firmwaresdx55_firmwarewcd9375_firmwarewcn3615wcn3998_firmwareqca6420qca6436_firmwareapq8053_firmwaresd778gqcs6490sd429sdxr2_5gqcs6125sd662_firmwaresdm630wcn3988_firmwareqca6430sd429_firmwaresm6250sd778g_firmwareapq8017_firmwarequalcomm215_firmwaresd765gsd765_firmwareqca6436wcn6851qcs4290_firmwarewcd9385qcs6490_firmwaresd750gsd870_firmwareqca6390wcd9375sd750g_firmwareaqt1000wcn3910_firmwaresm6250_firmwaremsm8953_firmwarewsa8830_firmwaremsm8917_firmwaresd855_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewsa8835_firmwareapq8017wcn6750_firmwareqcm6125_firmwareqcm2290_firmwarewcn3991wcd9380_firmwaresd_675sd780gsd865_5gsdx55m_firmwarewcn6856_firmwaresd888wsa8835sd632_firmwaresd665_firmwarewcd9380sd888_5gqualcomm215sd690_5g_firmwaresdx50m_firmwarewcn6855_firmwaresm7325qca6430_firmwarewcn6750sd439_firmwareqcs605sd855sm4125_firmwarewcn6850sd665wcn3910sd765qca6426_firmwarewcn3660b_firmwarewcn3680sd768g_firmwaresd730sd460qca6391sdx55msdxr1_firmwareaqt1000_firmwarewcn6740_firmwaremsm8953sd678_firmwareqcm4290qcm6490_firmwaresdx50mwcn3680_firmwaresd480_firmwarewcn6851_firmwaresd_636_firmwareqcm6125qcm4290_firmwaresd480sd870wcn6855wcn6856wcn3680bsdxr1sd768gwcn6740sdm630_firmwareqca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55sd888_firmwareapq8053sd675sd439sd720g_firmwareqcm2290sm7325_firmwareSnapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-30336
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.03% / 7.65%
||
7 Day CHG~0.00%
Published-03 Jan, 2022 | 07:26
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound read due to lack of domain input validation while processing APK close session request in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830sd678sa6150p_firmwaresa8145p_firmwareqcs2290_firmwareqcs4290wcn3950_firmwaresa8150p_firmwaresd765g_firmwareqcs2290qca6595au_firmwareqca6390_firmwaresa6155sd690_5gsd730_firmwarewcd9370sd_675_firmwaresd675_firmwaresm8450wcd9385_firmwarewcn3950sd720gsm6375_firmwarewcn3660bsd662sd460_firmwaresa8155sm7315_firmwareqca6574au_firmwareqca6595ausa6155_firmwarewcd9375_firmwaresm7250p_firmwarewcn3610_firmwaresd778gsa6155p_firmwaresm6225qcs6490sa8155_firmwaresd662_firmwarewcn3988_firmwaresa6145p_firmwaresm6250sd778g_firmwaresa8195pqualcomm215_firmwaresd765gsm8450_firmwaresd765_firmwarewcn6851sa6155pqcs4290_firmwarewcd9385qca6696_firmwareqcs6490_firmwaresd750gsd870_firmwareqca6390wcd9375sd750g_firmwarewcn3910_firmwaresa8150psm6250_firmwarewsa8830_firmwaresda429wsd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewsa8835_firmwaresa8195p_firmwarewcn6750_firmwarewcn3610qcm2290_firmwaresm6375wcn3991sda429w_firmwarewcd9380_firmwaresd_675sd780gsd865_5gsdx55m_firmwarewcn6856_firmwaresm8450p_firmwaresd888wsa8835qca6574sd665_firmwarewcd9380sd888_5gqualcomm215qca6574asd690_5g_firmwarewcn6855_firmwaresm7325pwcn6750qca6574_firmwaresm7325p_firmwaresd665wcn3910wcn6850sd765wcn3660b_firmwareqca6574a_firmwaresd768g_firmwaresm7315sd730sd460qca6391sdx55msdxr1_firmwarewcn6740_firmwaresd678_firmwareqcm4290qcm6490_firmwaresd480_firmwarewcn6851_firmwaresm6225_firmwareqca6574ausa8155p_firmwareqcm4290_firmwaresd480sd870sm8450pwcn6855wcn6856sa6145psdxr1sd768gsa8145pwcn6740qca6696qca6391_firmwaresd780g_firmwarewcd9370_firmwaresa6150psd888_firmwaresa8155psd675sm7250psd720g_firmwareqcm2290Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-33047
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.04% / 10.69%
||
7 Day CHG~0.00%
Published-02 Sep, 2024 | 10:22
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in Display

Memory corruption when the captureRead QDCM command is invoked from user-space.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm429w_firmwareqcs5430wsa8845_firmwaresnapdragon_7c\+_gen_3wsa8840wsa8845hwcd9380_firmwarewcd9370qcm5430qcm5430_firmwaresnapdragon_429_firmwarewsa8830wcd9385sc8380xpsnapdragon_8cx_gen_3_firmwaresc8380xp_firmwarefastconnect_6700wcn3620wcd9375_firmwarefastconnect_6900fastconnect_7800_firmwaresnapdragon_7c\+_gen_3_firmwarewcd9370_firmwareqcs5430_firmwarewcd9385_firmwarefastconnect_6900_firmwaresnapdragon_8cx_gen_3wcd9380qcm6490_firmwarewcn3660bwcn3620_firmwarefastconnect_7800wcd9375qcm6490wsa8845fastconnect_6700_firmwarewsa8845h_firmwaresnapdragon_429video_collaboration_vc3_platform_firmwareqcs6490_firmwarewsa8835_firmwaresdm429wqcs6490wcn3660b_firmwarewsa8835wsa8840_firmwarewsa8830_firmwarevideo_collaboration_vc3_platformSnapdragonqcm5430_firmwarewcd9380_firmwareqcs6490_firmwareqcm6490_firmwareqcs5430_firmwarewsa8840_firmwarequalcomm_video_collaboration_vc3_platform_firmwarewcd9385_firmwarefastconnect_6900_firmwarewcd9370_firmwaresc8380xp_firmwarewsa8830_firmwarewsa8845_firmwarewcn3620_firmwaresdm429w_firmwarefastconnect_6700_firmwarewcn3660b_firmwarewsa8835_firmwaresnapdragon_429_mobile_platform_firmwarefastconnect_7800_firmwarewcd9375_firmwarewsa8845h_firmware
