Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2019-2274

Summary
Assigner-qualcomm
Assigner Org ID-2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At-18 Dec, 2019 | 05:25
Updated At-04 Aug, 2024 | 18:42
Rejected At-
Credits

Improper Access Control for RPU write access from secure processor in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8017, APQ8053, APQ8098, IPQ8074, MDM9150, MDM9650, MDM9655, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8998, Nicobar, QCA8081, QCN7605, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX55, SM6150, SM7150, SM8150, SXR1130

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:qualcomm
Assigner Org ID:2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At:18 Dec, 2019 | 05:25
Updated At:04 Aug, 2024 | 18:42
Rejected At:
▼CVE Numbering Authority (CNA)

Improper Access Control for RPU write access from secure processor in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8017, APQ8053, APQ8098, IPQ8074, MDM9150, MDM9650, MDM9655, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8998, Nicobar, QCA8081, QCN7605, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX55, SM6150, SM7150, SM8150, SXR1130

Affected Products
Vendor
Qualcomm Technologies, Inc.Qualcomm, Inc.
Product
Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
Versions
Affected
  • APQ8017, APQ8053, APQ8098, IPQ8074, MDM9150, MDM9650, MDM9655, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8998, Nicobar, QCA8081, QCN7605, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX55, SM6150, SM7150, SM8150, SXR1130
Problem Types
TypeCWE IDDescription
textN/AImproper Access Control in TZ
Type: text
CWE ID: N/A
Description: Improper Access Control in TZ
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin
x_refsource_CONFIRM
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin
x_refsource_CONFIRM
x_transferred
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:product-security@qualcomm.com
Published At:18 Dec, 2019 | 06:15
Updated At:24 Aug, 2020 | 17:37

Improper Access Control for RPU write access from secure processor in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8017, APQ8053, APQ8098, IPQ8074, MDM9150, MDM9650, MDM9655, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8998, Nicobar, QCA8081, QCN7605, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX55, SM6150, SM7150, SM8150, SXR1130

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary2.07.2HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 7.2
Base severity: HIGH
Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
Qualcomm Technologies, Inc.
qualcomm
>>apq8017_firmware>>-
cpe:2.3:o:qualcomm:apq8017_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8017>>-
cpe:2.3:h:qualcomm:apq8017:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8053_firmware>>-
cpe:2.3:o:qualcomm:apq8053_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8053>>-
cpe:2.3:h:qualcomm:apq8053:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8098_firmware>>-
cpe:2.3:o:qualcomm:apq8098_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8098>>-
cpe:2.3:h:qualcomm:apq8098:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>ipq8074_firmware>>-
cpe:2.3:o:qualcomm:ipq8074_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>ipq8074>>-
cpe:2.3:h:qualcomm:ipq8074:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9150_firmware>>-
cpe:2.3:o:qualcomm:mdm9150_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9150>>-
cpe:2.3:h:qualcomm:mdm9150:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9650_firmware>>-
cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9650>>-
cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9655_firmware>>-
cpe:2.3:o:qualcomm:mdm9655_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9655>>-
cpe:2.3:h:qualcomm:mdm9655:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8917_firmware>>-
cpe:2.3:o:qualcomm:msm8917_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8917>>-
cpe:2.3:h:qualcomm:msm8917:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8920_firmware>>-
cpe:2.3:o:qualcomm:msm8920_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8920>>-
cpe:2.3:h:qualcomm:msm8920:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8937_firmware>>-
cpe:2.3:o:qualcomm:msm8937_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8937>>-
cpe:2.3:h:qualcomm:msm8937:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8940_firmware>>-
cpe:2.3:o:qualcomm:msm8940_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8940>>-
cpe:2.3:h:qualcomm:msm8940:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8953_firmware>>-
cpe:2.3:o:qualcomm:msm8953_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8953>>-
cpe:2.3:h:qualcomm:msm8953:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8998_firmware>>-
cpe:2.3:o:qualcomm:msm8998_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8998>>-
cpe:2.3:h:qualcomm:msm8998:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>nicobar_firmware>>-
cpe:2.3:o:qualcomm:nicobar_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>nicobar>>-
cpe:2.3:h:qualcomm:nicobar:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca8081_firmware>>-
cpe:2.3:o:qualcomm:qca8081_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca8081>>-
cpe:2.3:h:qualcomm:qca8081:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcn7605_firmware>>-
cpe:2.3:o:qualcomm:qcn7605_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcn7605>>-
cpe:2.3:h:qualcomm:qcn7605:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcs605_firmware>>-
cpe:2.3:o:qualcomm:qcs605_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcs605>>-
cpe:2.3:h:qualcomm:qcs605:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qm215_firmware>>-
cpe:2.3:o:qualcomm:qm215_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qm215>>-
cpe:2.3:h:qualcomm:qm215:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sda660_firmware>>-
cpe:2.3:o:qualcomm:sda660_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sda660>>-
cpe:2.3:h:qualcomm:sda660:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sda845_firmware>>-
cpe:2.3:o:qualcomm:sda845_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sda845>>-
cpe:2.3:h:qualcomm:sda845:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm429_firmware>>-
cpe:2.3:o:qualcomm:sdm429_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm429>>-
cpe:2.3:h:qualcomm:sdm429:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm439_firmware>>-
cpe:2.3:o:qualcomm:sdm439_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm439>>-
cpe:2.3:h:qualcomm:sdm439:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm450_firmware>>-
cpe:2.3:o:qualcomm:sdm450_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm450>>-
cpe:2.3:h:qualcomm:sdm450:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm630_firmware>>-
cpe:2.3:o:qualcomm:sdm630_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm630>>-
cpe:2.3:h:qualcomm:sdm630:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm632_firmware>>-
cpe:2.3:o:qualcomm:sdm632_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm632>>-
cpe:2.3:h:qualcomm:sdm632:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletinproduct-security@qualcomm.com
Patch
Vendor Advisory
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin
Source: product-security@qualcomm.com
Resource:
Patch
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

988Records found
CVE-2022-22104
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.09% / 27.08%
||
7 Day CHG~0.00%
Published-02 Sep, 2022 | 11:31
Updated-03 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption in multimedia due to improper check on the messages received. in Snapdragon Auto

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6564au_firmwareqca6584ausa6155p_firmwaresa6150p_firmwaresa8145p_firmwaremsm8996au_firmwareqca6564auqca6574ausa6145p_firmwaresa8155p_firmwaremsm8996auqca6564a_firmwaresa8195psa8540p_firmwaresa8150p_firmwaresa6155psa8540psa8295p_firmwareqca6574asa6145pqca6584au_firmwareapq8096auqca6696_firmwaresa8145pqca6696qam8295psa9000psa8150psa6150papq8096au_firmwaresa8155pqam8295p_firmwaresa9000p_firmwareqca6574a_firmwareqca6574au_firmwaresa8195p_firmwareqca6564asa8295pSnapdragon Auto
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-18159
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.52%
||
7 Day CHG~0.00%
Published-06 Jul, 2018 | 17:00
Updated-16 Sep, 2024 | 20:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, while processing a StrHwPlatform with length smaller than EFICHIPINFO_MAX_ID_LENGTH, an array out of bounds access may occur.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-18173
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.75%
||
7 Day CHG~0.00%
Published-06 May, 2019 | 22:34
Updated-05 Aug, 2024 | 21:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In case of using an invalid android verified boot signature with very large length, an integer underflow occurs in Snapdragon Mobile in SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 810, SD 820, SD 835, SDM630, SDM636, SDM660, Snapdragon_High_Med_2016.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_427_firmwaresd_425_firmwaresnapdragon_high_med_2016sd_625_firmwaresdm636_firmwaresd_450sdm636sdm630_firmwaresd_425sdm660sd_430_firmwaresdm630sd_435sd_427sd_430sd_625snapdragon_high_med_2016_firmwaresd_820_firmwaresd_810sd_820sd_435_firmwaresd_835_firmwaresd_835sd_450_firmwaresd_810_firmwaresdm660_firmwareSnapdragon Mobile
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2017-18172
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 6.39%
||
7 Day CHG~0.00%
Published-23 Oct, 2018 | 13:00
Updated-05 Aug, 2024 | 21:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In a device, with screen size 1440x2560, the check of contiguous buffer will overflow on certain buffer size resulting in an Integer Overflow or Wraparound in System UI in Snapdragon Automobile, Snapdragon Mobile in version MDM9635M, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SDM630, SDM636, SDM660, Snapdragon_High_Med_2016.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_427_firmwaremdm9635m_firmwaresd_820asd_412sdm636_firmwaresd_400sd_616sd_425sdm660sd_430_firmwaresd_615sd_435sd_650_firmwaresdm630sd_625sd_615_firmwaresd_820_firmwaresd_820sd_650sd_450_firmwaresd_800sd_410sd_617sd_400_firmwaresd_820a_firmwaresd_652sd_425_firmwaresd_800_firmwaresd_625_firmwaresd_450sdm636sd_412_firmwaremdm9635msdm630_firmwaresd_427sd_430sd_810sd_435_firmwaresd_835_firmwaresd_410_firmwaresd_835sd_415_firmwaresd_652_firmwaresd_810_firmwaresd_616_firmwaresdm660_firmwaresd_415sd_617_firmwareSnapdragon Automobile, Snapdragon Mobile
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-22085
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.12% / 32.25%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 09:40
Updated-03 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption in video due to buffer overflow while reading the dts file in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresm6250p_firmwareqcs610sdx65wcn3950_firmwareqcs2290qca6595au_firmwaresa6155qca6335msm8917csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaresd632wcn3998wcd9371_firmwarewcn3950sm4125sd720gmdm9628mdm9206_firmwaresd_8_gen1_5g_firmwarewcn3660bsd450_firmwaresd710_firmwaresd460_firmwareqca4020sm7315_firmwarewcn7850qca6574au_firmwarewcd9375_firmwarewcn3998_firmwaresa6155_firmwaremsm8909wapq8009w_firmwareqca6420apq8053_firmwaresm7450_firmwaresd680_firmwareqca9367_firmwarewcn3999qcs6125sa8155_firmwaresd662_firmwareqcs405qca6430wcd9340sd765gqualcomm215_firmwaresw5100sd680qca4020_firmwareqca6436wcn6851sa6155pqcs603_firmwarewcn7851_firmwaremsm8937mdm9250_firmwarewcn3660_firmwarewcd9341pm8937_firmwareqca6696_firmwarewcd9371sd870_firmwaresd750gwcn3910_firmwarewsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwarewcn3988sd660_firmwarewcn7850_firmwaresa8195p_firmwaresm8475wcn6750_firmwaresd450wcn3610wcn3991wcd9380_firmwaresdm429wsw5100pmsm8996au_firmwarewcd9330qca6564ausdx55m_firmwarewcn6856_firmwaresd670_firmwareqca6574sd632_firmwarewcd9380qualcomm215qcs410sd690_5g_firmwaresdx50m_firmwareqca9379_firmwareqca6430_firmwarewcd9335_firmwarewcn3980sd439_firmwareqca6335_firmwareqcs605wcd9340_firmwarewsa8815wcn6850wcn3910qca6320msm8937_firmwaremdm9650_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680sd835wcn3980_firmwaresd730wcd9330_firmwaresdx55msm8475_firmwarewcn6740_firmwaremsm8953sd678_firmwarear8031_firmwarewcn3680_firmwarewcn6851_firmwareqcs603sd670sd_636_firmwareqca6564a_firmwareapq8009wqcm4290_firmwaresd480sd870wcn6855wsa8832sw5100p_firmwareqcs610_firmwaresa6145psdxr1ar8031apq8096auqcs405_firmwaresdm630_firmwaresd820_firmwareqca6391_firmwarewcd9370_firmwaresd780g_firmwaresdx55sd888_firmwareapq8053sa8155pcsra6640sd675sd439wcn3660sm8475p_firmwareqca9379qcm2290wcn3991_firmwarewsa8830sd678qcs2290_firmwaremdm9628_firmwaremdm9650sd_636csra6620qcs4290mdm9250sd765g_firmwareqca6420_firmwareqca6390_firmwareapq8009_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwareqca6564qca6426wcn3990_firmwareqca9377sdw2500_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwaresd662sa8155qca6320_firmwarewcn3680b_firmwaresdx55_firmwarewcn3615qca6595auwcn3999_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwareqca6564au_firmwaresd778gsa6155p_firmwareqca6310pm8937wcn7851sd429qcs6490sdxr2_5gqca9367sdm630mdm9607_firmwarewcn3988_firmwaresd429_firmwaresa6145p_firmwaresm6250sd778g_firmwaresa8195papq8017_firmwarewsa8810_firmwaresd765_firmwarewcd9326wcd9335qca6174a_firmwareqcs4290_firmwarewcd9385qcs6490_firmwareqca6390wcd9375sd750g_firmwareaqt1000sm6250_firmwaremsm8953_firmwaremsm8917_firmwarewcn3620_firmwaresdx20_firmwarewsa8815_firmwaresd888_5g_firmwaresd820qcm6490wcn6850_firmwarewsa8835_firmwarewcn3620sm7450apq8017qca6564aqcm6125_firmwareqcm2290_firmwarewcn3990sd_675sd780gsd865_5gsd888msm8909w_firmwarewsa8835msm8996ausdm429w_firmwaresd888_5gsm6250pqca6574amdm9206wcn6855_firmwareqca6174asm7325pqca6310_firmwarewcn6750qca6574_firmwaresd855sm4125_firmwaresm7325p_firmwaresd765qca6574a_firmwaresd768g_firmwaresm7315apq8009sd460qca6391sdxr1_firmwareaqt1000_firmwaresdx65_firmwaremdm9626qcm4290qcm6490_firmwaresdx50mwsa8832_firmwaresdx20sd480_firmwaremdm9626_firmwareqca6574ausd710sa8155p_firmwaremdm9607wcd9341_firmwareqcm6125wsa8810wcn6856wcn3680bsd835_firmwareqca6564_firmwaresd768gwcn6740qca6696sd845_firmwaresdw2500apq8096au_firmwaresd845sm7250psd720g_firmwaresw5100_firmwareqcs410_firmwaresm8475pSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-18298
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.17%
||
7 Day CHG~0.00%
Published-23 Oct, 2018 | 13:00
Updated-05 Aug, 2024 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of Input Validation in SDMX API can lead to NULL pointer access in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660 .

