Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2019-14053

Summary
Assigner-qualcomm
Assigner Org ID-2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At-02 Jun, 2020 | 15:05
Updated At-05 Aug, 2024 | 00:05
Rejected At-
Credits

When attempting to create a new XFRM policy, a stack out-of-bounds read will occur if the user provides a template where the mode is set to a value that does not resolve to a valid XFRM mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8953, MSM8996AU, QCA4531, QCN7605, QCS605, QM215, SA415M, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:qualcomm
Assigner Org ID:2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At:02 Jun, 2020 | 15:05
Updated At:05 Aug, 2024 | 00:05
Rejected At:
â–¼CVE Numbering Authority (CNA)

When attempting to create a new XFRM policy, a stack out-of-bounds read will occur if the user provides a template where the mode is set to a value that does not resolve to a valid XFRM mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8953, MSM8996AU, QCA4531, QCN7605, QCS605, QM215, SA415M, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

Affected Products
Vendor
Qualcomm Technologies, Inc.Qualcomm, Inc.
Product
Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
Versions
Affected
  • APQ8009, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8953, MSM8996AU, QCA4531, QCN7605, QCS605, QM215, SA415M, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130
Problem Types
TypeCWE IDDescription
textN/ABuffer Over-read Issue in HLOS Data
Type: text
CWE ID: N/A
Description: Buffer Over-read Issue in HLOS Data
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.qualcomm.com/company/product-security/bulletins/may-2020-bulletin
x_refsource_CONFIRM
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/may-2020-bulletin
Resource:
x_refsource_CONFIRM
â–¼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.qualcomm.com/company/product-security/bulletins/may-2020-bulletin
x_refsource_CONFIRM
x_transferred
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/may-2020-bulletin
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:product-security@qualcomm.com
Published At:02 Jun, 2020 | 15:15
Updated At:03 Jun, 2020 | 13:55

When attempting to create a new XFRM policy, a stack out-of-bounds read will occur if the user provides a template where the mode is set to a value that does not resolve to a valid XFRM mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8953, MSM8996AU, QCA4531, QCN7605, QCS605, QM215, SA415M, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.1HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Primary2.03.6LOW
AV:L/AC:L/Au:N/C:P/I:N/A:P
Type: Primary
Version: 3.1
Base score: 7.1
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
Type: Primary
Version: 2.0
Base score: 3.6
Base severity: LOW
Vector:
AV:L/AC:L/Au:N/C:P/I:N/A:P
CPE Matches
Qualcomm Technologies, Inc.
qualcomm
>>apq8009>>-
cpe:2.3:h:qualcomm:apq8009:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8009_firmware>>-
cpe:2.3:o:qualcomm:apq8009_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8053>>-
cpe:2.3:h:qualcomm:apq8053:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8053_firmware>>-
cpe:2.3:o:qualcomm:apq8053_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8096au>>-
cpe:2.3:h:qualcomm:apq8096au:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8096au_firmware>>-
cpe:2.3:o:qualcomm:apq8096au_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8098>>-
cpe:2.3:h:qualcomm:apq8098:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8098_firmware>>-
cpe:2.3:o:qualcomm:apq8098_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>ipq4019>>-
cpe:2.3:h:qualcomm:ipq4019:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>ipq4019_firmware>>-
cpe:2.3:o:qualcomm:ipq4019_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>ipq8074>>-
cpe:2.3:h:qualcomm:ipq8074:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>ipq8074_firmware>>-
cpe:2.3:o:qualcomm:ipq8074_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9206>>-
cpe:2.3:h:qualcomm:mdm9206:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9206_firmware>>-
cpe:2.3:o:qualcomm:mdm9206_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9207c>>-
cpe:2.3:h:qualcomm:mdm9207c:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9207c_firmware>>-
cpe:2.3:o:qualcomm:mdm9207c_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9607_firmware>>-
cpe:2.3:o:qualcomm:mdm9607_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9607>>-
cpe:2.3:h:qualcomm:mdm9607:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9640_firmware>>-
cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9640>>-
cpe:2.3:h:qualcomm:mdm9640:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9650_firmware>>-
cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9650>>-
cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8905_firmware>>-
cpe:2.3:o:qualcomm:msm8905_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8905>>-
cpe:2.3:h:qualcomm:msm8905:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8909w_firmware>>-
cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8909w>>-
cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8917_firmware>>-
cpe:2.3:o:qualcomm:msm8917_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8917>>-
cpe:2.3:h:qualcomm:msm8917:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8953_firmware>>-
cpe:2.3:o:qualcomm:msm8953_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8953>>-
cpe:2.3:h:qualcomm:msm8953:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8996au_firmware>>-
cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8996au>>-
cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca4531_firmware>>-
cpe:2.3:o:qualcomm:qca4531_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca4531>>-
cpe:2.3:h:qualcomm:qca4531:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcn7605_firmware>>-
cpe:2.3:o:qualcomm:qcn7605_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcn7605>>-
cpe:2.3:h:qualcomm:qcn7605:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcs605_firmware>>-
cpe:2.3:o:qualcomm:qcs605_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcs605>>-
cpe:2.3:h:qualcomm:qcs605:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qm215_firmware>>-
cpe:2.3:o:qualcomm:qm215_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qm215>>-
cpe:2.3:h:qualcomm:qm215:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sa415m_firmware>>-
cpe:2.3:o:qualcomm:sa415m_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sa415m>>-
cpe:2.3:h:qualcomm:sa415m:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sc8180x_firmware>>-
cpe:2.3:o:qualcomm:sc8180x_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sc8180x>>-
cpe:2.3:h:qualcomm:sc8180x:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sda660_firmware>>-
cpe:2.3:o:qualcomm:sda660_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sda660>>-
cpe:2.3:h:qualcomm:sda660:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sda845_firmware>>-
cpe:2.3:o:qualcomm:sda845_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sda845>>-
cpe:2.3:h:qualcomm:sda845:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm429_firmware>>-
cpe:2.3:o:qualcomm:sdm429_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm429>>-
cpe:2.3:h:qualcomm:sdm429:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-125Primarynvd@nist.gov
CWE ID: CWE-125
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.qualcomm.com/company/product-security/bulletins/may-2020-bulletinproduct-security@qualcomm.com
Patch
Vendor Advisory
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/may-2020-bulletin
Source: product-security@qualcomm.com
Resource:
Patch
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