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2019-14123
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.12% / 32.26%
||
7 Day CHG~0.00%
Published-30 Jul, 2020 | 11:40
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow and over read possible due to missing bounds checks for fixed limits if we consider widevine HLOS client as non-trustable in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-kamorta_firmwareqcs404sxr2130_firmwarerennellsc7180rennell_firmwareqcs404_firmwaresm8250_firmwaresdx55sm7150_firmwaresm6150_firmwaresm8250sm6150sc7180_firmwarekamortasdx55_firmwaresm7150sxr2130Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
CVE-2019-10584
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.95%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 05:25
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possibility of out of bound access in debug queue, if packet size field is corrupted in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCN7605, QCS405, QCS605, QM215, SA6155P, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaremdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwareapq8098qcn7605mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009apq8053_firmwaresda845nicobarsa6155p_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwareqcs405sdm710qm215mdm9607apq8017_firmwaresdm710_firmwareqcn7605_firmwaresa6155pmsm8937mdm9207c_firmwaremdm9207csm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwaresdm630_firmwaresda660_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250msm8998sm8150sdx20_firmwareapq8017nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-10563
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.95%
||
7 Day CHG~0.00%
Published-21 Nov, 2019 | 14:38
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer over-read can occur in fast message handler due to improper input validation while processing a message from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, APQ8096AU, MSM8996AU, MSM8998, QCN7605, QCS405, QCS605, SDA660, SDM636, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdx24_firmwaresdm636_firmwareapq8096ausdm636msm8996au_firmwareqcs405_firmwaresdm660_firmwaresda660_firmwaresdx20msm8998_firmwareqcn7605sdm660sdx24qcs605qcs405apq8053apq8096au_firmwaremsm8996aumsm8998sdx20_firmwaresda660qcn7605_firmwareapq8053_firmwareqcs605_firmwareSnapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
CVE-2019-10507
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.76%
||
7 Day CHG~0.00%
Published-30 Sep, 2019 | 15:40
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of check of extscan change results received from firmware can lead to an out of buffer read in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS605, SD 210/SD 212/SD 205, SD 425, SD 430, SD 600, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresd_850mdm9150_firmwaremdm9640_firmwaresd_820asd_675msm8996au_firmwaresd_670_firmwaresdx24mdm9650sd_636msm8996ausd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206qca9379_firmwareqca6174asd_425_firmwaresd_665sdx24_firmwaresd_625_firmwareqca9377sd_845mdm9206_firmwareqcs605mdm9640sd_835_firmwaremdm9650_firmwaresd_835qca6574au_firmwaresda660sd_210_firmwaresd_600sd_665_firmwaresd_205_firmwaresd_212sd_712sd_855sd_730_firmwaresdx20sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_710_firmwaresdm630sd_625qca6574ausd_210mdm9607sd_636_firmwaremdm9150qca6174a_firmwaresd_730sd_212_firmwaresd_850_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_430sd_670sd_710sdx20_firmwaresd_600_firmwaresd_205qca9379sdm660_firmwaresd_855_firmwareSnapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-10564
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.95%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 05:25
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible OOB issue in EEPROM due to lack of check while accessing memory map array at the time of reading operation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, MSM8909W, MSM8917, MSM8953, Nicobar, QCS405, QCS605, QM215, SA6155P, SDA845, SDM429, SDM439, SDM450, SDM632, SDM670, SDM710, SDM845, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa6155p_firmwaremsm8953sdm450sdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439sm8250_firmwaresdm429qcs405sm7150_firmwaresdm710msm8909w_firmwareqm215sm6150sdm710_firmwareapq8009sm7150apq8009_firmwaremsm8917sa6155psdm670sxr2130qcs605_firmwaresdm670_firmwaresm8150_firmwaresdx24_firmwaresxr2130_firmwaresdm439_firmwareqcs405_firmwaresda845_firmwareqm215_firmwareqcs605sdx55msm8953_firmwareapq8053sm6150_firmwaresm8250msm8917_firmwaresdm429_firmwaresm8150sxr1130_firmwaresdx55_firmwarenicobar_firmwaremsm8909wsxr1130apq8053_firmwaresda845nicobarsdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-40524