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_820asd_412msm8996au_firmwaresd_415sd_616sd_425sd_430_firmwaresd_615mdm9607_firmwaremdm9650sd_650_firmwaresd_625sd_615_firmwaresd_210mdm9607msm8996ausd_820_firmwaresd_650sd_820sd_450_firmwaresd_845_firmwaresd_410sd_617sd_820a_firmwaremdm9206sd_652sd_425_firmwaresd_212_firmwaresd_850_firmwaresd_625_firmwaresd_450sd_412_firmwaresda660_firmwaresd_845mdm9206_firmwaresd_430sd_810sd_835_firmwaremdm9650_firmwaresd_410_firmwaresd_835sd_205sda660sd_210_firmwaresd_415_firmwaresd_652_firmwaresd_810_firmwaresd_616_firmwaresd_205_firmwaresd_212sd_617_firmwareSnapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2017-18303
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.23%
||
7 Day CHG~0.00%
Published-23 Oct, 2018 | 13:00
Updated-05 Aug, 2024 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While processing the sensors registry configuration file, if inputs are not validated a buffer overflow will occur in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MMDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SDA660, SDX20.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_820amsm8996au_firmwaresdx20sd_415sd_616sd_425sd_430_firmwaremdm9607_firmwaresd_615mdm9650sd_650_firmwaresd_625sd_615_firmwaremsm8909w_firmwaremdm9607msm8996ausd_210sd_650sd_820_firmwaresd_820sd_450_firmwaresd_800sd_617sd_820a_firmwaremdm9206sd_652sd_425_firmwaresd_212_firmwaresd_800_firmwaresd_625_firmwaresd_450sda660_firmwaremdm9206_firmwaresd_430sd_810sd_835_firmwaremdm9650_firmwaresdx20_firmwaresd_600_firmwaresd_205sd_835sda660sd_210_firmwaresd_600sd_415_firmwaresd_652_firmwaremsm8909wsd_810_firmwaresd_616_firmwaresd_205_firmwaresd_212sd_617_firmwareSnapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-18329
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.00%
||
7 Day CHG~0.00%
Published-03 Jan, 2019 | 15:00
Updated-05 Aug, 2024 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible Buffer overflow when transmitting an RTP packet in snapdragon automobile and snapdragon wear in versions MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 835, SD 845 / SD 850, SDA660, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9635m_firmwaremdm9640_firmwaremsm8996au_firmwaresd_670_firmwaremdm9650sd_636sd_615_firmwaresnapdragon_high_med_2016_firmwaremsm8909w_firmwaremsm8996aumdm9645sd_650sd_820sd_450_firmwaresd_845_firmwaresd_652sd_425_firmwaresd_625_firmwaresd_450mdm9635mmdm9615sd_845sd_835_firmwaremdm9650_firmwaresd_835sda660sxr1130_firmwaresd_210_firmwaresd_415_firmwaresd_652_firmwaresxr1130msm8909wsd_616_firmwaresd_205_firmwaresd_415sd_650_firmwaresd_212sd_427_firmwaresd_712sd_616sd_425sdm660sd_430_firmwaresd_615sd_435mdm9655_firmwaresd_710_firmwaresdm630sd_625sd_210sd_820_firmwaresd_636_firmwaremdm9645_firmwaremdm9625_firmwaresnapdragon_high_med_2016sd_212_firmwaresd_850_firmwaremdm9655sd_712_firmwaresdm630_firmwaresda660_firmwaremdm9625sd_427sd_430sd_670sd_810sd_435_firmwaremdm9615_firmwaresd_710sd_205sd_810_firmwaresdm660_firmwaremdm9640Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-22067
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.16% / 37.04%
||
7 Day CHG~0.00%
Published-02 Sep, 2022 | 11:31
Updated-03 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Potential memory leak in modem during the processing of NSA RRC Reconfiguration with invalid Radio Bearer Config in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewcn3991wsa8830qca8337_firmwarewcd9380_firmwaresd780gqca8337sd865_5gqca6431_firmwaresdx55m_firmwarewcn6856_firmwarewcd9360_firmwaresd888sdx65wsa8835wcd9380sd765g_firmwaresd888_5gqca6595au_firmwareqca6390_firmwaresd690_5gwcd9370qca6574asd690_5g_firmwarewcn6855_firmwaresm8475p_firmwareqca6426wcn6750wcn3998wcd9385_firmwaresdxr2_5g_firmwaresa515msd_8_gen1_5g_firmwaresd855wsa8815wcn6850sd765qca6426_firmwaresm7315_firmwareqca6574a_firmwaresd695qca6574au_firmwaresdx55_firmwaresd768g_firmwareqca6595auqca8081_firmwarewcd9375_firmwarewcn3998_firmwaresm7250p_firmwaresm7315qca6391wcd9360qca6436_firmwaresdx55mqca6421_firmwaresm8475_firmwaresm7450_firmwarewcn6740_firmwaresd778gsdx65_firmwaresa515m_firmwarewcn7851sdxr2_5gwsa8832_firmwaresd480_firmwarewcn6851_firmwarewcn3988_firmwareqca6574auqca6421sd778g_firmwarewsa8810_firmwaresd765gwcd9341_firmwaresd480sd765_firmwaresd870qca6436wcn6851wsa8810wcn6855wsa8832qca8081wcn7851_firmwarewcn6856wcd9385wcd9341sd695_firmwaresd768gqca6431qca6696_firmwaresd750gsd870_firmwarewcn6740qca6696qca6391_firmwareqca6390ar8035sd750g_firmwarewcd9375sd780g_firmwarewcd9370_firmwaresdx55sd888_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresm7250psm7450sm8475wcn6750_firmwarear8035_firmwaresm8475pSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2017-18278
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.46%
||
7 Day CHG~0.00%
Published-06 May, 2019 | 22:54
Updated-05 Aug, 2024 | 21:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An integer underflow may occur due to lack of check when received data length from font_mgr_qsee_request_service is bigger than the minimal value of the segment header, which may result in a buffer overflow, in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SD 850.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_820asd_425sd_430_firmwaremdm9607_firmwaremdm9650sd_650_firmwaresd_625sd_210mdm9607sd_820_firmwaresd_820sd_650sd_450_firmwaresd_845_firmwaresd_820a_firmwaremdm9206sd_652sd_425_firmwaresd_212_firmwaresd_850_firmwaresd_625_firmwaresd_450sd_845mdm9206_firmwaresd_430sd_835_firmwaremdm9650_firmwaresd_835sd_205sd_210_firmwaresd_652_firmwaresd_205_firmwaresd_212Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CVE-2022-22063
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-1.12% / 77.36%
||
7 Day CHG~0.00%
Published-14 Dec, 2022 | 05:54
Updated-18 Apr, 2025 | 14:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Memory corruption in Core

Memory corruption in Core due to improper configuration in boot remapper.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaremdm9645mdm9645_firmwareqca6174_firmwarewcn3990qca6574au_firmwareqca6574auqca6174a_firmwaremdm9640wcn3990_firmwareqca6174aqca6574aapq8096auapq8096au_firmwareqca6574a_firmwareqca6174Snapdragon
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-18141
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.07%
||
7 Day CHG~0.00%
Published-03 Jan, 2019 | 15:00
Updated-05 Aug, 2024 | 21:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When a 3rd party TEE has been loaded it is possible for the non-secure world to create a secure monitor call which will give it access to privileged functions meant to only be accessible from the TEE in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_632mdm9635m_firmwaresd_820amsm8996au_firmwaresd_439sd_429sdx24sdm439mdm9650sd_636snapdragon_high_med_2016_firmwaremsm8996ausd_820sd_650sd_450_firmwaresd_410sd_820a_firmwaremdm9206sd_652sd_425_firmwaresdx24_firmwaresd_625_firmwareipq8074sd_450mdm9635mmdm9206_firmwaresd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sd_210_firmwaresd_652_firmwaresd_205_firmwaresd_650_firmwaresd_212sd_427_firmwaresd_412sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435mdm9655_firmwaresdm630sd_625ipq8074_firmwaresd_210mdm9607sd_636_firmwaresd_820_firmwaresd_439_firmwaresd_429_firmwaresnapdragon_high_med_2016sd_212_firmwaremdm9655sdm439_firmwaresd_412_firmwaresdm630_firmwaresda660_firmwaresd_427sd_430sd_810sd_435_firmwaresd_410_firmwaresd_205sd_810_firmwaresdm660_firmwareSnapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CVE-2017-18279
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.46%
||
7 Day CHG~0.00%
Published-06 May, 2019 | 22:58
Updated-05 Aug, 2024 | 21:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of check of buffer length before copying can lead to buffer overflow in camera module in Small Cell SoC, Snapdragon Mobile, Snapdragon Wear in FSM9055, FSM9955, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA9531, QCA9558, QCA9563, QCA9880, QCA9886, QCA9980, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, SDM630, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwareqca9980_firmwaremsm8996au_firmwarefsm9955_firmwareqca9563_firmwaremdm9650qca9558qca9558_firmwaresd_615_firmwaresnapdragon_high_med_2016_firmwaremsm8909w_firmwaremsm8996auqca9880_firmwaresd_650sd_820sd_450_firmwareipq4019_firmwaremdm9206sd_652sd_425_firmwaresd_800_firmwaresd_625_firmwaresd_450sdm636mdm9206_firmwareqca9563qca9886sd_835_firmwaremdm9650_firmwaresd_835ipq8064sd_210_firmwaresd_415_firmwaresd_652_firmwaremsm8909wsd_616_firmwaresd_205_firmwareipq8064_firmwaresd_415sd_212sd_650_firmwaresd_427_firmwarefsm9055sdm636_firmwaresdx20sd_616sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_615sdm630qca9531sd_625sd_820_firmwaresd_210mdm9607qca9980qca9880sd_800fsm9055_firmwareqca9886_firmwaresnapdragon_high_med_2016sd_212_firmwaresdm630_firmwarefsm9955sd_430ipq4019sd_427sd_810sd_435_firmwaresdx20_firmwareqca9531_firmwaresd_205sd_810_firmwaresdm660_firmwaremdm9640Small Cell SoC, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-22102
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.06% / 19.35%
||
7 Day CHG~0.00%
Published-02 Sep, 2022 | 11:31
Updated-03 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption in multimedia due to incorrect type conversion while adding data in Snapdragon Auto