832Records found
CVE-2020-3664
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-6||MEDIUM
EPSS-0.02% / 7.04%
||
7 Day CHG~0.00%
Published-22 Feb, 2021 | 06:26
Updated-04 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound read access in hypervisor due to an invalid read access attempt by passing invalid addresses in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qca9377_firmwareqpm5679_firmwaresm6250p_firmwareqca8337qfs2530qpm8870_firmwareqln1030qpa8688pm6125qat5522_firmwarewcn3950_firmwarepm8150aqdm5670qca6595au_firmwareqpm5541_firmwareqpa5581_firmwaresa6155pm7150lqpa8821pm8998_firmwarewtr5975_firmwarepm456_firmwareqpa5580_firmwaresa415mwcn3998wcd9371_firmwarewcn3950sm4125sd720gqsw8573_firmwareqsw8574_firmwaresd460_firmwaresmb2351_firmwaresd6905gqpa4360_firmwareqca8081_firmwarewcn3998_firmwarepm855pqca6420pm6150apm660_firmwarepm8150bsa8155_firmwareqca4004_firmwareqca6430qat3522pmr735awcd9306_firmwarewcd9340sdm830_firmwaresd765gsdr660sdr865qdm5620_firmwaresmr545qca6696_firmwareqln5020wcd9371pmm855au_firmwaresm4350_firmwaresa8150ppm6350qdm5621qtc800sqca4004sd712pm640p_firmwareqcn5121qcn5022_firmwarewcn6750_firmwareqat5516_firmwarepm6150lsd8885gpm855l_firmwareqtc410swcn3991qpa8801pm8150l_firmwareqat5533_firmwaresdx55m_firmwaresdxr25gqpa8673_firmwarepm6150smb1354_firmwaresd670_firmwareqca6574qpa8842csr8811_firmwaresdr052_firmwarewcd9380qln4640qcs410qpm5579_firmwaresmb1380_firmwaresmb1381pm855p_firmwarepm7250qpa8803sdx24_firmwaresdxr25g_firmwareqdm2301ipq6018_firmwarewcd9340_firmwarewsa8815wcn6850qdm5621_firmwareqdm2301_firmwareqpm6375ipq6028wcn3980_firmwaresd730pm660l_firmwarepm6250_firmwarepm8008qtm525_firmwarepme605_firmwarepme605qpm5621_firmwareqln1021aq_firmwareqcs603qpa6560_firmwareqpa8802_firmwareqln4640_firmwareqpm5621qpm6582sd670pm8009_firmwareqfs2580_firmwareqcm4290_firmwarepm8150lpmi8998_firmwareqcs610_firmwaresa6145psdr105pm4250ar8031qpm5577wtr2965mdm9205_firmwareqca6391_firmwarepm8150qca4024wcd9370_firmwareqat3516_firmwaresdx55qcn5021_firmwarecsra6640qat3555_firmwareqpa8803_firmwarepm855bsmb2351qln1031qsm8250_firmwarewsa8830pm660qet6110_firmwareqpm6325pm6125_firmwareqbt1500qpa5581csrb31024pmx24_firmwarefsm10055_firmwareqbt1500_firmwareqcs4290qet6100pmm855auqca6420_firmwaresmb1396pm7150asd675_firmwarepm8350qca6564qpa4361_firmwareqca6426wcn3990_firmwareqca9984_firmwareqca9377wcd9385_firmwareqdm5650_firmwarewhs9410wcd9326_firmwarepm7250_firmwaresdr845_firmwareqdm5620qln1021aqsmb1380pmk8002_firmwareqsw6310_firmwaresa8155qln1031_firmwareqcn5122_firmwarepmm6155au_firmwareqat5533sdx55_firmwaresm7250p_firmwareqsm7250_firmwarepm7150l_firmwarewcd9306qca6584auqat5515_firmwarepm855qpm8830_firmwarepm8250qcn5052qfs2530_firmwaresa415m_firmwarepmx55wcn3988_firmwareqcn9074pm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresa8195psdr735_firmwareqpm5677qat5515wcd9326wcd9335pm6350_firmwarepm8004_firmwaresdr8150_firmwareqcs4290_firmwareqtc800h_firmwareqpm5620qca6390wcd9375sd750g_firmwareaqt1000sm6250_firmwarepmm8195auqln4642qpm5677_firmwarewsa8815_firmwarewtr3925_firmwaresmr525_firmwarepm8998qpm8820_firmwareqln1020_firmwarepm670a_firmwarepmx55_firmwareqca6595pm8150_firmwareqpm8830qat5522pm8150cpmr735bsd665_firmwareqpa4360pmk8003_firmwareqca8075_firmwaresc8180xqpa4361ipq6005_firmwareqpm5577_firmwareqdm5679_firmwaresmr525qca6310_firmwarepm6150l_firmwarepmr525pm8150a_firmwareqca6574_firmwareqln1036aq_firmwaresd665pm6150a_firmwarepm6150_firmwareqca6175asd765qca6574a_firmwareqat3555sd850_firmwaresd8c_firmwarewtr2965_firmwarepm670_firmwarecsrb31024_firmwareqln1036aqqtc801sipq6028_firmwaresc8180x_firmwaresd710qcn5122pm8008_firmwarepmr735a_firmwarepmx50qcn5022qca6564_firmwaresdr8250sd768gqln1030_firmwarepm8004pm640lpmk8002qca8075sd845sdm830ipq6000_firmwareqcs410_firmwareqca6175a_firmwareqpa5580qpm5579fsm10055sa6150p_firmwareqcs610qpm5620_firmwareqdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqat3519qbt2000_firmwareqca4024_firmwarepm855a_firmwareqtc800hsa8150p_firmwareqcs2290sdr8250_firmwareqca6335csra6620_firmwareqcs605_firmwareqln1020smr546_firmwareqdm5671csra6640_firmwarepmc1000hqpm4650_firmwareqat3518sd8csdr425_firmwaresmr526_firmwareqpa5460pm640a_firmwarewgr7640_firmwareqdm2305_firmwareqpm5670_firmwaresd710_firmwareqdm5652qca6574au_firmwareqpm8870wcd9375_firmwareqpm5679qbt2000sa6155_firmwarewcd9360pmx50_firmwareqpa8675_firmwarewhs9410_firmwaresdr735gqpa5460_firmwarewcn3999qdm3301_firmwareqsm7250ipq6010sd662_firmwareqcs405qdm2308_firmwarefsm10056_firmwareqca6436wcn6851sa6155pqcs603_firmwareqpa6560sdr675_firmwarewcd9341qca6431qet4100_firmwaresd750gwcn3910_firmwareqpm5657wsa8830_firmwaresd855_firmwareqdm5650wcn3988wtr3925sdr052sa8195p_firmwaresmb1390qet4100qpa8686_firmwareqpm6585qca8337_firmwarewcd9380_firmwaresmb1355qln4650sdr735g_firmwarewgr7640qet5100qdm5671_firmwareqpa8801_firmwareqca6564auqtm527_firmwarepm8005_firmwareqet4101_firmwarepm7250bqln4642_firmwaresmb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwareqet4200aq_firmwaresdx50m_firmwaresdr735smb1395pm660lsmr526qca8072_firmwarewtr5975qca6430_firmwarepmk8003qcn5052_firmwareqtc801s_firmwareqat3522_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqsw8573qcs605sd7cwcn3910qca6426_firmwarepm8350_firmwareqca9984pm8009qpa8675sdr051_firmwaresdx55mpm670aqca6421_firmwareqat3518_firmwareqsw8574pmi8998sd6905g_firmwarear8031_firmwarepm855lwcn6851_firmwareqdm5670_firmwaresd8655gpm7150a_firmwarepm8150b_firmwaresmr545_firmwarepmc1000h_firmwareqca6564a_firmwareqdm2310_firmwarepm4250_firmwaresdr105_firmwareqcn5121_firmwaresd8885g_firmwarepm670qdm5677pm8005qsm8250ipq6018pm855_firmwareqdm2302pmm6155ausdxr1pm855b_firmwareqca6595_firmwareqcs405_firmwareqpm6582_firmwareqpm6375_firmwarepm640l_firmwareqln4650_firmwareqet5100msa8155psd675qet4101qat3516pm670lqpm5658ar8035_firmwareqcm2290qpm5658_firmwarewcn3991_firmwareqdm5652_firmwarepmm8155au_firmwaresdr051qln5030qcs2290_firmwarepm4125fsm10056pmi632qpa2625_firmwarepm456sd7c_firmwarepmr735b_firmwarecsra6620qet5100_firmwareqet6100_firmwarepm670l_firmwaresdr660gsd765g_firmwareqpa8686qca6390_firmwareipq6000sd730_firmwarewcd9370qcn5152_firmwaresdr425pmr525_firmwareqca6584au_firmwareqcn9000_firmwarepmi632_firmwareqpm5541qat5516sd662qpa8821_firmwaresdr660g_firmwarepm3003aqca6595auwcn3999_firmwareqca6436_firmwaresmb1354qca6564au_firmwareqdm2305sa6155p_firmwareqca6310qpm8820qpm2630qln5020_firmwaresa6145p_firmwaresdr675sm6250sd712_firmwarewsa8810_firmwaresmb231sd765_firmwareqdm5677_firmwareqca8081qet4200aqqca6174a_firmwarewcd9385qpm6325_firmwareqdm2302_firmwareqat3550_firmwarepmm8155auqln5040_firmwarepm4125_firmwarear8035csr8811qpa8673qdm2310qln5030_firmwaresmb1396_firmwarewcn6850_firmwarewsa8835_firmwareqca6564asmr546pmx24qet6110qln5040qca8072qcm2290_firmwareqpm8895sdr845qpm5670wcn3990qcn9000qtm527sdx24qdm2307_firmwarewsa8835qpm5657_firmwaresm6250ppm855asdr660_firmwareqca6574asmb1390_firmwareqca6174awcn6750qet5100m_firmwareqpm4650mdm9205qtm525wtr6955sd855sm4125_firmwaresd8cxwtr6955_firmwarepm640pqcn5021qcn5152sd768g_firmwaresdr865_firmwarepm8250_firmwaresd460qca6391sd8cx_firmwaresdxr1_firmwaresmb1351ipq6005aqt1000_firmwareqpm8895_firmwareqcm4290sdx50mpm640asdr8150smb1395_firmwarepmd9655qca6574ausa8155p_firmwareqsw6310sd8655g_firmwarewcd9341_firmwarewsa8810qtc410s_firmwareqpm2630_firmwaresmb231_firmwareqdm2308qat3550qdm5679ipq6010_firmwarepm3003a_firmwareqca6696qtc800s_firmwaresm4350sd845_firmwaresmb1381_firmwareqpa2625sa6150pqpa8688_firmwarepmm8195au_firmwaresm7250psd720g_firmwareqcn9074_firmwaresd850pm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-3617
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.1||HIGH
EPSS-0.03% / 9.80%
||
7 Day CHG~0.00%
Published-09 Sep, 2020 | 06:25
Updated-04 Aug, 2024 | 07:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Buffer over-read Issue in Q6 testbus framework due to diag packet length is not completely validated before accessing the field and leads to Information disclosure.' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in Kamorta, Nicobar, QCS605, QCS610, Rennell, SC7180, SDA660, SDM630, SDM636, SDM660, SDM670, SDM710, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-kamorta_firmwareqcs610sdm636_firmwaresdm660sdm630sm7150_firmwaresdm710sc7180_firmwaresm6150sdm710_firmwaresm7150sdm670qcs610_firmwareqcs605_firmwaresdm670_firmwaresm8150_firmwaresdm636rennellsc7180sdm630_firmwaresda660_firmwarerennell_firmwareqcs605sm6150_firmwaresm8150sda660kamortasxr1130_firmwarenicobar_firmwaresxr1130sdm660_firmwarenicobarSnapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
CVE-2022-25665
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.10% / 27.39%
||
7 Day CHG~0.00%
Published-12 Oct, 2022 | 00:00
Updated-15 May, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Information disclosure due to buffer over read in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcs605wcn6855_firmwareqca6391_firmwaresd888_5g_firmwaresd850qca6574_firmwaresdx50m_firmwarear8035qca6430sa8155wcn7850_firmwaresdx24_firmwarewcd9375_firmwaresd855_firmwaresa8540p_firmwarewcn3990qca6174a_firmwarewsa8835_firmwareqca6696_firmwareqca8337sa6145pqca6431_firmwarewcn6855qam8295pwsa8830qca6696sm8475sdx65qsm8350_firmwareqca6420sa6155pwcn3998_firmwaresdx55qca6390_firmwaresm7250par8035_firmwaresd765sdx55_firmwareqca6574a_firmwarewcd9385_firmwareqca8081_firmwarewcn3950_firmwareqcs605_firmwaresdx24sdxr2_5g_firmwareqca6436_firmwarewsa8815_firmwaresd678sdx57m_firmwaresa6145p_firmwaresa9000pqca6430_firmwareqca6595sd675_firmwarewcd9370_firmwareaqt1000qca6391wcn3991_firmwaresa8295pqca6174asa8295p_firmwarewsa8835sm7250p_firmwarewcn6851_firmwaresd768g_firmwarewcn3980_firmwareqca6574aqca6564asdx65_firmwareqca6595auwcn6851wcn6850_firmwaresd865_5gwcd9340_firmwaresd865_5g_firmwareqca6564au_firmwareqca9377_firmwarewsa8830_firmwarewcd9341sd845_firmwarewcn3991wcn3998wcn6856_firmwareqca6574auwcn3990_firmwaresdx55mwcd9341_firmwareqcs603_firmwaresd670qca6420_firmwareqca6564ausd_675sa9000p_firmwarewsa8815sd850_firmwaresd_8cx_gen3wcd9326wcn6856qca6564a_firmwarewcn7850sd_8_gen1_5g_firmwareqca6426wcd9380sa8155p_firmwareqsm8350sd_8cx_firmwareqca8337_firmwaresd870_firmwarewcd9326_firmwaresd_8cx_gen3_firmwareqca6574sd_8cx_gen2_firmwaresd870sd765_firmwarewcn7851_firmwaresdx57mqca6426_firmwaresd845qam8295p_firmwaresd_675_firmwaresd768gwsa8810qca6335wcn6850sd855sd_8cx_gen2qca6310_firmwarewcd9380_firmwaresd678_firmwaresd888_5gsa8155_firmwaresd670_firmwareqca6335_firmwareqca6390qca6421sa6155qca6595au_firmwarewsa8810_firmwareqca6310sdx55m_firmwarewcd9375wcd9370sa8150p_firmwarewcn7851wcd9340qca6436qca9377wcd9385sa6155p_firmwaresd_8cxsa8150psd765gwcn3950qca6595_firmwareqcs603sdxr2_5gsa6155_firmwareaqt1000_firmwaresdx50mqca6431sd675wcn3980qca8081qca6574au_firmwaresa8155psa8540pqca6421_firmwaresd765g_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-11293
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-5.1||MEDIUM
EPSS-0.05% / 14.53%
||
7 Day CHG~0.00%
Published-07 May, 2021 | 09:10
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound read can happen in Widevine TA while copying data to buffer from user data due to lack of check of buffer length received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100qfe2080fc_firmwareqca9377_firmwareqfs2580mdm9640_firmwaresm6250p_firmwareqfe4455fc_firmwareqca8337qfs2530qpm8870_firmwareqln1030qpa8688pm6125qat5522_firmwarewcn3950_firmwarepm8150asc8180x\+sdx55qca6595au_firmwaresa6155qpa8821pm8998_firmwarewtr5975_firmwarepm456_firmwaresa415mwcn3998wcd9371_firmwarewcn3950sm4125sd720gqsw8573_firmwarewcn3660bsd450_firmwareqfe4320qcc112qsw8574_firmwaresd460_firmwaresmb2351_firmwarepm8953_firmwareqpa4360_firmwarewcn3998_firmwareqfe2520_firmwarepm855pqca6420apq8053_firmwarepm6150apm660_firmwarepm8150bsa8155_firmwareqca4004_firmwareqfe2101qca6430qat3522qfe4455fcpmr735awcd9306_firmwarewcd9340sdm830_firmwaresdr660sdr865smb1358smr545qca6696_firmwarewcd9371sd870_firmwaresmb1350pmm855au_firmwarewtr3950sa8150ppm6350qfe3340qtc800sqca4004qat3514_firmwaresd660sd865_5g_firmwareqet6105sd712pm640p_firmwaresd660_firmwareqat5516_firmwarepm6150lsd450pm855l_firmwareqtc410swcn3991qpa8801sdm429wpm8150l_firmwaresdx55m_firmwareqpa8673_firmwarepm6150smb1354_firmwaresd670_firmwareqca6574sd632_firmwaresdr052_firmwarepmm8996auwcd9380sd850qualcomm215qln4640qcs410smb1380_firmwareqfe4309_firmwaresmb1381pm855p_firmwareqfe3100_firmwareqca9379_firmwarewtr4905qpa8803sdx24_firmwaresd439_firmwareqdm2301wcd9340_firmwarewsa8815wcn6850qfe2101_firmwareqdm2301_firmwaremsm8937_firmwaresd835wcn3980_firmwaresd730pm660l_firmwarepm6250_firmwarepm8008qtm525_firmwarepme605_firmwarepme605sd678_firmwareapq8064au_firmwareqca6234qln1021aq_firmwareqcs603rsw8577qpa6560_firmwareqpa8802_firmwareqln4640_firmwareqfe4308_firmwaresd670pm8009_firmwareqfe4303qfs2580_firmwareqcm4290_firmwarepm8150lpmi8998_firmwareqcs610_firmwaresa6145ppm660a_firmwarepm215pm4250sdr105ar8031wtr2965sdm630_firmwaremdm9205_firmwareqca6391_firmwaresa2150psd820_firmwarepm8150pmi8937_firmwarewcd9370_firmwaresdx55apq8053csra6640qat3555_firmwarepmi8994qpa8803_firmwarewcn3660qca9379pm855bqca6234_firmwareqln1031smb2351pm660pm6125_firmwareqbt1500csrb31024mdm9650pmx24_firmwarefsm10055_firmwareqbt1500_firmwarepmk8001qcs4290qet6100pmm855auqca6420_firmwaresmb1396sd675_firmwarepm8350qca6564qpa4361_firmwareqca6426wcn3990_firmwareqca9984_firmwareqca9377qpa5373_firmwarewcd9385_firmwareqpa4340_firmwaresdxr2_5g_firmwarewcd9326_firmwarewhs9410wcn3615_firmwarewtr2955rgr7640au_firmwaresdr845_firmwareqln1021aqsmb1380pmk8002_firmwareqsw6310_firmwaresa8155qln1031_firmwaresdx55_firmwarepmm6155au_firmwarewcn3615wcn3610_firmwarepm8940wcd9306qca6584auqat5515_firmwarepm855sd429pm8250qfe2082fc_firmwaresdm630mdm9655_firmwareqfs2530_firmwaresa415m_firmwarepmx55wcn3988_firmwaresd429_firmwarepm8150c_firmwareqca6421sdr735_firmwareqat3519_firmwaresa8195ppm8953qat5515qca6694qat3514wcd9326wcd9335pm6350_firmwarepm8004_firmwaresdr8150_firmwareqcs4290_firmwarepm439qtc800h_firmwareqca6390wcd9375aqt1000sc8180x\+sdx55_firmwarepmm8195ausm6250_firmwaremsm8917_firmwarewsa8815_firmwaresd888_5g_firmwarepmi8937pm8998smr525_firmwarewtr3925_firmwareqpm8820_firmwareqfe4301_firmwareapq8017qcc112_firmwareqln1020_firmwarepm670a_firmwarepmx55_firmwarewtr2955_firmwareqbt1000_firmwareqfe4373fc_firmwaresd865_5gpm8019qca6595pm8150_firmwarepmm8996au_firmwareqat5522pm8150csd665_firmwareqpa4360pmk8003_firmwareqpa4361smr525qca6310_firmwareqfe4305_firmwarepm6150l_firmwarepmr525pm8150a_firmwareqca6574_firmwarewtr3950_firmwareqln1036aq_firmwaresd665pm6150a_firmwarepm6150_firmwareqca6175aqca6574a_firmwareqat3555sd850_firmwareqfe2082fcsd8c_firmwarewtr2965_firmwarepm670_firmwarecsrb31024_firmwaresd480_firmwareqln1036aqqtc801spmi8940_firmwaresd710pm8008_firmwareqln1035bd_firmwarepmr735a_firmwarepmw3100pmx50qca6564_firmwaresdr8250qln1030_firmwaresmb1350_firmwarepmw3100_firmwarepm8004pm640lmsm8940pmk8002apq8096au_firmwaresd845sd455_firmwaresdm830qcs410_firmwareqca6175a_firmwarefsm10055qfe2550sa6150p_firmwareqcs610pmi8996qdm2307qca6431_firmwareqpa8802wcd9360_firmwareqat3519qbt2000_firmwarepm855a_firmwareqtc800hsa8150p_firmwareqcs2290sdr8250_firmwareqca6335msm8917csra6620_firmwareqcs605_firmwareqln1020smr546_firmwarewtr3905csra6640_firmwarepmc1000hqat3518sd8csd632sdr425_firmwaresmr526_firmwareqpa5460pm640a_firmwarewgr7640_firmwaresd710_firmwareqca4020qca6574au_firmwareqpm8870wcd9375_firmwaresa6155_firmwareqbt2000wcd9360pmx50_firmwareqpa8675_firmwarewhs9410_firmwaresdr735gqpa5460_firmwarewcn3999pm8940_firmwarepm8996sd662_firmwaresmb1360qcs405qualcomm215_firmwareqfe3440fcqdm2308_firmwarersw8577_firmwarefsm10056_firmwarepm439_firmwareqca4020_firmwareqca6436sa6155pqcs603_firmwareqpa6560msm8937sdr675_firmwarewcn3660_firmwarewcd9341pmi8952mdm9655pm8937_firmwareqca6431qet4100_firmwareqfe4320_firmwarewcn3910_firmwaresd855_firmwarewcn3988wtr3925qfe2080fcsdr052sa8195p_firmwaresmb1390qet4100wcn3610mdm9640qpa8686_firmwareqca8337_firmwaresda429w_firmwarewcd9380_firmwaresmb1355qtc800t_firmwaremsm8996au_firmwaresdr735g_firmwarewgr7640sd636qet5100qpa8801_firmwareqca6564aupm8005_firmwaremsm8940_firmwareqet4101_firmwarepm7250bpmk8001_firmwaresmb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwarepm8996_firmwareqet4200aq_firmwaresdx50m_firmwaresdr735pm660lar8151smr526wtr5975qca6430_firmwarepmk8003qtc801s_firmwarewcd9335_firmwareqat3522_firmwarewcn3980qca6335_firmwareqsw8573qcs605qbt1000sd7cqca6320wcn3910mdm9650_firmwareqca6426_firmwarepm8350_firmwarewcn3660b_firmwareqca9984qfe4309pm8009qpa8675sdr051_firmwaresdx55mpm670aqca6421_firmwarewtr3905_firmwareqfe4373fcmsm8953qat3518_firmwarepmi8998qfe2520qsw8574sd821_firmwarear8031_firmwarepm855lqfe4302pm8150b_firmwaresmr545_firmwarepmc1000h_firmwareqca6564a_firmwareqdm2310_firmwareqca6694au_firmwarepm4250_firmwaresdr105_firmwaresd480sd870pm670pm8005pm855_firmwareqdm2302pmm6155ausdxr1pm855b_firmwareapq8096auqca6595_firmwareqcs405_firmwarepm640l_firmwarepmi8996_firmwareqet5100msa8155psd675sd439qet4101pm670lar8035_firmwareqcm2290wcn3991_firmwarepmm8155au_firmwareqfe4465fcsd678sdr051qln5030qcs2290_firmwarepm4125fsm10056pmi632pm456sd7c_firmwareqfe2081fc_firmwaresmb1360_firmwarecsra6620qet5100_firmwareqpa5373qet6100_firmwarepm670l_firmwaresdr660gsd455qpa8686smb1358_firmwareqca6390_firmwaresd730_firmwarewcd9370sdr425pmr525_firmwareqca6584au_firmwareqfe3340_firmwarear8151_firmwarepmi632_firmwareqat5516sd662qpa8821_firmwareqfe4308sdr660g_firmwareapq8037pm3003aqca6320_firmwarewcn3680b_firmwareqca6595auwcn3999_firmwareqca6436_firmwareqtc800tsmb1354qca6564au_firmwaresa6155p_firmwareqca6310qpm8820pm8937qpm2630qfe2081fcsa515m_firmwaresdxr2_5gsd821sa6145p_firmwaresdr675sm6250sd712_firmwareapq8017_firmwarewsa8810_firmwaresmb231qet4200aqqca6174a_firmwarewcd9385qdm2302_firmwareqat3550_firmwarepmm8155aupm4125_firmwarear8035pm8019_firmwareapq8064auqca6694_firmwareqpa8673qdm2310qfe2550_firmwaremsm8953_firmwareqln5030_firmwareqca6694ausda429wwcn3620_firmwareqfe4302_firmwaresd820smb1396_firmwarewcn6850_firmwarewcn3620qca6564asmr546pmx24pmi8952_firmwareqcm2290_firmwaresdr845wcn3990qfe3440fc_firmwaresdx24pmi8994_firmwareqdm2307_firmwaremsm8996ausdm429w_firmwarepmi8940sd888_5gsm6250prgr7640auqln1035bdpm855asdr660_firmwareqca6574apm8916_firmwaresmb1390_firmwareqca6174aqfe4303_firmwareqet5100m_firmwareqtm525mdm9205sa515mwtr6955sa2150p_firmwaresd855sm4125_firmwaresd8cxqfe4305wtr6955_firmwarepm640psdr865_firmwareqfe4465fc_firmwarepm8250_firmwaresd460qca6391sd8cx_firmwaresdxr1_firmwaresmb1351aqt1000_firmwarepm215_firmwaremsm8920pm660aqpa4340qcm4290sdx50mpm640asdr8150pm8916msm8920_firmwarepmd9655qca6574ausa8155p_firmwareqsw6310qet6105_firmwarewcd9341_firmwarewsa8810qtc410s_firmwareqpm2630_firmwaresmb231_firmwareqdm2308wtr4905_firmwareqat3550wcn3680bsd835_firmwarepm3003a_firmwareqca6696qfe4301qtc800s_firmwaresmb1381_firmwaresd845_firmwaresa6150pqpa8688_firmwareapq8037_firmwarepmm8195au_firmwaresd720g_firmwaresd636_firmwarepm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-11304
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 13.17%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 06:20
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound read in DRM due to improper buffer length check. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarefsm10055sa6150p_firmwaresm6250p_firmwareqcs610qca8337qca6431_firmwarewcd9360_firmwarewcn3950_firmwaresc8180x\+sdx55sa8150p_firmwareqcs2290qca6595au_firmwaresa6155qca6335sd_455_firmwarecsra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaremsm8108sa415mwcn3998wcd9371_firmwaremsm8108_firmwarewcn3950sm4125sd720gmdm9628mdm9206_firmwarewcn3660bqsm8350_firmwaresd710_firmwareqsm8350sd460_firmwareqca4020qca6574au_firmwarewcd9375_firmwarewcn3998_firmwaresa6155_firmwareqca6420wcd9360qca9367_firmwarewhs9410_firmwaremdm8207wcn3999qcs6125sa8155_firmwareqca4004_firmwaresd662_firmwareqcs405qca6430wcd9306_firmwarewcd9340sdm830_firmwaresd765gfsm10056_firmwareqca4020_firmwareqca6436wcn6851sa6155pqcs603_firmwaremsm8209_firmwaremdm9250_firmwarewcd9341qca6431qca6696_firmwarewcd9371sd870_firmwaresd750gwcn3910_firmwaresd_8cxsa8150pmdm9207_firmwareqca4004wsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwaresd712wcn3988sd660_firmwaresa8195p_firmwaremsm8208_firmwarewcn6750_firmwarewcn3610msm8608wcn3991qca8337_firmwarewcd9380_firmwarewcd9330qca6564ausdx55m_firmwarewcn6856_firmwaresd670_firmwareqca6574wcd9380qcs410sd690_5g_firmwaresdx50m_firmwareqca9379_firmwaresdx24_firmwareqca6430_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqcs605wcd9340_firmwarewsa8815wcn6850sd7cwcn3910qca6320mdm9650_firmwaresd_8c_firmwareqca6426_firmwarewcn3660b_firmwareqca9984sd835wcn3980_firmwaresd730wcd9330_firmwaresdx55mqca6421_firmwaresd678_firmwarear8031_firmwarewcn6851_firmwareqcs603sd670sd_636_firmwareqca6564a_firmwareqcm4290_firmwaresd480sd870wcn6855sd210_firmwareqcs610_firmwareqsm8250sa6145psdxr1ar8031apq8096auqca6595_firmwareqcs405_firmwaresa8145pmdm8207_firmwaresdm630_firmwaremdm9205_firmwareqca6391_firmwarewcd9370_firmwaresdx55sd888_firmwaresa8155pcsra6640sd675qca9379ar8035_firmwareqcm2290qsm8250_firmwarewcn3991_firmwaremdm9150_firmwarewsa8830sd678sa8145p_firmwareqcs2290_firmwarefsm10056sd7c_firmwarecsrb31024mdm9628_firmwaremdm9650sd_636csra6620fsm10055_firmwareqcs4290mdm9250sd765g_firmwareqca6420_firmwareqca6390_firmwareapq8009_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwareqca6564qca6426qca6584au_firmwarewcn3990_firmwareqca9984_firmwareqca9377sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewhs9410wcd9326_firmwarewcn3615_firmwaresd662sa8155qca6320_firmwarewcn3680b_firmwaresdx55_firmwarewcn3615qca6595auwcn3999_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwaremdm9207wcd9306qca6584ausd778gqca6564au_firmwaremsm8208sa6155p_firmwareqca6310sa515m_firmwaresdxr2_5gqca9367sdm630mdm9607_firmwaresa415m_firmwarewcn3988_firmwaresd205sa6145p_firmwareqca6421sd778g_firmwaresm6250sd712_firmwaresa8195pwsa8810_firmwaresd765_firmwarewcd9326wcd9335qca6174a_firmwareqcs4290_firmwarewcd9385qca6390wcd9375sd750g_firmwareaqt1000ar8035sc8180x\+sdx55_firmwaresm6250_firmwaresd210wsa8815_firmwaresd888_5g_firmwarewcn6850_firmwarewsa8835_firmwareqca6564aqcm6125_firmwareqcm2290_firmwarewcn3990sd_675sd865_5gqca6595sdx24sd888wsa8835sd665_firmwaresd888_5gsm6250pqca6574amdm9206wcn6855_firmwareqca6174asm7325pqca6310_firmwarewcn6750mdm9205sa515mqca6574_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665qca6175asd765qca6574a_firmwaresd768g_firmwaremsm8209sd850_firmwareapq8009sd460qca6391sdxr1_firmwareaqt1000_firmwareqcm4290csrb31024_firmwaresdx50msd480_firmwaresd_455qca6574ausd710sa8155p_firmwaremdm9607sd205_firmwarewcd9341_firmwareqcm6125wsa8810mdm9150wcn6856sd_8cwcn3680bsd835_firmwareqca6564_firmwaresd768gqca6696sd845_firmwaremsm8608_firmwaresa6150papq8096au_firmwaresd845sm7250psdm830sd720g_firmwareqcs410_firmwareqca6175a_firmwaresd850Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-11161
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.1||HIGH
EPSS-0.04% / 13.17%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 05:00
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds memory access can occur while calculating alignment requirements for a negative width from external components in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qca9377_firmwareqpm5679_firmwareqcs610pmd9607_firmwareqdm5579qdm2307qfs2608_firmwareqfs2530qpm8870_firmwareqln1030qpa8802qpm6585_firmwarepm6125qat3519qbt2000_firmwareqat5522_firmwarewcn3950_firmwarepm8150aqtc800hqdm5670sdr8250_firmwareqpa5581_firmwareqpa8821pm8998_firmwarecsra6620_firmwareqcs605_firmwareqdm5671wtr5975_firmwarecsra6640_firmwareqpm4650_firmwareqat3518qpa5580_firmwaresdr425_firmwarewcn3998smr526_firmwarewcn3950qsw8573_firmwarewcn3660bwgr7640_firmwareqpm5670_firmwareqsw8574_firmwaresd460_firmwarepm8953_firmwareqca6574au_firmwareqpa4360_firmwareqpm8870wcd9375_firmwarewcn3998_firmwareqpm5679qbt2000apq8053_firmwaresdx20mqpm6670_firmwareqca9367_firmwaresdr735gwcn3999pm8150bqdm3301_firmwaresd662_firmwareqcs405qat3522pmr735awcd9340qualcomm215_firmwareqdm2308_firmwaresdr660qca6436wcn6851sa6155pqcs603_firmwareqpa6560qfs2630_firmwaresdr865qdm5620_firmwaresmb1358wcd9341pmi8952qdm4643_firmwaresm7350_firmwareqln5020qet4100_firmwaresmb1350qdm3302qdm5621qpm5875_firmwareqat3514_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewcn3988wtr3925smb1390wcn6750_firmwareqat5516_firmwarepm6150lpm855l_firmwareqet4100wcn3610qpm6585qtc410swcd9380_firmwaresmb1355qln4650qpa8801wcd9330msm8996au_firmwaresdr735g_firmwarepm8350bhs_firmwarewgr7640qat5568qet5100qdm5671_firmwareqpa8801_firmwareqca6564aupm8150l_firmwaresdx55m_firmwarewcn6856_firmwarepm8005_firmwareqpa8673_firmwarepm6150qet4101_firmwaresmb1354_firmwareqca6574qln4642_firmwareqfs2630qpa8842pmm8996auwcd9380smb1355_firmwaresmb1351_firmwarepmd9655_firmwarequalcomm215qcs410pmk8350_firmwaresmb1381sdr735qca9379_firmwarewtr4905smb1395qpa8803ar8151smr526wtr5975wcd9335_firmwarewcn3980qtc801s_firmwareqat3522_firmwarepm7350c_firmwareqdm2301qsw8573qcs605wcd9340_firmwarewsa8815wcn6850qdm5621_firmwareqdm2301_firmwaremdm9650_firmwaresmb1394qca6426_firmwarepm8350_firmwarewcn3660b_firmwarewcn3680sd835pm8009wcn3980_firmwarewcd9330_firmwaresdx55mpm670awcn6740_firmwarepm8008pm8350b_firmwareqtm525_firmwareqat3518_firmwareqsw8574pme605_firmwarepme605apq8064au_firmwarear8031_firmwarewcn3680_firmwareqpm5621_firmwarepm855lwcn6851_firmwareqcs603qdm5670_firmwareqpa6560_firmwareqpa8802_firmwarepm8150b_firmwareqpm5621qca6564a_firmwarepm8009_firmwareqdm2310_firmwareqfs2580_firmwarepm670pm8150lsd210_firmwareqcs610_firmwareqdm5677pm8005qsm8250sa6145ppm855_firmwarepm215qdm2302pmm6155aupm855b_firmwarear8031apq8096auqcs405_firmwarewtr2965qca6391_firmwarepmx20_firmwarewcd9370_firmwareqln4650_firmwareqat3516_firmwareqpm5875sdx55qet5100mapq8053csra6640pm8350bhsqet4101qat3555_firmwareqat3516pm670lqpa8803_firmwareqca9379pm855bqsm8250_firmwareqpm5870pm8909wsa8830qet6110_firmwareqdm5579_firmwareqln5030pm6125_firmwareqpa5581pmi632qpa2625_firmwaremdm9650pm8350bh_firmwarecsra6620pmr735b_firmwareqet5100_firmwareqpm4621qpm5870_firmwareqet6100_firmwareqet6100pm670l_firmwaresmb1358_firmwaresmb1394_firmwareqca6390_firmwaresmb1396wcd9370pm8350qca6564qpa4361_firmwarepm8350c_firmwareqpa5461_firmwareqca6426sdr425pmr525_firmwarewcn3990_firmwareqca9377qpm5641ar8151_firmwarepmi632_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwareqat5516wcn3615_firmwarergr7640au_firmwareqdm5620sd662qpa8821_firmwarepm8350bhpmk8002_firmwareqsw6310_firmwarepm3003aqdm4650_firmwaresdx55_firmwarepmm6155au_firmwarewcn3680b_firmwarewcn3615wcn3999_firmwarewcn3610_firmwareqca6436_firmwaresm7350qpm6670smb1354qca6564au_firmwaresa6155p_firmwareqpm8820qpm4641qat5515_firmwareqln5020_firmwarepm855sdxr2_5gpm8250qca9367smb1398qdm4643qfs2530_firmwarewcn3988_firmwarepmx55qpm4641_firmwaresd205sa6145p_firmwarepm8150c_firmwareqpa8842_firmwareqdm3301sdr735_firmwareqat3519_firmwarewsa8810_firmwarepm8953qat5515qpm5677smb231qat3514wcd9326wcd9335qdm5677_firmwareqca6174a_firmwarewcd9385qtc800h_firmwareqdm2302_firmwarepmk7350_firmwareqln5040_firmwareqpm4630qca6390wcd9375apq8064auqpa8673qdm2310qln5030_firmwareqln4642sd210qpm5677_firmwaresdx20_firmwarewsa8815_firmwaresd888_5g_firmwaresmr525_firmwarepm8998pmk7350wtr3925_firmwareqpm8820_firmwaresmb1396_firmwarewcn6850_firmwarewsa8835_firmwareqpm6621_firmwareqca6564apm670a_firmwareqet6110pmi8952_firmwareqln5040qpm5670wcn3990pmx55_firmwaresd865_5gpmk8350smb1398_firmwareqdm3302_firmwarepm8350bpmm8996au_firmwareqat5522qdm2307_firmwarewsa8835msm8996aupm8150cpmr735bsd665_firmwaresd888_5grgr7640auqpa4360sdr660_firmwarepm8909_firmwareqpa4361qca6574aqpm4640_firmwaresmb1390_firmwareqdm5679_firmwareqca6174apm8350csmr525qpm4640wcn6750pm6150l_firmwarepmr525pm7350cpm8150a_firmwareqet5100m_firmwareqpm4650qtm525qca6574_firmwaresd855sd665pm6150_firmwarepmx20pmd9607qca6574a_firmwareqpm4630_firmwaresdr865_firmwareqat3555pm8250_firmwaresd460qca6391smb1351smb1357_firmwareqpa5461pm215_firmwarewtr2965_firmwarepm670_firmwareqfs2608sdx20qtc801ssmb1395_firmwareqdm4650pmd9655qca6574auqpm5641_firmwaresd205_firmwareqsw6310pm8008_firmwarewcd9341_firmwaresdx20m_firmwareqpm6621wsa8810qtc410s_firmwaresmb231_firmwarepmr735a_firmwareqat5568_firmwareqdm2308wtr4905_firmwarewcn6856qdm5679wcn3680bsd835_firmwareqca6564_firmwaresdr8250pm3003a_firmwareqln1030_firmwaresmb1350_firmwarewcn6740smb1381_firmwareqpa2625pmk8002apq8096au_firmwaresmb1357qpm4621_firmwareqcs410_firmwareqpa5580Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-11132
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.1||HIGH
EPSS-0.04% / 13.17%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 10:00
Updated-04 Aug, 2024 | 11:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Buffer over read in boot due to size check ignored before copying GUID attribute from request to response' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8096AU, APQ8098, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9650, MSM8108, MSM8208, MSM8209, MSM8608, MSM8905, MSM8909, MSM8998, QCM4290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QSM8250, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC8180X, SC8180X+SDX55, SC8180XP, SDA640, SDA670, SDA845, SDA855, SDM1000, SDM640, SDM670, SDM710, SDM712, SDM830, SDM845, SDM850, SDX24, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaresm7250sa6150p_firmwaresm6250p_firmwareqcs610sm6125sdm712_firmwaresdm640sm7250_firmwaremdm9628_firmwaremdm9650qcs4290mdm9250sa8150p_firmwaresa6155apq8009_firmwaresdm712sdm670qcs605_firmwaresm6115sm7150psda845_firmwaremsm8108sa415mapq8098msm8108_firmwaresm4250sc8180xpmdm9628sm4125mdm9206_firmwaresda855sa8155msm8905_firmwaresdx55_firmwaresa6155_firmwaresdm1000sm7250p_firmwaresxr1130sxr2130psda845mdm9207sa6155p_firmwaremsm8208sxr2130p_firmwaresda640mdm8207sa515m_firmwareapq8098_firmwaremsm8998_firmwaresa8155_firmwaremdm9607_firmwaresm8250_firmwaresa415m_firmwareqcs405sa6145p_firmwaresc7180_firmwaresm4250_firmwaresm6250sa8195psdm830_firmwaresdm710_firmwaresxr1120sa6155pqcs603_firmwaremsm8209_firmwaremsm8905mdm9250_firmwareqcs4290_firmwaresm8150_firmwaremsm8909sm7150p_firmwaresxr2130_firmwaresc7180sc8180xp_firmwaresa8150psm6250_firmwaremdm9207_firmwaresm6150_firmwaremsm8998sm7225_firmwaresm8150sdm850sa8195p_firmwaresdm640_firmwaremsm8208_firmwaresxr1120_firmwaresm6125_firmwaresm8150pmsm8608sm6115_firmwarewcd9330sdm845sdx24sdx55m_firmwaresm6115p_firmwaresm7150_firmwaresm6150sm7150sm6250pqcs410sda640_firmwaresc8180xsxr2130sdx50m_firmwaremdm9206sdm670_firmwaresdx24_firmwaresda670sm7225mdm9205sa515mqcs605sm6115psm4125_firmwaremdm9650_firmwaresxr1130_firmwaremsm8209sda855_firmwareapq8009wcd9330_firmwaremsm8909_firmwaresdx55msm6150p_firmwaresm6350sm7125sdm850_firmwaresm4250p_firmwareqcm4290sdx50mqcs603sc8180x_firmwaresm6350_firmwaresa8155p_firmwaresdm710mdm9607sda670_firmwareqcm4290_firmwareqcs610_firmwaremdm9150qsm8250sa6145psm4250papq8096auqcs405_firmwaremdm8207_firmwaremdm9205_firmwaremsm8608_firmwaresm7125_firmwaresa6150psdx55apq8096au_firmwaresa8155psm8250sm8150p_firmwaresdm1000_firmwaresm7250psdm830qcs410_firmwaresm6150pqsm8250_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-14038
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.1||HIGH
EPSS-0.04% / 13.17%
||
7 Day CHG~0.00%
Published-02 Jun, 2020 | 15:05
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer over-read in ADSP parse function due to lack of check for availability of sufficient data payload received in command response in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8953, QCS605, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM670, SDM710, SDM845, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaremsm8953sdm845_firmwaresdm429wapq8098_firmwaresdm845sdx20sdx24sdm439mdm9607_firmwaremdm9650sdm429sdm710msm8909w_firmwaremdm9607sdm429w_firmwaresdm710_firmwareapq8009_firmwaremsm8909wmsm8917sdm670qcs605_firmwaremdm9207c_firmwaremdm9206msm8905mdm9207csdm670_firmwaresdx24_firmwaresdm439_firmwaresda845_firmwareapq8098sda660_firmwaremdm9206_firmwareqcs605msm8953_firmwareapq8053msm8917_firmwaresdm429_firmwaremdm9650_firmwaresdx20_firmwaremsm8905_firmwaresda660apq8009apq8053_firmwaresda845mdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
CVE-2019-14081
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.1||HIGH
EPSS-0.03% / 9.80%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Over-read when WLAN module gets a WMI message for SAR limits with invalid number of limits to be enforced in Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in APQ8098, IPQ8074, MSM8998, QCA8081, QCN7605, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm850_firmwaresdm636_firmwareapq8098_firmwaresdm845msm8998_firmwaresdm660sdm630ipq8074_firmwaresdm710sdm710_firmwareqcn7605_firmwaresdm670qca8081qcs605_firmwaresdm670_firmwaresm8150_firmwareipq8074sdm636sda845_firmwaresdm630_firmwareapq8098qcn7605sda660_firmwareqcs605msm8998sm8150sdm850sda660sxr1130_firmwareqca8081_firmwaresxr1130sdm660_firmwaresda845sdm845_firmwareSnapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-14043
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.1||HIGH
EPSS-0.04% / 13.17%
||
7 Day CHG~0.00%
Published-02 Jun, 2020 | 15:05
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound read in Fingerprint application due to requested data is being used without length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Kamorta, MDM9150, MDM9205, MDM9650, MSM8998, Nicobar, QCS404, QCS405, QCS605, Rennell, SA415M, SA6155P, SC7180, SC8180X, SDA660, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm850_firmwarekamorta_firmwaremdm9150_firmwaresa6155p_firmwaresdm636_firmwaresdm845msm8998_firmwaresdm660sdx24sdm630qcs404_firmwaresm8250_firmwaremdm9650sc8180x_firmwaresa415m_firmwareqcs405sm7150_firmwaresdm710sc7180_firmwaresm6150sdm710_firmwaresm7150sa6155psdm670mdm9150qcs605_firmwaresc8180xsxr2130sdm670_firmwareqcs404sdx24_firmwaresm8150_firmwaresxr2130_firmwaresdm636qcs405_firmwarerennellsa415msc7180sdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwaremdm9205qcs605sdx55sm6150_firmwaresm8250mdm9650_firmwaremsm8998sm8150sdm850sda660kamortasdx55_firmwaresxr1130_firmwarenicobar_firmwaresxr1130sdm660_firmwarenicobarsdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-14039
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.1||HIGH
EPSS-0.04% / 13.17%
||
7 Day CHG~0.00%
Published-02 Jun, 2020 | 15:05
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound read in adm call back function due to incorrect boundary check for payload in command response in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8053, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8953, QCS605, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM670, SDM710, SDM845, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaremsm8953sdm845_firmwaresdm429wapq8098_firmwaresdm845sdx20sdx24sdm439mdm9607_firmwaremdm9650sdm429sdm710msm8909w_firmwaremdm9607sdm429w_firmwaresdm710_firmwaremsm8917sdm670qcs605_firmwaremdm9207c_firmwaremdm9206msm8905mdm9207csdm670_firmwaresdx24_firmwaresdm439_firmwaresda845_firmwareapq8098sda660_firmwaremdm9206_firmwareqcs605msm8953_firmwareapq8053msm8917_firmwaresdm429_firmwaremdm9650_firmwaresdx20_firmwaremsm8905_firmwaresda660msm8909wapq8053_firmwaresda845mdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-14104
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.1||HIGH
EPSS-0.03% / 9.80%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Slab-out-of-bounds access can occur if the context pointer is invalid due to lack of null check on pointer before accessing it in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile in APQ8053, SC8180X, SDX55, SM8150