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 3.45%
||
7 Day CHG~0.00%
Published-05 Sep, 2023 | 06:23
Updated-03 Aug, 2024 | 12:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer over-read in Modem

Memory corruption due to buffer over-read in Modem while processing SetNativeHandle RTP service.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwarewsa8830sa6150p_firmwaresa8145p_firmwaresw5100psd865_5gqcc5100sdx55m_firmwarewsa8835wcd9380sa8150p_firmwareqca6420_firmwareqca6595au_firmwareqca6390_firmwareqca6426qca6430_firmwarewcn3980wcn3998sdxr2_5g_firmwaresd855wcn3660bwcn6850wsa8815qca6426_firmwarewcn3660b_firmwareqca6574au_firmwarewcn3680b_firmwareqca6595auwcn3998_firmwarewcn3980_firmwareqca6391sdx55mqca6420qca6436_firmwareqcc5100_firmwareaqt1000_firmwaresa6155p_firmwaresdxr2_5gwcn6851_firmwarewcn3988_firmwareqca6430qca6574ausa6145p_firmwaresa8155p_firmwaresa8195pwsa8810_firmwarewcd9341_firmwaresw5100sd870wsa8810qca6436wcn6851sa6155psw5100p_firmwaresa6145pwcn3680bwcd9341qca6696_firmwaresa8145psd870_firmwareqca6696qca6391_firmwareqca6390aqt1000sa8150psa6150psa8155pwsa8830_firmwaresd855_firmwaresd865_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresw5100_firmwareSnapdragon
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-33056
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.03% / 6.55%
||
7 Day CHG~0.00%
Published-02 Dec, 2024 | 10:18
Updated-12 Dec, 2024 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in MProc

Memory corruption when allocating and accessing an entry in an SMEM partition continuously.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_850_mobile_compute_platform_firmwaresm6250p_firmwareqfw7124sg8275p_firmwareipq8173_firmwareqam8775pqamsrv1mqru1052snapdragon_888_5g_mobile_platformqxm8083wcn6755_firmwareqca6595au_firmwaresa6155video_collaboration_vc3_platformsnapdragon_480_5g_mobile_platformsd_455_firmwarehome_hub_100_platformsnapdragon_460_mobile_platform_firmwareqcs6125_firmwaresnapdragon_480_5g_mobile_platform_firmwaremsm8108wcd9371_firmwaremsm8108_firmwaresm4125immersive_home_316_platform_firmwareqsm8350_firmwaresnapdragon_460_mobile_platformqsm8350sd460_firmwaresnapdragon_660_mobile_platform_firmwaresm7315_firmwaresnapdragon_429_mobile_platform_firmwaresnapdragon_695_5g_mobile_platform_firmwaresdx71m_firmwaresnapdragon_636_mobile_platformqca8081_firmwareqca6420snapdragon_auto_5g_modem-rf_firmwareipq8070_firmwareipq8065ipq8078a_firmwaremdm8207ipq8072_firmwareqca0000sa8155_firmwarerobotics_rb3_platform_firmwareqca4004_firmwareipq8068sm8635qca6430snapdragon_630_mobile_platformsnapdragon_678_mobile_platform_firmwareqts110wcd9306_firmwaresa7775p_firmwaresdx65mwcd9340snapdragon_8cx_compute_platformsnapdragon_765_5g_mobile_platform_firmwareqca6698aq_firmwaremsm8209_firmwaresnapdragon_690_5g_mobile_platformipq5312mdm9250_firmwareqca6696_firmwarewcd9371qru1052_firmwaresd_8cxsa8150pqca4004sd660sd865_5g_firmwaresd660_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwaresnapdragon_7c_gen_2_compute_platform_firmwareimmersive_home_216_platform_firmwaresa8770psnapdragon_730_mobile_platform_firmwaresnapdragon_750g_5g_mobile_platform_firmwaresnapdragon_675_mobile_platform_firmwareqca6428_firmwaresnapdragon_778g_5g_mobile_platform_firmwaressg2125psdm429wipq8078ipq81739205_lte_modemsnapdragon_670_mobile_platform_firmwaresd670_firmwareqca6574qdu1110_firmwaresnapdragon_7c\+_gen_3_computesnapdragon_x72_5g_modem-rf_system_firmwareqcs410snapdragon_210_processormdm9205ssxr1230pvideo_collaboration_vc3_platform_firmwareqcn9274_firmwarewsa8845ipq6018_firmwarewcd9340_firmwarewsa8815pmp8074_firmwaresnapdragon_865\+_5g_mobile_platformsnapdragon_630_mobile_platform_firmwareqcs8250sc8380xpsm8750pipq6028ipq8064sd835pmp8074snapdragon_x62_5g_modem-rf_system_firmwareipq9574_firmwaresd730immersive_home_3210_platform_firmwaresa8295p9205_lte_modem_firmwarewcn6740_firmwaresnapdragon_8cx_compute_platform_firmwareqcs4490_firmwareqca6678aqsnapdragon_x65_5g_modem-rf_systemwcn7861_firmwareipq8078_firmwaresa8650p_firmwarefastconnect_6900snapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwaresnapdragon_660_mobile_platformsrv1lsd670qdx1011_firmwaresmart_audio_