Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2020-10028

Summary
Assigner-zephyr
Assigner Org ID-e2e69745-5e70-4e92-8431-deb5529a81ad
Published At-11 May, 2020 | 22:26
Updated At-16 Sep, 2024 | 17:09
Rejected At-
Credits

Multiple Syscalls In GPIO Subsystem Performs No Argument Validation

Multiple syscalls with insufficient argument validation See NCC-ZEP-006 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. version 2.1.0 and later versions.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:zephyr
Assigner Org ID:e2e69745-5e70-4e92-8431-deb5529a81ad
Published At:11 May, 2020 | 22:26
Updated At:16 Sep, 2024 | 17:09
Rejected At:
▼CVE Numbering Authority (CNA)
Multiple Syscalls In GPIO Subsystem Performs No Argument Validation

Multiple syscalls with insufficient argument validation See NCC-ZEP-006 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. version 2.1.0 and later versions.

Affected Products
Vendor
Zephyr Projectzephyrproject-rtos
Product
zephyr
Versions
Affected
  • From 1.14.0 before unspecified (custom)
  • From 2.1.0 before unspecified (custom)
Problem Types
TypeCWE IDDescription
CWECWE-20CWE-20 Improper Input Validation
Type: CWE
CWE ID: CWE-20
Description: CWE-20 Improper Input Validation
Metrics
VersionBase scoreBase severityVector
3.17.8HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
NCC Group for report
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-32
x_refsource_MISC
https://github.com/zephyrproject-rtos/zephyr/pull/23308
x_refsource_MISC
https://github.com/zephyrproject-rtos/zephyr/pull/23733
x_refsource_MISC
https://github.com/zephyrproject-rtos/zephyr/pull/23737
x_refsource_MISC
https://docs.zephyrproject.org/latest/security/vulnerabilities.html#cve-2020-10028
x_refsource_MISC
Hyperlink: https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-32
Resource:
x_refsource_MISC
Hyperlink: https://github.com/zephyrproject-rtos/zephyr/pull/23308
Resource:
x_refsource_MISC
Hyperlink: https://github.com/zephyrproject-rtos/zephyr/pull/23733
Resource:
x_refsource_MISC
Hyperlink: https://github.com/zephyrproject-rtos/zephyr/pull/23737
Resource:
x_refsource_MISC
Hyperlink: https://docs.zephyrproject.org/latest/security/vulnerabilities.html#cve-2020-10028
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-32
x_refsource_MISC
x_transferred
https://github.com/zephyrproject-rtos/zephyr/pull/23308
x_refsource_MISC
x_transferred
https://github.com/zephyrproject-rtos/zephyr/pull/23733
x_refsource_MISC
x_transferred
https://github.com/zephyrproject-rtos/zephyr/pull/23737
x_refsource_MISC
x_transferred
https://docs.zephyrproject.org/latest/security/vulnerabilities.html#cve-2020-10028
x_refsource_MISC
x_transferred
Hyperlink: https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-32
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://github.com/zephyrproject-rtos/zephyr/pull/23308
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://github.com/zephyrproject-rtos/zephyr/pull/23733
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://github.com/zephyrproject-rtos/zephyr/pull/23737
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://docs.zephyrproject.org/latest/security/vulnerabilities.html#cve-2020-10028
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:vulnerabilities@zephyrproject.org
Published At:11 May, 2020 | 23:15
Updated At:05 Jun, 2020 | 18:15

Multiple syscalls with insufficient argument validation See NCC-ZEP-006 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. version 2.1.0 and later versions.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary3.17.8HIGH
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Primary2.04.6MEDIUM
AV:L/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 4.6
Base severity: MEDIUM
Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
Zephyr Project
zephyrproject
>>zephyr>>1.14.0
cpe:2.3:o:zephyrproject:zephyr:1.14.0:*:*:*:*:*:*:*
Zephyr Project
zephyrproject
>>zephyr>>2.1.0
cpe:2.3:o:zephyrproject:zephyr:2.1.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primarynvd@nist.gov
CWE-20Secondaryvulnerabilities@zephyrproject.org
CWE ID: CWE-20
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-20
Type: Secondary
Source: vulnerabilities@zephyrproject.org
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://docs.zephyrproject.org/latest/security/vulnerabilities.html#cve-2020-10028vulnerabilities@zephyrproject.org
N/A
https://github.com/zephyrproject-rtos/zephyr/pull/23308vulnerabilities@zephyrproject.org
Patch
Third Party Advisory
https://github.com/zephyrproject-rtos/zephyr/pull/23733vulnerabilities@zephyrproject.org
Patch
Third Party Advisory
https://github.com/zephyrproject-rtos/zephyr/pull/23737vulnerabilities@zephyrproject.org
Patch
Third Party Advisory
https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-32vulnerabilities@zephyrproject.org
Third Party Advisory
Hyperlink: https://docs.zephyrproject.org/latest/security/vulnerabilities.html#cve-2020-10028
Source: vulnerabilities@zephyrproject.org
Resource: N/A
Hyperlink: https://github.com/zephyrproject-rtos/zephyr/pull/23308
Source: vulnerabilities@zephyrproject.org
Resource:
Patch
Third Party Advisory
Hyperlink: https://github.com/zephyrproject-rtos/zephyr/pull/23733
Source: vulnerabilities@zephyrproject.org
Resource:
Patch
Third Party Advisory
Hyperlink: https://github.com/zephyrproject-rtos/zephyr/pull/23737
Source: vulnerabilities@zephyrproject.org
Resource:
Patch
Third Party Advisory
Hyperlink: https://zephyrprojectsec.atlassian.net/browse/ZEPSEC-32
Source: vulnerabilities@zephyrproject.org
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

544Records found
CVE-2025-27489
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.16% / 37.03%
||
7 Day CHG~0.00%
Published-08 Apr, 2025 | 17:24
Updated-04 Jun, 2025 | 17:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Azure Local Elevation of Privilege Vulnerability

Improper input validation in Azure Local allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-Azure Stack HCI OSAzure Stack OS HCI
CWE ID-CWE-20
Improper Input Validation
CVE-2020-11201
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.73%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 10:00
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Arbitrary access to DSP memory due to improper check in loaded library for data received from CPU side' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in QCM6125, QCS410, QCS603, QCS605, QCS610, QCS6125, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SDA640, SDA845, SDM640, SDM830, SDM845, SDX50M, SDX55, SDX55M, SM6125, SM6150, SM6250, SM6250P, SM7125, SM7150, SM7150P, SM8150, SM8150P

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm7125sa6155p_firmwaresda640sm6250p_firmwareqcs610sm6125sdm640sdx50msdm845qcs6125qcs603sa8155_firmwaresdx55m_firmwaresm7150_firmwaresa6145p_firmwaresa8155p_firmwaresm6150sm6250sdm830_firmwareqcm6125sm7150sm6250psa6155qcs410sa6155pqcs610_firmwareqcs603_firmwareqcs605_firmwaresda640_firmwaresdx50m_firmwaresa6145pqcs6125_firmwaresm7150psm8150_firmwaresm7150p_firmwaresda845_firmwareqcs605sm7125_firmwaresdx55sm6250_firmwaresa8155psm6150_firmwaresm8150p_firmwaresm8150sa8155sdm830sdx55_firmwaresdm640_firmwaresa6155_firmwareqcs410_firmwaresm6125_firmwaresdx55msm8150psda845qcm6125_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-20