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-apq8053sdx55sm8150_firmwaresm8150sdx55_firmwareapq8053_firmwaresc8180xsc8180x_firmwareSnapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-35085
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 11.17%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 09:50
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow due to lack of buffer length check during management frame Rx handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830qca8337csrb31024wcd9360_firmwaresdx65qcs4290wcn3950_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqca6390_firmwaresd690_5gwcd9370qca6426sa415mwcn3998wcd9385_firmwaresdxr2_5g_firmwarewcn3950sd_8_gen1_5g_firmwaresd662sd460_firmwarewcn7850qca6574au_firmwaresdx55_firmwareqca6595auqca8081_firmwarewcd9375_firmwarewcn3998_firmwaresm7250p_firmwareqca6420qca6436_firmwarewcd9360qca6564au_firmwaresd680_firmwaresa6155p_firmwaresd778gsa515m_firmwarewcn7851sdxr2_5gsd662_firmwaresa415m_firmwarewcn3988_firmwareqca6430sd778g_firmwaresa8195pwsa8810_firmwaresd765gsd765_firmwareqca6436sd680wcn6851sa6155pqca8081wcn7851_firmwareqcs4290_firmwarewcd9385wcd9341qca6696_firmwaresd750gsd870_firmwareqca6390ar8035sd750g_firmwareaqt1000wcd9375wsa8830_firmwaresd855_firmwaresd865_5g_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwarewcn7850_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresm8475wcn6750_firmwarewcn3991qca8337_firmwarewcd9380_firmwaresd780gsd865_5gqca6564ausdx55m_firmwarewcn6856_firmwarewsa8835qca6574wcd9380sd888_5gqca6574asd690_5g_firmwarewcn6855_firmwaresm7325pqca6430_firmwarewcn6750sa515mqca6574_firmwaresd855wsa8815sm7325p_firmwarewcn6850qca6175asd765qca6426_firmwareqca6574a_firmwaresd695sd768g_firmwaresd460qca6391sdx55maqt1000_firmwarewcn6740_firmwaresdx65_firmwareqcm4290csrb31024_firmwaresd480_firmwarewcn6851_firmwareqca6574ausa8155p_firmwarewcd9341_firmwareqcm4290_firmwaresd480sd870wcn6855wsa8810wcn6856sd695_firmwaresd768gwcn6740qca6696qca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55sa8155psm7250pqca6175a_firmwarear8035_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-35084
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.03% / 10.52%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 09:50
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound read due to lack of length check of data length for a DIAG event in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwarewsa8830qcs610qca8337csrb31024wcd9360_firmwaresdx65csra6620qcs4290wcn3950_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqca6390_firmwaresd690_5gwcd9370csra6620_firmwareqcs605_firmwarecsra6640_firmwareqcs6125_firmwareqca6426wcn3990_firmwareqrb5165n_firmwareqca9377sa415mwcn3998qcn7605sdxr2_5g_firmwarewcd9385_firmwarewcn3950sd_8_gen1_5g_firmwaresd662sd460_firmwarewcn7850qca6574au_firmwaresdx55_firmwareqca6595auqca8081_firmwaresdx12_firmwarewcd9375_firmwaresm7250p_firmwarewcn3998_firmwarewcn3999_firmwareqca6420qca6436_firmwarewcd9360qrb5165nqca6564au_firmwaresd680_firmwaresa6155p_firmwaresd778gwcn3999sa515m_firmwarewcn7851qrb5165_firmwareqrb5165m_firmwaresdxr2_5gqcs6125sd662_firmwaresa415m_firmwareqcs405qca6430wcn3988_firmwaresd778g_firmwaresa8195pwsa8810_firmwaresd765gsd765_firmwareqca6436sd680wcd9335sa6155pwcn6851qca8081wcn7851_firmwareqca6174a_firmwareqcs4290_firmwarewcd9385wcd9341qca6696_firmwaresd750gsd870_firmwareqca6390ar8035sd750g_firmwareaqt1000wcd9375wsa8830_firmwaresd855_firmwaresd865_5g_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwarewcn7850_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresm8475qcn7606_firmwarewcn6750_firmwareqcm6125_firmwarewcn3991qca8337_firmwarewcd9380_firmwarewcn3990sd780gsd865_5gqca6564ausdx55m_firmwarewcn6856_firmwarewsa8835qca6574wcd9380sd888_5gqcs410qca6574asd690_5g_firmwarewcn6855_firmwareqca9379_firmwareqca6174asm7325pqca6430_firmwarewcd9335_firmwarewcn3980wcn6750sa515mqca6574_firmwareqcs605sd855wsa8815sm7325p_firmwarewcn6850qca6175asd765qca6426_firmwareqca6574a_firmwaresd695sd768g_firmwareqrb5165mwcn3980_firmwaresd460qca6391sdx55maqt1000_firmwarewcn6740_firmwaresdx65_firmwarear8031_firmwarecsrb31024_firmwareqcm4290qrb5165sd480_firmwarewcn6851_firmwareqca6574ausa8155p_firmwarewcd9341_firmwareqcm6125qcm4290_firmwaresd480sd870wcn6855qcn7605_firmwarewsa8810qcs610_firmwarewcn6856sd695_firmwaresd768gar8031qcs405_firmwarewcn6740qca6696qca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55sa8155pcsra6640sm7250psdx12qcs410_firmwareqca9379qca6175a_firmwarear8035_firmwareqcn7606Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-10625
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.1||HIGH
EPSS-0.04% / 13.17%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-04 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound access in diag services when DCI command buffer reallocation is not done properly with required capacity in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8009, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, QCS605, Rennell, SC8180X, SDM429W, SDM710, SDX55, SM7150, SM8150

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9206mdm9207csc8180xmdm9640_firmwaresm8150_firmwareapq8096ausdm429wrennellrennell_firmwaremdm9206_firmwaremdm9607_firmwareqcs605mdm9650sc8180x_firmwaresdx55sm7150_firmwareapq8096au_firmwaresdm710mdm9607mdm9650_firmwaresdm429w_firmwaresm8150sdm710_firmwaresdx55_firmwaresm7150apq8009_firmwareapq8009qcs605_firmwaremdm9207c_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-10574
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.1||HIGH
EPSS-0.06% / 18.37%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of boundary checks for data offsets received from HLOS can lead to out-of-bound read in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8016, APQ8017, APQ8053, APQ8076, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, QCM2150, QCS605, QM215, Rennell, SC7180, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwareapq8096_firmwaremdm9640_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632apq8096sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwareapq8076mdm9206sdm670_firmwareapq8076_firmwaresdm636sda845_firmwareapq8098mdm9205mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845sdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaremsm8998_firmwareqcm2150apq8016_firmwaresdm630mdm9607_firmwaremsm8920_firmwaremdm9655_firmwaresdm660sdm710qm215sc7180_firmwaremdm9607apq8017_firmwaresdm710_firmwaremdm9150msm8937mdm9207c_firmwaremsm8996_firmwaremsm8905mdm9207csm8150_firmwaremsm8909sxr2130_firmwaremdm9655apq8096ausdm439_firmwarerennellsc7180sdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwareapq8016qm215_firmwaremsm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaremsm8998sm8150sdm850apq8017msm8996sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-10622
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.18% / 38.72%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-04 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound memory access can happen while parsing ADSP message due to lack of check of size of payload received from userspace in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8096AU, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, QCN7605, QCS605, SC8180X, SDM710, SDX24, SDX55, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaresdx24mdm9607_firmwaresm8250_firmwaremdm9650sc8180x_firmwareipq8074_firmwaresdm710mdm9607sdm710_firmwareapq8009_firmwareqcn7605_firmwaresxr2130qcs605_firmwareipq4019_firmwaremdm9207c_firmwaresc8180xipq6018mdm9206mdm9207csm8150_firmwaresdx24_firmwaresxr2130_firmwareipq8074apq8096auqcn7605ipq6018_firmwaremdm9206_firmwareqcs605ipq4019sdx55apq8096au_firmwaresm8250mdm9650_firmwaresm8150ipq8064sdx55_firmwareapq8009ipq8064_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-1928
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-4.6||MEDIUM
EPSS-0.04% / 13.94%
||
7 Day CHG~0.00%
Published-08 Sep, 2021 | 11:25
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer over read could occur due to incorrect check of buffer size while flashing emmc devices in Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn5024_firmwareqca9377_firmwareqcn5500qca9561qcn9070ipq4028_firmwareqcn5550ar9380ipq8173_firmwareqca9563_firmwareqca9561_firmwareqcn5124qca4024_firmwareqcn9072qca9880_firmwareqca9992ipq8078aipq8069_firmwareapq8009_firmwareqca6335ipq6000qcn5064ipq8072qcn5152_firmwareqcn9000_firmwareqca9984_firmwareipq5018qca9377ipq8076aqcn6024_firmwarewcd9326_firmwaremdm9206_firmwareqca9563wcn3660bipq8074aqcn5124_firmwareqca9982qfe1952_firmwareqca6428qca6320_firmwareqcn5164_firmwareqcn5122_firmwareipq8071wcn3680b_firmwareqca8081_firmwareqcn6023_firmwarewcn3610_firmwareapq8053_firmwareqca6438_firmwareipq5010ipq8070_firmwareqca6310qca9367_firmwareipq8065ipq8078a_firmwareqfe1952ipq8174qca9990qca7500ipq4029_firmwareipq8072_firmwareqca9367qcn5052ipq6010ipq8068qcn9074sd205wcd9340wsa8810_firmwarequalcomm215_firmwareqca6694wcd9326qca8081qca9982_firmwareipq8071aqcn6023ipq8071a_firmwareqca9888_firmwareipq8068_firmwareqcn5154_firmwareqca9898_firmwarecsr8811ipq4019qca6694_firmwareqcn9100_firmwareqfe1922sda429wsd210qca9992_firmwarewcn3620_firmwareipq5010_firmwareipq8074a_firmwareqca6438wsa8815_firmwarewcn3620qcn5121qca9898qcn5022_firmwareipq4028wcn3610qca6428_firmwareipq5018_firmwareqca8072qca9882qca9985_firmwareipq4018_firmwaresda429w_firmwareqcn9000ipq8072aqca7500_firmwareqca9980_firmwarewcd9330ipq8076a_firmwarear9380_firmwareipq8078ipq8173qcn9012qcn5164qca9558qca9558_firmwareqca9896_firmwareipq8065_firmwarecsr8811_firmwareqcn5054_firmwarequalcomm215qcn5154qca8075_firmwareipq4019_firmwareipq4018ipq6005_firmwaremdm9206qcn5024qca9889ipq8074qca6310_firmwareqca8072_firmwareqca9888qca9985qca9994_firmwareqcn5052_firmwareipq8070a_firmwareqcn9012_firmwarewcn3980qca6335_firmwareipq6018_firmwareipq8076_firmwareqca9886qcn5502_firmwarewcd9340_firmwarewsa8815pmp8074_firmwareqca6320ipq8076qfe1922_firmwareqca9887wcn3660b_firmwareqca9984ipq6028ipq8064ipq8069pmp8074qcn5021qcn5152qcn9024wcn3980_firmwareapq8009qcn5550_firmwarewcd9330_firmwareipq8064_firmwareipq6005qcn9100qcn5064_firmwareqca9882_firmwareipq8078_firmwareqcn5054qcn9070_firmwareipq8070qca9896ipq6028_firmwareipq8072a_firmwareqcn5502qca9994qca9531qca9887_firmwareipq8074_firmwareqca9889_firmwareqca9980qcn5122qcn9024_firmwareipq8174_firmwaresd205_firmwareqca9880wsa8810qcn5121_firmwareqcn5500_firmwaresd210_firmwareipq6018qcn5022wcn3680bqca9886_firmwareipq6010_firmwareqca4024qca8075apq8053qcn5021_firmwareqcn6024qcn9022_firmwareqcn9022qca9990_firmwareipq8070aqcn9072_firmwareqca9531_firmwareipq6000_firmwareipq8071_firmwareqcn9074_firmwareipq4029Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-30306
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.04% / 13.17%
||
7 Day CHG~0.00%
Published-20 Oct, 2021 | 06:31
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer over read due to improper buffer allocation for file length passed from user space in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwarewsa8830sm7250sa6150p_firmwaresa8145p_firmwaresm7250_firmwarewcn3950_firmwaresa8150p_firmwaresd765g_firmwareqca6595au_firmwareqca6390_firmwaresa6155sd690_5gwcd9370qca6426qca9377wcn3998wcd9385_firmwarewcn3950wcd9326_firmwarewcn3615_firmwaresd662sd460_firmwaresa8155qca6574au_firmwarewcn3680b_firmwareqca6595ausa6155_firmwaresdx12_firmwarewcd9375_firmwarewcn3615wcn3998_firmwareapq8053_firmwaresd778gsa6155p_firmwareqcs6490qrb5165_firmwaresa8155_firmwaresd662_firmwarewcn3988_firmwaresa6145p_firmwaresd778g_firmwaresa8195pwsa8810_firmwaresd765gsd765_firmwarewcd9326wcd9335sa6155pwcn6851qca6174a_firmwarewcd9385wcd9341qca6696_firmwareqcs6490_firmwaresd750gsd870_firmwareqca6390wcd9375sd750g_firmwaresa8150pmsm8953_firmwarewsa8830_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwarewcn6750_firmwarewcn3991wcd9380_firmwaresd780gsd865_5gsdx55m_firmwarewcn6856_firmwaresd888wsa8835qca6574wcd9380sd888_5gqca6574asd690_5g_firmwarewcn6855_firmwareqca6174asm7325wcd9335_firmwarewcn6750qca6574_firmwarewsa8815wcn6850sd765qca6426_firmwareqca6574a_firmwaresd768g_firmwaresd460qca6391sdx55mwcn6740_firmwaremsm8953qcm6490_firmwareqrb5165sd480_firmwarewcn6851_firmwareqca6574ausa8155p_firmwarewcd9341_firmwaresd480sd870wsa8810wcn6855wcn6856sa6145pwcn3680bsd768gsa8145pwcn6740qca6696qca6391_firmwaresd780g_firmwarewcd9370_firmwaresa6150psd888_firmwareapq8053sa8155psdx12sm7325_firmwareSnapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-14101
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.1||HIGH
EPSS-0.04% / 13.17%
||
7 Day CHG~0.00%
Published-30 Jul, 2020 | 11:40
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bounds read can happen in diag event set mask command handler when user provided length in the command request is less than expected length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8096, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCM2150, QCN7605, QCS404, QCS405, QCS605, QM215, Rennell, SA415M, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwarekamorta_firmwaremdm9635m_firmwaremdm9640_firmwareapq8096_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632apq8096sdx24sdm439qcs404_firmwaremdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670qcs605_firmwaresc8180xmdm9206sdm670_firmwareqcs404sdx24_firmwaresdm636sda845_firmwaresa415mmdm9635mapq8098qcn7605mdm9205mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaremsm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresdm660mdm9655_firmwaresc8180x_firmwaresa415m_firmwareqcs405sdm710qm215sc7180_firmwaremdm9607mdm9625_firmwaresdm710_firmwareqcn7605_firmwaremdm9150msm8937msm8996_firmwaremsm8905sm8150_firmwaremsm8909mdm9655apq8096ausdm439_firmwarerennellsc7180qcs405_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwaremdm9625rennell_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940saipan_firmwaresm6150_firmwareapq8096au_firmwaremsm8917_firmwaremsm8998sm8150sdm850kamortamsm8996saipannicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-1985
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.04% / 13.17%
||
7 Day CHG~0.00%
Published-20 Oct, 2021 | 06:31
Updated-03 Aug, 2024 | 16:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer over read due to lack of data length check in QVR Service configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830sd678sm7250sm6250p_firmwareqcs610qcs2290_firmwaresm7250_firmwaresd_636qcs4290wcn3950_firmwaresd765g_firmwareqca6420_firmwareqcs2290qca6390_firmwareqca6335msm8917sd690_5gsd730_firmwaresd_455_firmwarewcd9370qcs605_firmwaresd_675_firmwaresd675_firmwareqcs6125_firmwareqca6426sd632wcn3998wcd9371_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcn3950sm4125sd720gwcn3615_firmwarewcn3660bsd662sd460_firmwareqca6320_firmwareqca6574au_firmwaresdx55_firmwarewcn3680b_firmwarewcd9375_firmwarewcn3615wcn3998_firmwarewcn3610_firmwareqca6420qca6436_firmwareapq8053_firmwareqca6564au_firmwaresd778gqca6310qcs6490sd429sdxr2_5gqcs6125sd662_firmwaresdm630wcn3988_firmwareqca6430sd205sd429_firmwaresm6250sd778g_firmwareapq8017_firmwarequalcomm215_firmwaresd765gsd765_firmwareqca6436wcn6851qcs603_firmwareqcs4290_firmwarewcd9385qcs6490_firmwarewcd9371sd750gsd870_firmwareqca6390wcd9375sd750g_firmwareaqt1000apq8064auwcn3910_firmwaresm6250_firmwaremsm8953_firmwarewsa8830_firmwaremsm8917_firmwaresd210sd855_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewsa8835_firmwareapq8017qca6564awcn6750_firmwarewcn3610qcm6125_firmwareqcm2290_firmwarewcn3991wcd9380_firmwaresd_675msm8996au_firmwaresd780gsd865_5gqca6564ausdx55m_firmwarewcn6856_firmwaresd888wsa8835sd632_firmwaremsm8996ausd665_firmwarewcd9380sd888_5gsm6250pqualcomm215qca6574asd690_5g_firmwaresdx50m_firmwarewcn6855_firmwareqca6310_firmwaresm7325qca6430_firmwarewcn6750sd439_firmwareqca6335_firmwareqcs605sd855sm4125_firmwarewcn6850sd665wcn3910qca6320sd765qca6426_firmwarewcn3660b_firmwarewcn3680qca6574a_firmwaresd768g_firmwaresd460qca6391sd730sdx55msdxr1_firmwareaqt1000_firmwarewcn6740_firmwaremsm8953sd678_firmwareapq8064au_firmwareqcm4290qcm6490_firmwaresdx50mwcn3680_firmwaresd480_firmwareqcs603wcn6851_firmwaresd_455qca6574ausd_636_firmwaresd205_firmwareqca6564a_firmwareqcm6125qcm4290_firmwaresd480sd870wcn6855sd210_firmwareqcs610_firmwarewcn6856wcn3680bsdxr1sd768gapq8096auwcn6740sdm630_firmwareqca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55sd888_firmwareapq8053apq8096au_firmwaresd675sd439sd720g_firmwareqcm2290sm7325_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-1930
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 12.50%
||
7 Day CHG~0.00%
Published-08 Sep, 2021 | 11:25
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bounds read due to incorrect validation of incoming buffer length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwarewsa8830sd678sa6150p_firmwaresm6250p_firmwaresa8145p_firmwareqcs610sm7250qcs2290_firmwaresm7250_firmwareqca6431_firmwaresd7c_firmwarecsrb31024qcs4290wcn3950_firmwaresa8150p_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqcs2290qca6390_firmwaresa6155sd690_5gsd730_firmwarewcd9370sd_675_firmwaresd675_firmwareqcs6125_firmwareqca6426qca6584au_firmwarewcn3990_firmwareqca9377sa415mwcn3998wcd9371_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcn3950sm4125sd720gwcd9326_firmwareqsm8350_firmwaresd662sd710_firmwareqsm8350sd460_firmwaresa8155qca6574au_firmwaresdx55_firmwareqca6595ausa6155_firmwarewcd9375_firmwarewcn3998_firmwareqca6420qca6436_firmwareqca6564au_firmwareqca6584ausa6155p_firmwaresd778gqrb5165_firmwaresdxr2_5gqcs6125sa8155_firmwaresd662_firmwaresa415m_firmwarewcn3988_firmwareqca6430sa6145p_firmwareqca6421sd778g_firmwaresm6250sa8195pwsa8810_firmwaresd765gsd765_firmwareqca6436wcd9326wcn6851sa6155pqca6174a_firmwareqcs4290_firmwarewcd9385wcd9341qca6431qca6696_firmwarewcd9371sd750gsd870_firmwareqca6390wcd9375sd750g_firmwareaqt1000sa8150pwcn3910_firmwaresm6250_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwarewcn6750_firmwareqcm6125_firmwareqcm2290_firmwarewcn3991wcd9380_firmwarewcn3990sd_675sd780gsd865_5gqca6564ausdx24sdx55m_firmwarewcn6856_firmwaresd670_firmwareqca6574wsa8835sd665_firmwarewcd9380sd888_5gsm6250pqcs410qca6574asd690_5g_firmwaresdx50m_firmwarewcn6855_firmwareqca6174asdx24_firmwaresm7325qca6430_firmwarewcn3980wcn6750qca6574_firmwaresd855sm4125_firmwarewcn6850sd665sd7cwcn3910wsa8815sd765qca6426_firmwareqca6574a_firmwaresd768g_firmwarewcn3980_firmwaresd460qca6391sd730sdx55mqca6421_firmwareaqt1000_firmwarewcn6740_firmwaresd678_firmwareqcm4290csrb31024_firmwaresdx50mqrb5165sd480_firmwarewcn6851_firmwareqca6574ausa8155p_firmwaresd710sd670wcd9341_firmwareqcm6125qcm4290_firmwaresd480sd870wcn6855wsa8810qcs610_firmwarewcn6856qsm8250sa6145psd768gsa8145pwcn6740qca6696qca6391_firmwaresd780g_firmwarewcd9370_firmwaresa6150psdx55sa8155psd675sd720g_firmwareqcs410_firmwareqcm2290qsm8250_firmwaresm7325_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-14042
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-7.1||HIGH
EPSS-0.04% / 13.17%
||
7 Day CHG~0.00%
Published-02 Jun, 2020 | 15:05
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound read in in fingerprint application due to requested data assigned to a local buffer without length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Kamorta, MDM9205, Nicobar, QCS404, QCS405, QCS605, Rennell, SA415M, SA6155P, SC7180, SC8180X, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm850_firmwarekamorta_firmwaresa6155p_firmwaresdm845sdx24qcs404_firmwaresm8250_firmwaresc8180x_firmwaresa415m_firmwareqcs405sm7150_firmwaresdm710sc7180_firmwaresm6150sdm710_firmwaresm7150sa6155psdm670sxr2130qcs605_firmwaresc8180xsdm670_firmwareqcs404sdx24_firmwaresm8150_firmwaresxr2130_firmwareqcs405_firmwarerennellsa415msc7180mdm9205_firmwarerennell_firmwaremdm9205qcs605sdx55sm6150_firmwaresm8250sm8150sdm850sxr1130_firmwarekamortasdx55_firmwarenicobar_firmwaresxr1130nicobarsdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-33065
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-6.1||MEDIUM
EPSS-0.03% / 7.96%
||
7 Day CHG~0.00%
Published-06 Feb, 2024 | 05:47
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in Audio