200_platform_firmwareipq8174_firmwaresdx57msnapdragon_8\+_gen_2_mobile_platformqdx1010_firmwaresw5100p_firmwareqcs610_firmwareipq5302_firmwareqamsrv1m_firmwaresa6145pimmersive_home_214_platformmdm8207_firmwareqcs5430_firmwareqca6787aqsa2150pqca6391_firmwaresnapdragon_750g_5g_mobile_platformsa4150p_firmwareqca4024wcd9370_firmwaresm8550p_firmwareqdx1010sdx55snapdragon_695_5g_mobile_platformvideo_collaboration_vc1_platformsrv1mssg2115p_firmwaresnapdragon_x20_lte_modemqam8620p_firmwareqfw7124_firmwaresnapdragon_1200_wearable_platformqam8255psa4155pqdu1210_firmwareqsm8250_firmwaresnapdragon_480\+_5g_mobile_platformtalynplus_firmwarewsa8830qca6777aqsxr2230p_firmware9207_lte_modemsnapdragon_850_mobile_compute_platformsnapdragon_x24_lte_modem_firmwareqam8650pmdm9628_firmwareflight_rb5_5g_platformmdm9650snapdragon_865_5g_mobile_platformflight_rb5_5g_platform_firmwarefsm10055_firmwareqcs4290snapdragon_x20_lte_modem_firmwaremdm9205s_firmwaresrv1l_firmwaremdm9250qca6420_firmwaresnapdragon_auto_4g_modem_firmwaresd675_firmwareipq8072qca6564qca6426wcn3990_firmwareqrb5165n_firmwaresnapdragon_8_gen_2_mobile_platformqcn9160ipq9554wcn7881_firmwarewcd9326_firmwarefastconnect_6200qamsrv1h_firmwaresnapdragon_7c_gen_2_compute_platformipq8074asa8155snapdragon_x55_5g_modem-rf_systemsnapdragon_835_mobile_pc_platform_firmwaresdx55_firmwaresa7255psnapdragon_208_processor_firmwaresnapdragon_4_gen_2_mobile_platformsnapdragon_8_gen_3_mobile_platformwsa8845h_firmwareqfw7114sm7250p_firmwareqrb5165nwcn7860wcd9306qca6584ausnapdragon_x65_5g_modem-rf_system_firmwaresnapdragon_870_5g_mobile_platformsnapdragon_x72_5g_modem-rf_systemsnapdragon_208_processoripq81749206_lte_modemsm4635wcn3988_firmware315_5g_iot_modemwcn7880_firmwaresrv1hqca6421fastconnect_6700_firmwaresa8195psxr1120qca6694wcd9326snapdragon_x75_5g_modem-rf_systemwcd9335sdx71msnapdragon_auto_5g_modem-rf_gen_2snapdragon_888\+_5g_mobile_platformqcs4290_firmwaresa8770p_firmwaresxr2130_firmwareipq5300qcs6490_firmwareipq9570snapdragon_210_processor_firmwaresm6250_firmwaresnapdragon_712_mobile_platform_firmwaresnapdragon_662_mobile_platformsnapdragon_685_4g_mobile_platformipq5010_firmwareipq8074a_firmwarewsa8815_firmwaresnapdragon_636_mobile_platform_firmwarevideo_collaboration_vc5_platform_firmwaresxr1120_firmwaresxr2250p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwarewcn7880qca6787aq_firmwaresnapdragon_x5_lte_modemrobotics_rb5_platform_firmwaresnapdragon_1100_wearable_platformsd865_5gqca6595qdu1010_firmwaresa8530p_firmwareipq8065_firmwaresxr1230p_firmwaresa8540p_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwareqca8075_firmwaresc8180xsnapdragon_4_gen_2_mobile_platform_firmwaresmart_audio_400_platformipq6005_firmwaresnapdragon_wear_4100\+_platformsxr2130qca6310_firmwareipq8070a_firmwareqru1062sa8650psa9000pqca6574_firmwaresm7325p_firmwaresxr2230pqcn9160_firmware205_mobile_platform_firmwaresnapdragon_xr2_5g_platform_firmwareqca6574a_firmwaresa8775psnapdragon_665_mobile_platformsnapdragon_730g_mobile_platformqrb5165msm7315snapdragon_x55_5g_modem-rf_system_firmwaresnapdragon_8cx_gen_3_compute_platform_firmwaresnapdragon_7c_compute_platform_firmwaresnapdragon_865\+_5g_mobile_platform_firmwaresnapdragon_x35_5g_modem-rf_system_firmwaresnapdragon_690_5g_mobile_platform_firmwaresnapdragon_auto_4g_modemwsa8832_firmwaresnapdragon_xr1_platformipq6028_firmwareipq8072a_firmwaresc8180x_firmwareqcs8250_firmwaresdx20m_firmwaresnapdragon_765g_5g_mobile_platform_firmwaresnapdragon_712_mobile_platformsm8550psnapdragon_8_gen_1_mobile_platform_firmwaresnapdragon_8c_compute_platform_firmwaresdx61qca6564_firmwarewcn6740snapdragon_732g_mobile_platformqcs8550snapdragon_x50_5g_modem-rf_systemqca8075qcs9100snapdragon_8_gen_3_mobile_platform_firmwareqdu1210ipq6000_firmwareqcs410_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_firmwaresnapdragon_wear_1300_platformsnapdragon_7c_compute_platformqts110_firmwarefsm10055qam8255p_firmwaresnapdragon_8_gen_1_mobile_platformsa6150p_firmwareqcs610315_5g_iot_modem_firmwareqca6431_firmwaresnapdragon_778g\+_5g_mobile_platformsnapdragon_870_5g_mobile_platform_firmwaresnapdragon_820_automotive_platform_firmwareqca6777aq_firmwarewcd9360_firmwareqca4024_firmwarewsa8840snapdragon_212_mobile_platformimmersive_home_318_platform_firmwareipq8078aipq5028_firmwaresa8150p_firmwareqcs2290snapdragon_x70_modem-rf_systemqca6335sd_675_firmwareqep8111_firmwareqca6554a_firmwareqam8295pipq8076amdm9628sd_8_gen1_5g_firmwareqca6688aqqca6428qca6574au_firmwareipq8071snapdragon_778g\+_5g_mobile_platform_firmwaresa6155_firmwarewcd9360snapdragon_xr2\+_gen_1_platformsdx20mqca6438_firmwaresnapdragon_782g_mobile_platform_firmwareqca6678aq_firmwarewcn7881smart_audio_400_platform_firmwarewcn3999qrb5165m_firmwareipq5028wsa8840_firmwareqca6698aqqcs6125sa4155p_firmwareipq6010sc8380xp_firmwaresd662_firmwaresnapdragon_765g_5g_mobile_platformqru1062_firmwarerobotics_rb3_platformsnapdragon_855\+snapdragon_8\+_gen_1_mobile_platformsnapdragon_720g_mobile_platformsnapdragon_780g_5g_mobile_platformhome_hub_100_platform_firmwarefsm10056_firmwareqca6436sw5100wcn6755sa6155psm8750_firmwareqdu1000_firmwaresm8750p_firmwaresxr2250psnapdragon_auto_5g_modem-rf_gen_2_firmwarewcd9341qam8775p_firmwareipq8068_firmwaresa8255pqca6431ipq9008_firmwaresnapdragon_x12_lte_modemqca6797aqsnapdragon_855_mobile_platform_firmwarerobotics_rb5_platformwsa8830_firmwaresd855_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewcn3988qca6438snapdragon_780g_5g_mobile_platform_firmwaresnapdragon_685_4g_mobile_platform_firmwaresa8195p_firmwaresa8295p_firmwaremsm8608ipq8072asw5100psnapdragon_8cx_gen_2_5g_compute_platformwcd9330ipq8076a_firmwaresnapdragon_w5\+_gen_1_wearable_platformqca6564auipq9008snapdragon_782g_mobile_platformsnapdragon_wear_4100\+_platform_firmwarefastconnect_6700ipq9554_firmwaresm8635_firmwaresg8275pqca8072_firmwareqca6430_firmwaresm6370_firmwareqfw7114_firmwarewcd9335_firmwaresnapdragon_732g_mobile_platform_firmwareqca6335_firmwareqca6320mdm9650_firmwaresnapdragon_4_gen_1_mobile_platformqxm8083_firmwareqca6426_firmwaresnapdragon_670_mobile_platformsnapdragon_xr2\+_gen_1_platform_firmwarewcd9330_firmwareipq5302ipq8064_firmwaresnapdragon_820_automotive_platformsnapdragon_x50_5g_modem-rf_system_firmwareqca6421_firmwaresmart_audio_200_platformsnapdragon_xr2_5g_platformipq80709206_lte_modem_firmwareqca6797aq_firmwareqdu1010qca6564a_firmwaresa7255p_firmwaresa8620psnapdragon_x24_lte_modemwsa8832sa8540pipq5332snapdragon_8cx_gen_3_compute_platformqsm8250immersive_home_326_platformipq6018snapdragon_730_mobile_platformsm87509207_lte_modem_firmwareqcs4490wcn7860_firmwareqca6595_firmwaresa8145pwcn7861205_mobile_platformsnapdragon_888\+_5g_mobile_platform_firmwaresnapdragon_710_mobile_platform_firmwareimmersive_home_214_platform_firmwaresd888_firmwaresa8155psd675snapdragon_860_mobile_platformqcs8155_firmwareqep8111snapdragon_720g_mobile_platform_firmwaresnapdragon_855_mobile_platformsnapdragon_662_mobile_platform_firmwaresa8145p_firmwareqcs2290_firmwarefsm10056snapdragon_860_mobile_platform_firmwaresnapdragon_888_5g_mobile_platform_firmwareipq6000sd730_firmwarewcd9370ssg2115pqca0000_firmwaresnapdragon_480\+_5g_mobile_platform_firmwareqca6584au_firmwareqdu1110qamsrv1hsa8530psd_8cx_firmwareimmersive_home_216_platformtalynplusimmersive_home_316_platformsnapdragon_1200_wearable_platform_firmwareimmersive_home_318_platformsd662qam8295p_firmwaresa9000p_firmwareqca6320_firmwaresnapdragon_778g_5g_mobile_platformsnapdragon_212_mobile_platform_firmwareqca6595auwcn3999_firmwaresnapdragon_429_mobile_platformqca6436_firmwaresnapdragon_680_4g_mobile_platform_firmwaresnapdragon_w5\+_gen_1_wearable_platform_firmwareipq5010qca6564au_firmwaresa8620p_firmwaresa6155p_firmwareqca6310qcn9274qcs8155snapdragon_855\+_firmwaresnapdragon_x70_modem-rf_system_firmwaresa8775p_firmwareqcs6490snapdragon_x5_lte_modem_firmwarevideo_collaboration_vc5_platformqcs8550_firmwarevision_intelligence_300_platform_firmwaresa6145p_firmwaresm6250wsa8810_firmwarevision_intelligence_400_platformwsa8845hsnapdragon_x62_5g_modem-rf_systemsnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwaresg4150pqcs7230qca8081snapdragon_x35_5g_modem-rf_systemipq8071asa7775psdx65m_firmwareqcs5430qam8620pipq8071a_firmwareqca6174a_firmwareimmersive_home_3210_platformsnapdragon_wear_1300_platform_firmwaresnapdragon_x12_lte_modem_firmwaresnapdragon_665_mobile_platform_firmwareqca6694_firmwarevision_intelligence_400_platform_firmwaresnapdragon_768g_5g_mobile_platform_firmwarewsa8835_firmwareqca6564asa4150psg4150p_firmwareqca6688aq_firmwareqca8072snapdragon_845_mobile_platformsm4635_firmwarewcn3990sd_675qca6554afastconnect_6800qru1032qcs7230_firmwaresnapdragon_835_mobile_pc_platformsnapdragon_8c_compute_platformsd888qdx1011qdu1000immersive_home_326_platform_firmwarewsa8835sdm429w_firmwaresnapdragon_auto_5g_modem-rfsd_8_gen1_5gsm6250psnapdragon_678_mobile_platformsnapdragon_4_gen_1_mobile_platform_firmwaressg2125p_firmwareqca6574aqca6174asm7325pipq8074ipq8076_firmwaresa2150p_firmwaresd855sm4125_firmwareipq8076sdx57m_firmwareqru1032_firmwarewsa8845_firmwarefastconnect_6200_firmwareqcs9100_firmwaremsm8209vision_intelligence_300_platformsd460qca6391snapdragon_710_mobile_platformfastconnect_7800