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa6145psa6155p_firmwaresa6150p_firmwaresa8145p_firmwareqca6696_firmwaresa8145pqca6696sa8150psa6150pqca6574ausa8155psa6145p_firmwaresa8155p_firmwaresa8195pqca6574au_firmwaresa8150p_firmwaresa8195p_firmwaresa6155pSnapdragon Auto
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2022-22059
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.11% / 29.41%
||
7 Day CHG~0.00%
Published-02 Sep, 2022 | 11:31
Updated-03 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption due to out of bound read while parsing a video file in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830sd678qcs610qcs2290_firmwaresd_636qcs4290wcn3950_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqcs2290qca6390_firmwaremsm8917sd690_5gsd730_firmwarewcd9370sd_675_firmwaresd675_firmwareqca6426sd632wcn3990_firmwarewcn3998wcd9385_firmwaresdxr2_5g_firmwarewcn3950wcd9326_firmwaresd720gwcn3615_firmwaresd_8_gen1_5g_firmwarewcn3660bsd662sd460_firmwarewcn7850qca6574au_firmwaresdx55_firmwarewcn3680b_firmwareqca6595auwcd9375_firmwarewcn3615wcn3998_firmwaresm7250p_firmwareqca6420qca6436_firmwareapq8053_firmwaresm7450_firmwaresd680_firmwaresd778gsa6155p_firmwarewcn7851sd429sdxr2_5gsd662_firmwaresdm630wcn3988_firmwareqca6430sd429_firmwaresm6250sd778g_firmwarewcd9340sa8195papq8017_firmwarewsa8810_firmwarequalcomm215_firmwaresd765gsd765_firmwareqca6436sd680wcd9326sa6155pwcd9335wcn6851wcn7851_firmwareqcs4290_firmwarewcd9385wcd9341qca6696_firmwaresd750gsd870_firmwareqca6390wcd9375sd750g_firmwareaqt1000wcn3910_firmwaresm6250_firmwaremsm8953_firmwarewsa8830_firmwaremsm8917_firmwaresd855_firmwaresd660sd865_5g_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwaresd660_firmwarewcn7850_firmwarewsa8815_firmwaresa8195p_firmwaresm7450wsa8835_firmwareapq8017sm8475wcn6750_firmwareqcm2290_firmwarewcn3991wcd9380_firmwarewcn3990sd_675sd780gsd865_5gsdx55m_firmwarewcn6856_firmwarewsa8835qca6574sd632_firmwarewcd9380sd888_5gqualcomm215qca6574asd690_5g_firmwaresdx50m_firmwarewcn6855_firmwaresm7325pqca6430_firmwarewcd9335_firmwarewcn3980sd439_firmwarewcn6750qca6574_firmwarewcd9340_firmwaresd855wsa8815sm7325p_firmwarewcn6850wcn3910sd765qca6426_firmwarewcn3660b_firmwarewcn3680qca6574a_firmwaresd768g_firmwaresd835wcn3980_firmwaresd460qca6391sd730sdx55msm8475_firmwareaqt1000_firmwarewcn6740_firmwaremsm8953sd678_firmwareqcm4290sdx50mwcn3680_firmwarewsa8832_firmwaresd480_firmwarewcn6851_firmwareqca6574ausa8155p_firmwaresd_636_firmwarewcd9341_firmwareqcm4290_firmwaresd480sd870wcn6855wsa8810wsa8832qcs610_firmwarewcn6856wcn3680bsd835_firmwaresd768gwcn6740qca6696sdm630_firmwareqca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55apq8053sa8155psd675sd439sm7250psd720g_firmwaresm8475p_firmwareqcm2290sm8475pSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-22069
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.7||HIGH
EPSS-0.03% / 6.86%
||
7 Day CHG~0.00%
Published-02 Sep, 2022 | 11:31
Updated-03 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Devices with keyprotect off may store unencrypted keybox in RPMB and cause cryptographic issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwaresd_8cx_gen3_firmwarewsa8830sd678qcs2290_firmwareqca6431_firmwareqcs4290wcn3950_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqcs2290qca6390_firmwaresa6155sd690_5gsd730_firmwarewcd9370sd_675_firmwaresd675_firmwareqca6426wcn3990_firmwarewcn3998wcd9385_firmwaresdxr2_5g_firmwarewcn3950sm4125sd720gwcd9326_firmwareqsm8350_firmwaresd662sd710_firmwareqsm8350sd460_firmwaresa8155sm7315_firmwarewcn7850qca6574au_firmwareqca6595ausa6155_firmwarewcd9375_firmwarewcn3998_firmwaresm7250p_firmwareqca6420qca6436_firmwaresd680_firmwaresd778gsa6155p_firmwarewcn7851qcs6490sdxr2_5gsa8155_firmwaresd662_firmwarewcn3988_firmwareqca6430qca6421sd778g_firmwaresm6250sa8195pwsa8810_firmwaresd765gsw5100sd765_firmwareqca6436sd680wcd9326sa6155pwcn6851wcn7851_firmwareqcs4290_firmwarewcd9385wcd9341qca6431qca6696_firmwareqcs6490_firmwaresd750gsd870_firmwaresd_8cx_gen3qca6390wcd9375sd750g_firmwareaqt1000wcn3910_firmwaresm6250_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewcn7850_firmwarewsa8815_firmwaresa8195p_firmwarewsa8835_firmwarewcn6750_firmwareqcm2290_firmwarewcn3991wcd9380_firmwarewcn3990sd_675sw5100psd780gsd865_5gsdx55m_firmwarewcn6856_firmwaresd888sd670_firmwareqca6574wsa8835sd665_firmwarewcd9380sd888_5gqca6574asd690_5g_firmwaresdx50m_firmwarewcn6855_firmwaresm7325pqca6430_firmwarewcn3980wcn6750qca6574_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665wcn3910wcn6850wsa8815sd765qca6426_firmwareqca6574a_firmwaresd695sd768g_firmwarewcn3980_firmwaresm7315sd460qca6391sd730sdx55mqca6421_firmwareaqt1000_firmwarewcn6740_firmwaresd678_firmwareqcm4290qcm6490_firmwaresdx50msd480_firmwarewcn6851_firmwareqca6574ausa8155p_firmwaresd710sd670wcd9341_firmwareqcm4290_firmwaresd480sd870wcn6855wsa8810sw5100p_firmwarewcn6856sd695_firmwaresd768gwcn6740qca6696qca6391_firmwaresd780g_firmwarewcd9370_firmwaresd888_firmwaresa8155psd675sm7250psd720g_firmwaresw5100_firmwareqcm2290Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-312
Cleartext Storage of Sensitive Information
CVE-2017-18312
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 6.28%
||
7 Day CHG~0.00%
Published-23 Oct, 2018 | 13:00
Updated-05 Aug, 2024 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While accessing SafeSwitch services, third party can manipulate a given device and perform unauthorized operation due to lack of checking of same state transitions in Snapdragon Automobile, Snapdragon Mobile in version MSM8996AU, SD 410/12, SD 617, SD 650/52, SD 810, SD 820, SD 820A

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_652sd_820asd_412sd_412_firmwaremsm8996au_firmwaresd_810sd_820_firmwaresd_810_firmwaremsm8996ausd_820sd_650sd_410_firmwaresd_652_firmwaresd_410sd_617sd_820a_firmwaresd_650_firmwaresd_617_firmwareSnapdragon Automobile, Snapdragon Mobile
CWE ID-CWE-862
Missing Authorization
CVE-2022-22057
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-1.48% / 80.19%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 00:00
Updated-03 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in graphics fence due to a race condition while closing fence file descriptor and destroy graphics timeline simultaneously in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwarewsa8830qcs2290_firmwareqca8337sdx65qcs4290wcn3950_firmwaresd765g_firmwareqcs2290qca6595au_firmwareqca6390_firmwaresd690_5gwcd9370qca6426qrb5165n_firmwareqca9377wcn3998wcd9385_firmwaresdxr2_5g_firmwarewcn3950wcd9326_firmwarewcn3615_firmwaresd_8_gen1_5g_firmwarewcn3660bsd662sd460_firmwaresm7315_firmwarewcn7850wcn3680b_firmwareqca6595auqca8081_firmwaresdx12_firmwarewcd9375_firmwaresm7250p_firmwarewcn3615wcn3998_firmwareapq8053_firmwareqca6436_firmwareqrb5165nsd680_firmwaresd778gsa6155p_firmwarewcn7851qcs6490qrb5165_firmwareqrb5165m_firmwaresdxr2_5gsd662_firmwarewcn3988_firmwaresd778g_firmwaresa8195pwsa8810_firmwarequalcomm215_firmwaresd765gsw5100sd765_firmwareqca6436sd680wcd9326sa6155pwcd9335wcn6851qca8081wcn7851_firmwareqca6174a_firmwareqcs4290_firmwarewcd9385wcd9341qcs6490_firmwaresd750gsd870_firmwareqca6390ar8035sd750g_firmwarewcd9375wcn3910_firmwaremsm8953_firmwarewsa8830_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewcn7850_firmwarewsa8815_firmwaresa8195p_firmwarewsa8835_firmwaresm8475wcn6750_firmwareqcm2290_firmwarewcn3991qca8337_firmwarewcd9380_firmwaresw5100psd780gsd865_5gsdx55m_firmwarewcn6856_firmwaresd888wsa8835wcd9380sd888_5gqualcomm215sd690_5g_firmwarewcn6855_firmwareqca6174asm7325pwcd9335_firmwarewcn3980wcn6750sd439_firmwarewsa8815sm7325p_firmwarewcn6850wcn3910sd765qca6426_firmwarewcn3660b_firmwaresd695sd768g_firmwareqrb5165mwcn3980_firmwaresm7315sd460qca6391sdx55mwcn6740_firmwaremsm8953sdx65_firmwareqcm4290qcm6490_firmwareqrb5165sd480_firmwarewcn6851_firmwaresa8155p_firmwarewcd9341_firmwareqcm4290_firmwaresd480sd870wcn6855wsa8810sw5100p_firmwarewcn6856wcn3680bsd695_firmwaresd768gwcn6740qca6391_firmwaresd780g_firmwarewcd9370_firmwaresd888_firmwareapq8053sa8155psd439sm7250psdx12sw5100_firmwarear8035_firmwareqcm2290Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2017-18317
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.07%
||
7 Day CHG~0.00%
Published-28 Nov, 2018 | 15:00
Updated-05 Aug, 2024 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Restrictions related to the modem (sim lock, sim kill) can be bypassed by manipulating the system to issue a deactivation flow sequence in Snapdragon Automobile, Snapdragon Mobile in versions MSM8996AU,SD 410/12,SD 820,SD 820A.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_820_firmwaremsm8996ausd_412sd_820sd_410_firmwaresd_820asd_412_firmwaremsm8996au_firmwaresd_410sd_820a_firmwareSnapdragon Automobile, Snapdragon Mobile
CWE ID-CWE-20
Improper Input Validation
CVE-2017-18331
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.07%
||
7 Day CHG~0.00%
Published-18 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper access control on secure display buffers in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 820, SD 820A, SD 835, SDA660

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9206sd_212_firmwaresd_820amsm8996au_firmwaresda660_firmwaremdm9206_firmwaremdm9607_firmwaremdm9650sd_210mdm9607msm8996ausd_820_firmwaresd_820sd_835_firmwaremdm9650_firmwaresd_835sd_205sda660sd_210_firmwaresd_820a_firmwaresd_205_firmwaresd_212Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CVE-2017-18304
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.17%
||
7 Day CHG~0.00%
Published-23 Oct, 2018 | 13:00
Updated-05 Aug, 2024 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient memory allocation in boot due to incorrect size being passed could result in out of bounds access in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in version FSM9055, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660 and SDX20

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm9055mdm9640_firmwaresd_820asd_617_firmwaremsm8996au_firmwaresdx20sd_415sd_616sd_425sd_430_firmwaremdm9607_firmwaresd_615mdm9650sd_650_firmwaresd_625sd_615_firmwaremsm8909w_firmwaremdm9607msm8996ausd_210sd_650sd_820_firmwaresd_820fsm9055_firmwaresd_450_firmwaresd_617sd_820a_firmwaremdm9206sd_652sd_425_firmwaresd_212_firmwaresd_625_firmwaresd_450sda660_firmwaremdm9206_firmwaresd_430sd_810sd_835_firmwaremdm9650_firmwaresdx20_firmwaresd_835sd_205sda660sd_210_firmwaresd_415_firmwaresd_652_firmwaremsm8909wsd_810_firmwaresd_616_firmwaresd_205_firmwaresd_212mdm9640Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-18311
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.75%
||
7 Day CHG~0.00%
Published-26 Oct, 2018 | 13:00
Updated-05 Aug, 2024 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

XPU Master privilege escalation is possible due to improper access control of unused configuration xPU ports where unused configuration ports are open in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_High_Med_2016.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9635m_firmwaremdm9640_firmwaresd_820asdm632_firmwaremsm8996au_firmwaresdm632sdm439mdm9650sdm429sd_615_firmwaremsm8909w_firmwaremsm8996aumdm9645sd_650sd_820sd_450_firmwaresd_410sd_820a_firmwaresd_652sd_425_firmwaresd_625_firmwaresd_450sdm636mdm9635msd_835_firmwaresdm429_firmwaremdm9650_firmwaresd_835sda660sd_210_firmwaresd_415_firmwaresd_652_firmwaremsm8909wsd_616_firmwaresd_205_firmwaresd_415sd_650_firmwaresd_212sd_427_firmwaresd_412sdm636_firmwaresd_616sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435mdm9655_firmwaresd_615sdm630sd_625sd_210mdm9607sd_820_firmwaremdm9645_firmwaresd_212_firmwaremdm9655sdm439_firmwaresd_412_firmwaresdm630_firmwaresda660_firmwaresd_427sd_430sd_810sd_435_firmwaresd_410_firmwaresd_205sd_810_firmwaresdm660_firmwaremdm9640Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CVE-2022-22097
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.07% / 21.28%
||
7 Day CHG~0.00%
Published-02 Sep, 2022 | 11:31
Updated-03 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption in graphic driver due to use after free while calling multiple threads application to driver. in Snapdragon Consumer IOT