Information disclosure in Audio while accessing AVCS services from ADSP payload.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm429w_firmwareqcs410_firmwaresa6150p_firmwaresd865_5gsnapdragon_429_mobile_platform_firmwareqcs610_firmwarewcd9335sxr2130_firmwaresrv1mqca8081_firmwarewcd9370ar8035_firmwareqca6696wcd9340_firmwaresnapdragon_888_5g_mobile_platformwcd9341_firmwareqca6320sd888_firmwareqcc710_firmwareqca6426wcn6740_firmwarefastconnect_6700qca6564auwcn3610qcn9074wsa8815_firmwaresa8195p_firmwareqca8337_firmwareqca8337qca6426_firmwareqca6574au_firmwareqam8295pwcd9341qca6574ausnapdragon_855_mobile_platformwcn3950wsa8810_firmwaresnapdragon_xr2_5g_platformsnapdragon_429_mobile_platformsa9000p_firmwaresrv1hsnapdragon_835_mobile_pc_platform_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_7c\+_gen_3_computewcn3660b_firmwaresnapdragon_780g_5g_mobile_platformfastconnect_6800_firmwaresa8295p_firmwaresd835_firmwarevideo_collaboration_vc1_platform_firmwaresnapdragon_778g\+_5g_mobile_platformsa8770psnapdragon_780g_5g_mobile_platform_firmwarec-v2x_9150qca6584auqca6320_firmwareqcn6274_firmwaresd888qcc710wcn6740qca6310_firmwarefastconnect_6800qfw7114_firmwarefastconnect_7800_firmwarefastconnect_6900video_collaboration_vc1_platformqfw7114snapdragon_782g_mobile_platform_firmwarewcd9385_firmwaresnapdragon_x55_5g_modem-rf_systemfastconnect_6900_firmwareqca6310qam8255p_firmwarewcd9380sa6145p_firmwareqam8255psnapdragon_888_5g_mobile_platform_firmwaresnapdragon_xr2_5g_platform_firmwaresa8150psnapdragon_778g_5g_mobile_platformmsm8996au_firmwaresa6155psnapdragon_835_mobile_pc_platformqca6564au_firmwarewsa8810qam8650psnapdragon_865\+_5g_mobile_platformsa9000psrv1h_firmwarevideo_collaboration_vc3_platformaqt1000sm7315_firmwaresnapdragon_865_5g_mobile_platform_firmwarec-v2x_9150_firmwaresa6155p_firmwareqam8295p_firmwaresrv1m_firmwaresd855sd835wcn3990_firmwaresm7315snapdragon_870_5g_mobile_platform_firmwareqfw7124_firmwareqca6564a_firmwareqca6436_firmwareqca6698aq_firmwaresnapdragon_wear_4100\+_platform_firmwarewcd9385mdm9650_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewcn3610_firmwaresa8255psnapdragon_855\+\/860_mobile_platform_firmwaresnapdragon_778g\+_5g_mobile_platform_firmwareqca6420snapdragon_865\+_5g_mobile_platform_firmwareqca6430wcd9370_firmwaremdm9650snapdragon_x55_5g_modem-rf_system_firmwarewcn3660bqca6574asxr2130wcn3620_firmwaresa8195pwcd9340qamsrv1msnapdragon_820_automotive_platform_firmwaresnapdragon_auto_5g_modem-rf_gen_2sm7325pqam8650p_firmwaresnapdragon_855_mobile_platform_firmwareqca6420_firmwareaqt1000_firmwaresdm429wqca6584au_firmwaresd855_firmwareqcn6274qca6436qfw7124sa8775psnapdragon_x75_5g_modem-rf_systemwcd9335_firmwareqca6391_firmwarewcn3980_firmwarewsa8835qca6430_firmwaresnapdragon_870_5g_mobile_platformsa8775p_firmwaresnapdragon_782g_mobile_platformqamsrv1hqca6696_firmwaresnapdragon_865_5g_mobile_platformwcd9380_firmwaresa6150pqcs410sa8155p_firmwareqca8081qca6564awsa8815sa8155pwsa8830qam8775psa6145pqcn9074_firmwaresa8255p_firmwarear8035qca6574a_firmwareqamsrv1m_firmwaremsm8996ausa8650p_firmwarewcn3620wcd9375_firmwareqca6391qcn6224snapdragon_778g_5g_mobile_platform_firmwareqca6698aqwcn3950_firmwaresa8770p_firmwaresa8295pfastconnect_6200fastconnect_7800sa8145p_firmwaresa8650pqam8775p_firmwaresd865_5g_firmwaresm7325p_firmwarewcn3680bsnapdragon_888\+_5g_mobile_platformwcd9375sa8150p_firmwaresnapdragon_855\+\/860_mobile_platformfastconnect_6700_firmwareqamsrv1h_firmwarevideo_collaboration_vc3_platform_firmwaresa8145pwcn3990snapdragon_wear_4100\+_platformsnapdragon_888\+_5g_mobile_platform_firmwarewsa8835_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewcn3980snapdragon_820_automotive_platformfastconnect_6200_firmwarewsa8830_firmwarewcn3680b_firmwareqcn6224_firmwareqcs610Snapdragonqam8255p_firmwarequalcomm_video_collaboration_vc1_platform_firmwareqca8337_firmwarewcd9380_firmwaresa6150p_firmwaresnapdragon_778g_5g_mobile_platform_firmwaresa8145p_firmwaremsm8996au_firmwaresnapdragon_820_automotive_platform_firmwareqcn6224_firmwaresdm429w_firmwarewcn3950_firmwaresnapdragon_888_5g_mobile_platform_firmwaresa8150p_firmwareqca6420_firmwareqca6584au_firmwarewcn3990_firmwarec-v2x_9150_firmwareqca6310_firmwareqca6430_firmwarewcd9335_firmwareqfw7114_firmwarequalcomm_video_collaboration_vc3_platform_firmwarewcd9385_firmwareqamsrv1h_firmwarewcd9340_firmwaresm7325p_firmwareqam8295p_firmwaremdm9650_firmwaresnapdragon_xr2_5g_platform_firmwareqca6426_firmwarewcn3660b_firmwaresa9000p_firmwareqca6320_firmwaresm7315_firmwareqca6574au_firmwaresnapdragon_429_mobile_platform_firmwaresnapdragon_835_mobile_pc_platform_firmwarewcn3680b_firmwarewcd9375_firmwareqca8081_firmwareqca6574a_firmwarefastconnect_6200_firmwarewcn3980_firmwaresnapdragon_x55_5g_modem-rf_system_firmwarewcn3610_firmwareqca6436_firmwareaqt1000_firmwareqca6564au_firmwarewcn6740_firmwaresa6155p_firmwareqcn6274_firmwaresa8775p_firmwaresa8650p_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwaresrv1h_firmwaresa6145p_firmwaresa8155p_firmwarefastconnect_6700_firmwareqca6564a_firmwarewsa8810_firmwarewcd9341_firmwarefastconnect_7800_firmwaresa8255p_firmwareqcs610_firmwareqca6698aq_firmwareqamsrv1m_firmwaresrv1m_firmwaresd835_firmwareqam8650p_firmwaresa8770p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqam8775p_firmwaresxr2130_firmwareqca6696_firmwareqca6391_firmwaresnapdragon_855_mobile_platform_firmwarewcd9370_firmwaresd888_firmwareqcc710_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewcn3620_firmwarewsa8815_firmwarewsa8835_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwareqcn9074_firmwarefastconnect_6800_firmwareqcs410_firmwaresa8295p_firmwareqfw7124_firmwarear8035_firmware
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2019-10623
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.1||HIGH
EPSS-0.04% / 13.17%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-04 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible integer overflow can happen in host driver while processing user controlled string due to improper validation on data received. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in QCN7605, QCS605, Rennell, SC8180X, SDA845, SDM710, SDX24, SDX55, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm8150_firmwaresdx24_firmwaresxr2130_firmwaresda845_firmwareqcs605_firmwarerennellqcn7605rennell_firmwaresdx24sm8250_firmwareqcs605sc8180x_firmwaresdx55sm7150_firmwaresm8250sdm710sm8150sdm710_firmwaresdx55_firmwaresm7150qcn7605_firmwaresxr2130sc8180xsda845Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-30297
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.04% / 13.17%
||
7 Day CHG~0.00%
Published-20 Oct, 2021 | 06:31
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound read due to improper validation of packet length while handling data transfer in VR service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830sd678sm7250sm6250p_firmwareqcs610qcs2290_firmwaresm7250_firmwaresd_636qcs4290wcn3950_firmwaresd765g_firmwareqca6420_firmwareqcs2290qca6390_firmwareqca6335msm8917sd690_5gsd730_firmwarewcd9370qcs605_firmwaresd_675_firmwaresd675_firmwareqcs6125_firmwareqca6426sd632wcn3998wcd9385_firmwaresdxr2_5g_firmwarewcn3950sm4125sd720gwcn3615_firmwarewcn3660bsd662sd460_firmwareqca6320_firmwareqca6574au_firmwaresdx55_firmwarewcn3680b_firmwarewcd9375_firmwarewcn3615wcn3998_firmwarewcn3610_firmwareqca6420qca6436_firmwareapq8053_firmwareqca6564au_firmwaresd778gqca6310sd429sdxr2_5gqcs6125sd662_firmwaresdm630wcn3988_firmwareqca6430sd205sd429_firmwaresm6250sd778g_firmwareapq8017_firmwarequalcomm215_firmwaresd765gsd765_firmwareqca6436wcn6851qcs603_firmwareqcs4290_firmwarewcd9385sd750gsd870_firmwareqca6390wcd9375sd750g_firmwareaqt1000wcn3910_firmwaresm6250_firmwaremsm8953_firmwarewsa8830_firmwaremsm8917_firmwaresd210sd855_firmwaresd865_5g_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwarewsa8835_firmwareapq8017qca6564awcn6750_firmwarewcn3610qcm6125_firmwareqcm2290_firmwarewcn3991wcd9380_firmwaresd_675msm8996au_firmwaresd780gsd865_5gqca6564ausdx55m_firmwarewcn6856_firmwaresd888wsa8835sd632_firmwaremsm8996ausd665_firmwarewcd9380sd888_5gsm6250pqualcomm215qca6574asd690_5g_firmwaresdx50m_firmwarewcn6855_firmwareqca6310_firmwaresm7325qca6430_firmwarewcn6750sd439_firmwareqca6335_firmwareqcs605sd855sm4125_firmwarewcn6850sd665wcn3910qca6320sd765qca6426_firmwarewcn3660b_firmwarewcn3680qca6574a_firmwaresd768g_firmwaresd460qca6391sd730sdx55msdxr1_firmwareaqt1000_firmwarewcn6740_firmwaremsm8953sd678_firmwareqcm4290sdx50mwcn3680_firmwarewcn6851_firmwareqcs603qca6574ausd_636_firmwaresd205_firmwareqca6564a_firmwareqcm6125qcm4290_firmwaresd870wcn6855sd210_firmwareqcs610_firmwarewcn6856wcn3680bsdxr1sd768gapq8096auwcn6740sdm630_firmwareqca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55sd888_firmwareapq8053apq8096au_firmwaresd675sd439sd720g_firmwareqcm2290sm7325_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-11203
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.1||HIGH
EPSS-0.05% / 16.96%
||
7 Day CHG~0.00%
Published-22 Feb, 2021 | 06:25
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack overflow may occur if GSM/WCDMA broadcast config size received from user is larger than variable length array in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa6150p_firmwareqca8337pm6125qat3519qbt2000_firmwarewcn3950_firmwareqtc800hsa8150p_firmwareqca6595au_firmwarepm8998_firmwareqcs605_firmwarewtr5975_firmwareqat3518pm456_firmwarewcn3998smr526_firmwarewcn3950qpa5460pm640a_firmwaresd720gqsw8573_firmwarewcn3660bwgr7640_firmwareqsw8574_firmwareqca6574au_firmwareqpa4360_firmwarewcd9375_firmwarewcn3998_firmwareqbt2000msm8909wpm855papq8009w_firmwareqca6420pm6150apmx50_firmwareqpa5460_firmwaresa8155_firmwareqca6430qat3522pmr735awcd9340sdm830_firmwarequalcomm215_firmwaresdr660wcn6851sa6155pqpa6560sdr675_firmwaresdr865wcd9341qca6696_firmwarepmm855au_firmwaresa8150pqtc800ssd855_firmwarewcn3988wtr3925pm640p_firmwaresdr052sa8195p_firmwaresmb1390sdw3100_firmwarewcn6750_firmwareqat5516_firmwarepm6150lpm855l_firmwarewcn3610qtc410sqca8337_firmwaresda429w_firmwarewcd9380_firmwarewcn3991smb1355sdm429wmsm8996au_firmwarewgr7640qet5100qca6564auqtm527_firmwaresdx55m_firmwarepm8005_firmwarepm6150qet4101_firmwareqca6574sdr052_firmwarepmm8996auwcd9380smb1355_firmwarequalcomm215smb1381pm855p_firmwaresdx50m_firmwarewtr4905smr526wtr5975qca6430_firmwarewcn3980qtc801s_firmwareqat3522_firmwareqdm2301qsw8573qcs605wcd9340_firmwarewsa8815wcn6850qdm2301_firmwarewcn3660b_firmwarewcn3680pm8009wcn3980_firmwaresd730sdr051_firmwaresdx55mpm6250_firmwarepm8008qtm525_firmwareqat3518_firmwareqsw8574pmi8998apq8064au_firmwarewcn3680_firmwarepm855lwcn6851_firmwareqpa6560_firmwareqca6564a_firmwarepm8009_firmwareapq8009wpm670pmi8998_firmwarepm8005pm855_firmwaresa6145ppm215qdm2302pmm6155aupm855b_firmwareapq8096auqca6595_firmwarewtr2965pm640l_firmwareqca6391_firmwarewcd9370_firmwaresdx55sa8155psd675qet4101qat3555_firmwarepm670lpm855bwcn3991_firmwarepmm8155au_firmwaresdr051pm6125_firmwareqbt1500pmi632pm456qbt1500_firmwareqet5100_firmwarepm670l_firmwarepmm855ausdr660gqca6420_firmwaresd730_firmwarewcd9370sd675_firmwareqca6564qpa4361_firmwarewcn3990_firmwarepmi632_firmwareqat5516wcd9326_firmwarewcn3615_firmwarewtr2955rgr7640au_firmwaresdr660g_firmwarepmk8002_firmwareqsw6310_firmwaresa8155sdx55_firmwarepmm6155au_firmwareqca6595auwcn3615wcn3610_firmwareqca6564au_firmwaresa6155p_firmwareqat5515_firmwarepm855sd429wcn3988_firmwarepmx55sa6145p_firmwaresd429_firmwaresdr675sm6250qat3519_firmwaresa8195pwsa8810_firmwareqat5515smb231wcd9326pm8004_firmwaresdr8150_firmwareqtc800h_firmwareqdm2302_firmwareqat3550_firmwarepmm8155auwcd9375apq8064auaqt1000sm6250_firmwarepmm8195ausda429wwcn3620_firmwarewtr3925_firmwarewcn6850_firmwarewsa8815_firmwarepm8998sdw3100wcn3620qca6564awcn3990pmx55_firmwareqtm527wtr2955_firmwareqca6595pmm8996au_firmwaremsm8909w_firmwaremsm8996ausdm429w_firmwaresd665_firmwarergr7640auqpa4360sdr660_firmwareqca6574aqpa4361pm8916_firmwaresmb1390_firmwarewcn6750pm6150l_firmwareqtm525qca6574_firmwaresd855sd665pm6150a_firmwarepm6150_firmwarepm640pqca6574a_firmwaresdr865_firmwareqat3555qca6391aqt1000_firmwarepm215_firmwarewtr2965_firmwarepm670_firmwaresdx50mpm640asdr8150pm8916qtc801sqca6574ausa8155p_firmwareqsw6310pm8008_firmwarewcd9341_firmwarewsa8810qtc410s_firmwaresmb231_firmwarepmr735a_firmwarewtr4905_firmwarepmw3100pmx50qat3550qca6564_firmwareqca6696qtc800s_firmwaresmb1381_firmwarepmw3100_firmwarepm8004pm640lpmk8002sa6150papq8096au_firmwarepmm8195au_firmwaresdm830sd720g_firmwarepm6250Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-47401
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.04% / 11.84%
||
7 Day CHG+0.01%
Published-04 May, 2026 | 16:43
Updated-06 May, 2026 | 18:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN HAL