Improper Input Validation
CVE-2025-27731
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.16% / 37.49%
||
7 Day CHG~0.00%
Published-08 Apr, 2025 | 17:24
Updated-08 Jul, 2025 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft OpenSSH for Windows Elevation of Privilege Vulnerability

Improper input validation in OpenSSH for Windows allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_11_23h2windows_10_21h2windows_server_2022windows_server_2019windows_10_22h2windows_server_2025windows_11_22h2windows_10_1809windows_server_2022_23h2windows_11_24h2Windows 10 Version 1809Windows 11 Version 23H2Windows 11 Version 24H2Windows Server 2022Windows Server 2019 (Server Core installation)Windows 10 Version 21H2Windows Server 2025 (Server Core installation)Windows 11 version 22H2Windows 10 Version 22H2Windows 11 version 22H3Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2019Windows Server 2025
CWE ID-CWE-20
Improper Input Validation
CVE-2020-11253
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.80%
||
7 Day CHG~0.00%
Published-22 Feb, 2021 | 06:25
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Arbitrary memory write issue in video driver while setting the internal buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qpm5679_firmwaresa6150p_firmwareqpm5620_firmwareqdm2307qca6431_firmwareqfs2530qpm8870_firmwareqpa8802qpm6585_firmwareqat3519qbt2000_firmwareqat5522_firmwarepm8150aqtc800hqdm5670sa8150p_firmwareqca6595au_firmwaresdr8250_firmwareqpa5581_firmwaresa6155pm7150lqpa8821qdm5671pmc1000hqpm4650_firmwareqat3518sd8cqpa5580_firmwarewcn3998wcd9371_firmwaresmr526_firmwareqdm2305_firmwareqpm5670_firmwaresmb2351_firmwareqdm5652sd6905gqca6574au_firmwareqpm8870wcd9375_firmwarewcn3998_firmwareqpm5679qbt2000sa6155_firmwarepm855pqca6420pm6150apmx50_firmwaresdr735gpm8150bqdm3301_firmwareqsm7250sa8155_firmwareqca6430pmr735awcd9340sd765gqdm2308_firmwaresdr660qca6436wcn6851sa6155pqpa6560sdr865qdm5620_firmwarewcd9341qca6431qca6696_firmwareqln5020wcd9371sd750gpmm855au_firmwarewcn3910_firmwaresa8150pqpm5657pm6350qdm5621wsa8830_firmwaresd855_firmwareqdm5650wcn3988sdr052sa8195p_firmwaresmb1390wcn6750_firmwareqat5516_firmwarepm6150lpm855l_firmwareqpa8686_firmwareqpm6585wcn3991wcd9380_firmwaresmb1355qln4650qpa8801sdr735g_firmwareqet5100qdm5671_firmwareqpa8801_firmwarepm8150l_firmwareqat5533_firmwaresdx55m_firmwaresdxr25gqpa8673_firmwarepm6150qet4101_firmwareqca6574pm7250bqln4642_firmwareqpa8842sdr052_firmwarewcd9380smb1355_firmwarepm7250b_firmwaresmb1381pm855p_firmwaresdx50m_firmwaresdr735pm7250smb1395qpa8803smr526qca6430_firmwarepmk8003qtc801s_firmwarewcn3980sdxr25g_firmwareqdm2301wcd9340_firmwarewsa8815wcn6850wcn3910qdm5621_firmwareqdm2301_firmwareqca6426_firmwarepm8009wcn3980_firmwaresd730sdr051_firmwaresdx55mqca6421_firmwarepm8008qtm525_firmwareqat3518_firmwaresd6905g_firmwareqpm5621_firmwarepm855lwcn6851_firmwareqdm5670_firmwareqpa6560_firmwaresd8655gqpa8802_firmwarepm7150a_firmwarepm8150b_firmwareqpm5621qpm6582pmc1000h_firmwarepm8009_firmwareqdm2310_firmwareqfs2580_firmwarepm8150lqdm5677qsm8250sa6145ppm855_firmwarepmm6155aupm855b_firmwareqpm6582_firmwareqca6391_firmwarepm8150wcd9370_firmwareqln4650_firmwareqat3516_firmwaresdx55sa8155pqet4101qat3555_firmwareqat3516qpa8803_firmwareqpm5658pm855bsmb2351qsm8250_firmwareqpm5658_firmwarewcn3991_firmwareqdm5652_firmwarewsa8830pmm8155au_firmwaresdr051qet6110_firmwareqln5030qbt1500qpa5581qpa2625_firmwarepmr735b_firmwareqbt1500_firmwareqet5100_firmwareqet6100_firmwareqet6100pmm855ausd765g_firmwareqpa8686qca6420_firmwareqca6390_firmwaresmb1396sd730_firmwarepm7150awcd9370pmr525_firmwareqca6426wcn3990_firmwarewcd9385_firmwareqdm5650_firmwareqat5516pm7250_firmwareqdm5620qpa8821_firmwarepmk8002_firmwarepm3003asa8155sdx55_firmwarepmm6155au_firmwareqat5533qca6595ausm7250p_firmwareqca6436_firmwareqsm7250_firmwarepm7150l_firmwareqdm2305sa6155p_firmwareqpm8820qat5515_firmwareqln5020_firmwarepm855qpm8830_firmwarepm8250qfs2530_firmwarewcn3988_firmwarepmx55sa6145p_firmwarepm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresa8195psdr735_firmwarewsa8810_firmwareqpm5677qat5515sd765_firmwareqdm5677_firmwarepm6350_firmwarepm8004_firmwaresdr8150_firmwarewcd9385qtc800h_firmwareqpm5620pmm8155auqln5040_firmwareqca6390wcd9375sd750g_firmwareaqt1000qpa8673qdm2310pmm8195auqln5030_firmwareqln4642qpm5677_firmwarewsa8815_firmwaresmb1396_firmwaresmr525_firmwarewcn6850_firmwarewsa8835_firmwareqpm8820_firmwareqet6110qln5040qpm8895qpm5670wcn3990pmx55_firmwarepm8150_firmwareqpm8830qdm2307_firmwareqat5522wsa8835pm8150cpmr735bqpm5657_firmwarepmk8003_firmwaresdr660_firmwaresc8180xqca6574asmb1390_firmwareqdm5679_firmwaresmr525wcn6750pm6150l_firmwarepmr525pm8150a_firmwareqpm4650qtm525qca6574_firmwaresd855sd8cxpm6150a_firmwarepm6150_firmwaresd765qca6574a_firmwaresd768g_firmwaresdr865_firmwareqat3555pm8250_firmwareqca6391sd8cx_firmwareaqt1000_firmwaresd8c_firmwareqpm8895_firmwaresdx50msdr8150qtc801ssmb1395_firmwaresc8180x_firmwareqca6574ausa8155p_firmwarepm8008_firmwaresd8655g_firmwarewcd9341_firmwarewsa8810pmr735a_firmwareqdm2308pmx50qdm5679sdr8250sd768gpm3003a_firmwareqca6696smb1381_firmwarepm8004pmk8002qpa2625sa6150ppmm8195au_firmwaresm7250pqpa5580Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CVE-2020-11204
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.51%
||
7 Day CHG~0.00%
Published-22 Feb, 2021 | 06:25
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible memory corruption and information leakage in sub-system due to lack of check for validity and boundary compliance for parameters that are read from shared MSG RAM in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100qfe2080fc_firmwareqca9377_firmwareqpm5679_firmwarepmd9607_firmwareqfs2530qpm8870_firmwareqln1030pm6125mdm9645wcn3950_firmwarepm8150aqdm5670qpm5541_firmwareqpa5581_firmwareqpa8821qcs6125_firmwarepm456_firmwaremsm8108sa415mwcn3998wcd9371_firmwaremsm8108_firmwarewcn3950mdm9206_firmwareqsw8573_firmwarewcn3660bsd450_firmwareqsm8350_firmwareqsm8350smb2351_firmwarepm855pwtr4605_firmwarepm6150aqca9367_firmwareipq8072_firmwaresa8155_firmwareqca4004_firmwareqat3522qfe4455fcpmr735asdm830_firmwaresd765gsdr660qfe1045_firmwareqfe3345qfs2630_firmwaresdr865mdm9250_firmwareqdm5620_firmwaresmr545qca6696_firmwareqln5020pmm855au_firmwaresa8150pqfe3340sd660sd712pm640p_firmwareqcn5121wcn6750_firmwarepm6150lsd450sd8885gpm855l_firmwareqca6428_firmwareqtc410sqfe3335_firmwareqpa8801ipq8078qat5533_firmwareipq8173sdx55m_firmwareqpa8673_firmwaresd670_firmwaresd632_firmwareqfs2630pmm8996auqpm5579_firmwaresmb1380_firmwareqfe4309_firmwarepmk8350_firmwareqcn5024pm855p_firmwaresmb1381pm7250wtr4905sdx24_firmwareqcn9012_firmwaresd439_firmwareqdm2301qfe2101_firmwareqdm5621_firmwareqpm6375msm8937_firmwareipq6028pmp8074qca1990wcn3980_firmwaresd730qfe3320_firmwarepm8008pm8350b_firmwarepme605_firmwarewtr1605l_firmwarepme605apq8064au_firmwareipq8078_firmwareqcn5054qln1021aq_firmwareqcs603qln4640_firmwareqpm6582qcn9024_firmwareqfe4303qcs610_firmwareapq8084_firmwarepm215ar8031wtr2965qca6391_firmwarepmx20_firmwareqca4024pmi8937_firmwareqat3516_firmwareapq8053qcn5021_firmwarewcn3660qca9379pm855bsmb2351qsm8250_firmwaremdm9150_firmwareqpa5581qfe1040_firmwarecsrb31024mdm9628_firmwaremdm9650fsm10055_firmwareqbt1500_firmwareqpm5870_firmwarepmk8001qcs4290qet6100smb1394_firmwareapq8009_firmwaremsm8916_firmwaresd675_firmwareipq8072qca6426qca9984_firmwareqca9377qpm5641qpa5373_firmwarewtr2955rgr7640au_firmwarepm7250_firmwareqdm5620ipq8074aqcn5122_firmwareqat5533qcn6023_firmwaresm7250p_firmwarewcn3610_firmwareqsm7250_firmwaremdm9207qpm6670pm7150l_firmwareqca6584aupm855pm8250qcn5052mdm9607_firmwaremdm9655_firmwareqfs2530_firmwaresa415m_firmwareqat3519_firmwareqpm5677qat5515qcs4290_firmwareqtc800h_firmwarepmk7350_firmwareqpm5620sd750g_firmwareaqt1000sm6250_firmwarepmm8195auqln4642ipq5010_firmwareipq8074a_firmwarewsa8815_firmwarepmi8937smr525_firmwareqpm8820_firmwareqfe4301_firmwareapq8017qpm6621_firmwarewtr2955_firmwareqbt1000_firmwarepm8019qca6595smb1398_firmwarepm8150cpmr735bsd665_firmwareqcn5154qpm5577_firmwareqdm5679_firmwareqca6310_firmwarepm6150l_firmwareqca6574_firmwaresd665pm6150a_firmwarepmd9607sd8c_firmwarewtr2965_firmwarecsrb31024_firmwareqfs2608qcn9070_firmwareqln1036aqipq6028_firmwareipq8072a_firmwarepmi8940_firmwaresc8180x_firmwareqca9889_firmwaresd710mdm9607mdm9645_firmwareqln1035bd_firmwaresdx20m_firmwarepmw3100qca6564_firmwarewcn6740smb1350_firmwarepmk8002apq8096au_firmwareqcn9022sdm830smb1357qpa5580qpm5579fsm10055qfe2550qcn5550qdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqat3519qbt2000_firmwareipq8078asa8150p_firmwaresdr8250_firmwareqcn5064csra6620_firmwareqln1020csra6640_firmwarepmc1000hqat3518smr526_firmwareipq8076apm640a_firmwarewgr7640_firmwareqca4020qca6428qdm5652qcn5164_firmwareipq8071sa6155_firmwarewcd9360sdx20mqca6438_firmwareqpa8675_firmwareqpa5460_firmwarewcn3999pm8940_firmwareqsm7250pm8996apq8016_firmwareipq6010sd662_firmwareqdm2308_firmwareqca4020_firmwareqca6436wcn6851sa6155pqcs603_firmwarepmc7180wcn3660_firmwarepmi8952mdm9655qca6431qfe4320_firmwarewcn3910_firmwaresd855_firmwareqdm5650qfe2080fcsdr052sa8195p_firmwaresmb1390msm8208_firmwaremsm8608qpa8686_firmwarewcd9380_firmwarepm8350bhs_firmwarewgr7640qat5568qpa8801_firmwareqdm5671_firmwaresd636qtm527_firmwarepm8005_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwarepm8996_firmwarear8151smr526qca8072_firmwareqca6430_firmwarepmk8003qtc801s_firmwarewcn3980qat3522_firmwareqsw8573qcs605qbt1000sd7cwcn3910smb1394qca6426_firmwarepm8350_firmwarepm8009qfe4373fcmsm8953qat3518_firmwarepmi8998qfe2520sd821_firmwarear8031_firmwarepm855lqfe4302pm8150b_firmwaresmr545_firmwareqca6694au_firmwarepm670sd210_firmwarepm8005qdm2302sdxr1apq8096auqcs405_firmwarepmi8996_firmwareqln4650_firmwareqet5100msd439qat3516qpm5658ar8035_firmwareqcm2290qpm5658_firmwareqcn5024_firmwarewcn3991_firmwareqdm5652_firmwareqfe4465fcqcn9070fsm10056pmi632pm8350bh_firmwarepmr735b_firmwaresmb1360_firmwarepm670l_firmwaresdr660gqfe2340sd455sd730_firmwarewcd9370sdr425qcn9000_firmwareipq5018ar8151_firmwareqpm5541qat5516qfe4308qcn5124_firmwarepm8350bhapq8037qca6320_firmwarewcn3680b_firmwareqca6595auipq5010qdm2305sa6155p_firmwareqca6310pm8937qpm2630smb1398sa6145p_firmwaresdr675ipq8071aipq8071a_firmwarewcd9385qat3550_firmwareqln5040_firmwarepm4125_firmwarear8035pm8019_firmwareapq8064auqca6694_firmwareqdm2310qfe2550_firmwareqcn9100_firmwareqln5030_firmwaresda429wwcn3620_firmwaresd820smb1396_firmwarewcn3620smr546pmx24qln5040qca8072qpm8895sdr845qtm527qfe3440fc_firmwarepmk8350qdm3302_firmwarepmc7180_firmwaremsm8996auqfe1035qpm5657_firmwarepmi8940sm6250pqln1035bdpm855asdr660_firmwarepm8909_firmwareqca6574aqfe4303_firmwareqpm4640qet5100m_firmwareipq8076_firmwaremdm9205qpm4650sa515msd8cxqfe4305ipq8076sdr865_firmwareqfe4465fc_firmwarepm8250_firmwaresd460qca6391sdxr1_firmwarepm215_firmwaremsm8920pm660asdx50mpm640apm8916pmd9655auqdm4650ipq8074_firmwareqca6574ausa8155p_firmwaresd205_firmwareqsw6310qcm6125qpm2630_firmwaresmb231_firmwareqdm2308qat3550wcn6856sd835_firmwareqtc800s_firmwaresa6150pqcn9022_firmwareqpa8688_firmwareapq8037_firmwareipq8070apmm8195au_firmwareqcn9072_firmwaresm7250psd720g_firmwareqpm4621_firmwaresd850qln4640sd636_firmwareqfs2580mdm9640_firmwaresm6250p_firmwareqfe4455fc_firmwareqca8337qdm5579ipq8173_firmwareqfs2608_firmwareqpa8688qcn5124qat5522_firmwareqca6595au_firmwaresa6155pm7150lpm8998_firmwarewtr5975_firmwareqpa5580_firmwareqcn6024_firmwaresd720gsm4125wtr1605qfe4320qcc112qsw8574_firmwaresd460_firmwarepm8953_firmwaresd6905gqpa4360_firmwareqca8081_firmwareqfe2520_firmwarewcn3998_firmwareqca6420apq8053_firmwareqpm6670_firmwareipq8070_firmwareipq8078a_firmwaremdm8207pm660_firmwarepm8150bqfe2101qca6430wcd9306_firmwarewcd9340msm8209_firmwaresmb1358qca9888_firmwarewcd9371smb1350qcn5154_firmwaresm4350_firmwarewtr3950pm6350qdm5621qtc800sqca4004qat3514_firmwaresd660_firmwareqcn5022_firmwareqat5516_firmwarewcn3991sdm429wpm8150l_firmwaresdxr25gpm6150smb1354_firmwareqca6574qpa8842csr8811_firmwaresdr052_firmwarewcd9380qualcomm215qcs410qfe3100_firmwareqca9379_firmwareqpa8803sdxr25g_firmwarepmd9645ipq6018_firmwarewcd9340_firmwarewsa8815wcn6850pmp8074_firmwareqdm2301_firmwaresd835pm660l_firmwarepm6250_firmwarewcn6740_firmwareqtm525_firmwareqcn5064_firmwareqpm5621_firmwareqca6234rsw8577qpa6560_firmwareqpa8802_firmwareqfe4308_firmwareqpm5621sd670ipq8174_firmwarepm8009_firmwareqfs2580_firmwareqcm4290_firmwarepm8150lpmi8998_firmwaresa6145ppm660a_firmwaresdr105pm4250qpm5577mdm8207_firmwaresdm630_firmwaremdm9205_firmwaresd820_firmwarepm8150wcd9370_firmwaresdx55csra6640pm8350bhsqat3555_firmwarepmi8994qpa8803_firmwareqca6234_firmwareqln1031qpm5870pm8909qfe1040wsa8830pm660qet6110_firmwareqdm5579_firmwareqpm6325pm6125_firmwareqbt1500qfe2340_firmwarepmx24_firmwarepmm855aumdm9250qca6420_firmwaresmb1396pm7150apm8350qca6564qpa4361_firmwarepm8350c_firmwareqpa5461_firmwarewcn3990_firmwarewcd9385_firmwareqdm5650_firmwareqpa4340_firmwarewcd9326_firmwarewhs9410wcn3615_firmwaresdr845_firmwareqln1021aqsmb1380pmk8002_firmwareqsw6310_firmwaresa8155qln1031_firmwareqdm4650_firmwaresdx55_firmwarepmm6155au_firmwarewcn3615pm8940wcd9306msm8208qpm4641qat5515_firmwareipq8174qpm8830_firmwaresd429qca9367qfe2082fc_firmwaresdm630qdm4643wcn3988_firmwarepmx55qpm4641_firmwareqcn9074sd205sd429_firmwarepm8150c_firmwareqca6421qdm3301qpa8842_firmwaresa8195psdr735_firmwarepm8953qca6694qat3514wcd9326wcd9335pm6350_firmwareqcn6023pm8004_firmwaresdr8150_firmwarepm439qpm4630qca6390wcd9375msm8917_firmwareqpm5677_firmwaresdx20_firmwarewtr3925_firmwarepm8998pmk7350msm8916qcc112_firmwareqln1020_firmwarepm670a_firmwareqcm6125_firmwarepmx55_firmwareqfe4373fc_firmwarepm8150_firmwareqpm8830pmm8996au_firmwareqat5522qpa4360pmk8003_firmwareqca8075_firmwaresc8180xqpa4361ipq6005_firmwaremdm9206qpm4640_firmwarepm8350csmr525qca9888qfe4305_firmwareipq8070a_firmwarepmr525pm8150a_firmwarewtr3950_firmwareqln1036aq_firmwarepm6150_firmwareqca6175asd765pmx20qca6574a_firmwareqpm4630_firmwareqat3555sd850_firmwareapq8009qpa5461qfe2082fcpm670_firmwareqtc801sqpm5641_firmwareqfe3320qcn5122pm8008_firmwareqpm6621pmr735a_firmwarepmx50qfe3345_firmwareqcn5022sdr8250sd768gqln1030_firmwarepmw3100_firmwarepm8004pm640lmsm8940qca8075qcn6024sd845sd455_firmwareipq6000_firmwarepmd9655au_firmwareqcs410_firmwareqca6175a_firmwaresa6150p_firmwareqcs610pmi8996qpm5620_firmwareqfe1045qca4024_firmwarepm855a_firmwareqtc800hqcs2290qca6335msm8917qcs605_firmwaresmr546_firmwarewtr3905qdm5671qpm4650_firmwaresd8csd632sdr425_firmwaremdm9628qpa5460qdm2305_firmwareqpm5670_firmwaresd710_firmwareqca6574au_firmwareqpm8870wcd9375_firmwareqpm5679qbt2000pmx50_firmwarewhs9410_firmwaresdr735gqdm3301_firmwareqcs6125smb1360qcs405qca1990_firmwarequalcomm215_firmwareqfe3440fcrsw8577_firmwarefsm10056_firmwarepm439_firmwareqpa6560msm8937sdr675_firmwarewcd9341sm7350_firmwareqdm4643_firmwarepm8937_firmwareqet4100_firmwaresd750gqdm3302qpm5657wtr1605_firmwaremdm9207_firmwareqpm5875_firmwarewsa8830_firmwarewcn3988qca6438wtr3925qet4100wcn3610mdm9640ipq5018_firmwareqpm6585qca8337_firmwaresda429w_firmwaresmb1355ipq8072aqln4650qtc800t_firmwaremsm8996au_firmwaresdr735g_firmwarewcd9330ipq8076a_firmwareqet5100qca6564auwcn6856_firmwareqcn5164msm8940_firmwareqet4101_firmwarepm7250bqln4642_firmwarepmk8001_firmwaresmb1355_firmwareqcn5054_firmwareqet4200aq_firmwaresdx50m_firmwaresdr735smb1395pm660lwtr5975wcd9335_firmwareqcn5052_firmwarepm7350c_firmwareqca6335_firmwareqca6320mdm9650_firmwarewcn3660b_firmwarewcn3680qca9984qfe4309qcn9024qpa8675qcn5550_firmwaresdr051_firmwaresdx55mwcd9330_firmwarepm670aqca6421_firmwarewtr3905_firmwareqsw8574sd6905g_firmwarewcn3680_firmwarewcn6851_firmwareqdm5670_firmwareipq8070sd8655gpm7150a_firmwarepmc1000h_firmwareqca6564a_firmwareqdm2310_firmwarepm4250_firmwaresdr105_firmwarepmd9645_firmwareqcn5121_firmwaresd8885g_firmwarewtr1605lqdm5677qsm8250ipq6018pm855_firmwarepmm6155aupm855b_firmwareqca6595_firmwareqpm6582_firmwareqpm6375_firmwarepm640l_firmwareqpm5875sa8155psd675wtr4605qet4101pm670lpmm8155au_firmwaresdr051qln5030qcs2290_firmwarepm4125qpa2625_firmwarepm456sd7c_firmwareqfe2081fc_firmwarecsra6620qet5100_firmwareqpa5373qpm4621qcn9072qet6100_firmwaresd765g_firmwareqpa8686smb1358_firmwareqca6390_firmwareipq6000qcn5152_firmwarepmr525_firmwareqca6584au_firmwareqfe3340_firmwarepmi632_firmwaresmb358_firmwaresd662qpa8821_firmwaresdr660g_firmwarepm3003awcn3999_firmwareqca6436_firmwareqtc800tsm7350smb1354qca6564au_firmwareqpm8820qfe2081fcqln5020_firmwaresa515m_firmwareapq8084sd821sm6250sd712_firmwareapq8017_firmwarewsa8810_firmwaresmb231sd765_firmwareqdm5677_firmwareqca8081qet4200aqqca6174a_firmwareqpm6325_firmwareqdm2302_firmwarepmm8155aucsr8811qpa8673msm8953_firmwareqca6694ausd210qfe4302_firmwarewcn6850_firmwarewsa8835_firmwaresmb358qca6564aqet6110pmi8952_firmwareqcm2290_firmwareqpm5670wcn3990qcn9000sdx24qcn9012pmi8994_firmwarepm8350bqdm2307_firmwarewsa8835sdm429w_firmwarergr7640aupm8916_firmwareqca9889qca6174asmb1390_firmwareipq8074wcn6750pm7350cqtm525wtr6955qfe3335sd855sm4125_firmwarewtr6955_firmwarepm640pqcn5021qcn5152sd768g_firmwaremsm8209smb1351smb1357_firmwaresd8cx_firmwareipq6005aqt1000_firmwareqcn9100qpm8895_firmwareqpa4340qfe1035_firmwareqcm4290sdr8150sdx20msm8920_firmwaresmb1395_firmwarepmd9655sd8655g_firmwarewcd9341_firmwarewsa8810qtc410s_firmwareqat5568_firmwarewtr4905_firmwaremdm9150qdm5679wcn3680bipq6010_firmwarepm3003a_firmwareqca6696qfe4301sm4350apq8016msm8608_firmwaresd845_firmwaresmb1381_firmwareqpa2625ipq8071_firmwareqcn9074_firmwarepm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CVE-2020-1081
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.23% / 45.81%
||
7 Day CHG~0.00%
Published-21 May, 2020 | 22:53
Updated-04 Aug, 2024 | 06:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An elevation of privilege vulnerability exists when the Windows Printer Service improperly validates file paths while loading printer drivers, aka 'Windows Printer Service Elevation of Privilege Vulnerability'.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2012windows_8.1windows_rt_8.1windows_7windows_10windows_server_2019windows_server_2008WindowsWindows ServerWindows 10 Version 1903 for x64-based SystemsWindows 10 Version 1903 for ARM64-based SystemsWindows 10 Version 1909 for ARM64-based SystemsWindows Server, version 1909 (Server Core installation)Windows 10 Version 1903 for 32-bit SystemsWindows Server, version 1903 (Server Core installation)Windows 10 Version 1909 for 32-bit SystemsWindows 10 Version 1909 for x64-based Systems
CWE ID-CWE-20
Improper Input Validation
CVE-2020-11261
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.29% / 51.69%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 05:00
Updated-30 Jul, 2025 | 01:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-06-01||Apply updates per vendor instructions.

Memory corruption due to improper check to return error when user application requests memory allocation of a huge size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-pmm855auqcm2290_firmwaresd855_firmwarepmk8001_firmwarewcn6850_firmwarepmw3100pm8909_firmwaresd_636_firmwarepm8150c_firmwareqdm2302wcn3990qdm5679qpa8821sa6145pqln5030sd675_firmwareqca6430qpa8842qca9379_firmwareqpa5580_firmwaresmb1380_firmwareqpa8673pm8996_firmwarepm640aqpa8686wcd9340_firmwaresd720gcsrb31024qpm4650_firmwarepm8350b_firmwareqet6110_firmwareqpa8803_firmwarepmx50_firmwareqca6574au_firmwarepmi8952qca6696sd_636sm4125_firmwaresmb1395_firmwaresdr8150_firmwaresmb2351qpm4641apq8009_firmwarepm4125_firmwarecsrb31024_firmwareqcm4290qfs2530_firmwaresa515msmb1381_firmwarepmi8996qtc800tqtm527sdr845pm670l_firmwareqpa6560sm6250_firmwarepm8005_firmwareqdm2301_firmwareqfe4303wtr3905wcn6856_firmwaresd205pm8150qfe4303_firmwarepmk8350qat5522_firmwareqln1030_firmwaresd675qpa8821_firmwaresd662_firmwareqdm5579_firmwareqfe4302qat5533_firmwareqpa8675_firmwarepm6150l_firmwaresmb1396_firmwareqpm8895wcn3910_firmwaresd439_firmwareqca6574auwcn3610_firmwarepm855b_firmwarepmr735asdr735sdr660_firmwareqln1036aq_firmwareaqt1000_firmwaresmb1380sd670_firmwarepmx55pm8009smb1355qca6420_firmwarepm6150aqpm6582qpm6585_firmwaresd_675_firmwarewcd9326sdx50m_firmwaresda429w_firmwaresd205_firmwareqca6431_firmwareqca6421_firmwaresd_455qsw6310apq8096au_firmwaresd820qsm7250_firmwaresdr425qca6564awcn3998sdr735g_firmwareqpm5677qpm5870_firmwareqca4020_firmwaresmr525pm8350bhs_firmwareqat3522wcn3980sm4350qpa5373sd865_5g_firmwaresmb1394_firmwareqln5020_firmwareqpm5875_firmwaresmb1360_firmwarewcn3988pm7250_firmwarepmc1000h_firmwaresd765g_firmwarewcn3660bqtc410sqca6574a_firmwareqpm4630_firmwareapq8017_firmwarewcd9375_firmwaremsm8917_firmwarepmk7350_firmwarepmr525qdm5670_firmwarepm8150bqca6420pme605qat5568_firmwarepmk8350_firmwarepm7150l_firmwareqpa4360_firmwarewcn3998_firmwareqdm4643_firmwarepmw3100_firmwaresd888_5gmdm9650_firmwareqat5522qcs2290_firmwareqca9377sd450_firmwarepm8150_firmwarepmi8994pm6125_firmwareqdm5621sdw2500_firmwaremsm8996au_firmwarepm660l_firmwarecsra6640_firmwareqca6310_firmwareqfe2520qsw8574_firmwarepm8998sdm830_firmwareqpa4340qdm5671_firmwarepmk8003qtc801s_firmwaresa515m_firmwarewgr7640_firmwarepm6150_firmwarepm6250sdm830pmi8996_firmwarepm8998_firmwarepm855qpm5621_firmwaresmb1390_firmwaresdx55qet4101sd210_firmwareqtc410s_firmwareqfe4373fc_firmwaresmb1354wcn6856qpm6325_firmwaresd460_firmwarepm8350c_firmwareqcs610_firmwarewtr4905wcn3610qet5100mwcd9341qfe2550_firmwareqdm2310_firmwarewcn6750_firmwaresd632_firmwareqln1020qcm6125qpa5373_firmwarepmi632_firmwareqfe4305_firmwaresmb1351_firmwaresd_675qdm5652pmx24wcd9385qfs2608_firmwareqca6564aumsm8909wsd888_5g_firmwaresdm429w_firmwarefsm10055wcd9371qpm6325qca6564au_firmwarear8031wtr5975qpm6670qpm5679_firmwareqpm4641_firmwarepm8909qcs605wcn6851sd855qcs6125sa6155pwtr2955sdr425_firmwareqcs2290qcs4290_firmwarepme605_firmwarewtr2965wcn3980_firmwaresm7350sd690_5gwcd9335qpa5461sd820_firmwareapq8037_firmwaresd845qca6310wtr3925qpm8895_firmwarecsra6620_firmwarepm3003awcd9380qpm8830_firmwareqln4642qcs405sdr735gar8031_firmwarepm8940qln5020rgr7640ausdxr1wtr2965_firmwareqat3522_firmwaresd665_firmwaremdm9650sdr660gwcn3615_firmwaresd662msm8917qfs2580pmi8937_firmwareqpm5679qcm4290_firmwareqdm5670qpm5657sdx55mpmk8003_firmwareqdm5677qpm5641_firmwareqtm525_firmwareqpm5579_firmwareqpm5677_firmwareqpm5657_firmwarepm660lsd710qpa2625_firmwarepm8008pm670asd750g_firmwarewcn3991_firmwareqat3550_firmwaresd865_5gsdx55m_firmwareqcs410sa6155_firmwarersw8577sd765wsa8830qpm5577_firmwarepmm6155au_firmwaresd632pmi8994_firmwaresa415mqln4640_firmwaresd429msm8920pmm8155au_firmwareqpm5658_firmwareqca4020qln5040qca6174asa8155_firmwarewsa8835pm456qpm5577pm7250b_firmwarewcn6740_firmwarepmr735b_firmwareqdm2305qpm4630qat3555fsm10056_firmwareqpa8801msm8996ausd665qat5516_firmwarepmm8996ausa8155pmr525_firmwaresm6250qfs2630_firmwarear8035_firmwaresm7350_firmwareqca8337_firmwareqcm2290pm640l_firmwaresdm630_firmwaremsm8920_firmwaresdr660sd670qcm6125_firmwarepm8350_firmwaresdw2500fsm10056qfs2580_firmwareqca6574asmr525_firmwareqdm5579sdx24_firmwaresd845_firmwaresd_8c_firmwarewcd9335_firmwaresd450qpm2630wcn3660_firmwaresmb1395aqt1000pmi632pm7150lsdx20pm670lsd768g_firmwarewtr4905_firmwaremsm8953_firmwareqdm3301qca9377_firmwareqfe2520_firmwarepm6250_firmwareqdm3302_firmwareqfe4309qfe2101pm456_firmwarewtr3950pm855l_firmwarepm8250qet4101_firmwarewcd9370pmi8937pmm8996au_firmwareqdm4650sa415m_firmwarequalcomm215_firmwarear8035qln5030_firmwarewcn3680qcs603_firmwareqfe4373fcpmd9655_firmwareqpm4621_firmwarewcn3620pm6150lwcn3660b_firmwaresd720g_firmwareqtm527_firmwarewcd9385_firmwarepm660_firmwaresd710_firmwareqdm3302pm7150apmx24_firmwareqca6174a_firmwareapq8009wqet5100qpm8820_firmwareqat5568rgr7640au_firmwarewcn3620_firmwareqca6320_firmwareqln4640qpa4340_firmwaresdr052_firmwaresdw3100_firmwaresmb1394qca6436qbt2000sdr675sa6145p_firmwarepm640lqtm525pm8009_firmwarepm8350cpm855lqfe4301_firmwarewcn3990_firmwareqet6100_firmwaresmb231_firmwareqet6110pm3003a_firmwarepmr735bqpm6670_firmwareqtc800hsm7250pqpm5620_firmwaresdx24qpm6621_firmwaremsm8953qat3519_firmwaresd750gsdx55_firmwaresm4350_firmwareqdm5650qat3555_firmwareqsw8573_firmwareqpm4621sd821_firmwarewsa8810sd_8cqca6391qca6436_firmwareqfe2550wcn6750wcd9340sdr8250pm8350bh_firmwareqpm5670_firmwarepm8350qdm5620qpa2625sdr051_firmwareapq8064au_firmwareqbt2000_firmwaresd730sm7250p_firmwarewtr3905_firmwarepm8350bhsqpm5658qca6320sd730_firmwareqca6426_firmwaresmb1350_firmwarepm670_firmwaresdxr2_5g_firmwareqcs410_firmwareqat5515_firmwareqet5100m_firmwarepmx20smb1358pm640a_firmwarear8151_firmwareqpa8686_firmwareqdm5679_firmwaresmb1357_firmwarepm8150l_firmwarepm855pqfe4301sd765gpm8150a_firmwarepm6350sm6250p_firmwareqfe4320_firmwareqpm6582_firmwaresmb1390qca6584au_firmwarepm439_firmwareqpm4640_firmwarecsra6640qca6574qpm6621pm6150a_firmwaresdx20m_firmwareqca9379qsm7250qca6564a_firmwareqcc1110qat3519sdr735_firmwarepmi8952_firmwarepmd9655pm8004wsa8835_firmwarepm8150b_firmwarewgr7640qln1031_firmwaresdr865_firmwareapq8096aupm670a_firmwaresmb1398_firmwarepmk7350wcn6850qca6430_firmwareqdm5650_firmwarewcd9341_firmwarewcn3950qca6421qpa8842_firmwarepm8953qpm5541pm855bsd_8cxqpa8673_firmwareapq8017fsm10055_firmwareqpm5620qln1020_firmwareqca6390qat5515smb1381qpm5870wcd9380_firmwareqfe4309_firmwareqcs610qdm3301_firmwarewtr6955pmk8002_firmwareqat5516apq8064aupm8150lpmm6155aupm8350bhqcc1110_firmwareqpa5581qualcomm215wsa8810_firmwareqpm5621sdw3100sdr052pmx20_firmwarepm855a_firmwaresdr865qpa5580pm8937_firmwaresmb1358_firmwareapq8053_firmwareqtc801ssdxr1_firmwarewcn6851_firmwareqpa8675qdm5677_firmwareqln4650_firmwarepmx55_firmwaresdx50mwcn6740qdm4650_firmwareqfe4308qbt1000qdm4643pm855aqpa8802_firmwareqca6574_firmwareqdm5620_firmwaresd210smb1398qfs2608qca6584auqpa5581_firmwareqtc800s_firmwareqsw8574qpm4650qat3514_firmwarepmr735a_firmwareqln1036aqwsa8815_firmwareqpm5579sd_8cx_firmwarepmc1000hqet5100_firmwarewcn3988_firmwarepmk8002wtr6955_firmwareqdm5671wcn3999_firmwarepm8250_firmwarepm215qat3550csra6620qcs605_firmwaresd765_firmwareqpm6375qpm2630_firmwaresd429_firmwarepm660qpa5461_firmwareqtc800h_firmwareqca6595auqcs6125_firmwarewcd9371_firmwaresdr845_firmwareapq8053sd660_firmwarewtr2955_firmwareqdm2308_firmwarewsa8830_firmwareqln1021aqwsa8815msm8937_firmwareqdm2307_firmwareqet4100_firmwareqet6100qfe2101_firmwaresmb1357pm8940_firmwarepmm8155auapq8009w_firmwareqfe3340smb1350qfe4305qca6391_firmwareqpm5641smb2351_firmwareqbt1500_firmwareqfe4320pmi8998sda429wpm6350_firmwareqsw6310_firmwareqca6564_firmwareqca6390_firmwarepm4125qat3514pm670qfs2530qpa5460qsm8250_firmwarewcn3910pm8937qcs603pm7250wcn3999sd835_firmwareqca6696_firmwareqdm5652_firmwareqat3516_firmwareqpa6560_firmwareqpm6375_firmwaresm6250pmsm8940sdxr2_5gsmb1354_firmwareqln4650qca6595au_firmwarepm855_firmwaresdr051qca6426sm4125qpa4361wcn3950_firmwarepm8916_firmwarewtr5975_firmwaresd439qln1021aq_firmwareqpa4360qpm8820pm660a_firmwarepm8008_firmwaresd_455_firmwarersw8577_firmwareqpa4361_firmwareqtc800spm660asmb1396wcn3680b_firmwareqpa5460_firmwareqln1031wcd9370_firmwareqdm2305_firmwareqpa8802qca6335sd460apq8009sa6155qln1030pmk8001qat3516smb1351sa6155p_firmwarepm7350csd768gsmr526qat3518_firmwarear8151qpm6585qbt1000_firmwareqpm8870pm8150cqdm2302_firmwareqpm8870_firmwarepmm855au_firmwarewtr3950_firmwarewtr3925_firmwarepm439pm8996pm8953_firmwareqpm8830qpa8803wcd9375qca8337msm8940_firmwaresd690_5g_firmwareqdm2308pm6150pmi8998_firmwareqca6335_firmwareqln4642_firmwaresd821wcn3615pm8004_firmwarepm855p_firmwareqln5040_firmwareqdm5621_firmwareqdm2310qfe3340_firmwareqfs2630smb1355_firmwareqcs405_firmwareqsw8573qat3518pm6125smb231msm8937qat5533sdr8150wcn3660pm8150asdr660g_firmwarepm8005qtc800t_firmwarewcn3680bwcn3991qpm5541_firmwaresdx20_firmwaresa8155pqdm2307qsm8250pmx50sdm429wqfe4308_firmwarepm7150a_firmwarepm7350c_firmwareqca6564pm7250bpm8350bpm640pqfe4302_firmwarewcd9326_firmwareqpm5670sa8155p_firmwaresmr526_firmwaresd835pm8916qpm5875sdm630msm8909w_firmwaresdr675_firmwareqpa8801_firmwarewcn3680_firmwareqet4100pm215_firmwareqdm2301qbt1500pm640p_firmwaresdr8250_firmwaresd660smb1360qpm4640qcs4290qca6431sdx20mapq8037Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon WearablesSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-11194
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.80%
||
7 Day CHG~0.00%
Published-22 Feb, 2021 | 06:25