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9341qcs610wcn3980wcn3950wcd9370_firmwarewsa8815wcn3950_firmwarewsa8815_firmwarewsa8810_firmwarewcd9341_firmwareqcs610_firmwarewsa8810qcs410_firmwarewcn3980_firmwareqcs410wcd9370Snapdragon Consumer IOT
CWE ID-CWE-416
Use After Free
CVE-2017-18308
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.21% / 43.16%
||
7 Day CHG~0.00%
Published-26 Oct, 2018 | 13:00
Updated-05 Aug, 2024 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Modem segments are unlocked after authentication, leaving modem segments open to all in Snapdragon Mobile, Snapdragon Wear in version MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_425_firmwaremsm8909w_firmwaremdm9607sd_210sd_212_firmwaresd_205sd_210_firmwaresd_205_firmwaremsm8909wsd_425sd_430_firmwaremdm9607_firmwaresd_212sd_430Snapdragon Mobile, Snapdragon Wear
CVE-2017-18316
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.07%
||
7 Day CHG~0.00%
Published-28 Nov, 2018 | 15:00
Updated-05 Aug, 2024 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Secure application can access QSEE kernel memory through Ontario kernel driver in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24, SXR1130.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_820amsm8996au_firmwaresd_425sdx24sd_430_firmwaremdm9607_firmwaremdm9650sd_625sd_210mdm9607msm8996ausd_820_firmwaresd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwaremdm9206sd_425_firmwaresd_212_firmwaresd_850_firmwaresdx24_firmwaresd_625_firmwaresd_450sda845_firmwaresda660_firmwaresd_845mdm9206_firmwaresd_430sd_835_firmwaremdm9650_firmwaresd_835sd_205sda660sxr1130_firmwaresd_210_firmwaresda845sxr1130sd_205_firmwaresd_212Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CVE-2017-18282
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.17%
||
7 Day CHG~0.00%
Published-23 Oct, 2018 | 13:00
Updated-05 Aug, 2024 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Non-secure SW can cause SDCC to generate secure bus accesses, which may expose RPM access in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SDA660.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9206sd835_firmwaresd212_firmwaresd430sd212sd625_firmwaresda660_firmwaresd650_firmwaremdm9206_firmwaremdm9607_firmwaresd430_firmwaremdm9650sd450_firmwaresd425_firmwaresd205sd210mdm9607sd205_firmwaremdm9650_firmwaresd450sd652_firmwaresda660sd835sd650sd425sd652sd210_firmwaresd625Snapdragon Mobile, Snapdragon Wear
CVE-2017-18280
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.24%
||
7 Day CHG~0.00%
Published-20 Sep, 2018 | 13:00
Updated-05 Aug, 2024 | 21:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Snapdragon (Automobile, Mobile, Wear) in version MDM9607, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SDM429, SDM439, SDM632, Snapdragon_High_Med_2016, when a Trusted Application has opened the SPI/I2C interface to a particular device, it is possible for another Trusted Application to read the data on this open interface by calling the SPI/I2C read function.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm632_firmwaremsm8996au_firmwaresd430sd625_firmwaresdm632sd650_firmwaresdm439mdm9607_firmwaresdm429sd425_firmwaresd205msm8909w_firmwaremdm9607msm8996ausd205_firmwaresd617_firmwaresd820a_firmwaresd652_firmwaresd425sd652sd210_firmwaresd427_firmwaresd625sd435sd212_firmwaresd835_firmwaresd435_firmwaresdm439_firmwaresd427sd212sd820_firmwaresd430_firmwaresd450_firmwaresd210sdm429_firmwaresd820sd835sd650sd820amsm8909wsd450sd617Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CVE-2017-18276
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.75%
||
7 Day CHG~0.00%
Published-06 May, 2019 | 22:46
Updated-05 Aug, 2024 | 21:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Secure camera logic allows display/secure camera controllers to access HLOS memory during secure display or camera session in Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SD 845, SD 850

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9206sd_850sd_212_firmwaresd_850_firmwaresd_845mdm9206_firmwaremdm9607_firmwaremdm9650sd_210mdm9607mdm9650_firmwaresd_835_firmwaresd_835sd_205sd_210_firmwaresd_845_firmwaresd_205_firmwaresd_212Snapdragon Mobile, Snapdragon Wear
CVE-2017-18157
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 26.41%
||
7 Day CHG~0.00%
Published-06 May, 2019 | 22:31
Updated-05 Aug, 2024 | 21:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Use After Free Condition can occur in Thermal Engine in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDX20.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_820amsm8996au_firmwaresdx20sd_415sd_616sd_425mdm9607_firmwaresd_615mdm9650sd_650_firmwaresd_625sd_615_firmwaremsm8909w_firmwaremdm9607msm8996ausd_210sd_650sd_820_firmwaresd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwaremdm9206sd_652sd_425_firmwaresd_212_firmwaresd_625_firmwaresd_450sd_845mdm9206_firmwaresd_835_firmwaremdm9650_firmwaresdx20_firmwaresd_835sd_205sd_210_firmwaresd_415_firmwaresd_652_firmwaremsm8909wsd_616_firmwaresd_205_firmwaresd_212Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-416
Use After Free
CVE-2023-43545
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 5.96%
||
7 Day CHG~0.00%
Published-03 Jun, 2024 | 10:05
Updated-27 Jan, 2025 | 19:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Integer Overflow or Wraparound in WLAN HOST

Memory corruption when more scan frequency list or channels are sent from the user space.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6584au_firmwareqca6554aqcc2076_firmwareqca8337_firmwarewcd9335_firmwareqfw7124_firmwareqca6696_firmwareqcc710qca8081_firmwareqcc2073_firmwareqca6595au_firmwareqca6584auqcn6224_firmwareqfw7114_firmwareqca8081snapdragon_660_mobileqca6554a_firmwarewcn3990qca6564ausd660qcn6224snapdragon_x75_5g_modem-rfqcn6274_firmwareqfw7114fastconnect_7800wcn3990_firmwarear8035fastconnect_7800_firmwareqca6564au_firmwareqcc2073sd660_firmwarewcd9341_firmwarewcd9340qca6595_firmwareqca8337wcn3980_firmwareqcc710_firmwarear8035_firmwareqcn6274qfw7124qca6574aqca6595qca6574a_firmwareqcc2076wcd9341wcn3980qca6574auqca6574wcd9340_firmwarewcd9335qca6574_firmwareqca6696qca6595ausnapdragon_660_mobile_firmwareqca6574au_firmwaresnapdragon_x75_5g_modem-rf_firmwareSnapdragonqca6564au_firmwareqca8337_firmwareqca6584au_firmwareqcn6274_firmwarewcn3990_firmwareqca6696_firmwareqca6595_firmwarewcd9335_firmwareqfw7114_firmwareqcc2076_firmwareqca6554a_firmwaresnapdragon_x75_5g_modem-rf_system_firmwareqcc2073_firmwareqca6574_firmwarewcd9340_firmwareqcc710_firmwareqcn6224_firmwaresnapdragon_660_mobile_platform_firmwareqca6574a_firmwaresd660_firmwarewcd9341_firmwarefastconnect_7800_firmwareqca6574au_firmwareqca6595au_firmwareqca8081_firmwarewcn3980_firmwareqfw7124_firmwarear8035_firmware
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2017-17767
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.22%
||
7 Day CHG~0.00%
Published-23 Feb, 2018 | 23:00
Updated-17 Sep, 2024 | 03:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all Qualcomm products with Android releases from CAF using the Linux kernel, the IL client may free a buffer OMX Video Encoder Component and then subsequently access the already freed buffer.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-17765
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.52%
||
7 Day CHG~0.00%
Published-23 Feb, 2018 | 23:00
Updated-17 Sep, 2024 | 04:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all Qualcomm products with Android releases from CAF using the Linux kernel, multiple values received from firmware are not properly validated in wma_get_ll_stats_ext_buf() and are used to allocate the sizes of buffers and may be vulnerable to integer overflow leading to buffer overflow.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2017-15861
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.61%
||
7 Day CHG~0.00%
Published-23 Feb, 2018 | 23:00
Updated-16 Sep, 2024 | 20:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all Qualcomm products with Android releases from CAF using the Linux kernel, in the function wma_roam_synch_event_handler, vdev_id is received from firmware and used to access an array without validation.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2018-11262
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.52%
||
7 Day CHG~0.00%
Published-04 Sep, 2018 | 16:00
Updated-05 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel while trying to find out total number of partition via a non zero check, there could be possibility where the 'TotalPart' could cross 'GptHeader->MaxPtCnt' and which could result in OOB write in patching GPT.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-682
Incorrect Calculation
CVE-2013-2596
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.59% / 68.20%
||
7 Day CHG~0.00%
Published-13 Apr, 2013 | 01:00
Updated-27 Aug, 2025 | 20:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-10-06||Apply updates per vendor instructions.

Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted /dev/graphics/fb0 mmap2 system calls, as demonstrated by the Motochopper pwn program.