Transient DOS when processing target power rate tables during channel configuration.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca2062_firmwareqrb5165mflight_rb5_5gqxm8083qca8101_firmwaresnapdragon_8_gen_2_mobilesa7775pqxm1083wsa8845h_firmwareqcn9012_firmwareqca2064_firmwarewcd9378wsa8832_firmwareipq9570_firmwarefastconnect_6700wcd9395_firmwaresa510m_firmwarewsa8850sm8845psm8650q_firmwaresnapdragon_8_elite_gen_5_firmwaresnapdragon_x75_5g_modem-rfg3x_gen_2sa7775p_firmwarex2000094_firmwarenetraniqam8255plemans_au_lgitx1e80100_firmwareqxm1083_firmwareqam8295p_firmwaresm7435_firmwareiqx5121snapdragon_x65_5g_modem-rf_firmwarewcn7861_firmwarewsa8840_firmwareqca8695au_firmwareipq5332_firmwarenetworking_pro_810qamsrv1mqamsrv1hqcn5154sm8475p_firmwarefwa_gen_3_ultra_firmwareqca2066qca6595au_firmwareqmp1000snapdragon_auto_5g_modem-rfqca8085wsa8850wqca6584auqcn9024_firmwareqcn5224robotics_rb5_firmwaresnapdragon_8_gen1_5glemansau_firmwareqpa1083bdqxm1094_firmwaresxr2250pqcn6412qca6174a_firmwareqca6574a_firmwaresnapdragon_888_5g_mobileqca8101milos_iot_firmwaremilosxg101039_firmwarelemans_au_lgit_firmwaresm6850qxm1095wcn6650wcn7760_firmwaresnapdragon_8_elite_firmwareqmp1000_firmwarewcn6650_firmwarenetworking_pro_1200qcs8550sm8635_firmwarecq8725ssa8770p_firmwarewcn3950_firmwarewsa8810_firmwarewsa8832sm8475pqcs4490_firmwaresnapdragon_6_gen_3_mobileqca2062srv1hsar1165p_firmwarefwa_gen_3_ultrawcn7881_firmwaresnapdragon_8_elitefastconnect_6700_firmwaresar2130psnapdragon_x72_5g_modem-rf_firmwareqcn9000qcn6024qrb5165n_firmwarevideo_collaboration_vc3qfw7124qcc710snapdragon_7_gen_1_mobile_firmwarewcd9378c_firmwarex2000077snapdragon_8\+_gen_2_mobileipq5302sm8845p_firmwarewsa8855c_firmwareqcn5124g3x_gen_2_firmwarepalawan25_firmwareqca6174asm7550_firmwareqam8255p_firmwaresnapdragon_4_gen_2_mobile_firmwaresm7425_firmwareqcn9012qln1083bdsa8620pqca6797aq_firmwarewcn7881qca8384_firmwarefastconnect_6200_firmwareqca6574_firmwareqam8397p_firmwarewcd9370_firmwarewsa8830_firmwareimmersive_home_326_firmwareqca6554a_firmwaresm8735psrv1m_firmwareqca6696_firmwareqca6698aqqcm5430networking_pro_610_firmwaresxr2330p_firmwareqcn9160qxm1096_firmwareqxm8083_firmwareqca6564ausc8380xp_firmwaresm7425snapdragon_6_gen_4_mobilewcd9340_firmwareqcn5224_firmwareqxm1095_firmwarevideo_collaboration_vc3_firmwareqca2066_firmwareqcs8550_firmwarear8035molokaiipq5302_firmwareipq9554_firmwaresnapdragon_x62_5g_modem-rfqfw7114_firmwarefastconnect_6900qcf8001_firmwareimmersive_home_3210_firmwaresa7255pxg101039qca8081_firmwarex2000086_firmwareqca6391_firmwaresnapdragon_4_gen_2_mobileqcn9011_firmwarex2000086qca6574qamsrv1m_firmwareqca6574asa6155psa9000p_firmwaresnapdragon_7\+_gen_2_mobile_firmwaresxr2230p_firmwaresm6650psm7635p_firmwaresa510mfastconnect_7800sa8295p_firmwareqcs4490sm6850_firmwarewsa8850_firmwarecq7790sm7525pandeiroqca6391qca6584au_firmwaresnapdragon_6_gen_3_mobile_firmwareqca2064qca6688aq_firmwaresa8155p_firmwaresm6450p_firmwarewsa8835ipq5312wcd9340snapdragon_6_gen_4_mobile_firmwaresm7675snapdragon_8\+_gen_1_mobile_firmwaresxr2330pcq8750m_firmwareqcm4490sm7525_firmwaresm8425_firmwareqcn6224_firmwareqamsrv1h_firmwaresa8620p_firmwareqca8385_firmwarewcd9371x2000090qca8102_firmwareqcn9011qca8081snapdragon_x32_5g_modem-rf_firmwareqcf8001palawan25qxm1093_firmwareqca6595fastconnect_7800_firmwaresnapdragon_8_elite_gen_5qcf8000fastconnect_6200sa8770psm7435pqcn6274sm6650p_firmwareqcs6690qmb415qxm1086_firmwareqca8111_firmwarewcd9371_firmwareg2_gen_1_firmwareqca6777aqsnapdragon_x35_5g_modem-rf_firmwareqxm1086snapdragon_auto_5g_modem-rf_gen_2snapdragon_888\+_5g_mobilexg101002g2_gen_1wcn6450_firmwaremonaco_iotsnapdragon_x62_5g_modem-rf_firmwarex2000092_firmwareipq9554qca8112snapdragon_7_gen_1_mobilefastconnect_6900_firmwareqxm1093qep8111_firmwarewsa8810qca8386wcd9375qmp2001sxr2350p_firmwarewcd9370snapdragon_7\+_gen_2_mobilear8035_firmwareflight_rb5_5g_firmwareqrb5165nsa8255pqca8337sar2130p_firmwaresnapdragon_8\+_gen_2_mobile_firmwareqfw7124_firmwareqmb715qcm6490snapdragon_6_gen_1_mobileqcn6024_firmwarenetrani_firmwarewcn3988ipq9574_firmwaresnapdragon_8cx_gen_3_compute_firmwarenetworking_pro_610orne_firmwareqca6777aq_firmwaresm8650qsm8750p_firmwaresm8735p_firmwarexrv7209_firmwareqcn6432snapdragon_ar1_gen_1_firmwareqcf8000_firmwareqxm1096srv1h_firmwarex1e80100qca8386_firmwarenetworking_pro_1210_firmwareqca8080_firmwarexg101002_firmwarex2000090_firmwarerobotics_rb5wsa8815marinasxr2350pqcn6432_firmwaresdx61snapdragon_ar1_gen_1qpa1083bd_firmwarelemansausnapdragon_ar1\+_gen_1_firmwaresa8295pornenetworking_pro_1610xg101032_firmwaresm8425qcn6274_firmwaresm6475qsnapdragon_x32_5g_modem-rfqcm4490_firmwareqca6678aqsnapdragon_7s_gen_3_mobilesnapdragon_7_gen_4_mobilesa8195p_firmwareqca8084qpa1086bdqca6698aq_firmwareqcn6422_firmwareqca0000_firmwaresxr2250p_firmwaresnapdragon_8\+_gen_1_mobilemonaco_iot_firmwareqca8385qcn5154_firmwarewcn7760wsa8850w_firmwareiqx7181_firmwarewcd9395qca6797aqipq5312_firmwaresm7550p_firmwarecologneipq9570qca6595_firmwaremilos_iotx2000092sm7550wcn7860qca8384sar1165pcologne_firmwareqca8085_firmwaresm6475p_firmwareqca2065networking_pro_1610_firmwareipq9574qmp2001_firmwarewsa8830sa8195pqcn9274sdx61_firmwareqca8082wcd9380wsa8845_firmwarewcd9375_firmwaresm6475q_firmwaresnapdragon_8_gen_2_mobile_firmwaresnapdragon_ar1\+_gen_1marina_firmwarewcn3950qam8397pqln1086bd_firmwareiqx7181qln1083bd_firmwaresm8635p_firmwareqcm5430_firmwarewsa8845hsm8550p_firmwaresm7635pqca8075srv1mwcn7861qca8337_firmwareipq5300_firmwareqpa1086bd_firmwareqcn9274_firmwaresm8635snapdragon_888_5g_mobile_firmwaresnapdragon_888\+_5g_mobile_firmwarenetworking_pro_1200_firmwarenetworking_pro_1210qca6595auqca6787aqwcn7880snapdragon_x75_5g_modem-rf_firmwaresnapdragon_8_gen_1_mobile_firmwaresnapdragon_8cx_gen_3_computeimmersive_home_326qcc710_firmwarewsa8855cqca6678aq_firmwarewcn6450snapdragon_8_gen1_5g_firmwaresa9000psnapdragon_6_gen_1_mobile_firmwarex2000094qca0000qca8080xg101032qca6688aqipq9008_firmwaresm6450psa8155pqca6787aq_firmwareqcn9024milos_firmwarenetworking_pro_810_firmwarewcd9385_firmwaresa6155p_firmwarewcd9390sm8750psnapdragon_8_gen_3_mobileqln1086bdsm7675p_firmwareqca6564au_firmwareqcn6224sm7675_firmwareqca8111snapdragon_7_gen_4_mobile_firmwareqca8102xrv9209wcn6755qmb715_firmwarecq8725s_firmwareqca6574ausm7550pqcn9000_firmwarewcn7880_firmwaresnapdragon_8_gen_3_mobile_firmwarecq7790_firmwareimmersive_home_3210wcd9378_firmwareqcn6402qcs6690_firmwaresnapdragon_x35_5g_modem-rfsm7675piqx5121_firmwaresm7435snapdragon_auto_5g_modem-rf_firmwareqcn6412_firmwarexrv9209_firmwarewcn3988_firmwareqca6554asm6475pqca8112_firmwarewcd9378cwcn7860_firmwareqcm6490_firmwareqep8111ipq5300qmb415_firmwareqcn5124_firmwaresm7435p_firmwaresnapdragon_x65_5g_modem-rfsa8255p_firmwareqrb5165m_firmwarewcd9390_firmwareqca6696sm8635psnapdragon_x72_5g_modem-rfqca8082_firmwaresnapdragon_7s_gen_3_mobile_firmwareqca8695auxrv7209qcn6402_firmwarewsa8815_firmwareqca2065_firmwareqca8084_firmwareqam8295pwcn6755_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_8_gen_1_mobileipq5332wsa8835_firmwareqcn9160_firmwaresc8380xpwcd9380_firmwarepandeiro_firmwareqxm1094ipq9008qca6574au_firmwaresa7255p_firmwaresm8550pcq8750mqcn6422x2000077_firmwaresxr2230pmolokai_firmwareqfw7114qca8075_firmwarewcd9385wsa8845wsa8840Snapdragon
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2024-49847
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.35% / 57.69%
||
7 Day CHG~0.00%
Published-06 May, 2025 | 08:32
Updated-09 May, 2025 | 19:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in Multi-Mode Call Processor

Transient DOS while processing of a registration acceptance OTA due to incorrect ciphering key data IE.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wsa8840fastconnect_7800_firmwarewcd9340_firmwareqca6678aqsm8635pwsa8835_firmwareqca6678aq_firmwareqca6698aq_firmwarewsa8845hwsa8845_firmwarewcn3980snapdragon_wear_4100\+_firmwareqfw7114_firmwarewsa8832_firmwareqcn6274wcn6755qcn6224_firmwarewcn3620_firmwaresm8750psnapdragon_x72_5g_modem-rf_firmwaresm7675wcd9340qca8081snapdragon_wear_4100\+wsa8840_firmwaresm7675p_firmwarewsa8845qca6688aq_firmwarewcn3620wsa8845h_firmwareqca8337qca6584ausnapdragon_429_mobileqca6584au_firmwareqca6574au_firmwarewcd9370_firmwaresdm429wsm7675_firmwareqfw7114qfw7124_firmwareqca6595ausm7675pqca6698aqwcn3680bwcn6755_firmwarewsa8832wcn3660bqca8337_firmwarewcd9375snapdragon_429_mobile_firmwaresm8635p_firmwarewsa8835ar8035_firmwarear8035wcd9370sdm429w_firmwarewsa8830qca6574auwcd9390qfw7124wcd9375_firmwarewcd9390_firmwareqca6595au_firmwarewcn3980_firmwarewcd9395sm8650qwcn3610qca6688aqsdx80m_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwarewcn3610_firmwareqca8081_firmwaresnapdragon_x75_5g_modem-rf_firmwaresnapdragon_8_gen_3_mobile_firmwaresnapdragon_x72_5g_modem-rfsm8750_firmwaresm8750p_firmwaresm8635snapdragon_x75_5g_modem-rfwcd9395_firmwarewcn3680b_firmwarewsa8830_firmwaresm8635_firmwaresm8650q_firmwaresnapdragon_8_gen_3_mobileqcn6274_firmwaresnapdragon_auto_5g_modem-rf_gen_2qcc710_firmwaresm8750qcc710wcn3660b_firmwarefastconnect_7800sdx80mqcn6224Snapdragon
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2024-49838
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-8.2||HIGH
EPSS-0.11% / 29.42%
||
7 Day CHG~0.00%
Published-03 Feb, 2025 | 16:51
Updated-05 Feb, 2025 | 16:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN HOST

Information disclosure while parsing the OCI IE with invalid length.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_7800_firmwaresnapdragon_ar2_gen_1qcm6490_firmwareqcn6224_firmwaresa7775p_firmwaresa8775pqca6574au_firmwareqam8775psa8195pqcs615qca6584ausnapdragon_x65_5g_modem-rf_firmwaresa8255psnapdragon_x62_5g_modem-rfwcd9370_firmwaresxr2230pqcc710_firmwaresa8540p_firmwaresnapdragon_8\+_gen_2_mobilesnapdragon_865\+_5g_mobilesxr2230p_firmwareqep8111_firmwaresm7635_firmwaresd_8_gen1_5g_firmwaresxr2130snapdragon_xr2\+_gen_1qca6574ssg2115p_firmwareqcm8550sa8650psa8770p_firmwaretalynplusqca6698aq_firmwaresa8775p_firmwaresnapdragon_x55_5g_modem-rf_firmwareqamsrv1m_firmwaresnapdragon_865_5g_mobiletalynplus_firmwareqca6688aqsnapdragon_xr2_5gqcm4490fastconnect_6800qcs8250sa8530p_firmwarewsa8810mdm9628snapdragon_8_gen_3_mobile_firmwareqam8255p_firmwarewcd9375sdx61sm6650snapdragon_870_5g_mobile_firmwaresnapdragon_w5\+_gen_1_wearable_firmwarefastconnect_6200_firmwaresa6155pvideo_collaboration_vc3_platformsnapdragon_480\+_5g_mobileqamsrv1h_firmwaresw5100pwsa8830_firmwareqca8081sg4150psc8380xpwcd9385wsa8840_firmwareqfw7124_firmwaresxr2250p_firmwarewsa8840qca6426qfw7124qca6696sa8155p_firmwareqca6595snapdragon_460_mobileqca8337qca8337_firmwarevideo_collaboration_vc1_platform_firmwareqam8650pqcs8300sxr1230p_firmwaresxr2330pvision_intelligence_400_firmwaresrv1mqcs5430_firmwaresdx61_firmwareqam8775p_firmwarevideo_collaboration_vc5_platformsnapdragon_ar1_gen_1sm8635p_firmwaresnapdragon_685_4g_mobileqcm5430qcs9100wcd9378qcs7230_firmwaresm7675_firmwaresa8295p_firmwaresm8750pqca9377sa9000pwsa8835snapdragon_4_gen_2_mobile_firmwaresm8750p_firmwareqcn9024qca8081_firmwaresnapdragon_480_5g_mobile_firmwareqca6797aq_firmwarefastconnect_7800wcd9340snapdragon_xr2_5g_firmwaresnapdragon_8_gen_2_mobileqca6174aqcm6125_firmwarewcd9378_firmwarewcd9335_firmwareqca6574auqcn9024_firmwaresm6650_firmwaresnapdragon_auto_5g_modem-rf_gen_2qca6584au_firmwareqca6777aqwcn3990fastconnect_6700qca6696_firmwareqcc2073snapdragon_x72_5g_modem-rf_firmwareqcs9100_firmwaresrv1m_firmwarewsa8832fastconnect_6700_firmwarewcd9390_firmwareqcn6274qcs615_firmwaresm8635snapdragon_695_5g_mobile_firmwareqca6554a_firmwareqcc2073_firmwareqca9367sm8635_firmwareqca6787aqwsa8815sxr1230pqca6574a_firmwaresa8620psm8750_firmwaresrv1lqca6554asa8530psrv1h_firmwareqcs8300_firmwareqcs6490sa8540psa9000p_firmwaresm8550psa7775psnapdragon_auto_5g_modem-rf_gen_2_firmwarewsa8835_firmwareqep8111sa7255psnapdragon_x35_5g_modem-rfwcn7860qamsrv1mqcs5430qam8295p_firmwareqca6787aq_firmwarewcn7881_firmwareqcs8550_firmwareqca9367_firmwareqcm6490wcn7881ssg2125p_firmwaresa8650p_firmwareqcn6274_firmwarewcn3950_firmwareqca6391sm8750snapdragon_x65_5g_modem-rfvision_intelligence_400qcn9274_firmwareqca6564aqca6688aq_firmwarewcn6650snapdragon_480_5g_mobilevideo_collaboration_vc3_platform_firmwaresw5100wcn3950wsa8845_firmwaresnapdragon_w5\+_gen_1_wearablesnapdragon_x55_5g_modem-rfqca6574_firmwareqcm8550_firmwaresw5100p_firmwarewcn6755_firmwarear8035qca6564a_firmwarevideo_collaboration_vc5_platform_firmwaresrv1l_firmwarewsa8845hsa6155p_firmwaresnapdragon_4_gen_1_mobilesnapdragon_680_4g_mobilewcd9341wcn7880_firmwarewcn3988wcd9395_firmwarewcn3990_firmwareqcs6125sm7635snapdragon_680_4g_mobile_firmwareqcc2076fastconnect_6900wcn3988_firmwareqca6574awcd9335wcd9375_firmwarewcd9385_firmwareqam8650p_firmwareqcn9274sa8295psnapdragon_685_4g_mobile_firmwaresa8620p_firmwaresa7255p_firmwareqca6595_firmwareqamsrv1hwcn6740snapdragon_865\+_5g_mobile_firmwarewcd9380snapdragon_x75_5g_modem-rf_firmwaresnapdragon_480\+_5g_mobile_firmwareqca6436_firmwaresa8155pwcn7861_firmwaresnapdragon_4_gen_2_mobilewsa8832_firmwarewcn6755qca6564ausxr2130_firmwaresnapdragon_8_gen_2_mobile_firmwareqcs6490_firmwareqca6595au_firmwareqcn6224sa8255p_firmwareqca6595auqam8255psm4635srv1hqam8620psm8550p_firmwarear8035_firmwaresc8380xp_firmwaresg4150p_firmwaresd865_5gsa8195p_firmwaresd865_5g_firmwaresm7675wsa8845h_firmwaresnapdragon_x62_5g_modem-rf_firmwarewsa8845qcm6125wcn6650_firmwaresnapdragon_ar2_gen_1_firmwarewcd9380_firmwareqca6391_firmwaresnapdragon_662_mobile_firmwareqca6174a_firmwaresm8635pwcn3980qcs4490wcd9370wcd9340_firmwareqcs4490_firmwareqcm4325_firmwareqca6426_firmwaressg2125pqca6678aqsnapdragon_x75_5g_modem-rfwcd9341_firmwaresnapdragon_8_gen_1_mobileqca6564au_firmwareqcc2076_firmwaresnapdragon_865_5g_mobile_firmwaresnapdragon_870_5g_mobileqam8295pqcs8250_firmwaresnapdragon_695_5g_mobilewcn7880sm4635_firmwareqam8620p_firmwareqcn6024qca6797aqqcm4490_firmwaresm7675pqcs7230qcs8550sw5100_firmwaresxr2250pqcm5430_firmwaresnapdragon_8_gen_1_mobile_firmwaresd_8_gen1_5gsm7675p_firmwaresnapdragon_ar1_gen_1_firmwarewsa8810_firmwareqcn6024_firmwareqcc710ssg2115psnapdragon_8_gen_3_mobilesnapdragon_662_mobileqcs6125_firmwaresnapdragon_x72_5g_modem-rfsnapdragon_xr2\+_gen_1_firmwarewcn7861qca9377_firmwarewsa8830wsa8815_firmwaresnapdragon_8\+_gen_2_mobile_firmwaresnapdragon_8\+_gen_1_mobile_firmwaresa8770pwcn7860_firmwareqca6777aq_firmwarefastconnect_6200wcn3980_firmwaresnapdragon_x35_5g_modem-rf_firmwareqca6678aq_firmwarevideo_collaboration_vc1_platformqca6698aqqca6436snapdragon_4_gen_1_mobile_firmwarefastconnect_6900_firmwareqcm4325snapdragon_460_mobile_firmwareqfw7114fastconnect_6800_firmwaresnapdragon_8\+_gen_1_mobilemdm9628_firmwarewcd9390wcd9395qfw7114_firmwarewcn6740_firmwaresxr2330p_firmwareSnapdragon
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-49846
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-8.2||HIGH
EPSS-0.34% / 56.57%
||
7 Day CHG~0.00%
Published-06 May, 2025 | 08:32
Updated-09 May, 2025 | 19:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in Multi-Mode Call Processor