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound access in TA while processing a command from NS side due to improper length check of response buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qpm5679_firmwaresa6150p_firmwareqpm5620_firmwareqdm2307qca6431_firmwareqfs2608_firmwareqfs2530qpm8870_firmwareqpa8802qpm6585_firmwarepm6125qat3519qbt2000_firmwareqat5522_firmwarewcn3950_firmwarepm8150aqtc800hqdm5670sa8150p_firmwareqca6595au_firmwareqcs2290qpa5581_firmwaresa6155sdr8250_firmwarepm7150lqpa8821smr546_firmwareqdm5671qpm4650_firmwareqat3518pm456_firmwareqpa5580_firmwaresdr425_firmwarewcn3998smr526_firmwarewcn3950sm4125sd720gwgr7640_firmwareqdm2305_firmwareqsm8350_firmwareqpm5670_firmwaresd710_firmwareqsm8350sd460_firmwareqdm5652qca6574au_firmwareqpm8870wcd9375_firmwarewcn3998_firmwareqpm5679qbt2000sa6155_firmwarepm855pqca6420pm6150aqpm6670_firmwarepmx50_firmwaresdr735gpm660_firmwarewcn3999pm8150bqdm3301_firmwareqsm7250sa8155_firmwaresd662_firmwareqcs405qca6430pmr735asd765gqdm2308_firmwaresdr660qca6436wcn6851sa6155pqpa6560qfs2630_firmwaresdr675_firmwaresdr865qdm5620_firmwarewcd9341smr545qdm4643_firmwareqca6696_firmwareqca6431qln5020sd750gpmm855au_firmwarewcn3910_firmwaresm4350_firmwaresa8150pqpm5657pm6350qdm5621qtc800sqpm5875_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwareqdm5650wcn3988wtr3925sdr052sa8195p_firmwaresmb1390wcn6750_firmwareqat5516_firmwarepm6150lpm855l_firmwareqpa8686_firmwareqpm6585qtc410swcn3991wcd9380_firmwaresmb1355qln4650qpa8801sdr735g_firmwarewgr7640qat5568qet5100qdm5671_firmwareqpa8801_firmwarepm8150l_firmwareqat5533_firmwaresdx55m_firmwareqpa8673_firmwarepm6150qet4101_firmwaresmb1354_firmwaresd670_firmwareqca6574pm7250bqln4642_firmwareqfs2630qpa8842sdr052_firmwarewcd9380smb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwarepmk8350_firmwaresmb1381pm855p_firmwaresd690_5g_firmwaresdx50m_firmwaresdr735pm7250smb1395pm660lqpa8803smr526qca6430_firmwarepmk8003qtc801s_firmwarewcn3980qdm2301wsa8815wcn6850wcn3910qdm5621_firmwareqdm2301_firmwareqca6426_firmwarepm8350_firmwareqca9984pm8009wcn3980_firmwaresd730sdr051_firmwarepm660l_firmwaresdx55mpm6250_firmwareqca6421_firmwarepm8008pm8350b_firmwareqtm525_firmwareqat3518_firmwareqpm5621_firmwarepm855lwcn6851_firmwareqdm5670_firmwareqpa6560_firmwareqpa8802_firmwarepm7150a_firmwarepm8150b_firmwareqpm5621qpm6582sd670pm8009_firmwaresmr545_firmwareqdm2310_firmwareqfs2580_firmwarepm4250_firmwareqcm4290_firmwarepm8150lqdm5677qsm8250sa6145ppm855_firmwarepm4250pmm6155aupm855b_firmwareqcs405_firmwareqpm6582_firmwarewtr2965qca6391_firmwarewcd9370_firmwareqln4650_firmwareqat3516_firmwareqpm5875sdx55qet5100msa8155psd675qet4101qat3555_firmwareqat3516qpa8803_firmwareqpm5658pm855bar8035_firmwareqcm2290qsm8250_firmwareqpm5658_firmwareqpm5870wcn3991_firmwareqdm5652_firmwarewsa8830pmm8155au_firmwarepm660qet6110_firmwaresdr051qln5030pm6125_firmwareqcs2290_firmwareqbt1500pm4125qpa5581pmi632qpa2625_firmwarepm456pm8350bh_firmwarepmr735b_firmwareqbt1500_firmwareqet5100_firmwareqpm5870_firmwareqpm4621qet6100_firmwareqcs4290qet6100pmm855ausd765g_firmwareqpa8686qca6420_firmwareqca6390_firmwaresd690_5gsmb1396pm7150asd730_firmwarewcd9370sd675_firmwarepm8350qpa5461_firmwaresdr425pm8350c_firmwarepmr525_firmwareqca6426wcn3990_firmwareqca9984_firmwareqpm5641pmi632_firmwarewcd9385_firmwareqdm5650_firmwaresdxr2_5g_firmwarewcd9326_firmwareqat5516pm7250_firmwareqdm5620sd662qpa8821_firmwarepm8350bhpmk8002_firmwarepm3003asa8155qdm4650_firmwaresdx55_firmwarepmm6155au_firmwareqat5533qca6595auwcn3999_firmwaresm7250p_firmwareqca6436_firmwareqsm7250_firmwareqpm6670smb1354pm7150l_firmwareqdm2305sa6155p_firmwareqpm8820qpm4641qat5515_firmwareqln5020_firmwarepm855qpm8830_firmwaresdxr2_5gpm8250smb1398qdm4643qfs2530_firmwarewcn3988_firmwarepmx55qpm4641_firmwaresa6145p_firmwaresdr675pm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresa8195psdr735_firmwaresm6250qpm5677qat5515wsa8810_firmwaresd765_firmwarewcd9326qdm5677_firmwarepm6350_firmwarepm8004_firmwaresdr8150_firmwareqcs4290_firmwarewcd9385qtc800h_firmwareqpm5620pmm8155auqln5040_firmwareqpm4630pm4125_firmwareqca6390wcd9375sd750g_firmwareaqt1000ar8035qpa8673sm6250_firmwarepmm8195auqdm2310qln5030_firmwareqln4642qpm5677_firmwarewsa8815_firmwaresd888_5g_firmwaresmr525_firmwarewtr3925_firmwaresmb1396_firmwarewcn6850_firmwareqpm8820_firmwarewsa8835_firmwareqpm6621_firmwaresmr546qet6110qln5040qcm2290_firmwareqpm8895qpm5670wcn3990pmx55_firmwaresd865_5gpmk8350smb1398_firmwareqpm8830pm8350bqat5522qdm2307_firmwarewsa8835pm8150cpmr735bsd665_firmwareqpm5657_firmwaresd888_5gpmk8003_firmwaresdr660_firmwareqca6574aqpm4640_firmwaresmb1390_firmwareqdm5679_firmwarepm8350csmr525qpm4640wcn6750pm6150l_firmwarepmr525pm8150a_firmwareqet5100m_firmwareqpm4650qtm525qca6574_firmwaresd855sm4125_firmwaresd665pm6150a_firmwarepm6150_firmwaresd765qca6574a_firmwareqpm4630_firmwaresd768g_firmwaresdr865_firmwareqat3555pm8250_firmwaresd460qca6391smb1351qpa5461aqt1000_firmwareqpm8895_firmwarewtr2965_firmwareqcm4290sdx50msdr8150qfs2608qtc801ssmb1395_firmwareqdm4650pmd9655qca6574auqpm5641_firmwaresd710sa8155p_firmwarepm8008_firmwarewcd9341_firmwareqpm6621wsa8810qtc410s_firmwarepmr735a_firmwareqat5568_firmwareqdm2308pmx50qdm5679sdr8250sd768gpm3003a_firmwareqca6696qtc800s_firmwaresm4350smb1381_firmwarepm8004pmk8002qpa2625sa6150ppmm8195au_firmwaresm7250psd720g_firmwareqpm4621_firmwarepm6250qpa5580Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-20
Improper Input Validation
CVE-2020-11195
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.80%
||
7 Day CHG~0.00%
Published-22 Feb, 2021 | 06:25
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound write and read in TA while processing command from NS side due to improper length check on command and response buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100qfe2080fc_firmwareqca9377_firmwareqfs2580qpm5679_firmwaremdm9640_firmwaresm6250p_firmwarepmd9607_firmwareqfe4455fc_firmwareqca8337qfs2608_firmwareqfs2530qpm8870_firmwareqln1030qpa8688pm6125qat5522_firmwarewcn3950_firmwarepm8150aqdm5670qca6595au_firmwareqpm5541_firmwareqpa5581_firmwaresa6155pm7150lqpa8821pm8998_firmwarewtr5975_firmwareqcs6125_firmwarepm456_firmwareqpa5580_firmwaremsm8108sa415mwcn3998wcd9371_firmwaremsm8108_firmwarewcn3950sm4125sd720gwtr1605mdm9206_firmwareqsw8573_firmwarewcn3660bqsm8350_firmwareqsw8574_firmwareqsm8350sd460_firmwaresmb2351_firmwareqpa4360_firmwarewcn3998_firmwarepm855pqca6420wtr4605_firmwarepm6150aqpm6670_firmwareqca9367_firmwaremdm8207pm660_firmwarepm8150bsa8155_firmwareqca4004_firmwareqfe2101qca6430qat3522qfe4455fcpmr735awcd9306_firmwarewcd9340sdm830_firmwaresd765gsdr660msm8209_firmwareqfs2630_firmwaresdr865mdm9250_firmwareqdm5620_firmwaresmr545qca6696_firmwareqln5020wcd9371smb1350pmm855au_firmwaresm4350_firmwaresd_8cxwtr3950sa8150ppm6350qdm5621qtc800sqca4004sd865_5g_firmwaresd712pm640p_firmwarewcn6750_firmwareqat5516_firmwarepm6150lpm855l_firmwareqtc410swcn3991qpa8801pm8150l_firmwareqat5533_firmwaresdx55m_firmwareqpa8673_firmwarepm6150smb1354_firmwaresd670_firmwareqca6574qfs2630qpa8842sdr052_firmwarepmm8996auwcd9380qln4640qcs410qpm5579_firmwaresmb1380_firmwarepmk8350_firmwaresmb1381pm855p_firmwaresd690_5g_firmwareqfe3100_firmwarepm7250qca9379_firmwarewtr4905qpa8803sdx24_firmwareqdm2301wcd9340_firmwarewsa8815wcn6850qfe2101_firmwareqdm5621_firmwareqdm2301_firmwareqpm6375sd_8c_firmwaresd835qca1990wcn3980_firmwaresd730qfe3320_firmwarepm660l_firmwarepm6250_firmwarepm8008pm8350b_firmwareqtm525_firmwarepme605_firmwarewtr1605l_firmwarepme605apq8064au_firmwareqpm5621_firmwareqca6234qln1021aq_firmwareqcs603qpa6560_firmwareqpa8802_firmwareqln4640_firmwareqpm5621qpm6582sd670pm8009_firmwareqfs2580_firmwareqcm4290_firmwarepm8150lpmi8998_firmwareqcs610_firmwaresa6145psdr105pm4250ar8031qpm5577mdm8207_firmwarewtr2965mdm9205_firmwareqca6391_firmwaresd820_firmwarepm8150wcd9370_firmwareqat3516_firmwaresdx55csra6640qat3555_firmwarepmi8994qpa8803_firmwareqca9379pm855bqca6234_firmwareqln1031qsm8250_firmwaresmb2351qpm5870pm8909mdm9150_firmwarewsa8830pm660qet6110_firmwareqpm6325pm6125_firmwareqbt1500qpa5581csrb31024mdm9628_firmwaremdm9650pmx24_firmwarefsm10055_firmwareqbt1500_firmwareqpm5870_firmwarepmk8001qcs4290qet6100pmm855aumdm9250qca6420_firmwareapq8009_firmwaresd690_5gsmb1396pm7150amsm8916_firmwaresd675_firmwarepm8350qca6564qpa4361_firmwarepm8350c_firmwareqpa5461_firmwareqca6426wcn3990_firmwareqca9377qpm5641wcd9385_firmwareqdm5650_firmwaresdxr2_5g_firmwarewcd9326_firmwarewhs9410wcn3615_firmwarewtr2955rgr7640au_firmwarepm7250_firmwaresdr845_firmwareqdm5620qln1021aqsmb1380pmk8002_firmwareqsw6310_firmwaresa8155qln1031_firmwareqdm4650_firmwaresdx55_firmwarepmm6155au_firmwareqat5533wcn3615sm7250p_firmwarewcn3610_firmwareqsm7250_firmwaremdm9207qpm6670pm7150l_firmwarewcd9306qca6584aumsm8208qpm4641qat5515_firmwarepm855qpm8830_firmwarepm8250qca9367qfe2082fc_firmwaremdm9607_firmwaremdm9655_firmwareqdm4643qfs2530_firmwaresa415m_firmwarepmx55qpm4641_firmwarewcn3988_firmwaresd205pm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresa8195psdr735_firmwareqpm5677qat5515qca6694wcd9326wcd9335pm6350_firmwarepm8004_firmwaresdr8150_firmwareqcs4290_firmwareqtc800h_firmwareqpm5620qpm4630qca6390wcd9375sd750g_firmwareaqt1000sm6250_firmwarepmm8195auqln4642qpm5677_firmwarewsa8815_firmwaresd888_5g_firmwaresmr525_firmwarepm8998wtr3925_firmwareqpm8820_firmwaremsm8916qln1020_firmwareqpm6621_firmwarepm670a_firmwareqcm6125_firmwarepmx55_firmwarewtr2955_firmwareqbt1000_firmwaresd865_5gpm8019qca6595pm8150_firmwaresmb1398_firmwareqpm8830pmm8996au_firmwareqat5522pm8150cpmr735bsd665_firmwareqpa4360pmk8003_firmwaresc8180xqpa4361qpm4640_firmwaremdm9206qpm5577_firmwareqdm5679_firmwarepm8350csmr525qca6310_firmwarepm6150l_firmwarepmr525pm8150a_firmwareqca6574_firmwarewtr3950_firmwareqln1036aq_firmwaresd665pm6150a_firmwarepm6150_firmwareqca6175asd765qca6574a_firmwarepmd9607qpm4630_firmwareqat3555sd850_firmwareapq8009qpa5461qfe2082fcwtr2965_firmwarepm670_firmwarecsrb31024_firmwareqfs2608qln1036aqqtc801ssc8180x_firmwareqpm5641_firmwareqfe3320sd710mdm9607pm8008_firmwareqln1035bd_firmwareqpm6621pmr735a_firmwarepmx50qca6564_firmwaresdr8250sd768gqln1030_firmwaresmb1350_firmwarepm8004pm640lpmk8002apq8096au_firmwaresd845sdm830pmd9655au_firmwareqcs410_firmwareqca6175a_firmwareqpa5580qpm5579fsm10055qfe2550sa6150p_firmwareqcs610pmi8996qpm5620_firmwareqdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqat3519qbt2000_firmwarepm855a_firmwareqtc800hsa8150p_firmwareqcs2290sdr8250_firmwareqca6335csra6620_firmwareqcs605_firmwareqln1020sd_675_firmwaresmr546_firmwareqdm5671csra6640_firmwarepmc1000hqpm4650_firmwarewtr3905qat3518sdr425_firmwaresmr526_firmwaremdm9628pm640a_firmwareqpa5460wgr7640_firmwareqdm2305_firmwareqpm5670_firmwaresd710_firmwareqca4020qdm5652qca6574au_firmwareqpm8870wcd9375_firmwareqpm5679qbt2000sa6155_firmwarewcd9360pmx50_firmwareqpa8675_firmwarewhs9410_firmwaresdr735gqpa5460_firmwarewcn3999qdm3301_firmwarepm8996qsm7250qcs6125apq8016_firmwaresd662_firmwaresmb1360qcs405qca1990_firmwareqfe3440fcqdm2308_firmwarefsm10056_firmwareqca4020_firmwareqca6436wcn6851sa6155pqcs603_firmwareqpa6560sdr675_firmwarewcd9341qdm4643_firmwaremdm9655qca6431qet4100_firmwaresd750gwcn3910_firmwareqpm5657wtr1605_firmwaremdm9207_firmwareqpm5875_firmwarewsa8830_firmwaresd855_firmwareqdm5650wcn3988wtr3925qfe2080fcsdr052sa8195p_firmwaresmb1390msm8208_firmwareqet4100wcn3610msm8608mdm9640qpa8686_firmwareqpm6585qca8337_firmwarewcd9380_firmwaresmb1355qln4650qtc800t_firmwarewcd9330msm8996au_firmwaresdr735g_firmwarewgr7640qat5568qet5100qdm5671_firmwareqpa8801_firmwareqca6564auqtm527_firmwarepm8005_firmwareqet4101_firmwarepm7250bqln4642_firmwarepmk8001_firmwaresmb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwarepm8996_firmwareqet4200aq_firmwaresdx50m_firmwaresdr735smb1395pm660lsmr526wtr5975qca6430_firmwarepmk8003qtc801s_firmwarewcd9335_firmwareqat3522_firmwarewcn3980qca6335_firmwareqsw8573qcs605qbt1000sd7cqca6320wcn3910mdm9650_firmwareqca6426_firmwarepm8350_firmwarewcn3660b_firmwarepm8009qpa8675sdr051_firmwarewcd9330_firmwaresdx55mpm670aqca6421_firmwarewtr3905_firmwareqat3518_firmwareqsw8574pmi8998sd821_firmwarear8031_firmwarepm855lwcn6851_firmwareqdm5670_firmwarepm7150a_firmwarepm8150b_firmwaresmr545_firmwarepmc1000h_firmwareqca6564a_firmwareqdm2310_firmwareqca6694au_firmwarepm4250_firmwaresdr105_firmwarepm670sd210_firmwarewtr1605lqdm5677pm8005qsm8250pm855_firmwareqdm2302pmm6155ausdxr1pm855b_firmwareapq8096auqca6595_firmwareqcs405_firmwareqpm6582_firmwareqpm6375_firmwarepm640l_firmwarepmi8996_firmwareqln4650_firmwareqpm5875qet5100msa8155psd675wtr4605qet4101qat3516pm670lqpm5658ar8035_firmwareqcm2290qpm5658_firmwarewcn3991_firmwareqdm5652_firmwarepmm8155au_firmwareqfe4465fcsdr051qln5030qcs2290_firmwarepm4125fsm10056pmi632qpa2625_firmwarepm456sd7c_firmwareqfe2081fc_firmwarepm8350bh_firmwarecsra6620pmr735b_firmwareqet5100_firmwareqpm4621smb1360_firmwareqet6100_firmwarepm670l_firmwaresdr660gsd765g_firmwareqpa8686qca6390_firmwaresd730_firmwarewcd9370sdr425pmr525_firmwareqca6584au_firmwarepmi632_firmwaresd_8cx_firmwareqpm5541qat5516smb358_firmwaresd662qpa8821_firmwaresdr660g_firmwarepm8350bhpm3003aqca6320_firmwarewcn3680b_firmwareqca6595auwcn3999_firmwareqca6436_firmwareqtc800tsmb1354qca6564au_firmwareqdm2305sa6155p_firmwareqca6310qpm8820qpm2630qfe2081fcqln5020_firmwaresdxr2_5gsmb1398sd821sa6145p_firmwaresdr675sm6250sd712_firmwarewsa8810_firmwaresmb231sd765_firmwareqdm5677_firmwareqet4200aqqca6174a_firmwarewcd9385qpm6325_firmwareqdm2302_firmwareqat3550_firmwarepmm8155auqln5040_firmwarepm4125_firmwarear8035pm8019_firmwareapq8064auqca6694_firmwareqpa8673qdm2310qfe2550_firmwareqln5030_firmwareqca6694ausd210wcn3620_firmwaresd820smb1396_firmwarewcn6850_firmwarewcn3620wsa8835_firmwaresmb358qca6564asmr546pmx24qet6110qln5040qcm2290_firmwareqpm8895sdr845qpm5670wcn3990sd_675qtm527qfe3440fc_firmwarepmk8350sdx24pmi8994_firmwarepm8350bqdm2307_firmwarewsa8835msm8996auqpm5657_firmwaresd888_5gsm6250prgr7640auqln1035bdpm855asdr660_firmwarepm8909_firmwareqca6574apm8916_firmwaresmb1390_firmwareqca6174aqpm4640wcn6750qet5100m_firmwareqpm4650mdm9205qtm525wtr6955sd855sm4125_firmwarewtr6955_firmwarepm640psd768g_firmwaresdr865_firmwaremsm8209qfe4465fc_firmwarepm8250_firmwaresd460qca6391sdxr1_firmwaresmb1351aqt1000_firmwareqpm8895_firmwareqcm4290sdx50mpm640asdr8150pm8916pmd9655ausmb1395_firmwareqdm4650pmd9655qca6574ausa8155p_firmwaresd205_firmwareqsw6310wcd9341_firmwareqcm6125wsa8810qtc410s_firmwareqpm2630_firmwaresmb231_firmwareqat5568_firmwareqdm2308qat3550mdm9150wtr4905_firmwareqdm5679sd_8cwcn3680bsd835_firmwarepm3003a_firmwareqca6696qtc800s_firmwaresm4350apq8016msm8608_firmwaresd845_firmwaresmb1381_firmwareqpa2625sa6150pqpa8688_firmwarepmm8195au_firmwaresm7250psd720g_firmwareqpm4621_firmwaresd850pm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