Action-Not Available
Vendor-n/aQualcomm Technologies, Inc.Linux Kernel Organization, IncMotorola Mobility LLC. (Lenovo Group Limited)
Product-msm8960linux_kernelrazr_mrazr_hdatrix_hdandroidn/aKernel
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-11223
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.75%
||
7 Day CHG~0.00%
Published-22 Feb, 2021 | 06:25
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound in camera driver due to lack of check of validation of array index before copying into array in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qpm5679_firmwareqcs610qdm5579qdm2307qfs2608_firmwareqfs2530qpm8870_firmwareqpa8802qpm6585_firmwareqat3519qbt2000_firmwareqat5522_firmwarewcn3950_firmwarepm8150aqdm5670qca6595au_firmwareqpa5581_firmwarepm7150lqpa8821smr546_firmwareqdm5671qpm4650_firmwareqat3518pm456_firmwareqpa5580_firmwarewcn3998smr526_firmwarewcn3950sd720gwcn3660bqdm2305_firmwareqpm5670_firmwareqdm5652sd6905gqpa4360_firmwareqpm8870wcd9375_firmwarewcn3998_firmwareqpm5679qbt2000pm855pqca6420pm6150aqpm6670_firmwarepmx50_firmwaresdr735gpm660_firmwarepm8150bqdm3301_firmwareqsm7250qca6430qat3522pmr735asd765grsw8577_firmwareqdm2308_firmwaresdr660wcn6851qpa6560qfs2630_firmwaresdr675_firmwaresdr865qdm5620_firmwarewcd9341sm7350_firmwaresmr545qdm4643_firmwareqca6696_firmwareqln5020qet4100_firmwaresd750gqdm3302pm6350qdm5621qtc800sqpm5875_firmwareqat3514_firmwarewsa8830_firmwaresd855_firmwaresd660qdm5650wcn3988sd660_firmwaresdr052smb1390qat5516_firmwarepm6150lsd8885gpm855l_firmwareqet4100wcn3610qpa8686_firmwareqpm6585wcn3991sda429w_firmwarewcd9380_firmwaresmb1355qln4650qpa8801sdr735g_firmwarepm8350bhs_firmwareqat5568qet5100qdm5671_firmwareqpa8801_firmwarepm8150l_firmwareqat5533_firmwaresdx55m_firmwareqtm527_firmwarewcn6856_firmwareqpa8673_firmwarepm6150qet4101_firmwarepm7250bqln4642_firmwareqfs2630qpa8842sdr052_firmwarewcd9380smb1355_firmwarepm7250b_firmwaresmb1351_firmwareqcs410pmk8350_firmwaresmb1381pm855p_firmwaresdx50m_firmwaresdr735pm7250smb1395pm660lqpa8803smr526qca6430_firmwarepmk8003qtc801s_firmwarewcd9335_firmwareqat3522_firmwarewcn3980pm7350c_firmwareqdm2301wsa8815wcn6850qdm5621_firmwareqdm2301_firmwaresmb1394pm8350_firmwarewcn3660b_firmwarepm8009wcn3980_firmwaresd730sdr051_firmwarepm660l_firmwaresdx55mpm6250_firmwarewcn6740_firmwarepm8008pm8350b_firmwareqtm525_firmwareqat3518_firmwaresd6905g_firmwareqpm5621_firmwarepm855lwcn6851_firmwarersw8577qdm5670_firmwareqpa6560_firmwaresd8655gqpa8802_firmwarepm7150a_firmwarepm8150b_firmwareqpm5621qpm6582smr545_firmwarepm8009_firmwareqdm2310_firmwareqfs2580_firmwaresd8885g_firmwarepm8150lqcs610_firmwareqdm5677pm855_firmwarepm660a_firmwarepm855b_firmwareqpm6582_firmwareqca6391_firmwarewcd9370_firmwareqln4650_firmwareqat3516_firmwareqpm5875sdx55qet5100msd675pm8350bhsqet4101qat3555_firmwareqat3516qpa8803_firmwareqpm5658pm855bqpm5658_firmwareqpm5870wcn3991_firmwareqdm5652_firmwarewsa8830sdr051pm660qet6110_firmwareqdm5579_firmwareqln5030qbt1500qpa5581pmi632qpa2625_firmwarepm456pm8350bh_firmwarepmr735b_firmwareqbt1500_firmwareqet5100_firmwareqpm5870_firmwareqpm4621qet6100_firmwareqet6100sd765g_firmwareqpa8686qca6420_firmwaresmb1394_firmwareqca6390_firmwaresmb1396sd730_firmwarepm7150awcd9370sd675_firmwarepm8350qpa5461_firmwarepm8350c_firmwareqca6584au_firmwarewcn3990_firmwareqpm5641pmi632_firmwarewcd9385_firmwareqdm5650_firmwareqpa4340_firmwareqat5516pm7250_firmwareqdm5620qpa8821_firmwarepm8350bhpmk8002_firmwarepm3003aqdm4650_firmwaresdx55_firmwareqat5533qca6595ausm7250p_firmwarewcn3610_firmwaresm7350qsm7250_firmwareqpm6670pm7150l_firmwareqca6584auqdm2305qpm8820qpm4641qat5515_firmwareqln5020_firmwarepm855qpm8830_firmwarepm8250smb1398qdm4643qfs2530_firmwarewcn3988_firmwarepmx55qpm4641_firmwaresdr675pm8150c_firmwareqpa8842_firmwareqdm3301sdr735_firmwareqat3519_firmwaresm6250wsa8810_firmwareqpm5677qat5515sd765_firmwareqat3514wcd9335qdm5677_firmwarepm6350_firmwarepm8004_firmwaresdr8150_firmwarewcd9385pmk7350_firmwareqat3550_firmwareqln5040_firmwareqpm4630qca6390wcd9375sd750g_firmwareaqt1000qpa8673sm6250_firmwareqdm2310qln5030_firmwareqln4642sda429wqpm5677_firmwarewcn3620_firmwarewsa8815_firmwaresmb1396_firmwaresmr525_firmwarewcn6850_firmwarepmk7350wcn3620qpm8820_firmwarewsa8835_firmwareqpm6621_firmwaresmr546qet6110qln5040qpm8895qpm5670wcn3990pmx55_firmwareqtm527pmk8350smb1398_firmwareqpm8830qdm3302_firmwarepm8350bqat5522qdm2307_firmwarewsa8835pm8150cpmr735bqpa4360pmk8003_firmwaresdr660_firmwareqca6574aqpm4640_firmwaresmb1390_firmwareqdm5679_firmwarepm8350csmr525qpm4640pm6150l_firmwarepm7350cpm8150a_firmwareqet5100m_firmwareqpm4650qtm525sd855pm6150a_firmwarepm6150_firmwaresd765qca6574a_firmwareqpm4630_firmwaresd768g_firmwaresdr865_firmwareqat3555pm8250_firmwaresmb1351qca6391qpa5461aqt1000_firmwareqpm8895_firmwarepm660aqpa4340sdx50msdr8150qfs2608qtc801ssmb1395_firmwareqdm4650qpm5641_firmwarepm8008_firmwaresd8655g_firmwarewcd9341_firmwareqpm6621wsa8810pmr735a_firmwareqat5568_firmwareqdm2308pmx50qat3550wcn6856qdm5679sd768gpm3003a_firmwarewcn6740qca6696qtc800s_firmwaresmb1381_firmwarepm8004pmk8002qpa2625sm7250psd720g_firmwareqpm4621_firmwareqcs410_firmwarepm6250qpa5580Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-11202
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.87%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 10:00
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow/underflow occurs when typecasting the buffer passed by CPU internally in the library which is not aligned with the actual size of the structure' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in QCM6125, QCS410, QCS603, QCS605, QCS610, QCS6125, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SDA640, SDA670, SDA845, SDM640, SDM670, SDM710, SDM830, SDM845, SDX50M, SDX55, SDX55M, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM7125, SM7150, SM7150P, SM8150, SM8150P