ipq6005snapdragon_845_mobile_platform_firmwareipq5300_firmwareipq9570_firmwaresrv1h_firmwaresd_455video_collaboration_vc1_platform_firmwareipq5312_firmwareipq8074_firmwareqca6574ausa8155p_firmwareipq9574wcd9341_firmwarefastconnect_7800_firmwarewsa8810ipq5332_firmwaresnapdragon_680_4g_mobile_platformsnapdragon_730g_mobile_platform_firmwaresm6370srv1m_firmwaresnapdragon_ar2_gen_1_platformsd835_firmwareqam8650p_firmwaresnapdragon_675_mobile_platformipq6010_firmwareqca6696msm8608_firmwaresa6150psnapdragon_1100_wearable_platform_firmwaresnapdragon_768g_5g_mobile_platformipq8070asnapdragon_765_5g_mobile_platformsm7250psnapdragon_8\+_gen_1_mobile_platform_firmwareipq8071_firmwaresw5100_firmwaresdx61_firmwaresnapdragon_xr1_platform_firmwareSnapdragonqam8255p_firmwaresnapdragon_850_mobile_compute_platform_firmwaresa6150p_firmwaresm6250p_firmware315_5g_iot_modem_firmwaresg8275p_firmwareipq8173_firmwareqca6431_firmwarewcd9360_firmwaresnapdragon_820_automotive_platform_firmwareqca6777aq_firmwareqca4024_firmwareimmersive_home_318_platform_firmwareipq5028_firmwaresa8150p_firmwarewcn6755_firmwareqca6595au_firmwaresd_455_firmwaresd_675_firmwaresnapdragon_460_mobile_platform_firmwareqcs6125_firmwaresnapdragon_480_5g_mobile_platform_firmwareqep8111_firmwareqca6554a_firmwarewcd9371_firmwaremsm8108_firmwareimmersive_home_316_platform_firmwaresd_8_gen1_5g_firmwareqsm8350_firmwaresnapdragon_660_mobile_platform_firmwaresd460_firmwaresm7315_firmwaresnapdragon_429_mobile_platform_firmwaresnapdragon_695_5g_mobile_platform_firmwareqca6574au_firmwaresdx71m_firmwareqca8081_firmwaresa6155_firmwareqca6438_firmwaresnapdragon_auto_5g_modem-rf_firmwareipq8070_firmwareipq8078a_firmwareqca6678aq_firmwaresmart_audio_400_platform_firmwareqrb5165m_firmwarewsa8840_firmwareipq8072_firmwaresa4155p_firmwaresa8155_firmwarerobotics_rb3_platform_firmwareqca4004_firmwaresc8380xp_firmwaresd662_firmwareqru1062_firmwarewcd9306_firmwaresa7775p_firmwarehome_hub_100_platform_firmwarefsm10056_firmwaresm8750_firmwaresm8750p_firmwareqdu1000_firmwareqca6698aq_firmwaremsm8209_firmwaremdm9250_firmwarequalcomm_205_mobile_platform_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqam8775p_firmwareipq8068_firmwareqca6696_firmwareipq9008_firmwareqru1052_firmwaresnapdragon_855_mobile_platform_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwaresd660_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwaresa8295p_firmwareimmersive_home_216_platform_firmwaresnapdragon_750g_5g_mobile_platform_firmwaresnapdragon_675_mobile_platform_firmwareqca6428_firmwarequalcomm_video_collaboration_vc1_platform_firmwaresnapdragon_778g_5g_mobile_platform_firmwareipq8076a_firmwaresnapdragon_670_mobile_platform_firmwaresd670_firmwareqdu1110_firmwareipq9554_firmwaresnapdragon_x72_5g_modem-rf_system_firmwaresm8635_firmwareqca8072_firmwareqca6430_firmwaresm6370_firmwareqcn9274_firmwareqfw7114_firmwarewcd9335_firmwareqca6335_firmwareipq6018_firmwarewcd9340_firmwarepmp8074_firmwaremdm9650_firmwaresnapdragon_630_mobile_platform_firmwareqxm8083_firmwareqca6426_firmwaresnapdragon_x62_5g_modem-rf_system_firmwareipq9574_firmwareimmersive_home_3210_platform_firmwarewcd9330_firmwareipq8064_firmwaresnapdragon_x50_5g_modem-rf_system_firmwareqca6421_firmware9205_lte_modem_firmwarewcn6740_firmwareqcs4490_firmwarewcn7861_firmwareipq8078_firmwaresa8650p_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmware9206_lte_modem_firmwareqca6797aq_firmwareqdx1011_firmwareqca6564a_firmwareipq8174_firmwaresa7255p_firmwaresmart_audio_200_platform_firmwareqdx1010_firmwaresw5100p_firmwareqcs610_firmwareipq5302_firmwareqamsrv1m_firmware9207_lte_modem_firmwarewcn7860_firmwareqca6595_firmwaremdm8207_firmwareqcs5430_firmwareqca6391_firmwaresnapdragon_710_mobile_platform_firmwareimmersive_home_214_platform_firmwaresa4150p_firmwarewcd9370_firmwaresm8550p_firmwarequalcomm_video_collaboration_vc5_platform_firmwaresd888_firmwaressg2115p_firmwareqcs8155_firmwareqam8620p_firmwareqfw7124_firmwaresnapdragon_720g_mobile_platform_firmwareqdu1210_firmwareqsm8250_firmwaretalynplus_firmwaresnapdragon_662_mobile_platform_firmwaresa8145p_firmwaresxr2230p_firmwareqcs2290_firmwaresnapdragon_x24_lte_modem_firmwaremdm9628_firmwareflight_rb5_5g_platform_firmwarefsm10055_firmwaresnapdragon_x20_lte_modem_firmwaremdm9205s_firmwaresrv1l_firmwaresnapdragon_888_5g_mobile_platform_firmwareqca6420_firmwaresd730_firmwaresnapdragon_auto_4g_modem_firmwaresd675_firmwareqca0000_firmwareqca6584au_firmwarewcn3990_firmwareqrb5165n_firmwarequalcomm_video_collaboration_vc3_platform_firmwaresd_8cx_firmwarewcn7881_firmwarewcd9326_firmwareqamsrv1h_firmwaresnapdragon_1200_wearable_platform_firmwareqam8295p_firmwaresa9000p_firmwareqca6320_firmwaresnapdragon_835_mobile_pc_platform_firmwaresdx55_firmwaresnapdragon_208_processor_firmwaresnapdragon_212_mobile_platform_firmwarewcn3999_firmwarewsa8845h_firmwaresm7250p_firmwareqca6436_firmwaresnapdragon_680_4g_mobile_platform_firmwareqca6564au_firmwaresa8620p_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwaresnapdragon_x70_modem-rf_system_firmwaresa8775p_firmwaresnapdragon_x5_lte_modem_firmwareqcs8550_firmwarevision_intelligence_300_platform_firmwarewcn3988_firmwarewcn7880_firmwaresa6145p_firmwarefastconnect_6700_firmwarewsa8810_firmwaresnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwaresdx65m_firmwareqca6174a_firmwareipq8071a_firmwareqcs4290_firmwaresa8770p_firmwaresnapdragon_wear_1300_platform_firmwaresxr2130_firmwareqcs6490_firmwaresnapdragon_x12_lte_modem_firmwaresnapdragon_665_mobile_platform_firmwareqca6694_firmwaresnapdragon_210_processor_firmwaresm6250_firmwaresnapdragon_712_mobile_platform_firmwarevision_intelligence_400_platform_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwarewsa8835_firmwaresnapdragon_636_mobile_platform_firmwaresxr1120_firmwaresxr2250p_firmwaresg4150p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqca6688aq_firmwareqca6787aq_firmwarerobotics_rb5_platform_firmwaresm4635_firmwareqcs7230_firmwareqdu1010_firmwaresa8530p_firmwareimmersive_home_326_platform_firmwareipq8065_firmwaresxr1230p_firmwaresdm429w_firmwaresa8540p_firmwaresnapdragon_4_gen_1_mobile_platform_firmwareqca8075_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaressg2125p_firmwareipq6005_firmwareqca6310_firmwareipq8070a_firmwareipq8076_firmwareqca6574_firmwaresa2150p_firmwaresm4125_firmwaresm7325p_firmwaresdx57m_firmwareqru1032_firmwareqcn9160_firmwaresnapdragon_xr2_5g_platform_firmwarewsa8845_firmwareqca6574a_firmwarefastconnect_6200_firmwareqcs9100_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresnapdragon_x35_5g_modem-rf_system_firmwaresnapdragon_690_5g_mobile_platform_firmwaresnapdragon_845_mobile_platform_firmwareipq5300_firmwarewsa8832_firmwareipq9570_firmwaresrv1h_firmwareipq6028_firmwareipq8072a_firmwareipq5312_firmwareipq8074_firmwaresa8155p_firmwareqcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwaresdx20m_firmwareipq5332_firmwaresnapdragon_8_gen_1_mobile_platform_firmwaresrv1m_firmwaresd835_firmwareqam8650p_firmwareqca6564_firmwareipq6010_firmwaremsm8608_firmwaresnapdragon_1100_wearable_platform_firmwaresnapdragon_8_gen_3_mobile_platform_firmwareipq6000_firmwareipq8071_firmwaresw5100_firmwareqcs410_firmwaresdx61_firmwaresnapdragon_xr1_platform_firmwareqts110_firmware
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-45546
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.31%
||
7 Day CHG~0.00%
Published-06 Jan, 2025 | 10:33
Updated-13 Jan, 2025 | 21:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Windows Host

Memory corruption while processing FIPS encryption or decryption IOCTL call invoked from user-space.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wsa8840_firmwarefastconnect_7800qcc2073_firmwareqcc2076qcc2076_firmwarewsa8845hfastconnect_7800_firmwarewsa8845h_firmwarewcd9380_firmwarewcd9385_firmwarefastconnect_6900_firmwarewcd9380qcc2073wcd9385fastconnect_6900sc8380xp_firmwaresc8380xpwsa8845_firmwarewsa8840wsa8845Snapdragon
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-15825
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 5.68%
||
7 Day CHG~0.00%
Published-18 Sep, 2018 | 18:00
Updated-05 Aug, 2024 | 20:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing a gpt update, an out of bounds memory access may potentially occur.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-11035
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.69%
||
7 Day CHG~0.00%
Published-16 Nov, 2017 | 22:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, possible buffer overflow or information leak in the functions "sme_set_ft_ies" and "csr_roam_issue_ft_preauth_req" due to incorrect initialization of WEXT callbacks and lack of the checks for buffer size.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-125
Out-of-bounds Read
CVE-2001-1487
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.11% / 29.44%
||
7 Day CHG~0.00%
Published-21 Jun, 2005 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

popauth utility in Qualcomm Qpopper 4.0 and earlier allows local users to overwrite arbitrary files and execute commands as the pop user via a symlink attack on the -trace file option.

Action-Not Available
Vendor-n/aQualcomm Technologies, Inc.