Memory corruption while decoding of OTA messages from T3448 IE.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_w5\+_gen_1_wearablewsa8840fastconnect_7800_firmwarewcd9340_firmwarewsa8835sw5100par8035_firmwarear8035qca6678aqwsa8830wsa8835_firmwareqca6574ausnapdragon_x75_5g_modem-rf_system_firmwareqca6678aq_firmwareqfw7124snapdragon_w5\+_gen_1_wearable_firmwaresnapdragon_x72_5g_modem-rf_systemsnapdragon_x72_5g_modem-rf_system_firmwareqca6595au_firmwarewcd9395qca6698aq_firmwarewsa8845hwsa8845_firmwaresnapdragon_x75_5g_modem-rf_systemqfw7114_firmwaresw5100_firmwaresw5100wsa8832_firmwaresdx80m_firmwareqca6688aqsnapdragon_auto_5g_modem-rf_gen_2_firmwareqcn6274qca8081_firmwareqcn6224_firmwaresm8750_firmwaresm8750pqca8081wcd9340wsa8840_firmwarewsa8845sm8750p_firmwareqca6688aq_firmwarewcd9395_firmwarewsa8845h_firmwarewsa8830_firmwareqca8337qca8337_firmwaresw5100p_firmwareqca6574au_firmwareqcn6274_firmwaresnapdragon_auto_5g_modem-rf_gen_2qfw7114qfw7124_firmwareqcc710_firmwaresm8750qca6595auqcc710qca6698aqwsa8832fastconnect_7800sdx80mqcn6224Snapdragon
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2024-49839
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-8.2||HIGH
EPSS-0.14% / 34.41%
||
7 Day CHG~0.00%
Published-03 Feb, 2025 | 16:51
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Host Cmn

Memory corruption during management frame processing due to mismatch in T2LM info element.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm8550_firmwareimmersive_home_214wcn6650ipq9574qcn9000_firmwareqca6595qcn9022ipq6028_firmwarewcd9370qca8081_firmwareqca6696qam8620p_firmwarewcn7880_firmwarewcd9340_firmwaresa8530pipq5028_firmwarewcd9395_firmwaresxr2330p_firmwareqcn6024wcn7881_firmwarewcn6450qcc2073_firmwareqcc710_firmwareipq8076fastconnect_6700qcn6422_firmwareipq6018_firmwareqcn6023qcn5124_firmwarewsa8832_firmwareqca8337wcd9395ipq9048ipq6000qca6574au_firmwareipq8078asnapdragon_x72_5g_modem-rfipq8078a_firmwareqam8295pipq5312qca6574auwcd9390sa8620p_firmwarewsa8845h_firmwaresa9000p_firmwaresrv1hqcn9100_firmwareqcn5122qcs9100qca6554aqcs5430wcn7860qcn6024_firmwareqcm5430qcm5430_firmwaresa8770pqcn9000ssg2115pqcc710qcn6132_firmwaresa8540pqca6777aqfastconnect_6900qcn6402qcn6432immersive_home_326_firmwareipq5332_firmwaresa7255psm8635qcn5052qfw7114wcd9385_firmwareipq9574_firmwareqam8255p_firmwareipq8074a_firmwareipq8076aqcn5164snapdragon_x65_5g_modem-rfqca6787aqwsa8845sa6155pqcn9160qca6564au_firmwarecsr8811_firmwareqca8075qam8650pvideo_collaboration_vc5_platform_firmwaresa9000pqca8085srv1h_firmwareqca6595ausxr2250p_firmwaresa6155p_firmwarewsa8840snapdragon_ar1_gen_1srv1m_firmwareqcs8550_firmwaresnapdragon_8_gen_2_mobile_firmwareqfw7124_firmwaresm8750pqcn9012ipq8070a_firmwareqcn9070qcf8001qca8084sm8635psnapdragon_8_gen_2_mobilesdx65mwcd9370_firmwareqcc2076sa7255p_firmwareqca6574asnapdragon_x72_5g_modem-rf_firmwareipq9570snapdragon_8\+_gen_2_mobilesa8195pwcd9340qcs8250_firmwaresnapdragon_auto_5g_modem-rf_gen_2qcm6490ipq5302sa8540p_firmwareqcn6122_firmwareqcn5154_firmwareipq9048_firmwaresm8550p_firmwaresxr2250pqcm8550qcn5122_firmwareqcn9274qcn9024ipq8076a_firmwaresa8775pqca6574ipq9570_firmwaresxr2230p_firmwareqca6777aq_firmwaresa8775p_firmwareqamsrv1hqcn6412_firmwareqcn9024_firmwarewsa8845hqca8082sa8155p_firmwaresa8155pwsa8830ipq5312_firmwaresm8550pqcf8000_firmwareqcn9074_firmwareipq8174immersive_home_318_firmwareqcn6122sa8255p_firmwaresm7675_firmwareqcc2073ipq8174_firmwarear8035sm7635_firmwareipq8072aqamsrv1m_firmwaresa8650p_firmwareimmersive_home_216_firmwarewcn6450_firmwareimmersive_home_316qcf8000sfp_firmwaresrv1l_firmwareqcs9100_firmwareqcn6224ipq8071aqcs615qcn6112qca6698aqqxm8083sa7775p_firmwaresm7635ssg2125p_firmwaresa8530p_firmwarewcd9378sm8635p_firmwarefastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwareqcn6023_firmwareqcn5164_firmwaresnapdragon_x75_5g_modem-rf_firmwareipq8078snapdragon_8_gen_3_mobileqcs6490qcs8250ipq9554_firmwareqcn9072wsa8830_firmwareqcn6224_firmwareqca6678aq_firmwareqca8386_firmwarewsa8845_firmwarewsa8832qca8082_firmwarewcd9378_firmwareqcc2076_firmwaresrv1limmersive_home_216sm7675psrv1mqca6678aqqcn6432_firmwarear8035_firmwareqcn5022_firmwarewcn7860_firmwareqca4024_firmwareqca0000_firmwareipq9008ipq9554qca6564auipq9008_firmwareqcn9074ipq5300_firmwaresa8195p_firmwareqca8337_firmwareqca9888ipq5332sg8275p_firmwareipq8173qcm6490_firmwareipq8072a_firmwareipq6010_firmwareqcn6112_firmwaresm8750qca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareipq5028qca8085_firmwareqcf8001_firmwareqcn9070_firmwaresa8295p_firmwareqcn9022_firmwareipq5010_firmwareqcn6132ipq6018qcn9160_firmwareqca6584auqcn6274_firmwarewcn6755_firmwarewcn6650_firmwaresnapdragon_8_gen_3_mobile_firmwareqfw7114_firmwareqca4024qcs7230qca6595_firmwarefastconnect_7800_firmwareqcn6422immersive_home_214_firmwareipq5302_firmwareqxm8083_firmwareipq5300ipq8070asm8635_firmwarefastconnect_6900_firmwarewcd9380qam8255psxr2230pwcn7880sxr2330pqca8075_firmwarewcn6755immersive_home_3210qcf8000qcn5052_firmwaresxr1230pwcn7881sm6650ipq6010sdx65m_firmwarevideo_collaboration_vc3_platformqca6688aqqam8295p_firmwareqcn6402_firmwareqca6698aq_firmwarewcd9385qca8084_firmwaresa8255pqcs7230_firmwaresxr1230p_firmwarewcd9390_firmwareqcn5024qcs615_firmwaresg8275psdx55_firmwareimmersive_home_326ipq8071a_firmwaresm8750_firmwaressg2125pqca6554a_firmwareipq6028snapdragon_x65_5g_modem-rf_firmwareqcn9100qamsrv1mwcn7861_firmwarewcn7861qam8650p_firmwarevideo_collaboration_vc5_platformqcs6490_firmwaresm6650_firmwareipq8076_firmwareqam8620pqca6584au_firmwareqcn5152_firmwareqcn6274qfw7124wsa8835wsa8840_firmwareqca6391_firmwareqca6595au_firmwareqca0000qcs8300_firmwareqca6696_firmwareqcs8300wcd9380_firmwareqca6574_firmwareqca8081qcn5124qam8775psnapdragon_ar2_gen_1_firmwareqca6797aqqcn5152snapdragon_x75_5g_modem-rfqcn6412sa8620pqca6574a_firmwaresdx55qcn9072_firmwareqca9888_firmwareipq8074aimmersive_home_3210_firmwareqca9889qcn5024_firmwareqca6787aq_firmwarewcd9375_firmwareqca8386snapdragon_ar1_gen_1_firmwareqca6391immersive_home_318ipq5010qcn9274_firmwaresa7775pipq8173_firmwareqcs5430_firmwareqcn9012_firmwaresa8770p_firmwaresa8295pqcs8550ipq6000_firmwarefastconnect_7800sa8650pqam8775p_firmwaresm8750p_firmwarewcd9375snapdragon_8\+_gen_2_mobile_firmwareipq8078_firmwareqca6688aq_firmwareqca9889_firmwaresnapdragon_ar2_gen_1immersive_home_316_firmwareqamsrv1h_firmwaresm7675qcn5154wsa8835_firmwaressg2115p_firmwarecsr8811qcn5022sm7675p_firmwareqcf8000sfpSnapdragon
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2024-21457
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.15% / 35.37%
||
7 Day CHG~0.00%
Published-01 Jul, 2024 | 14:17
Updated-01 Aug, 2024 | 22:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Host Communication

INformation disclosure while handling Multi-link IE in beacon frame.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn5024_firmwareqam8255p_firmwareqcn9070qca8337qam8650pqfw7124ipq8173_firmwareqam8775pqcf8001qamsrv1mqcn6224_firmwareqcn5124qca4024_firmwareqca8082qcn9072qca8386immersive_home_318_platform_firmwareipq8078aipq5028_firmwareqca6595au_firmwareipq6000qcn5152_firmwareqca0000_firmwareqca6584au_firmwareqcn9000_firmwareipq9554qamsrv1hqca6554a_firmwareimmersive_home_216_platformipq8076aimmersive_home_316_platformimmersive_home_316_platform_firmwareqamsrv1h_firmwareqca8386_firmwareqcn6024_firmwareqca8084_firmwareimmersive_home_318_platformipq8074aqcn6412qcn5124_firmwareqca8082_firmwaresa9000p_firmwareqca6574au_firmwareqcn5122_firmwareqcn5164_firmwareqcn6422_firmwareqca6595auqca8081_firmwareqcn6023_firmwareqfw7114sa7255psdx55_firmwareipq5010qca6564au_firmwareqca6584ausa8620p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareipq8078a_firmwareqcn9274qca6678aq_firmwaresnapdragon_x72_5g_modem-rf_systemsa8775p_firmwareipq8174ipq5028qca6698aqqcn5052qca0000qcf8001_firmwareipq6010qcn6112_firmwareqcn9074srv1hqca8085sa7775p_firmwaresdx65mwcd9340qcn6132qcn6224sa8255p_firmwaresnapdragon_x75_5g_modem-rf_systemqca8081qcf8000qca6698aq_firmwareipq8071aqcn6023sa7775psdx65m_firmwareipq5312ipq8071a_firmwaresnapdragon_auto_5g_modem-rf_gen_2immersive_home_3210_platformqca8085_firmwareipq5300qam8775p_firmwareqca9888_firmwareqcn6122qca6696_firmwaresa8255psa8770p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareipq9008_firmwareipq9570qcn5154_firmwarear8035csr8811qcc710_firmwareqcn9100_firmwareipq5010_firmwareipq8074a_firmwareqcn5022_firmwareimmersive_home_216_platform_firmwaresa8770pqca8337_firmwareqcn9000ipq8072aqcf8000_firmwareqca6554aipq8076a_firmwareqca6595ipq8078qca6564auqca8084ipq8173ipq9008qcn5164immersive_home_326_platform_firmwareqcn6122_firmwareqca6574qcn6402_firmwarecsr8811_firmwareqcn6274qcn6422ipq9554_firmwaresnapdragon_x72_5g_modem-rf_system_firmwareqcn5154qca8075_firmwareqca6574aqcn5024qca9889qcn6132_firmwareqca9888qcn5052_firmwareqcn9274_firmwareqcc2076_firmwareipq8070a_firmwareqfw7114_firmwareqcc2073_firmwareipq6018_firmwareipq8076_firmwaresa8650pqca6574_firmwaresa9000pwcd9340_firmwareqcn6112ipq8076qca6574a_firmwareqcn5152ipq6028sa8775pqcn9024ipq9574_firmwareimmersive_home_3210_platform_firmwareipq5302fastconnect_7800qcn9100qcn6274_firmwareqca6678aqsnapdragon_x65_5g_modem-rf_systemipq5300_firmwareipq8078_firmwareipq9570_firmwareqcn9070_firmwaresa8650p_firmwaresnapdragon_x75_5g_modem-rf_system_firmwaresrv1h_firmwareipq6028_firmwareipq8072a_firmwareqcn6432_firmwareipq5312_firmwareqca6574auqca9889_firmwareipq9574qcn5122qcn9024_firmwareipq8174_firmwaresa7255p_firmwarefastconnect_7800_firmwaresa8620pqcn6412_firmwareipq5332_firmwareipq5332ipq5302_firmwareimmersive_home_326_platformqamsrv1m_firmwareipq6018qcn5022srv1m_firmwareqam8650p_firmwareqcc710ipq6010_firmwareimmersive_home_214_platformqca6595_firmwareqca6696immersive_home_214_platform_firmwareqca4024sdx55qca8075qcn6402qcn9022_firmwareqcn6024qcn9022qcc2076ipq8070aqcn9072_firmwareipq6000_firmwaresrv1mqcn9074_firmwareqfw7124_firmwareqam8255pqcc2073qcn6432ar8035_firmwareSnapdragonqcn5024_firmwareqam8255p_firmwareqca8337_firmwareqcf8000_firmwareipq8076a_firmwareipq8173_firmwareqcn6224_firmwareqca4024_firmwareimmersive_home_326_platform_firmwareqcn6122_firmwareqcn6402_firmwareimmersive_home_318_platform_firmwarecsr8811_firmwareipq5028_firmwareqca6595au_firmwareipq9554_firmwaresnapdragon_x72_5g_modem-rf_system_firmwareqca8075_firmwareqcn5152_firmwareqca0000_firmwareqcn6132_firmwareqca6584au_firmwareqcn9000_firmwareqcn5052_firmwareqcn9274_firmwareqcc2076_firmwareipq8070a_firmwareqca6554a_firmwareqfw7114_firmwareqcn6024_firmwareqca8386_firmwareqcc2073_firmwareimmersive_home_316_platform_firmwareqamsrv1h_firmwareipq6018_firmwareipq8076_firmwareqca6574_firmwareqca8084_firmwarewcd9340_firmwareqcn5124_firmwareqca8082_firmwaresa9000p_firmwareqca6574a_firmwareqca6574au_firmwareqcn5122_firmwareqcn5164_firmwareqcn6422_firmwaresdx55_firmwareqca8081_firmwareqcn6023_firmwareipq9574_firmwareimmersive_home_3210_platform_firmwareqca6564au_firmwaresa8620p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareipq8078a_firmwareqca6678aq_firmwareqcn6274_firmwaresa8775p_firmwareipq5300_firmwareipq8078_firmwareipq9570_firmwareqcn9070_firmwaresa8650p_firmwaresnapdragon_x75_5g_modem-rf_system_firmwareqcf8001_firmwaresrv1h_firmwareipq6028_firmwareipq8072a_firmwareqcn6112_firmwareqcn6432_firmwareipq5312_firmwareqca9889_firmwaresa7775p_firmwareqcn9024_firmwareipq8174_firmwaresa7255p_firmwarefastconnect_7800_firmwaresa8255p_firmwareqcn6412_firmwareipq5332_firmwareipq5302_firmwareqca6698aq_firmwareqamsrv1m_firmwaresdx65m_firmwaresrv1m_firmwareipq8071a_firmwareqam8650p_firmwaresa8770p_firmwareqca8085_firmwareqam8775p_firmwareqca9888_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareipq6010_firmwareqca6696_firmwareqca6595_firmwareipq9008_firmwareqcn5154_firmwareimmersive_home_214_platform_firmwareqcc710_firmwareqcn9100_firmwareqcn9022_firmwareipq5010_firmwareipq8074a_firmwareqcn9072_firmwareipq6000_firmwareqcn9074_firmwareqcn5022_firmwareqfw7124_firmwareimmersive_home_216_platform_firmwarear8035_firmware
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-3653
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.24% / 46.95%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-04 Aug, 2024 | 07:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer over-read in windows wlan driver function due to lack of check of length of variable received from userspace in Snapdragon Compute, Snapdragon Connectivity in MSM8998, QCA6390, SC7180, SC8180X, SDM850

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm850_firmwaresc7180_firmwaremsm8998sdm850sc7180qca6390_firmwaremsm8998_firmwareqca6390sc8180xsc8180x_firmwareSnapdragon Compute, Snapdragon Connectivity
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
CVE-2017-18304
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 13.63%
||
7 Day CHG~0.00%
Published-23 Oct, 2018 | 13:00
Updated-05 Aug, 2024 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient memory allocation in boot due to incorrect size being passed could result in out of bounds access in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in version FSM9055, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660 and SDX20

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm9055mdm9640_firmwaresd_820asd_617_firmwaremsm8996au_firmwaresdx20sd_415sd_616sd_425sd_430_firmwaremdm9607_firmwaresd_615mdm9650sd_650_firmwaresd_625sd_615_firmwaremsm8909w_firmwaremdm9607msm8996ausd_210sd_650sd_820_firmwaresd_820fsm9055_firmwaresd_450_firmwaresd_617sd_820a_firmwaremdm9206sd_652sd_425_firmwaresd_212_firmwaresd_625_firmwaresd_450sda660_firmwaremdm9206_firmwaresd_430sd_810sd_835_firmwaremdm9650_firmwaresdx20_firmwaresd_835sd_205sda660sd_210_firmwaresd_415_firmwaresd_652_firmwaremsm8909wsd_810_firmwaresd_616_firmwaresd_205_firmwaresd_212mdm9640Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-18130
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.21% / 42.78%
||
7 Day CHG~0.00%
Published-11 Apr, 2018 | 15:00
Updated-16 Sep, 2024 | 18:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 820, SD 820A, SD 835, SD 845, while playing an ASF file, a buffer over-read can potentially occur.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_820asd_808_firmwaresd_400sd_415sd_616sd_425sd_430_firmwaremdm9607_firmwaresd_615mdm9650sd_650_firmwaresd_625sd_615_firmwaresd_210mdm9607sd_820_firmwaresd_820sd_650sd_808sd_450_firmwaresd_845_firmwaresd_617sd_400_firmwaresd_820a_firmwaremdm9206sd_652sd_425_firmwaresd_212_firmwaresd_625_firmwaresd_450sd_845mdm9206_firmwaresd_430sd_835_firmwaremdm9650_firmwaresd_835sd_205sd_210_firmwaresd_415_firmwaresd_652_firmwaresd_616_firmwaresd_205_firmwaresd_212sd_617_firmwareSnapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-18159
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.78%
||
7 Day CHG~0.00%
Published-06 Jul, 2018 | 17:00
Updated-16 Sep, 2024 | 20:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, while processing a StrHwPlatform with length smaller than EFICHIPINFO_MAX_ID_LENGTH, an array out of bounds access may occur.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-40524
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 5.63%
||
7 Day CHG~0.00%
Published-05 Sep, 2023 | 06:23
Updated-03 Aug, 2024 | 12:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer over-read in Modem

Memory corruption due to buffer over-read in Modem while processing SetNativeHandle RTP service.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwarewsa8830sa6150p_firmwaresa8145p_firmwaresw5100psd865_5gqcc5100sdx55m_firmwarewsa8835wcd9380sa8150p_firmwareqca6420_firmwareqca6595au_firmwareqca6390_firmwareqca6426qca6430_firmwarewcn3980wcn3998sdxr2_5g_firmwaresd855wcn3660bwcn6850wsa8815qca6426_firmwarewcn3660b_firmwareqca6574au_firmwarewcn3680b_firmwareqca6595auwcn3998_firmwarewcn3980_firmwareqca6391sdx55mqca6420qca6436_firmwareqcc5100_firmwareaqt1000_firmwaresa6155p_firmwaresdxr2_5gwcn6851_firmwarewcn3988_firmwareqca6430qca6574ausa6145p_firmwaresa8155p_firmwaresa8195pwsa8810_firmwarewcd9341_firmwaresw5100sd870wsa8810qca6436wcn6851sa6155psw5100p_firmwaresa6145pwcn3680bwcd9341qca6696_firmwaresa8145psd870_firmwareqca6696qca6391_firmwareqca6390aqt1000sa8150psa6150psa8155pwsa8830_firmwaresd855_firmwaresd865_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresw5100_firmwareSnapdragon
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-40535
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.36% / 58.17%
||
7 Day CHG-0.00%
Published-07 Mar, 2023 | 04:43
Updated-03 Aug, 2024 | 12:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN

Transient DOS due to buffer over-read in WLAN while sending a packet to device.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn5024_firmwarewcn3991_firmwarewsa8830qcn9070ipq8173_firmwareqca6431_firmwaresnapdragon_4_gen_1_firmwaresdx65qcn5124qca4024_firmwareqca8082qcn9072qca8386wcn3950_firmwareipq8078aqca6390_firmwarewcd9370qca6426qcn9000_firmwarewcn3998wcd9385_firmwarewcn3950ipq8076aqca8386_firmwareqcn6024_firmwaresm4125wcd9326_firmwareqca8084_firmwareipq8074asd662qcn5124_firmwaresd460_firmwareqca8082_firmwareqcn5164_firmwarewcd9375_firmwareqca8081_firmwareqcn6023_firmwarewcn3998_firmwareqca6436_firmwaresd680_firmwareipq8078a_firmwareqcn9274ipq8174sd662_firmwarewcn3988_firmwareqcn9074qca6421qca8085sdx65mwsa8810_firmwaresw5100qca6436sd680wcd9326wcd9335wcn6851qca8081ipq8071aqcn6023sdx65m_firmwareipq8071a_firmwarewcd9385qca8085_firmwareqca9888_firmwareqca6431sd870_firmwareipq9008_firmwareqcn5154_firmwareqca6390csr8811wcd9375wcn3910_firmwarewsa8830_firmwaresd865_5g_firmwaresnapdragon_4_gen_1ipq8074a_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwarewcn3991wcd9380_firmwareqcn9000ipq8072asw5100pipq8076a_firmwaresd865_5gipq8078qca8084sdx55m_firmwareipq8173ipq9008qcn5164wsa8835csr8811_firmwarewcd9380qcn5154qcn5024qca9889qca9888wcd9335_firmwarewcn3980qcn9274_firmwareipq8070a_firmwareipq8076_firmwaresm4125_firmwarewsa8815wcn6850wcn3910ipq8076qca6426_firmwaresd695qcn9024ipq9574_firmwarewcn3980_firmwaresd460qca6391sdx55mqca6421_firmwaresdx65_firmwareipq8078_firmwareqcn9070_firmwaresd480_firmwarewcn6851_firmwareipq8072a_firmwareqca9889_firmwareipq9574qcn9024_firmwareipq8174_firmwaresd480sd870wsa8810sw5100p_firmwaresd695_firmwareqca6391_firmwareqca4024wcd9370_firmwareqcn6024ipq8070aqcn9072_firmwaresw5100_firmwareqcn9074_firmwareSnapdragonqcn5024_firmwarewcn3991_firmwarewcd9380_firmwareipq8076a_firmwareipq8173_firmwareqca6431_firmwaresdx55m_firmwaresnapdragon_4_gen_1_firmwareqca4024_firmwarewcn3950_firmwarecsr8811_firmwareqca6390_firmwareqcn9000_firmwarewcd9335_firmwareqcn9274_firmwareipq8070a_firmwarewcd9385_firmwareqcn6024_firmwareipq8076_firmwareqca8386_firmwarewcd9326_firmwaresm4125_firmwareqca8084_firmwareqcn5124_firmwaresd460_firmwareqca6426_firmwareqca8082_firmwareqcn5164_firmwarewcd9375_firmwareipq9574_firmwareqca8081_firmwareqcn6023_firmwarewcn3980_firmwarewcn3998_firmwareqca6436_firmwareqca6421_firmwaresd680_firmwaresdx65_firmwareipq8078a_firmwareipq8078_firmwareqcn9070_firmwaresd480_firmwarewcn6851_firmwareipq8072a_firmwaresd662_firmwarewcn3988_firmwareqca9889_firmwareqcn9024_firmwareipq8174_firmwarewsa8810_firmwaresw5100p_firmwaresdx65m_firmwareipq8071a_firmwareqca8085_firmwareqca9888_firmwaresd695_firmwaresd870_firmwareipq9008_firmwareqca6391_firmwareqcn5154_firmwarewcn3910_firmwarewcd9370_firmwarewsa8830_firmwaresd865_5g_firmwareipq8074a_firmwareqcn9072_firmwarewcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresw5100_firmwareqcn9074_firmware
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-40503
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-8.2||HIGH
EPSS-0.12% / 31.13%
||
7 Day CHG~0.00%
Published-04 Apr, 2023 | 04:46
Updated-03 Aug, 2024 | 12:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer over-read in Bluetooth Host.

Information disclosure due to buffer over-read in Bluetooth Host while A2DP streaming.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresm7325-ae_firmwaresa6150p_firmwareqcs610qca8337snapdragon_820_automotive_platform_firmwaresnapdragon_wear_2100_platform_firmwarewcn3950_firmwaresa8150p_firmwareqcs2290qca6595au_firmwareqca6335sm8350sdm670csra6620_firmwareqcs605_firmwarecsra6640_firmwareqcs6125_firmwareapq5053-aa_firmwarewcn685x-1qcs400_firmwaresm7350-ab_firmwaremsm8108sm4375wcn3998qca6554a_firmwaremsm8108_firmwareqam8295pwcn3950sm4125mdm9628sm6375_firmwarewcn3660bsm7150-acsm7315_firmwaresm7325-aeqca6574au_firmwaresm4250-aawcd9375_firmwarewcn3998_firmwaresm6225-admsm8909wqca6420snapdragon_xr2\+_gen_1_platformsdx20mqca9367_firmware8909sm6225-ad_firmwareqrb5165m_firmwareqrb5165_firmwareqcs6125sm7250-ab_firmwareqca64308905_firmwarewcd9340sd626_firmwaresw5100qca64368953_firmwaresa6155pmsm8209_firmwarewcn685x-1_firmwaremdm9250_firmwaresm8150_firmwarewcd9341snapdragon_wear_2500_platformqca6696_firmwaresnapdragon_x12_lte_modemwcn3910_firmwaresm4350_firmwaresa8150psm8250-ac_firmwarewsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwaresm7225_firmwarewcn3988sd660_firmwaresm4250-aa_firmwaresa8195p_firmwarewcn6750_firmwareqcn7606_firmwaresm6125_firmwaresa8295p_firmwarewcn3610msm8608sm6375sm6115_firmwareqca8337_firmwarewcd9380_firmwaresdm429wsw5100pmsm8996au_firmwarewcd9330snapdragon_w5\+_gen_1_wearable_platformqca6564ausdm429sd670_firmwareqca6574apq8053-acwcd9380qcs410apq8053-ac_firmwaresm7150-aa_firmwarec-v2x_9150_firmwareqcn9012_firmwaresd626qca6430_firmwarewcd9335_firmwarewcn3980qca6335_firmwaresm7225qcs605wcd9340_firmwarewsa8815sm6150-ac_firmwarewcn3910qca6320sdm429_firmwaremdm9650_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680sd835wcn3980_firmwaresd730snapdragon_xr2\+_gen_1_platform_firmwarewcd9330_firmwaresnapdragon_x50_5g_modem-rf_system_firmwaresm7150-aasa8295psnapdragon_820_automotive_platformsm6350wcn6740_firmwaresm7125snapdragon_xr2_5g_platformapq8064au_firmwarear8031_firmwarewcn3680_firmwaresm7150-ab_firmwareqrb5165sm8350_firmwaresdm660sm6350_firmware9206_lte_modem_firmwarewcn785x-1_firmwaresdm710sd670qca6564a_firmwareapq8053-lite_firmwareqcm4290_firmwaresnapdragon_x24_lte_modemsw5100p_firmwareqcs610_firmwaresa6145par8031qca6595_firmwaresa8145pqca6391_firmwarewcd9370_firmwareqm215_firmwaresm4350-ac_firmwaresdx55sd888_firmwaresm8250csra6640sa8155psnapdragon_x20_lte_modemsnapdragon_1200_wearable_platformqcm2290qcn7606sdm845_firmwaresnapdragon_wear_2100_platformwsa8830sa8145p_firmwaresm6125snapdragon_x24_lte_modem_firmwareqcs2290_firmwarewcn785x-5mdm9628_firmwareflight_rb5_5g_platformmdm9650csra6620flight_rb5_5g_platform_firmwaresm7250-ac_firmwareqcs4290snapdragon_x20_lte_modem_firmwaremdm9250apq8053-liteqca6420_firmwareqca6390_firmwaresd730_firmwarewcd9370snapdragon_835_mobile_platform_firmwareqca6564sm6115qca6426qca6584au_firmwarewcn3990_firmwareqrb5165n_firmwaresm8450qca9377sm8250-abwcd9385_firmwarewcd9326_firmwarewcn3615_firmwaresnapdragon_1200_wearable_platform_firmwareqam8295p_firmwaresm7325-afqcn9011_firmwaresnapdragon_x55_5g_modem-rf_systemqca6320_firmwarewcn3680b_firmwaresdx55_firmwaresda\/sdm845_firmwaresnapdragon_208_processor_firmwarewcn3615qca6595ausm7325-af_firmwaresm7250p_firmware8953wcn3610_firmwareqca6436_firmwaresm4350-acqrb5165nsnapdragon_w5\+_gen_1_wearable_platform_firmwareqca6564au_firmwareqca6584ausd778gsa6155p_firmwareqca6310apq8053-aa_firmwaresm6225snapdragon_208_processorqcs6490snapdragon_x5_lte_modem_firmware9206_lte_modemqca9367snapdragon_wear_3100_platformsm8250_firmwaresm8250-acwcn3988_firmwareqcn9074sa6145p_firmwareqm215sm6250sd778g_firmwaresm7250-aac-v2x_9150sa8195psxr1120sdm710_firmwareapq8017_firmwarewsa8810_firmwaresm4375_firmwaresm8450_firmwarewcd9326wcd9335apq8053-aaqca6174a_firmwareqcs4290_firmwarewcd9385sxr2130_firmwareqcs6490_firmwaresnapdragon_x12_lte_modem_firmwaresm7150-abqca6390wcd9375sda\/sdm845aqt1000apq8064au8909_firmwaresm6250_firmwaresm6150_firmwarewcn3620_firmwaresm8150wsa8815_firmwareqcm6490wsa8835_firmwarewcn3620sm7350-abapq8017sxr1120_firmwareqca6564awcn785x-1qcm6125_firmwaresnapdragon_x5_lte_modemqcm2290_firmwareapq5053-aawcn3990qca6554asdm845sd865_5g8953proqca6595sm8350-ac_firmwaresm8150-acqcn9012sd888sm6150msm8909w_firmwarewsa8835msm8996ausdm429w_firmwaresnapdragon_835_mobile_platformsxr2130qca6574awcn685x-5_firmwareqca6174asm7325psdm670_firmwareqca6310_firmwaresm7325wcn6750sm7150-ac_firmwaresm7250-abqca6574_firmwaresd855sm4125_firmwaresm7325p_firmwaresnapdragon_xr2_5g_platform_firmwareqca6574a_firmware8953pro_firmwaremsm8209qrb5165mwcn785x-5_firmwaresm7315snapdragon_x55_5g_modem-rf_system_firmwaresm8250-ab_firmwareqca6391aqt1000_firmwareqcm4290qcm6490_firmwaresnapdragon_xr1_platformwcn685x-5qcn9011sm6225_firmwareqca6574ausa8155p_firmwarewcd9341_firmwaresdx20m_firmwareqcm6125sm7250-aa_firmwarewsa88108905sm7250-acsm8150-ac_firmwarewcn3680bsm8350-acsd835_firmwareqca6564_firmwaresnapdragon_wear_2500_platform_firmwarewcn6740qca6696sm4350msm8608_firmwaresm6150-acsm7125_firmwaresnapdragon_x50_5g_modem-rf_systemsa6150psm7250psnapdragon_wear_3100_platform_firmwaresw5100_firmwareqcn9074_firmwareqcs410_firmwareqcs400sdm660_firmwaresnapdragon_xr1_platform_firmwaresm7325_firmwareSnapdragon
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-40519
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.10% / 27.65%
||
7 Day CHG~0.00%
Published-06 Jan, 2023 | 05:02
Updated-09 Apr, 2025 | 14:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer over-read in Core

Information disclosure due to buffer overread in Core

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresd_8cx_gen3_firmwaresa6150p_firmwaresm6250p_firmwareqcs610qca8337qca6431_firmwarewcd9360_firmwaresdx65qca4024_firmwarewcn3950_firmwaresa8150p_firmwareqcs2290qca6595au_firmwaresa6155qca6335sd_455_firmwarecsra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaresa415msm4375wcn3998wcd9371_firmwareqam8295pwcn3950qcn6024_firmwaresd720gsm4125sd_8cx_gen2_firmwareqca8386_firmwaresd_8_gen1_5g_firmwareqca8084_firmwareqsm8350_firmwaresd710_firmwareqsm8350sd460_firmwaresm7315_firmwarewcn7850qca6574au_firmwarewcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwareqca6420wcd9360sd680_firmwarewcn3999sd_8cx_gen2qrb5165_firmwareqrb5165m_firmwaresa4155p_firmwareqcs6125sa8155_firmwareqca4004_firmwareipq6010sd662_firmwareqcs405qca6430wcd9306_firmwarewcd9340sd765gsw5100fsm10056_firmwaresd680qca6436wcn6851sa6155pqcs603_firmwarewcn7851_firmwarewcd9341qca6431qca6696_firmwarewcd9371sd870_firmwaresd750gipq9008_firmwarewcn3910_firmwaresxr2150p_firmwaresd_8cxsa8150pqca4004wsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwaresd712wcn3988sd660_firmwarewcn7850_firmwaresa8195p_firmwareqcn5121sm8475qcn5022_firmwareqcn7606_firmwarewcn6750_firmwaresa8295p_firmwarewcn3991qca8337_firmwarewcd9380_firmwaresw5100pqca8084qca6564ausdx55m_firmwarewcn6856_firmwareipq9008sd670_firmwareqca6574csr8811_firmwarewcd9380qcs410sd690_5g_firmwaresdx50m_firmwaresdx24_firmwareqca8072_firmwareqcn9012_firmwareqca6430_firmwareqcn9274_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980qca6335_firmwareipq6018_firmwareqcs605wcd9340_firmwarewsa8815wcn6850sd7cwcn3910qca6320qca6426_firmwaresd695ipq6028sd835qca9984qcn9024ipq9574_firmwarewcn3980_firmwaresd730sdx55mqcc5100_firmwaresa8295pqca6421_firmwarewcn6740_firmwaresd678_firmwarear8031_firmwareqrb5165wcn6851_firmwareqcs603sd670sd_636_firmwareqcn9024_firmwareqca6564a_firmwareqcm4290_firmwaresd480sd870wcn6855qcn5121_firmwaresw5100p_firmwaresa8540pqcs610_firmwareqsm8250sa6145pipq6018sd695_firmwaresdxr1ar8031qca6595_firmwareqcs405_firmwaresa8145psdm630_firmwaremdm9205_firmwareqca6391_firmwaresa4150p_firmwareqca4024wcd9370_firmwaresd780g_firmwaresdx55sd888_firmwareqcn5021_firmwaresa8155pcsra6640sd675qcs8155_firmwaresa4155psxr2150par8035_firmwareqsm8250_firmwareqcn7606qcm2290wcn3991_firmwaremdm9150_firmwarewsa8830sd678qcn9070sa8145p_firmwareqcs2290_firmwarefsm10056sd7c_firmwarecsrb31024sd_636csra6620qca8082qcn9072qca8386qcs4290sd765g_firmwareqca6420_firmwareqca6390_firmwaresd690_5gipq6000sd730_firmwarewcd9370sd675_firmwareqcn5152_firmwareqca6564qca6426wcn3990_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwareqca9377sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwaresd662qam8295p_firmwareqcn9011_firmwaresa8155qca8082_firmwareqca6320_firmwaresa9000p_firmwareqcn5122_firmwaresdx55_firmwareqca6595auqcn6023_firmwarewcn3999_firmwaresm7250p_firmwareqca6436_firmwareqrb5165nwcd9306sd778gqca6564au_firmwaresa6155p_firmwareqca6310qcn9274qcs8155wcn7851sa515m_firmwareqcs6490sdxr2_5gqcn5052sdm630sa415m_firmwarewcn3988_firmwareqcn9074sa6145p_firmwareqca6421qca8085sd778g_firmwaresm6250sa8195psd712_firmwarewsa8810_firmwaresm4375_firmwaresd765_firmwarewcd9326wcd9335qca8081qcn6023qca6174a_firmwareqcs4290_firmwarewcd9385qca8085_firmwareqcs6490_firmwaresd_8cx_gen3qca6390wcd9375sd750g_firmwareaqt1000ar8035csr8811sm6250_firmwarewsa8815_firmwaresd888_5g_firmwareqcm6490wcn6850_firmwarewsa8835_firmwareqcx315qca6564asa4150pqcm6125_firmwareqca8072qcm2290_firmwarewcn3990qcn9000sd_675sd780gsd865_5gqca6595qcc5100sdx24qcn9012sd888wsa8835qcx315_firmwaresd665_firmwaresa8540p_firmwaresd888_5gsm6250pqca8075_firmwaresc8180xqca6574aipq6005_firmwarewcn6855_firmwareqca6174asm7325pqca6310_firmwarewcn6750mdm9205sa9000pqca6574_firmwaresa515msd855sm4125_firmwaresm7325p_firmwaresd665sd765qca6574a_firmwareqcn5021qcn5152sd768g_firmwareqrb5165msd850_firmwaresm7315sd460qca6391sdxr1_firmwareipq6005aqt1000_firmwaresdx65_firmwareqcm4290csrb31024_firmwareqcm6490_firmwaresdx50mqcn9070_firmwaresd480_firmwareipq6028_firmwareqcn9011sc8180x_firmwaresd_455qca6574ausd710sa8155p_firmwareqcn5122ipq9574wcd9341_firmwareqcm6125wsa8810mdm9150wcn6856qcn5022sd835_firmwareqca6564_firmwaresd768gipq6010_firmwarewcn6740qca6696sd845_firmwaresa6150pqca8075qcn9022_firmwareqcn6024qcn9022sd845qcn9072_firmwaresm7250pipq6000_firmwaresd720g_firmwaresw5100_firmwareqcn9074_firmwareqcs410_firmwaresd850Snapdragon
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-40518
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.10% / 27.65%
||
7 Day CHG~0.00%
Published-06 Jan, 2023 | 05:02
Updated-09 Apr, 2025 | 14:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer overread in Core

Information disclosure due to buffer overread in Core

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresd_8cx_gen3_firmwaresa6150p_firmwaresm6250p_firmwareqcs610qca8337qca6431_firmwarewcd9360_firmwaresdx65wcn3950_firmwaresa8150p_firmwareqcs2290qca6595au_firmwaresa6155qca6335csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaresa415msm4375wcn3998wcd9371_firmwareqam8295pwcn3950qcn6024_firmwaresd720gsm4125sd_8cx_gen2_firmwaresd_8_gen1_5g_firmwareqsm8350_firmwaresd710_firmwareqsm8350sd460_firmwaresm7315_firmwarewcn7850qca6574au_firmwarewcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwareqca6420wcd9360sd680_firmwarewcn3999sd_8cx_gen2qrb5165_firmwareqrb5165m_firmwaresa4155p_firmwareqcs6125sa8155_firmwareqca4004_firmwaresd662_firmwareqcs405qca6430wcd9306_firmwarewcd9340sd765gfsm10056_firmwaresd680qca6436wcn6851sa6155pqcs603_firmwarewcn7851_firmwarewcd9341qca6431qca6696_firmwarewcd9371sd870_firmwaresd750gwcn3910_firmwaresxr2150p_firmwaresd_8cxsa8150pqca4004wsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwaresd712wcn3988sd660_firmwarewcn7850_firmwaresa8195p_firmwaresm8475qcn7606_firmwarewcn6750_firmwaresa8295p_firmwarewcn3991qca8337_firmwarewcd9380_firmwareqca6564ausdx55m_firmwarewcn6856_firmwaresd670_firmwareqca6574wcd9380qcs410sd690_5g_firmwaresdx50m_firmwaresdx24_firmwareqcn9012_firmwareqca6430_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqcs605wcd9340_firmwarewsa8815wcn6850sd7cwcn3910qca6320qca6426_firmwaresd695qca9984sd835qcn9024wcn3980_firmwaresd730sdx55msa8295pqca6421_firmwarewcn6740_firmwaresd678_firmwarear8031_firmwareqrb5165wcn6851_firmwareqcs603sd670qcn9024_firmwareqca6564a_firmwareqcm4290_firmwaresd480sd870wcn6855sa8540pqcs610_firmwareqsm8250sa6145psd695_firmwaresdxr1ar8031qca6595_firmwareqcs405_firmwaresa8145pmdm9205_firmwareqca6391_firmwaresa4150p_firmwarewcd9370_firmwaresd780g_firmwaresdx55sd888_firmwaresa8155pcsra6640sd675qcs8155_firmwaresa4155psxr2150par8035_firmwareqsm8250_firmwareqcn7606qcm2290wcn3991_firmwaremdm9150_firmwarewsa8830sd678sa8145p_firmwareqcs2290_firmwarefsm10056sd7c_firmwarecsrb31024csra6620qcs4290sd765g_firmwareqca6420_firmwareqca6390_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwareqca6564qca6426wcn3990_firmwareqrb5165n_firmwareqca9984_firmwareqca9377sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwaresd662qam8295p_firmwareqcn9011_firmwaresa8155sa9000p_firmwareqca6320_firmwaresdx55_firmwareqca6595auwcn3999_firmwaresm7250p_firmwareqca6436_firmwareqrb5165nwcd9306sd778gqca6564au_firmwaresa6155p_firmwareqca6310qcs8155wcn7851sa515m_firmwareqcs6490sdxr2_5gsa415m_firmwarewcn3988_firmwareqcn9074sa6145p_firmwareqca6421sd778g_firmwaresm6250sd712_firmwaresa8195pwsa8810_firmwaresm4375_firmwaresd765_firmwarewcd9326wcd9335qca8081qca6174a_firmwareqcs4290_firmwarewcd9385qcs6490_firmwaresd_8cx_gen3qca6390wcd9375sd750g_firmwareaqt1000ar8035sm6250_firmwarewsa8815_firmwaresd888_5g_firmwareqcm6490wcn6850_firmwarewsa8835_firmwareqcx315qca6564asa4150pqcm6125_firmwareqcm2290_firmwarewcn3990sd_675sd780gsd865_5gqca6595sdx24qcn9012sd888wsa8835qcx315_firmwaresd665_firmwaresa8540p_firmwaresd888_5gsm6250psc8180xqca6574awcn6855_firmwareqca6174asm7325pqca6310_firmwarewcn6750mdm9205sa9000pqca6574_firmwaresa515msd855sm4125_firmwaresm7325p_firmwaresd665sd765qca6574a_firmwaresd768g_firmwareqrb5165msd850_firmwaresm7315sd460qca6391sdxr1_firmwareaqt1000_firmwaresdx65_firmwareqcm4290csrb31024_firmwareqcm6490_firmwaresdx50msd480_firmwareqcn9011sc8180x_firmwareqca6574ausd710sa8155p_firmwarewcd9341_firmwareqcm6125wsa8810mdm9150wcn6856sd835_firmwareqca6564_firmwaresd768gwcn6740qca6696sd845_firmwaresa6150pqcn6024sd845sm7250psd720g_firmwareqcn9074_firmwareqcs410_firmwaresd850Snapdragon
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-40505
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-8.2||HIGH
EPSS-0.30% / 53.14%
||
7 Day CHG~0.00%
Published-02 May, 2023 | 05:08
Updated-03 Aug, 2024 | 12:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer over-read in Modem

Information disclosure due to buffer over-read in Modem while parsing DNS hostname.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-9205_lte_modem_firmwarewcd9306snapdragon_1100_wearable_platformsnapdragon_wear_1300_platform_firmware9207_lte_modem_firmware9207_lte_modemmdm8207wcd9330snapdragon_wear_1300_platformsnapdragon_x5_lte_modem_firmwaremdm8207_firmware9206_lte_modemqca4004_firmware9205_lte_modemsnapdragon_1200_wearable_platform_firmwaresnapdragon_1100_wearable_platform_firmware9206_lte_modem_firmwareqca4004qts110wcd9306_firmwaresnapdragon_1200_wearable_platformqca4010wcd9330_firmwareqca4010_firmwaresnapdragon_x5_lte_modemqts110_firmwareSnapdragon9205_lte_modem_firmware9206_lte_modem_firmwaresnapdragon_wear_1300_platform_firmware9207_lte_modem_firmwarewcd9306_firmwaresnapdragon_x5_lte_modem_firmwaremdm8207_firmwarewcd9330_firmwareqca4004_firmwaresnapdragon_1200_wearable_platform_firmwareqca4010_firmwaresnapdragon_1100_wearable_platform_firmwareqts110_firmware
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-40512
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.36% / 58.17%
||
7 Day CHG~0.00%
Published-09 Feb, 2023 | 06:58
Updated-03 Aug, 2024 | 12:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer over-read in WLAN Firmware.

Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaremdm9640_firmwaresm6250p_firmwareipq4028_firmwareqca1023qca8337ar9380ipq8173_firmwareqcn5124mdm9645msm8992_firmwarewcn3950_firmwareqca6595au_firmwaresa6155mdm8215sd_455_firmwareapq8076qcs6125_firmwaresa415mwcn3998wcd9371_firmwarewcn3950qcn6024_firmwaresd720gsm4125mdm9206_firmwarewcn3660bqsm8350_firmwareqsm8350sd460_firmwaresm7315_firmwarewcn7850qca8081_firmwarewcn3998_firmwareqca6420qcn9002qca9986ipq8070_firmwareqca9367_firmwareipq8065ipq8078a_firmwaresd_8cx_gen2ipq8072_firmwareqca0000sa8155_firmwareipq8068qca6430wcd9340sd765gsd680wcn7851_firmwareqca6698aq_firmwaremdm9250_firmwareqca9888_firmwareqcn6122qca6696_firmwarewcd9371sd870_firmwareqca1062qcn5154_firmwaremdm8215_firmwaresd_8cxsa8150pqca9992_firmwaresd660sd865_5g_firmwaresnapdragon_4_gen_1sd712sd660_firmwaresm8475qcn5022_firmwareqcn7606_firmwarewcn6750_firmwareqca6428_firmwareqca9985_firmwarewcn3991ipq4018_firmwareqca4531_firmwaressg2125pqca9980_firmwareipq8078qca8084qcn9001_firmwareipq8173sdx55m_firmwaremsm8976_firmwareqca6574sd670_firmwarecsr8811_firmwarewcd9380qcs410qcn5024sd690_5g_firmwareqca9379_firmwaresxr1230psdx24_firmwareqca9985qcn9012_firmwareqcn9274_firmwareipq6018_firmwareqcm4325_firmwarewcd9340_firmwarewsa8815wcn6850pmp8074_firmwareqcn6112qca6584_firmwaremdm9215_firmwaresd695ipq6028ipq8064sd835pmp8074ipq9574_firmwareqca1990wcn3980_firmwaresd730qcc5100_firmwaresa8295pqca2062_firmwarewcn6740_firmwareqca6678aqsd678_firmwareapq8064au_firmwareipq8078_firmwareqcn5054qcs603qca9994qca9980sd670qcn9024_firmwareipq8174_firmwareqcm4290_firmwarewcn6855qcn7605_firmwaresw5100p_firmwareqcs610_firmwaresa6145pqca9886_firmwarear8031qca1023_firmwaresdm630_firmwaresd820_firmwareqca6391_firmwaresa4150p_firmwareqca4024wcd9370_firmwaresdx55qcn5021_firmwarecsra6640ssg2115p_firmwareqca9379sa4155psxr2150pqcn7606qsm8250_firmwarewsa8830sxr2230p_firmwareqca1062_firmwarecsrb31024mdm9628_firmwaremdm9650sd_636qca8082qca9992qcs4290mdm9250qca6420_firmwareapq8009_firmwareqca2064_firmwaresd690_5gmdm9310_firmwaresd675_firmwareipq8072qca6564qca6426wcn3990_firmwareqrb5165n_firmwareqca9984_firmwareqca9377qca4531wcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwareipq8074aqcn6102_firmwareapq8094qcn9011_firmwaresa8155qca6584qcn5122_firmwaresdx55_firmwarewcn3615qcn6023_firmwaresm7250p_firmwarewcn3610_firmwareqrb5165nqca6584ausd778gipq8174wcn7851qcn5052qca9367apq8092sdm630mdm9607_firmwareqcn6112_firmwaresa415m_firmwarewcn3988_firmwareqcn9074qca6421qca8085sd778g_firmwaresa8195pwcd9326wcd9335qcn6023qcs4290_firmwareqca8085_firmwareqcs6490_firmwareqca6390qca9898_firmwaresd750g_firmwareaqt1000msm8976wcd9375sm6250_firmwaremsm8994apq8092_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwaresdx20_firmwarewsa8815_firmwareapq8017qcx315qcm6125_firmwaresd780gsd865_5gqca6595qcc5100ipq8065_firmwareqcx315_firmwaresxr1230p_firmwaresd665_firmwareqcn5154qca8075_firmwaresc8180xmdm9206wcn6855_firmwareqcn6132_firmwareqcn9003_firmwareqca9888qca6310_firmwareapq8094_firmwareipq8070a_firmwaremdm9615qca6574_firmwareqca9886sm7325p_firmwaresd665sxr2230pqca6175asd765qca6574a_firmwareqrb5165msd850_firmwaresm7315apq8009mdm9310qcn6102csrb31024_firmwareqcm6490_firmwarewsa8832_firmwareqcn9070_firmwaresd480_firmwareipq6028_firmwareipq8072a_firmwaresc8180x_firmwareqca9889_firmwaresd710mdm9607qcn5122mdm9645_firmwaresdx20m_firmwareqcn5022qca6564_firmwaresd768gqca1064_firmwarewcn6740qca8075apq8096au_firmwareqcn6024qcn9022sd845mdm9615_firmwareqcn9002_firmwareipq6000_firmwaresdx12qcs410_firmwareqca6175a_firmwaresd_8cx_gen3_firmwareqca2066sa6150p_firmwareqcs610qca6431_firmwarewcd9360_firmwaresdx65qca4024_firmwareipq8078aipq5028_firmwaresa8150p_firmwareqcs2290qca6335qca2062csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqca6554a_firmwareqam8295psd_8cx_gen2_firmwareipq8076amdm9628qca8386_firmwaresd_8_gen1_5g_firmwareqca8084_firmwaresd710_firmwareqca4020qca6428qca6574au_firmwareqcn5164_firmwareipq8071wcd9375_firmwaresa6155_firmwaresdx12_firmwarewcd9360sdx20mqca6438_firmwaresd680_firmwareqca6678aq_firmwarewcn3999qrb5165_firmwareipq5028qrb5165m_firmwareipq4029_firmwareqca6698aqqcs6125sa4155p_firmwareipq6010sd662_firmwareqcs405qcn6132qca1990_firmwaresw5100qca4020_firmwareqca6436wcn6851sa6155pqcs603_firmwarewcd9341ipq8068_firmwareqca2066_firmwareqca6431sd750gipq9008_firmwarewcn3910_firmwaresxr2150p_firmwarewsa8830_firmwaresd855_firmwarewcn3988qca6438wcn7850_firmwaresa8195p_firmwareqca9898sa8295p_firmwareipq4028wcn3610mdm9640ipq5018_firmwareqca8337_firmwarewcd9380_firmwareipq8072asw5100pmsm8996au_firmwarewcd9330ipq8076a_firmwareqca6564auwcn6856_firmwareipq9008qcn5164qcn5054_firmwaresdx50m_firmwareqca8072_firmwareqca6174qca6430_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqcs605sd7cwcn3910qca6320mdm9650_firmwareqca9986_firmwareqca6426_firmwarewcn3660b_firmwareqca9984qcn9024wcd9330_firmwaresdx55mipq8064_firmwareqca6421_firmwaresd821_firmwarear8031_firmwareqrb5165wcn6851_firmwareipq8070sd_636_firmwareqca6564a_firmwaresd480sd870wsa8832qsm8250ipq6018sd695_firmwaresdxr1apq8096auqca6595_firmwareqcs405_firmwaresa8145pqca2064sd780g_firmwaresd888_firmwaresa8155psd675ar8035_firmwareqcm2290qcn5024_firmwarewcn3991_firmwaresd678qcn9070sa8145p_firmwareqcs2290_firmwaresd7c_firmwaresnapdragon_4_gen_1_firmwarecsra6620qcn9072qca8386sd765g_firmwareipq8069_firmwareqca6390_firmwareipq6000qca6174_firmwaresd730_firmwarewcd9370ssg2115pqcn5152_firmwareqca0000_firmwareqca6584au_firmwareapq8076_firmwareqcn9000_firmwareipq5018sd_8cx_firmwareqcn7605qca2065sd662qcn5124_firmwareqam8295p_firmwareqca1064qcn6100_firmwareqca8082_firmwareqca6320_firmwarewcn3680b_firmwareqca6595auwcn3999_firmwareqca6436_firmwareipq5010qca6564au_firmwaresa6155p_firmwareqca6310qcn9274qcn9001qca9990qcs6490sa515m_firmwaresdxr2_5gsd821msm8994_firmwaresa6145p_firmwaremsm8992sm6250sd712_firmwareapq8017_firmwarewsa8810_firmwaresd765_firmwaresg4150pqca8081ipq8071aqca6174a_firmwareipq8071a_firmwarewcd9385qca2065_firmwaresd_8cx_gen3ar8035csr8811apq8064auqcn9100_firmwaresd820qcm6490wcn6850_firmwarewsa8835_firmwareqca6564asa4150psg4150p_firmwareqcm4325qca8072qcm2290_firmwarewcn3990qcn9000sd_675qca6554aar9380_firmwaresdx24qcn9012sd888qcn6122_firmwarewsa8835msm8996ausd888_5gsm6250pssg2125p_firmwareipq4018qca6574aqca9889qca6174asm7325pipq8074qca9994_firmwarewcn6750qcn9003ipq8076_firmwaresa515msd855sm4125_firmwareipq8076qcn5021ipq8069qcn5152sd768g_firmwaresd460qca6391sdxr1_firmwareaqt1000_firmwareqcn9100sdx65_firmwareqcm4290sdx50msdx20mdm9215qcn9011sd_455ipq8074_firmwareqca6574ausa8155p_firmwareipq9574wcd9341_firmwareqcm6125wsa8810wcn6856wcn3680bsd835_firmwareipq6010_firmwareqca6696sd845_firmwaresa6150pqcn9022_firmwareqca9990_firmwareipq8070aqcn6100qcn9072_firmwaresm7250psd720g_firmwareipq8071_firmwareqcn9074_firmwaresw5100_firmwareipq4029sd850Snapdragonqca9377_firmwaresd_8cx_gen3_firmwaremdm9640_firmwaresa6150p_firmwaresm6250p_firmwareipq4028_firmwareipq8173_firmwareqca6431_firmwarewcd9360_firmwareqca4024_firmwaremsm8992_firmwarewcn3950_firmwareipq5028_firmwaresa8150p_firmwareqca6595au_firmwaresd_455_firmwarecsra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwareqca6554a_firmwarewcd9371_firmwaresd_8cx_gen2_firmwareqcn6024_firmwareqca8386_firmwaremdm9206_firmwaresd_8_gen1_5g_firmwareqca8084_firmwareqsm8350_firmwaresd710_firmwaresd460_firmwaresm7315_firmwareqca6574au_firmwareqcn5164_firmwarewcd9375_firmwareqca8081_firmwaresa6155_firmwaresdx12_firmwarewcn3998_firmwareqca6438_firmwaresd680_firmwareipq8070_firmwareqca9367_firmwareipq8078a_firmwareqca6678aq_firmwareqrb5165_firmwareqrb5165m_firmwareipq4029_firmwareipq8072_firmwaresa4155p_firmwaresa8155_firmwaresd662_firmwareqca1990_firmwareqca4020_firmwareqcs603_firmwarewcn7851_firmwareqca6698aq_firmwaremdm9250_firmwareqca9888_firmwareipq8068_firmwareqca2066_firmwareqca6696_firmwaresd870_firmwareipq9008_firmwareqcn5154_firmwaremdm8215_firmwarewcn3910_firmwaresxr2150p_firmwarewsa8830_firmwareqca9992_firmwaresd855_firmwaresd865_5g_firmwaresd660_firmwarewcn7850_firmwaresa8195p_firmwareqcn5022_firmwareqcn7606_firmwaresa8295p_firmwarewcn6750_firmwareqca6428_firmwareipq5018_firmwareqca9985_firmwareipq4018_firmwareqca4531_firmwareqca8337_firmwarewcd9380_firmwareqca9980_firmwaremsm8996au_firmwareipq8076a_firmwareqcn9001_firmwaresdx55m_firmwarewcn6856_firmwaremsm8976_firmwaresd670_firmwarecsr8811_firmwareqcn5054_firmwaresd690_5g_firmwaresdx50m_firmwareqca9379_firmwaresdx24_firmwareqca8072_firmwareqca6430_firmwareqcn5052_firmwareqcn9012_firmwareqcn9274_firmwarewcd9335_firmwareqca6335_firmwareipq6018_firmwareqcm4325_firmwarewcd9340_firmwarepmp8074_firmwareqca6584_firmwaremdm9650_firmwareqca9986_firmwaremdm9215_firmwareqca6426_firmwarewcn3660b_firmwareipq9574_firmwarewcn3980_firmwarewcd9330_firmwareipq8064_firmwareqcc5100_firmwareqca6421_firmwareqca2062_firmwarewcn6740_firmwaresd821_firmwaresd678_firmwareapq8064au_firmwarear8031_firmwareipq8078_firmwarewcn6851_firmwaresd_636_firmwareqca6564a_firmwareipq8174_firmwareqcn9024_firmwareqcm4290_firmwareqcn7605_firmwaresw5100p_firmwareqcs610_firmwareqca9886_firmwaresd695_firmwareqca1023_firmwareqca6595_firmwareqcs405_firmwaresdm630_firmwaresd820_firmwareqca6391_firmwaresa4150p_firmwaresd780g_firmwarewcd9370_firmwaresd888_firmwareqcn5021_firmwaressg2115p_firmwarear8035_firmwareqsm8250_firmwareqcn5024_firmwarewcn3991_firmwaresa8145p_firmwaresxr2230p_firmwareqca1062_firmwareqcs2290_firmwaresd7c_firmwaremdm9628_firmwaresnapdragon_4_gen_1_firmwaresd765g_firmwareqca6420_firmwareipq8069_firmwareapq8009_firmwareqca2064_firmwareqca6390_firmwareqca6174_firmwaresd730_firmwaremdm9310_firmwaresd675_firmwareqcn5152_firmwareqca0000_firmwareqca6584au_firmwareapq8076_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwarewcn3990_firmwaresd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwareqcn5124_firmwareqam8295p_firmwareqcn6100_firmwareqcn6102_firmwareqcn9011_firmwareqca8082_firmwareqca6320_firmwarewcn3680b_firmwareqcn5122_firmwaresdx55_firmwarewcn3999_firmwareqcn6023_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwareqca6564au_firmwaresa6155p_firmwaresa515m_firmwaremdm9607_firmwaremsm8994_firmwareqcn6112_firmwaresa415m_firmwarewcn3988_firmwaresa6145p_firmwaresd712_firmwaresd778g_firmwareapq8017_firmwarewsa8810_firmwaresd765_firmwareqca6174a_firmwareipq8071a_firmwareqcs4290_firmwareqca8085_firmwareqca2065_firmwareqcs6490_firmwareqca9898_firmwaresd750g_firmwaresm6250_firmwareqcn9100_firmwareapq8092_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwaresdx20_firmwarewcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresg4150p_firmwareqcm6125_firmwareqcm2290_firmwarear9380_firmwareqcn6122_firmwareipq8065_firmwareqcx315_firmwaresxr1230p_firmwaresd665_firmwareqca8075_firmwaressg2125p_firmwarewcn6855_firmwareqcn6132_firmwareqcn9003_firmwareqca6310_firmwareapq8094_firmwareqca9994_firmwareipq8070a_firmwareipq8076_firmwareqca6574_firmwaresm4125_firmwaresm7325p_firmwareqca6574a_firmwaresd768g_firmwaresd850_firmwaresdxr1_firmwareaqt1000_firmwaresdx65_firmwarecsrb31024_firmwareqcm6490_firmwarewsa8832_firmwareqcn9070_firmwaresd480_firmwareipq6028_firmwareipq8072a_firmwareipq8074_firmwareqca9889_firmwaresa8155p_firmwaremdm9645_firmwarewcd9341_firmwaresdx20m_firmwaresd835_firmwareqca6564_firmwareipq6010_firmwareqca1064_firmwaresd845_firmwareqcn9022_firmwareapq8096au_firmwaremdm9615_firmwareqca9990_firmwareqcn9002_firmwareqcn9072_firmwareipq6000_firmwaresd720g_firmwareipq8071_firmwareqcn9074_firmwareqcs410_firmwaresw5100_firmwareqca6175a_firmware
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-14903
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.09% / 25.48%
||
7 Day CHG~0.00%
Published-05 Dec, 2017 | 17:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing the SENDACTIONFRAME IOCTL, a buffer over-read can occur if the payload length is less than 7.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-3670
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.32% / 55.12%
||
7 Day CHG~0.00%
Published-02 Nov, 2020 | 06:21
Updated-04 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Potential out of bounds read while processing downlink NAS transport message due to improper length check of Information Element(IEI) NAS message container' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in Agatti, APQ8053, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909W, MSM8917, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCM6125, QCS605, QCS610, QM215, Rennell, SA415M, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwarekamorta_firmwaremdm9635m_firmwaremdm9640_firmwareqcm2150_firmwareqcs610sdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwareagatti_firmwaremdm9645msm8996ausdm429w_firmwaresm7150msm8917sdm670qcs605_firmwaresc8180xmdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwaresa415mmdm9635mapq8098mdm9205mdm9206_firmwareqcs605sdm429_firmwaremdm9650_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8053_firmwareagattisda845nicobarsdm850_firmwaremsm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150sdm660sdm630mdm9655_firmwaresc8180x_firmwaresa415m_firmwaresdm710qm215sc7180_firmwaremdm9645_firmwaremdm9625_firmwaresdm710_firmwareqcm6125qcs610_firmwaremdm9150msm8905sm8150_firmwaremdm9655apq8096ausdm439_firmwarerennellsc7180sdm630_firmwaremdm9205_firmwaresda660_firmwaremdm9625rennell_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940saipan_firmwaresm6150_firmwareapq8053msm8917_firmwareapq8096au_firmwaremsm8998sm8150sdx20_firmwaresdm850kamortasaipannicobar_firmwaresdm660_firmwareqcm6125_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-14905
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.09% / 25.48%
||
7 Day CHG~0.00%
Published-05 Dec, 2017 | 17:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted cfg80211 vendor command, a buffer over-read can occur.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-14893
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 12.63%
||
7 Day CHG~0.00%
Published-06 Jul, 2018 | 17:00
Updated-16 Sep, 2024 | 22:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While flashing meta image, a buffer over-read may potentially occur when the image size is smaller than the image header size or is smaller than the image header size + total image header entry in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-3674
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.10% / 26.37%
||
7 Day CHG~0.00%
Published-09 Sep, 2020 | 06:25
Updated-04 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Information can leak into userspace due to improper transfer of data from kernel to userspace in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Nicobar, QCS405, Saipan, SC8180X, SDX55, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm8150_firmwaresxr2130_firmwareqcs405_firmwaresm8250_firmwaresdx55sc8180x_firmwareqcs405saipan_firmwaresm8250sm8150sdx55_firmwarenicobar_firmwaresaipansxr2130sc8180xnicobarSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-3700
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.47% / 64.57%
||
7 Day CHG~0.00%
Published-30 Jul, 2020 | 11:40
Updated-04 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bounds read due to a missing bounds check and could lead to local information disclosure in the wifi driver with no additional execution privileges needed in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, APQ8096AU, IPQ4019, IPQ8064, IPQ8074, MDM9607, MSM8909W, MSM8996AU, QCA6574AU, QCA9531, QCA9558, QCA9980, SC8180X, SDM439, SDX55, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9980_firmwaremsm8996au_firmwaresdm439mdm9607_firmwaresm8250_firmwaresc8180x_firmwareqca9531qca9558_firmwareipq8074_firmwareqca6574auqca9558msm8909w_firmwaremdm9607msm8996auqca9980sxr2130sc8180xipq4019_firmwaresm8150_firmwaresxr2130_firmwareipq8074apq8096ausdm439_firmwareipq4019sdx55apq8053apq8096au_firmwaresm8250sm8150qca9531_firmwareipq8064qca6574au_firmwaresdx55_firmwaremsm8909wapq8053_firmwareipq8064_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 16
  • 17
  • Next
Details not found