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm6250p_firmwareqcs610sm6125sdm640sdm845sdx55m_firmwaresm7150_firmwaresm6150sm7150sm6250psa6155qcs410sdm670sda640_firmwareqcs605_firmwaresdx50m_firmwareqcs6125_firmwaresdm670_firmwaresm7150psda845_firmwaresda670qcs605sa8155sdx55_firmwaresa6155_firmwaresdx55msm6150p_firmwaresda845sm7125sa6155p_firmwaresda640sdx50mqcs6125qcs603sa8155_firmwaresa6145p_firmwaresa8155p_firmwaresdm710sm6250sdm830_firmwaresdm710_firmwaresda670_firmwareqcm6125sa6155pqcs610_firmwareqcs603_firmwaresa6145psm8150_firmwaresm7150p_firmwaresm7125_firmwaresdx55sm6250_firmwaresa8155psm6150_firmwaresm8150p_firmwaresm8150sdm830sdm640_firmwareqcs410_firmwaresm6125_firmwaresm8150psm6150pqcm6125_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-11237
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.03% / 7.75%
||
7 Day CHG~0.00%
Published-07 Apr, 2021 | 07:55
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory crash when accessing histogram type KPI input received due to lack of check of histogram definition before accessing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qpm5679_firmwaresm6250p_firmwareqpm5620_firmwareqca8337qdm2307qca6431_firmwareqfs2530qpm8870_firmwareqpa8802qpm6585_firmwareqat3519qbt2000_firmwareqat5522_firmwarewcn3950_firmwarepm8150aqtc800hqdm5670sdr8250_firmwareqca6595au_firmwareqpa5581_firmwarepm7150lqpa8821qdm5671qpm4650_firmwareqat3518pm456_firmwareqpa5580_firmwaresa415mwcn3998smr526_firmwarewcn3950sd720gqdm2305_firmwareqpm5670_firmwareqdm5652sd6905gqca6574au_firmwareqpm8870wcd9375_firmwarewcn3998_firmwareqpm5679qbt2000pm6150aqpa8675_firmwaresdr735gpm8150bqdm3301_firmwareqsm7250pmr735asd765gqdm2308_firmwaresdr660qca6436wcn6851qpa6560sdr675_firmwaresdr865qdm5620_firmwarewcd9341qca6431qca6696_firmwareqln5020qet4100_firmwaresd870_firmwaresd750gqpm5657pm6350qdm5621wsa8830_firmwaresd855_firmwareqdm5650wcn3988smb1390qat5516_firmwarepm6150lpm855l_firmwareqet4100qpa8686_firmwareqpm6585wcn3991qca8337_firmwarewcd9380_firmwaresmb1355qln4650qpa8801sdr735g_firmwareqet5100qdm5671_firmwareqpa8801_firmwareqca6564aupm8150l_firmwareqat5533_firmwaresdx55m_firmwareqtm527_firmwaresdxr25gqpa8673_firmwarepm6150qet4101_firmwarepm7250bqln4642_firmwareqpa8842wcd9380smb1355_firmwarepm7250b_firmwareqln4640smb1381sdr735pm7250smb1395qpa8803smr526wcn3980pmk8003qtc801s_firmwaresdxr25g_firmwareqdm2301wsa8815wcn6850qdm5621_firmwareqdm2301_firmwareqca6426_firmwarepm8009wcn3980_firmwareqpa8675sd730sdx55mpm6250_firmwareqca6421_firmwarepm8008qtm525_firmwareqat3518_firmwaresd6905g_firmwaresd678_firmwareqpm5621_firmwarepm855lqln1021aq_firmwarewcn6851_firmwareqdm5670_firmwareqpa6560_firmwaresd8655gqpa8802_firmwareqln4640_firmwarepm7150a_firmwarepm8150b_firmwareqpm5621qpm6582pm8009_firmwareqdm2310_firmwareqfs2580_firmwaresd480sd870pm8150lqdm5677pm855_firmwarepm855b_firmwareqpm6582_firmwareqca6391_firmwarewcd9370_firmwareqln4650_firmwareqat3516_firmwaresdx55sd675qet4101qat3555_firmwareqat3516qpa8803_firmwareqpm5658pm855bqln1031qpm5658_firmwarewcn3991_firmwareqdm5652_firmwarewsa8830sd678qet6110_firmwareqln5030qbt1500qpa5581pmi632qpa2625_firmwarepm456csrb31024pmr735b_firmwarepmx24_firmwareqbt1500_firmwareqet5100_firmwareqet6100_firmwareqet6100sd765g_firmwareqpa8686qca6390_firmwaresmb1396sd730_firmwarepm7150awcd9370sd675_firmwarepmr525_firmwareqca6426qca6584au_firmwarewcn3990_firmwarepmi632_firmwarewcd9385_firmwareqdm5650_firmwareqat5516pm7250_firmwareqdm5620qln1021aqqpa8821_firmwarepmk8002_firmwarepm3003aqln1031_firmwaresdx55_firmwareqat5533qca6595ausm7250p_firmwareqca6436_firmwareqsm7250_firmwarepm7150l_firmwareqca6564au_firmwareqca6584auqdm2305qpm8820qat5515_firmwareqln5020_firmwarepm855qpm8830_firmwarepm8250qfs2530_firmwaresa415m_firmwarepmx55wcn3988_firmwaresdr675pm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresdr735_firmwaresm6250wsa8810_firmwareqpm5677qat5515sd765_firmwareqdm5677_firmwarepm6350_firmwaresdr8150_firmwarewcd9385qtc800h_firmwareqpm5620qln5040_firmwareqca6390wcd9375sd750g_firmwareqpa8673sm6250_firmwareqdm2310qln5030_firmwareqln4642qpm5677_firmwarewsa8815_firmwaresmb1396_firmwaresmr525_firmwarewcn6850_firmwarewsa8835_firmwareqpm8820_firmwarepmx24qet6110qln5040qpm8895qpm5670wcn3990pmx55_firmwareqtm527qpm8830qdm2307_firmwareqat5522wsa8835pm8150cpmr735bqpm5657_firmwaresm6250ppmk8003_firmwaresdr660_firmwareqca6574asmb1390_firmwareqdm5679_firmwaresmr525pm6150l_firmwarepmr525pm8150a_firmwareqpm4650qtm525qln1036aq_firmwaresd855pm6150a_firmwarepm6150_firmwaresd765qca6574a_firmwaresd768g_firmwaresdr865_firmwareqat3555pm8250_firmwareqca6391qpm8895_firmwarecsrb31024_firmwaresdr8150sd480_firmwareqln1036aqqtc801ssmb1395_firmwareqca6574aupm8008_firmwaresd8655g_firmwarewcd9341_firmwarewsa8810pmr735a_firmwareqdm2308qdm5679sdr8250sd768gpm3003a_firmwareqca6696smb1381_firmwareqpa2625pmk8002sm7250psd720g_firmwarepm6250qpa5580Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile
CWE ID-CWE-20
Improper Input Validation
CVE-2020-11228
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.05%
||
7 Day CHG~0.00%
Published-17 Mar, 2021 | 06:00
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Part of RPM region was not protected from xblSec itself due to improper policy and leads to unprivileged access in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9360_firmwarepm6125qat3519qbt2000_firmwarepm855a_firmwarewcn3950_firmwareqtc800hsdr8250_firmwareqcs2290pm8998_firmwaresmr546_firmwarewtr5975_firmwaresdr425_firmwarewcn3998smr526_firmwarewcn3950sm4125qpa5460pm640a_firmwareqsw8573_firmwarewgr7640_firmwareqsw8574_firmwaresd460_firmwareqca6574au_firmwareqpa4360_firmwarewcd9375_firmwarewcn3998_firmwareqbt2000pm855pqca6420wcd9360pm6150apmx50_firmwarewhs9410_firmwaresdr735gqpa5460_firmwarewcn3999sa8155_firmwaresd662_firmwareqcs405qca6430qat3522wcd9340sdm830_firmwaresdr660sa6155pqpa6560sdr865wcd9341smr545qca6696_firmwarepmm855au_firmwarewcn3910_firmwaresd_8cxpm6350qtc800ssd855_firmwarewcn3988wtr3925pm640p_firmwaresdr052sa8195p_firmwaresmb1390qat5516_firmwarepm6150lpm855l_firmwareqtc410swcn3991smb1355sdr735g_firmwarewgr7640qet5100sdx55m_firmwarepm8005_firmwareqpa8673_firmwarepm6150qet4101_firmwaresmb1354_firmwarepm7250bsdr052_firmwaresmb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwaresmb1381pm855p_firmwaresdx50m_firmwaresdr735sdx24_firmwaresmr526wtr5975qca6430_firmwarepmk8003qtc801s_firmwarewcn3980qat3522_firmwareqdm2301qsw8573wcd9340_firmwarewsa8815wcn6850wcn3910qdm2301_firmwaresd_8c_firmwarepm8350_firmwareqca9984wcn3980_firmwaresdr051_firmwaresdx55mpm8008qtm525_firmwareqsw8574pmi8998pm855lqpa6560_firmwaresmr545_firmwarepm4250_firmwareqcm4290_firmwaresd480pmi8998_firmwarepm8005pm855_firmwarepm4250qdm2302pm855b_firmwareqca6595_firmwareqcs405_firmwarewtr2965pm640l_firmwarewcd9370_firmwaresdx55sa8155psd675qet4101qat3555_firmwarepm855bar8035_firmwareqcm2290wcn3991_firmwaresdr051pm6125_firmwarepm4125qbt1500qcs2290_firmwarepmi632pmx24_firmwareqbt1500_firmwareqet5100_firmwareqcs4290sdr660gpmm855auqca6420_firmwareqca6390_firmwaresmb1396wcd9370sd675_firmwarepm8350qpa4361_firmwaresdr425wcn3990_firmwareqca9984_firmwarepmi632_firmwaresd_8cx_firmwarewcd9385_firmwarewhs9410qat5516sd662sdr660g_firmwarepmk8002_firmwareqsw6310_firmwaresa8155sdx55_firmwarewcn3999_firmwaresmb1354sa6155p_firmwareqat5515_firmwarepm855wcn3988_firmwarepmx55sdr735_firmwareqat3519_firmwaresa8195pwsa8810_firmwareqat5515pm6350_firmwarepm8004_firmwaresdr8150_firmwareqcs4290_firmwarewcd9385qtc800h_firmwareqdm2302_firmwareqat3550_firmwarepm4125_firmwarear8035qca6390wcd9375aqt1000qpa8673pmm8195auwtr3925_firmwaresd888_5g_firmwaresmb1396_firmwarepm8998wcn6850_firmwarewsa8815_firmwaresmr546pmx24qcm2290_firmwarewcn3990pmx55_firmwareqca6595sdx24sd665_firmwaresd888_5gqpa4360pm855apmk8003_firmwaresdr660_firmwareqca6574aqpa4361smb1390_firmwarepm6150l_firmwareqtm525sd855sm4125_firmwaresd665pm6150a_firmwarepm6150_firmwarepm640pqca6574a_firmwaresdr865_firmwareqat3555sd460smb1351aqt1000_firmwarewtr2965_firmwareqcm4290sdx50mpm640asdr8150sd480_firmwareqtc801spmd9655qca6574ausa8155p_firmwareqsw6310pm8008_firmwarewcd9341_firmwarewsa8810qtc410s_firmwareqat3550pmx50sd_8csdr8250qca6696qtc800s_firmwaresmb1381_firmwarepm8004pm640lpmk8002pmm8195au_firmwaresdm830Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CVE-2020-11162
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.81%
||
7 Day CHG~0.00%
Published-02 Nov, 2020 | 06:21
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Possible buffer overflow in MHI driver due to lack of input parameter validation of EOT events received from MHI device side' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in Agatti, APQ8009, Bitra, IPQ4019, IPQ5018, IPQ6018, IPQ8064, IPQ8074, Kamorta, MDM9607, MSM8917, MSM8953, Nicobar, QCA6390, QCM2150, QCS404, QCS405, QCS605, QM215, QRB5165, Rennell, SA415M, SA515M, SA6155P, SA8155P, Saipan, SC8180X, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM710, SDM845, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-ipq5018_firmwarekamorta_firmwareqcm2150_firmwaresdm429wsdm632_firmwaresdm845sdm450_firmwaresdm632sdm439qcs404_firmwaresdm429sm7150_firmwaresm6150agatti_firmwaresdm429w_firmwaresm7150qca6390_firmwareapq8009_firmwaremsm8917sxr2130qcs605_firmwaresc8180xipq4019_firmwareqcs404ipq8074ipq5018sa415mbitraipq6018_firmwaresa515mqcs605bitra_firmwaresdm429_firmwareipq8064sdx55_firmwareapq8009agattiipq8064_firmwarenicobarsa6155p_firmwaremsm8953sdm450sa515m_firmwareqrb5165_firmwareqrb5165qcm2150mdm9607_firmwaresm8250_firmwaresc8180x_firmwaresa415m_firmwareqcs405ipq8074_firmwaresa8155p_firmwareqm215sdm710mdm9607sdm710_firmwaresa6155pipq6018sm8150_firmwaresxr2130_firmwaresdm439_firmwareqcs405_firmwarerennellrennell_firmwareqca6390qm215_firmwareipq4019sdx55msm8953_firmwaresaipan_firmwaresm6150_firmwaresa8155pmsm8917_firmwaresm8250sm8150kamortasaipannicobar_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-11129
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.64%
||
7 Day CHG~0.00%
Published-09 Sep, 2020 | 06:25
Updated-04 Aug, 2024 | 11:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'During the error occurrence in capture request, the buffer is freed and later accessed causing the camera APP to fail due to memory use-after-free' in Snapdragon Consumer IOT, Snapdragon Mobile in Bitra, Kamorta, QCS605, Saipan, SDM710, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sxr2130saipan_firmwaresm8250kamorta_firmwaresdm710bitra_firmwaresxr2130_firmwaresdm710_firmwarekamortabitrasm8250_firmwaresaipanqcs605qcs605_firmwareSnapdragon Consumer IOT, Snapdragon Mobile
CWE ID-CWE-416
Use After Free
CVE-2020-11194
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.75%
||
7 Day CHG~0.00%
Published-22 Feb, 2021 | 06:25
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound access in TA while processing a command from NS side due to improper length check of response buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qpm5679_firmwaresa6150p_firmwareqpm5620_firmwareqdm2307qca6431_firmwareqfs2608_firmwareqfs2530qpm8870_firmwareqpa8802qpm6585_firmwarepm6125qat3519qbt2000_firmwareqat5522_firmwarewcn3950_firmwarepm8150aqtc800hqdm5670sa8150p_firmwareqca6595au_firmwareqcs2290qpa5581_firmwaresa6155sdr8250_firmwarepm7150lqpa8821smr546_firmwareqdm5671qpm4650_firmwareqat3518pm456_firmwareqpa5580_firmwaresdr425_firmwarewcn3998smr526_firmwarewcn3950sm4125sd720gwgr7640_firmwareqdm2305_firmwareqsm8350_firmwareqpm5670_firmwaresd710_firmwareqsm8350sd460_firmwareqdm5652qca6574au_firmwareqpm8870wcd9375_firmwarewcn3998_firmwareqpm5679qbt2000sa6155_firmwarepm855pqca6420pm6150aqpm6670_firmwarepmx50_firmwaresdr735gpm660_firmwarewcn3999pm8150bqdm3301_firmwareqsm7250sa8155_firmwaresd662_firmwareqcs405qca6430pmr735asd765gqdm2308_firmwaresdr660qca6436wcn6851sa6155pqpa6560qfs2630_firmwaresdr675_firmwaresdr865qdm5620_firmwarewcd9341smr545qdm4643_firmwareqca6696_firmwareqca6431qln5020sd750gpmm855au_firmwarewcn3910_firmwaresm4350_firmwaresa8150pqpm5657pm6350qdm5621qtc800sqpm5875_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwareqdm5650wcn3988wtr3925sdr052sa8195p_firmwaresmb1390wcn6750_firmwareqat5516_firmwarepm6150lpm855l_firmwareqpa8686_firmwareqpm6585qtc410swcn3991wcd9380_firmwaresmb1355qln4650qpa8801sdr735g_firmwarewgr7640qat5568qet5100qdm5671_firmwareqpa8801_firmwarepm8150l_firmwareqat5533_firmwaresdx55m_firmwareqpa8673_firmwarepm6150qet4101_firmwaresmb1354_firmwaresd670_firmwareqca6574pm7250bqln4642_firmwareqfs2630qpa8842sdr052_firmwarewcd9380smb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwarepmk8350_firmwaresmb1381pm855p_firmwaresd690_5g_firmwaresdx50m_firmwaresdr735pm7250smb1395pm660lqpa8803smr526qca6430_firmwarepmk8003qtc801s_firmwarewcn3980qdm2301wsa8815wcn6850wcn3910qdm5621_firmwareqdm2301_firmwareqca6426_firmwarepm8350_firmwareqca9984pm8009wcn3980_firmwaresd730sdr051_firmwarepm660l_firmwaresdx55mpm6250_firmwareqca6421_firmwarepm8008pm8350b_firmwareqtm525_firmwareqat3518_firmwareqpm5621_firmwarepm855lwcn6851_firmwareqdm5670_firmwareqpa6560_firmwareqpa8802_firmwarepm7150a_firmwarepm8150b_firmwareqpm5621qpm6582sd670pm8009_firmwaresmr545_firmwareqdm2310_firmwareqfs2580_firmwarepm4250_firmwareqcm4290_firmwarepm8150lqdm5677qsm8250sa6145ppm855_firmwarepm4250pmm6155aupm855b_firmwareqcs405_firmwareqpm6582_firmwarewtr2965qca6391_firmwarewcd9370_firmwareqln4650_firmwareqat3516_firmwareqpm5875sdx55qet5100msa8155psd675qet4101qat3555_firmwareqat3516qpa8803_firmwareqpm5658pm855bar8035_firmwareqcm2290qsm8250_firmwareqpm5658_firmwareqpm5870wcn3991_firmwareqdm5652_firmwarewsa8830pmm8155au_firmwarepm660qet6110_firmwaresdr051qln5030pm6125_firmwareqcs2290_firmwareqbt1500pm4125qpa5581pmi632qpa2625_firmwarepm456pm8350bh_firmwarepmr735b_firmwareqbt1500_firmwareqet5100_firmwareqpm5870_firmwareqpm4621qet6100_firmwareqcs4290qet6100pmm855ausd765g_firmwareqpa8686qca6420_firmwareqca6390_firmwaresd690_5gsmb1396pm7150asd730_firmwarewcd9370sd675_firmwarepm8350qpa5461_firmwaresdr425pm8350c_firmwarepmr525_firmwareqca6426wcn3990_firmwareqca9984_firmwareqpm5641pmi632_firmwarewcd9385_firmwareqdm5650_firmwaresdxr2_5g_firmwarewcd9326_firmwareqat5516pm7250_firmwareqdm5620sd662qpa8821_firmwarepm8350bhpmk8002_firmwarepm3003asa8155qdm4650_firmwaresdx55_firmwarepmm6155au_firmwareqat5533qca6595auwcn3999_firmwaresm7250p_firmwareqca6436_firmwareqsm7250_firmwareqpm6670smb1354pm7150l_firmwareqdm2305sa6155p_firmwareqpm8820qpm4641qat5515_firmwareqln5020_firmwarepm855qpm8830_firmwaresdxr2_5gpm8250smb1398qdm4643qfs2530_firmwarewcn3988_firmwarepmx55qpm4641_firmwaresa6145p_firmwaresdr675pm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresa8195psdr735_firmwaresm6250qpm5677qat5515wsa8810_firmwaresd765_firmwarewcd9326qdm5677_firmwarepm6350_firmwarepm8004_firmwaresdr8150_firmwareqcs4290_firmwarewcd9385qtc800h_firmwareqpm5620pmm8155auqln5040_firmwareqpm4630pm4125_firmwareqca6390wcd9375sd750g_firmwareaqt1000ar8035qpa8673sm6250_firmwarepmm8195auqdm2310qln5030_firmwareqln4642qpm5677_firmwarewsa8815_firmwaresd888_5g_firmwaresmr525_firmwarewtr3925_firmwaresmb1396_firmwarewcn6850_firmwareqpm8820_firmwarewsa8835_firmwareqpm6621_firmwaresmr546qet6110qln5040qcm2290_firmwareqpm8895qpm5670wcn3990pmx55_firmwaresd865_5gpmk8350smb1398_firmwareqpm8830pm8350bqat5522qdm2307_firmwarewsa8835pm8150cpmr735bsd665_firmwareqpm5657_firmwaresd888_5gpmk8003_firmwaresdr660_firmwareqca6574aqpm4640_firmwaresmb1390_firmwareqdm5679_firmwarepm8350csmr525qpm4640wcn6750pm6150l_firmwarepmr525pm8150a_firmwareqet5100m_firmwareqpm4650qtm525qca6574_firmwaresd855sm4125_firmwaresd665pm6150a_firmwarepm6150_firmwaresd765qca6574a_firmwareqpm4630_firmwaresd768g_firmwaresdr865_firmwareqat3555pm8250_firmwaresd460qca6391smb1351qpa5461aqt1000_firmwareqpm8895_firmwarewtr2965_firmwareqcm4290sdx50msdr8150qfs2608qtc801ssmb1395_firmwareqdm4650pmd9655qca6574auqpm5641_firmwaresd710sa8155p_firmwarepm8008_firmwarewcd9341_firmwareqpm6621wsa8810qtc410s_firmwarepmr735a_firmwareqat5568_firmwareqdm2308pmx50qdm5679sdr8250sd768gpm3003a_firmwareqca6696qtc800s_firmwaresm4350smb1381_firmwarepm8004pmk8002qpa2625sa6150ppmm8195au_firmwaresm7250psd720g_firmwareqpm4621_firmwarepm6250qpa5580Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-20
Improper Input Validation
CVE-2020-11245
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.03% / 7.75%
||
7 Day CHG~0.00%
Published-07 Apr, 2021 | 07:55
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unintended reads and writes by NS EL2 in access control driver due to lack of check of input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qpm5679_firmwareqpm5620_firmwareqdm2307qca6431_firmwareqfs2530qpm8870_firmwareqpa8802wcd9360_firmwareqpm6585_firmwarepm6125qat3519qbt2000_firmwareqat5522_firmwarewcn3950_firmwarepm8150aqtc800hqdm5670sdr8250_firmwareqcs2290qpa5581_firmwarepm7150lqpa8821pm8998_firmwaresmr546_firmwareqdm5671wtr5975_firmwareqpm4650_firmwareqat3518sd8cqpa5580_firmwaresdr425_firmwarewcn3998smr526_firmwarewcn3950sm4125qpa5460pm640a_firmwarewgr7640_firmwareqdm2305_firmwareqpm5670_firmwareqsw8574_firmwaresd460_firmwareqdm5652sd6905gqpa4360_firmwareqca6574au_firmwareqpm8870wcd9375_firmwarewcn3998_firmwareqpm5679qbt2000pm855pqca6420wcd9360pm6150awhs9410_firmwaresdr735gqpa5460_firmwarewcn3999pm8150bqdm3301_firmwareqsm7250sd662_firmwareqcs405qca6430qat3522pmr735awcd9340sdm830_firmwaresd765gqdm2308_firmwaresdr660qca6436wcn6851sa6155pqpa6560sdr865qdm5620_firmwarewcd9341smr545qca6431qln5020sd870_firmwaresd750gpmm855au_firmwarewcn3910_firmwareqpm5657pm6350qdm5621qtc800swsa8830_firmwaresd855_firmwareqet6105qdm5650wcn3988pm640p_firmwarewtr3925sa8195p_firmwaresmb1390wcn6750_firmwareqat5516_firmwarepm6150lsd8885gpm855l_firmwareqpa8686_firmwareqpm6585qtc410swcn3991wcd9380_firmwaresmb1355qln4650qpa8801sdr735g_firmwarewgr7640qet5100qdm5671_firmwareqpa8801_firmwarepm8150l_firmwareqat5533_firmwaresdx55m_firmwarepm8005_firmwaresdxr25gqpa8673_firmwarepm6150qet4101_firmwaresmb1354_firmwarepm7250bqln4642_firmwareqpa8842wcd9380smb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwarepm855p_firmwaresdr735pm7250smb1395qpa8803sdx24_firmwaresmr526wtr5975qca6430_firmwarepmk8003qtc801s_firmwarewcn3980qat3522_firmwaresdxr25g_firmwareqdm2301wcd9340_firmwarewsa8815wcn6850wcn3910qdm5621_firmwareqdm2301_firmwareqca6426_firmwarepm8350_firmwareqca9984pm8009wcn3980_firmwaresdx55mqca6421_firmwarepm8008qtm525_firmwareqat3518_firmwareqsw8574pmi8998sd6905g_firmwareqpm5621_firmwarepm855lwcn6851_firmwareqdm5670_firmwareqpa6560_firmwaresd8655gqpa8802_firmwarepm7150a_firmwarepm8150b_firmwareqpm5621qpm6582smr545_firmwarepm8009_firmwareqdm2310_firmwarepm4250_firmwareqfs2580_firmwareqcm4290_firmwaresd480sd870sd8885g_firmwarepm8150lpmi8998_firmwareqdm5677pm8005qsm8250pm855_firmwarepm4250pm855b_firmwareqca6595_firmwareqcs405_firmwareqpm6582_firmwarewtr2965qca6391_firmwarepm640l_firmwarewcd9370_firmwareqln4650_firmwareqat3516_firmwaresdx55sd675qet4101qat3555_firmwareqat3516qpa8803_firmwareqpm5658pm855bar8035_firmwareqcm2290qsm8250_firmwareqpm5658_firmwarewcn3991_firmwareqdm5652_firmwarewsa8830qet6110_firmwareqln5030pm6125_firmwareqcs2290_firmwareqbt1500pm4125qpa5581pmi632qpa2625_firmwarepmr735b_firmwarepmx24_firmwareqbt1500_firmwareqet5100_firmwareqet6100_firmwareqcs4290qet6100pmm855ausdr660gsd765g_firmwareqpa8686qca6420_firmwareqca6390_firmwaresmb1396pm7150awcd9370sd675_firmwarepm8350sdr425pmr525_firmwareqca6426wcn3990_firmwareqca9984_firmwarepmi632_firmwarewcd9385_firmwareqdm5650_firmwarewhs9410qat5516pm7250_firmwareqdm5620sd662qpa8821_firmwaresdr660g_firmwarepmk8002_firmwarepm3003asdx55_firmwareqat5533wcn3999_firmwaresm7250p_firmwareqca6436_firmwareqsm7250_firmwaresmb1354pm7150l_firmwareqdm2305sa6155p_firmwareqpm8820qat5515_firmwareqln5020_firmwarepm855qpm8830_firmwarepm8250qfs2530_firmwarewcn3988_firmwarepmx55pm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresa8195psdr735_firmwarewsa8810_firmwareqpm5677qat5515sd765_firmwareqdm5677_firmwarepm6350_firmwarepm8004_firmwaresdr8150_firmwareqcs4290_firmwarewcd9385qtc800h_firmwareqpm5620qat3550_firmwareqln5040_firmwarepm4125_firmwareqca6390wcd9375sd750g_firmwareaqt1000ar8035qpa8673qdm2310pmm8195auqln5030_firmwareqln4642qpm5677_firmwarewsa8815_firmwarewtr3925_firmwaresmr525_firmwarepm8998smb1396_firmwarewcn6850_firmwareqpm8820_firmwarewsa8835_firmwaresmr546pmx24qet6110qln5040qcm2290_firmwareqpm8895qpm5670wcn3990pmx55_firmwareqca6595sdx24qpm8830qdm2307_firmwareqat5522wsa8835pm8150cpmr735bqpm5657_firmwareqpa4360pmk8003_firmwaresdr660_firmwaresmb1390_firmwareqdm5679_firmwaresmr525wcn6750pm6150l_firmwarepmr525pm8150a_firmwareqpm4650qtm525sd855sm4125_firmwaresd8cxpm6150a_firmwarepm6150_firmwaresd765pm640psd768g_firmwaresdr865_firmwareqat3555pm8250_firmwaresd460qca6391sd8cx_firmwaresmb1351aqt1000_firmwaresd8c_firmwareqpm8895_firmwarewtr2965_firmwareqcm4290pm640asdr8150sd480_firmwareqtc801ssmb1395_firmwarepmd9655qca6574auqet6105_firmwarepm8008_firmwaresd8655g_firmwarewcd9341_firmwarewsa8810qtc410s_firmwarepmr735a_firmwareqdm2308qat3550qdm5679sdr8250sd768gpm3003a_firmwareqtc800s_firmwarepm8004pm640lpmk8002qpa2625pmm8195au_firmwaresm7250psdm830qpa5580Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-11294
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.04% / 11.23%
||
7 Day CHG~0.00%
Published-07 May, 2021 | 09:10
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound write in logger due to prefix size is not validated while prepended to logging string in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qpm5679_firmwaresa6150p_firmwareqca8337qca6431_firmwareqfs2608_firmwareqfs2530qpm8870_firmwareqpa8802wcd9360_firmwareqpm6585_firmwarepm6125qat3519qbt2000_firmwareqat5522_firmwarewcn3950_firmwarepm8150aqtc800hqdm5670sa8150p_firmwareqca6595au_firmwaresdr8250_firmwareqpa5581_firmwaresa6155pm7150lqpa8821pm8998_firmwareqcs605_firmwaresmr546_firmwareqdm5671wtr5975_firmwareqpm4650_firmwareqcs6125_firmwareqat3518qpa5580_firmwaresdr425_firmwarewcn3998smr526_firmwarewcn3950qpa5460pm640a_firmwareqsw8573_firmwarewcn3660bwgr7640_firmwareqdm2305_firmwareqpm5670_firmwareqsw8574_firmwaresd460_firmwareqdm5652qca6574au_firmwareqpa4360_firmwareqpm8870wcd9375_firmwarewcn3998_firmwareqpm5679qbt2000sa6155_firmwarewcd9360pm6150aqpm6670_firmwaresdr735gqpa5460_firmwarepm8150bqdm3301_firmwareqsm7250qcs6125sa8155_firmwaresd662_firmwareqat3522pmr735awcd9340sdm830_firmwaresd765gqualcomm215_firmwaresdr660qca6436wcn6851sa6155pqpa6560qfs2630_firmwaresdr865qdm5620_firmwarewcd9341smr545qdm4643_firmwareqca6696_firmwareqca6431qln5020sd870_firmwarepmm855au_firmwaresa8150ppm6350qdm5621qtc800sqpm5875_firmwarewsa8830_firmwaresd855_firmwareqet6105qdm5650wcn3988pm640p_firmwarewtr3925sa8195p_firmwaresmb1390wcn6750_firmwareqat5516_firmwarepm6150lsd8885gpm855l_firmwarewcn3610qpa8686_firmwareqpm6585qtc410swcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwaresmb1355qln4650qpa8801sdm429wsdr735g_firmwarewgr7640qat5568qet5100qdm5671_firmwareqpa8801_firmwareqca6564aupm8150l_firmwareqat5533_firmwaresdx55m_firmwareqtm527_firmwarepm8005_firmwaresdxr25gqpa8673_firmwarepm6150qet4101_firmwaresmb1354_firmwareqca6574pm7250bqln4642_firmwareqfs2630qpa8842wcd9380smb1355_firmwarepm7250b_firmwarequalcomm215qet4200aq_firmwarepmk8350_firmwaresmb1381sdr735pm7250wtr4905smb1395qpa8803smr526wtr5975wcn3980pmk8003qtc801s_firmwareqat3522_firmwaresdxr25g_firmwareqdm2301qsw8573qcs605wcd9340_firmwarewsa8815wcn6850qdm5621_firmwareqdm2301_firmwareqca6426_firmwarepm8350_firmwarewcn3660b_firmwarewcn3680pm8009wcn3980_firmwaresdx55mqca6421_firmwarepm8008pm8350b_firmwareqtm525_firmwareqat3518_firmwareqsw8574pmi8998wcn3680_firmwareqpm5621_firmwarepm855lqln1021aq_firmwarewcn6851_firmwareqdm5670_firmwareqpa6560_firmwaresd8655gqpa8802_firmwarepm7150a_firmwarepm8150b_firmwareqpm5621qpm6582smr545_firmwarepm8009_firmwareqca6564a_firmwareqfs2580_firmwareqcm4290_firmwaresd480sd870sd8885g_firmwarepm670pm8150lpmi8998_firmwaresd210_firmwareqdm5677pm8005sa6145ppm855_firmwarepm215qdm2302pmm6155aupm855b_firmwareqca6595_firmwareqpm6582_firmwarewtr2965sa2150pqca6391_firmwarepm640l_firmwarewcd9370_firmwareqln4650_firmwareqat3516_firmwareqpm5875sdx55qet5100msd888_firmwaresa8155psd675qet4101qat3555_firmwareqat3516pm670lqpa8803_firmwareqpm5658pm855bar8035_firmwareqln1031qpm5658_firmwareqpm5870pm8909wcn3991_firmwarewsa8830qdm5652_firmwarepmm8155au_firmwareqet6110_firmwareqln5030pm6125_firmwareqbt1500qpa5581pmi632qpa2625_firmwarepm8350bh_firmwarepmr735b_firmwareqbt1500_firmwareqet5100_firmwareqpm5870_firmwareqpm4621qet6100_firmwareqcs4290qet6100pmm855aupm670l_firmwaresdr660gsd765g_firmwareqpa8686qca6390_firmwaresmb1396pm7150awcd9370sd675_firmwarepm8350qpa5461_firmwareqpa4361_firmwarepm8350c_firmwaresdr425qca6426pmr525_firmwareqca6584au_firmwarewcn3990_firmwareqpm5641pmi632_firmwarewcd9385_firmwareqdm5650_firmwarewcd9326_firmwareqat5516wcn3615_firmwarepm7250_firmwareqdm5620qln1021aqsd662qpa8821_firmwaresdr660g_firmwarepm8350bhpmk8002_firmwareqsw6310_firmwarepm3003asa8155qln1031_firmwareqdm4650_firmwaresdx55_firmwarepmm6155au_firmwareqat5533wcn3615qca6595ausm7250p_firmwarewcn3610_firmwareqca6436_firmwareqsm7250_firmwareqpm6670smb1354pm7150l_firmwareqca6564au_firmwareqca6584auqdm2305sa6155p_firmwareqpm8820qpm4641qat5515_firmwareqln5020_firmwaresa515m_firmwarepm855sd429pm8250smb1398qdm4643qfs2530_firmwarewcn3988_firmwarepmx55qpm4641_firmwaresd205sd429_firmwarepm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresa8195psdr735_firmwaresa6145p_firmwareqpm5677qat5515wsa8810_firmwaresd765_firmwarewcd9326qdm5677_firmwareqet4200aqpm6350_firmwareqcs4290_firmwarewcd9385qtc800h_firmwareqdm2302_firmwareqat3550_firmwarepmm8155auqln5040_firmwareqpm4630qca6390wcd9375ar8035qpa8673pmm8195auqln5030_firmwareqln4642sda429wsd210qpm5677_firmwarewcn3620_firmwarewsa8815_firmwarewtr3925_firmwaresmr525_firmwarepm8998smb1396_firmwarewcn6850_firmwareqpm8820_firmwarewcn3620wsa8835_firmwareqpm6621_firmwareqca6564asmr546qcm6125_firmwareqet6110qln5040qpm8895qpm5670wcn3990pmx55_firmwareqtm527qca6595pmk8350smb1398_firmwaresd888pm8350bqat5522wsa8835sdm429w_firmwarepm8150cpmr735bsd665_firmwareqpa4360pmk8003_firmwaresdr660_firmwarepm8909_firmwareqpa4361qca6574aqpm4640_firmwaresmb1390_firmwareqdm5679_firmwarepm8350csmr525qpm4640wcn6750pm6150l_firmwarepmr525pm8150a_firmwareqet5100m_firmwareqpm4650qtm525qca6574_firmwaresa515msa2150p_firmwareqln1036aq_firmwaresd855sd665pm6150a_firmwarepm6150_firmwareqca6175asd765pm640pqca6574a_firmwareqpm4630_firmwaresd768g_firmwaresdr865_firmwareqat3555pm8250_firmwaresd460qca6391qpa5461pm215_firmwareqpm8895_firmwarewtr2965_firmwarepm670_firmwareqcm4290pm640aqfs2608sd480_firmwareqln1036aqqtc801ssmb1395_firmwareqdm4650qca6574auqpm5641_firmwaresa8155p_firmwaresd205_firmwareqsw6310qet6105_firmwarepm8008_firmwaresd8655g_firmwarewcd9341_firmwareqcm6125qpm6621wsa8810qtc410s_firmwarepmr735a_firmwareqat5568_firmwarepmw3100wtr4905_firmwareqat3550qdm5679sdr8250sd768gpm3003a_firmwareqca6696qtc800s_firmwaresmb1381_firmwarepmw3100_firmwareqpa2625pm640lpmk8002sa6150ppmm8195au_firmwaresm7250psdm830qpm4621_firmwareqca6175a_firmwareqpa5580Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2020-11175
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.64%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 10:00
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Use after free issue in Bluetooth transport driver when a method in the object is accessed after the object has been deleted due to improper timer handling.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8009W, MSM8909W, QCS605, QM215, SA6155, SA6155P, SA8155, SA8155P, SDA640, SDA670, SDA855, SDM1000, SDM640, SDM670, SDM710, SDM845, SDX50M, SDX55, SDX55M, SM6125, SM6350, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR1120, SXR1130, SXR2130, SXR2130P