Product-qpoppern/a
CVE-2018-5834
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.07% / 22.66%
||
7 Day CHG~0.00%
Published-06 Jul, 2018 | 17:00
Updated-16 Sep, 2024 | 17:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In __wlan_hdd_cfg80211_vendor_scan(), a buffer overwrite can potentially occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-5851
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.00%
||
7 Day CHG~0.00%
Published-12 Jun, 2018 | 20:00
Updated-16 Sep, 2024 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer over flow can occur while processing a HTT_T2H_MSG_TYPE_TX_COMPL_IND message with an out-of-range num_msdus value in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-129
Improper Validation of Array Index
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-5918
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.72%
||
7 Day CHG~0.00%
Published-28 Nov, 2018 | 15:00
Updated-05 Aug, 2024 | 05:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow in DRM Trusted application due to lack of check function return values in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24, SXR1130.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_820asd_412msm8996au_firmwaresd_415sd_616sd_425sdx24sd_430_firmwaremdm9607_firmwaresd_615mdm9650sd_650_firmwaresd_625sd_615_firmwaremsm8909w_firmwaremdm9607msm8996ausd_210sd_650sd_820_firmwaresd_820sd_450_firmwaresd_800sd_845_firmwaresd_410sd_820a_firmwaremdm9206sd_652sd_425_firmwaresd_212_firmwaresd_800_firmwaresd_850_firmwaresdx24_firmwaresd_625_firmwaresd_450sd_412_firmwaresda845_firmwaresda660_firmwaresd_845mdm9206_firmwaresd_430sd_810sd_835_firmwaremdm9650_firmwaresd_410_firmwaresd_835sd_205sda660sxr1130_firmwaresd_210_firmwaresd_415_firmwaresd_652_firmwaresda845sxr1130msm8909wsd_810_firmwaresd_616_firmwaresd_205_firmwaresd_212Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-5848
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.32%
||
7 Day CHG~0.00%
Published-12 Jun, 2018 | 20:00
Updated-17 Sep, 2024 | 00:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the function wmi_set_ie(), the length validation code does not handle unsigned integer overflow properly. As a result, a large value of the 'ie_len' argument can cause a buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLCDebian GNU/LinuxRed Hat, Inc.
Product-enterprise_linux_serverdebian_linuxandroidenterprise_linux_workstationvirtualization_hostenterprise_linux_desktopAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-5907
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.69%
||
7 Day CHG~0.00%
Published-06 Jul, 2018 | 19:00
Updated-16 Sep, 2024 | 22:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow in msm_adsp_stream_callback_put due to lack of input validation of user-provided data that leads to integer overflow in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-5825
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.25%
||
7 Day CHG~0.00%
Published-03 Apr, 2018 | 17:00
Updated-16 Sep, 2024 | 22:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in the kernel IPA driver, a Use After Free condition can occur.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-416
Use After Free
CVE-2018-5893
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 5.68%
||
7 Day CHG~0.00%
Published-06 Jul, 2018 | 17:00
Updated-16 Sep, 2024 | 22:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While processing a message from firmware in htt_t2h_msg_handler_fast() in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, a buffer overwrite can occur.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-5854
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.95%
||
7 Day CHG~0.00%
Published-15 Jun, 2018 | 15:00
Updated-16 Sep, 2024 | 19:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow can occur in fastboot from all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-5838
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 5.41%
||
7 Day CHG~0.00%
Published-06 Jul, 2018 | 17:00
Updated-16 Sep, 2024 | 19:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper Validation of Array Index In the adreno OpenGL driver in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear, an out-of-bounds access can occur in SurfaceFlinger.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_820amsm8996au_firmwaresdx20sd_415sd_616sd_425sd_430_firmwaremdm9607_firmwaresd_615mdm9650sd_650_firmwaresd_625sd_615_firmwaremsm8909w_firmwaremdm9607msm8996ausd_210sd_650sd_820_firmwaresd_820sd_450_firmwaresd_800sd_845_firmwaresd_617sd_820a_firmwaremdm9206sd_652sd_425_firmwaresd_212_firmwaresd_800_firmwaresd_625_firmwaresd_450sd_845mdm9206_firmwaresd_430sd_810sd_835_firmwaremdm9650_firmwaresdx20_firmwaresd_600_firmwaresd_205sd_835sd_210_firmwaresd_600sd_415_firmwaresd_652_firmwaremsm8909wsd_810_firmwaresd_616_firmwaresd_205_firmwaresd_212sd_617_firmwareSnapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2018-5857
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.90%
||
7 Day CHG~0.00%
Published-15 Jun, 2018 | 15:00
Updated-16 Sep, 2024 | 16:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the WCD CPE codec, a Use After Free condition can occur in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-416
Use After Free
CVE-2018-5823
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.69%
||
7 Day CHG~0.00%
Published-03 Apr, 2018 | 17:00
Updated-16 Sep, 2024 | 16:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, improper buffer length validation in extscan hotlist event can lead to potential buffer overflow.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-5843
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.00%
||
7 Day CHG~0.00%
Published-12 Jun, 2018 | 20:00
Updated-17 Sep, 2024 | 03:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the function wma_pdev_div_info_evt_handler() in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel, there is no upper bound check on the value event->num_chains_valid received from firmware which can lead to a buffer overwrite of the fixed size chain_rssi_result structure.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-5884
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.10% / 27.57%
||
7 Day CHG~0.00%
Published-06 Jul, 2018 | 17:00
Updated-16 Sep, 2024 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper Access Control in Multimedia in Snapdragon Mobile and Snapdragon Wear, Non-standard applications without permission may acquire permission of Qualcomm-specific proprietary intents.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9206mdm9635m_firmwaresd_212_firmwaresd_625_firmwaremdm9635msd_616mdm9206_firmwaresd_615mdm9607_firmwaremdm9650sd_625sd_615_firmwaresd_210mdm9607sd_835_firmwaremdm9650_firmwaresd_212sd_835sd_205sd_210_firmwaresd_415_firmwaresd_616_firmwaresd_205_firmwaresd_415Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-269
Improper Privilege Management
CVE-2018-5898
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.34%
||
7 Day CHG~0.00%
Published-06 Jul, 2018 | 17:00
Updated-17 Sep, 2024 | 01:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow can occur in msm_pcm_adsp_stream_cmd_put() function if the user supplied data "param_length" goes beyond certain limit in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-5889
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.69%
||
7 Day CHG~0.00%
Published-06 Jul, 2018 | 17:00
Updated-16 Sep, 2024 | 16:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While processing a compressed kernel image, a buffer overflow can occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 28
  • 29
  • Next
Details not found