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm6350sa6155p_firmwaresm7250sxr2130p_firmwaresda640sm6125sdm640sdx50msdm845sm7250_firmwaresa8155_firmwaresdx55m_firmwaresm8250_firmwaresm6125_firmwaresm6350_firmwaresa8155p_firmwaremsm8909w_firmwareqm215sdm710apq8009wsdm710_firmwaresxr1120sda670_firmwaresa6155sa6155psdm670sda640_firmwareqcs605_firmwaresxr2130sdx50m_firmwaresdm670_firmwaresm8150_firmwaresxr2130_firmwaresdx55msxr2130psda670sm7225qm215_firmwareqcs605sda855sdx55sa8155psm8250sm8150p_firmwaresm7250p_firmwaresm7225_firmwaresm8150sdm1000_firmwaresa8155sm7250psxr1130_firmwaresdx55_firmwaresdm640_firmwaresa6155_firmwaresxr1120_firmwaresda855_firmwaremsm8909wsdm1000apq8009w_firmwaresxr1130sm8150psdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2020-11125
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.05%
||
7 Day CHG~0.00%
Published-02 Nov, 2020 | 06:21
Updated-04 Aug, 2024 | 11:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Out of bound access can happen in MHI command process due to lack of check of channel id value received from MHI devices' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in Agatti, APQ8009, Bitra, IPQ4019, IPQ5018, IPQ6018, IPQ8064, IPQ8074, Kamorta, MDM9150, MDM9607, MDM9650, MSM8905, MSM8917, MSM8953, Nicobar, QCA6390, QCA9531, QCM2150, QCS404, QCS405, QCS605, QCS610, QM215, QRB5165, Rennell, SA415M, SA515M, SA6155P, SA8155P, Saipan, SC8180X, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM660, SDM670, SDM710, SDM845, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-ipq5018_firmwaremdm9150_firmwarekamorta_firmwareqcm2150_firmwareqcs610sdm429wsdm632_firmwaresdm845sdm450_firmwaresdm632sdm439qcs404_firmwaremdm9650sdm429sm7150_firmwaresm6150agatti_firmwaresdm429w_firmwaresm7150qca6390_firmwareapq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaresc8180xipq4019_firmwaresdm670_firmwareqcs404ipq8074ipq5018sa415mbitraipq6018_firmwaresa515mqcs605bitra_firmwaresdm429_firmwaremdm9650_firmwaremsm8905_firmwareipq8064sdx55_firmwaresxr1130_firmwaresxr1130apq8009agattiipq8064_firmwarenicobarsa6155p_firmwaremsm8953sdm450sa515m_firmwareqrb5165_firmwareqrb5165qcm2150sdm660mdm9607_firmwaresm8250_firmwaresc8180x_firmwaresa415m_firmwareqcs405qca9531ipq8074_firmwaresa8155p_firmwareqm215sdm710mdm9607sdm710_firmwaresa6155pqcs610_firmwaremdm9150msm8905ipq6018sm8150_firmwaresxr2130_firmwaresdm439_firmwareqcs405_firmwarerennellrennell_firmwareqca6390qm215_firmwareipq4019sdx55msm8953_firmwaresaipan_firmwaresm6150_firmwaresa8155pmsm8917_firmwaresm8250sm8150qca9531_firmwarekamortasaipannicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-9716
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.22%
||
7 Day CHG~0.00%
Published-05 Dec, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the qbt1000 driver implements an alternative channel for usermode applications to talk to QSEE applications.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CVE-2017-15832
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 25.94%
||
7 Day CHG~0.00%
Published-26 Nov, 2024 | 08:55
Updated-09 Jan, 2025 | 21:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer overwrite due to improper input validation in WLAN host

Buffer overwrite in the WLAN host driver by leveraging a compromised WLAN FW

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_845sd_850_firmwaremdm9607sd_850mdm9607_firmwaresd_835_firmwaremdm9206sd_835mdm9206_firmwaresd_845_firmwareSnapdragon
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-5883
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.87%
||
7 Day CHG~0.00%
Published-14 Jun, 2019 | 17:02
Updated-05 Aug, 2024 | 05:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in WLAN driver event handlers due to improper validation of array index in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCS405, QCS605, SD 636, SD 675, SD 730, SD 820A, SD 835, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_855sd_730_firmwaremdm9640_firmwaresd_820asd_675msm8996au_firmwaresdx20sdm660sdx24sdm630mdm9607_firmwaresd_636mdm9650qcs405mdm9607msm8996ausd_636_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_730sdx24_firmwaresd_855_firmwareqcs405_firmwaresdm630_firmwaresda660_firmwaremdm9206_firmwareqcs605sd_835_firmwaremdm9650_firmwaresdx20_firmwaresd_835sda660sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2020-11146
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.53%
||
7 Day CHG~0.00%
Published-21 Jan, 2021 | 09:41
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound write while copying data using IOCTL due to lack of check of array index received from user in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qpm5579qfs2580qca8337qdm5579qdm2307qfs2530qpa8802qln1030pm6125qat3519pm8150aqtc800hqdm5670sa6155qca6335pm7150lqpa8821qln1020apq8076qdm5671pmc1000hqat3518sd8cwcn3998wcn3950sm4125sd720gwcn3660bqca4020qdm5652sd6905gqpm8870qpm5679qbt2000pm855pqca6420pm6150asdr735gwcn3999pm8150bqsm7250qcs405qca6430qat3522pmr735awcd9340sd765gsdr660qca6436wcn6851sa6155pqpa6560msm8937sdr865wcd9341pmi8952smr545qca6431qln5020wcd9371sd750gqdm3302sa8150ppm6350qdm5621qtc800sqdm5650wcn3988wtr3925smb1390pm6150lsd8885gqet4100wcn3610qpm6585qtc410swcn3991smb1355qln4650qpa8801sdm429wwgr7640qat5568qet5100qca6564ausdxr25gpm6150qca6574pm7250bqfs2630qpa8842wcd9380qualcomm215qln4640smb1381sdr735pm7250wtr4905smb1395pm660lqpa8803smr526wtr5975wcn3980pmk8003qdm2301qsw8573qcs605wsa8815wcn6850wcn3910qpm6375smb1394wcn3680pm8009qpa8675sd730sdx55mpm8008qsw8574pmi8998pm855lsd8655gqpm5621qpm6582sd670pm670pm8150lqdm5677pm8005sa6145ppm215qdm2302pmm6155ausdxr1ar8031qpm5577wtr2965pm8150qpm5875sdx55qet5100msa8155pcsra6640pm8350bhssd675qet4101pm8952qat3516pm670lqpm5658qca9379pm855bsmb2351qln1031qpm5870pm8909wsa8830pm660qln5030qpm6325pm4125qbt1500qpa5581pmi632pm456csra6620qpm4621qcs4290qet6100pmm855ausdr660gqpa8686smb1396pm7150awcd9370pm8350qca6564sdr425qca6426qpm5641qpm5541qat5516wtr2955qdm5620qln1021aqsd662smb1380pm8350bhpm3003asa8155qat5533wcn3615qca6595ausm7350qpm6670smb1354wcd9306qca6584auqdm2305qca6310qpm8820qpm4641pm8937qpm2630pm855sd429pm8250smb1398qdm4643pmx55sd205sdr675qca6421sm6250qdm3301sa8195pqpm5677qat5515qat3514wcd9326wcd9335qet4200aqwcd9385pmm8155auqpm4630qca6390wcd9375ar8035aqt1000qpa8673qdm2310pmm8195auqln4642sda429wsd210pmi8937pm8998pmk7350wcn3620qca6564asmr546qet6110qln5040qpm8895qpm5670wcn3990qtm527qca6595pmk8350qpm8830pm8350bqat5522wsa8835pm8150cpmr735bsm6250pqpa4360qpa4361qca6574aqca6174apm8350csmr525qpm4640wcn6750pmr525pm7350cqpm4650qtm525wtr6955sd855sd8cxsd665qca6175asd765pm640pqat3555sd460qca6391smb1351qpa5461qcm4290pm640asdr8150qfs2608pm8916qln1036aqqtc801sqdm4650pmd9655qca6574ausd710qsw6310qpm6621wsa8810qdm2308pmw3100qat3550wcn6856qdm5679wcn3680bsdr8250sd768gwcn6740qca6696pm8004pm640lpmk8002qpa2625sd845sm7250ppm8956pm6250qpa5580Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-129
Improper Validation of Array Index
  • Previous
  • 1
  • 2
  • ...
  • 5
  • 6
  • 7
  • ...
  • 19
  • 20
  • Next
Details not found