CVE-2020-11178
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.80%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 05:00
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Trusted APPS to overwrite the CPZ memory of another use-case as TZ only checks the physical address not overlapping with its memory and its RoT memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qca9377_firmwareqpm5679_firmwaresm6250p_firmwareqca8337qfs2530qpm8870_firmwareqpa8688pm6125qat5522_firmwarewcn3950_firmwarepm8150asc8180x\+sdx55qdm5670qca6595au_firmwareqpm5541_firmwareqpa5581_firmwaresa6155pm7150lqpa8821pm8998_firmwarewtr5975_firmwarepm456_firmwareqpa5580_firmwaresa415mwcn3998wcd9371_firmwarewcn3950sm4125sd720gqsw8573_firmwareqsw8574_firmwaresd460_firmwaresmb2351_firmwareqpa4360_firmwarewcn3998_firmwarepm855pqca6420pm6150apm660_firmwarepm8150bsa8155_firmwareqca4004_firmwareqca6430qat3522pmr735awcd9306_firmwarewcd9340sdm830_firmwaresd765gsdr660sdr865qdm5620_firmwareqca6696_firmwareqln5020wcd9371pmm855au_firmwaresm4350_firmwaresd_8cxsa8150ppm6350qdm5621qtc800sqca4004sd865_5g_firmwaresd712pm640p_firmwarewcn6750_firmwareqat5516_firmwarepm6150lpm855l_firmwareqtc410swcn3991qpa8801pm8150l_firmwareqat5533_firmwaresdx55m_firmwareqpa8673_firmwarepm6150smb1354_firmwaresd670_firmwareqca6574qpa8842sdr052_firmwarewcd9380qcs410qpm5579_firmwaresmb1380_firmwaresmb1381pm855p_firmwaresd690_5g_firmwarepm7250qpa8803sdx24_firmwareqdm2301wcd9340_firmwarewsa8815wcn6850qdm5621_firmwareqdm2301_firmwareqpm6375sd_8c_firmwarewcn3980_firmwaresd730pm660l_firmwarepm6250_firmwarepm8008qtm525_firmwarepme605_firmwarepme605qpm5621_firmwareqln1021aq_firmwareqcs603qpa6560_firmwareqpa8802_firmwareqln4640_firmwareqpm5621qpm6582sd670pm8009_firmwareqfs2580_firmwareqcm4290_firmwarepm8150lpmi8998_firmwareqcs610_firmwaresa6145psdr105ar8031qpm5577wtr2965mdm9205_firmwareqca6391_firmwarepm8150wcd9370_firmwareqat3516_firmwaresdx55csra6640qat3555_firmwareqpa8803_firmwarepm855bsmb2351qln1031qsm8250_firmwarewsa8830pm660qet6110_firmwareqpm6325pm6125_firmwareqbt1500qpa5581csrb31024pmx24_firmwarefsm10055_firmwareqbt1500_firmwareqcs4290qet6100pmm855auqca6420_firmwaresd690_5gsmb1396pm7150asd675_firmwareqca6564qpa4361_firmwareqca6426wcn3990_firmwareqca9984_firmwareqca9377wcd9385_firmwareqdm5650_firmwaresdxr2_5g_firmwarewcd9326_firmwarewhs9410pm7250_firmwareqdm5620qln1021aqsmb1380pmk8002_firmwareqsw6310_firmwaresa8155qln1031_firmwaresdx55_firmwarepmm6155au_firmwareqat5533sm7250p_firmwareqsm7250_firmwarepm7150l_firmwarewcd9306qca6584auqat5515_firmwarepm855qpm8830_firmwarepm8250qfs2530_firmwaresa415m_firmwarepmx55wcn3988_firmwarepm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresa8195psdr735_firmwareqpm5677qat5515wcd9326wcd9335pm6350_firmwarepm8004_firmwaresdr8150_firmwareqcs4290_firmwareqtc800h_firmwareqpm5620qca6390wcd9375sd750g_firmwareaqt1000sc8180x\+sdx55_firmwarepmm8195ausm6250_firmwareqln4642qpm5677_firmwarewsa8815_firmwarewtr3925_firmwaresmr525_firmwarepm8998qpm8820_firmwarepm670a_firmwarepmx55_firmwaresd865_5gqca6595pm8150_firmwareqpm8830qat5522pm8150cpmr735bsd665_firmwareqpa4360pmk8003_firmwareqpa4361qpm5577_firmwareqdm5679_firmwaresmr525qca6310_firmwarepm6150l_firmwarepmr525pm8150a_firmwareqca6574_firmwareqln1036aq_firmwaresd665pm6150a_firmwarepm6150_firmwareqca6175asd765qca6574a_firmwareqat3555sd850_firmwarewtr2965_firmwarepm670_firmwarecsrb31024_firmwareqln1036aqqtc801ssd710pm8008_firmwarepmr735a_firmwarepmx50qca6564_firmwaresdr8250sd768gpm8004pm640lpmk8002sd845sdm830qcs410_firmwareqca6175a_firmwareqpa5580qpm5579fsm10055sa6150p_firmwareqcs610qpm5620_firmwareqdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqat3519qbt2000_firmwareqtc800hsa8150p_firmwareqcs2290sdr8250_firmwareqca6335csra6620_firmwareqcs605_firmwaresd_675_firmwareqdm5671csra6640_firmwarepmc1000hqpm4650_firmwareqat3518sdr425_firmwaresmr526_firmwareqpa5460pm640a_firmwarewgr7640_firmwareqdm2305_firmwareqpm5670_firmwaresd710_firmwareqdm5652qca6574au_firmwareqpm8870wcd9375_firmwareqpm5679qbt2000sa6155_firmwarewcd9360pmx50_firmwareqpa8675_firmwarewhs9410_firmwaresdr735gqpa5460_firmwarewcn3999qdm3301_firmwareqsm7250sd662_firmwareqcs405qdm2308_firmwarefsm10056_firmwareqca6436wcn6851sa6155pqcs603_firmwareqpa6560sdr675_firmwarewcd9341qca6431qet4100_firmwaresd750gwcn3910_firmwareqpm5657wsa8830_firmwaresd855_firmwareqdm5650wcn3988wtr3925sdr052sa8195p_firmwaresmb1390qet4100qpa8686_firmwareqpm6585qca8337_firmwarewcd9380_firmwaresmb1355qln4650sdr735g_firmwarewgr7640qet5100qdm5671_firmwareqpa8801_firmwareqca6564auqtm527_firmwarepm8005_firmwareqet4101_firmwarepm7250bqln4642_firmwaresmb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwareqet4200aq_firmwaresdx50m_firmwaresdr735smb1395pm660lsmr526wtr5975qca6430_firmwarepmk8003qtc801s_firmwarewcd9335_firmwareqat3522_firmwarewcn3980qca6335_firmwareqsw8573qcs605sd7cwcn3910qca6426_firmwareqca9984pm8009qpa8675sdr051_firmwaresdx55mpm670aqca6421_firmwareqat3518_firmwareqsw8574pmi8998ar8031_firmwarepm855lwcn6851_firmwareqdm5670_firmwarepm7150a_firmwarepm8150b_firmwarepmc1000h_firmwareqca6564a_firmwareqdm2310_firmwaresdr105_firmwarepm670qdm5677pm8005qsm8250pm855_firmwareqdm2302pmm6155ausdxr1pm855b_firmwareqca6595_firmwareqcs405_firmwareqpm6582_firmwareqpm6375_firmwarepm640l_firmwareqln4650_firmwareqet5100msa8155psd675qet4101qat3516pm670lqpm5658ar8035_firmwareqcm2290qpm5658_firmwarewcn3991_firmwareqdm5652_firmwarepmm8155au_firmwaresdr051qln5030qcs2290_firmwarepm4125fsm10056pmi632qpa2625_firmwarepm456sd7c_firmwarepmr735b_firmwarecsra6620qet5100_firmwareqet6100_firmwarepm670l_firmwaresdr660gsd765g_firmwareqpa8686qca6390_firmwaresd730_firmwarewcd9370sdr425pmr525_firmwareqca6584au_firmwarepmi632_firmwaresd_8cx_firmwareqpm5541qat5516sd662qpa8821_firmwaresdr660g_firmwarepm3003aqca6595auwcn3999_firmwareqca6436_firmwaresmb1354qca6564au_firmwareqdm2305sa6155p_firmwareqca6310qpm8820qln5020_firmwaresdxr2_5gsa6145p_firmwaresdr675sm6250sd712_firmwarewsa8810_firmwaresmb231sd765_firmwareqdm5677_firmwareqet4200aqqca6174a_firmwarewcd9385qpm6325_firmwareqdm2302_firmwareqat3550_firmwarepmm8155auqln5040_firmwarepm4125_firmwarear8035qpa8673qdm2310qln5030_firmwaresmb1396_firmwarewcn6850_firmwarewsa8835_firmwareqca6564apmx24qet6110qln5040qcm2290_firmwareqpm8895qpm5670wcn3990sd_675qtm527sdx24qdm2307_firmwarewsa8835qpm5657_firmwaresm6250psdr660_firmwareqca6574asmb1390_firmwareqca6174awcn6750qet5100m_firmwareqpm4650mdm9205qtm525sd855sm4125_firmwarepm640psd768g_firmwaresdr865_firmwarepm8250_firmwarepm6250sd460qca6391sdxr1_firmwaresmb1351aqt1000_firmwareqpm8895_firmwareqcm4290sdx50mpm640asdr8150smb1395_firmwarepmd9655qca6574ausa8155p_firmwareqsw6310wcd9341_firmwarewsa8810qtc410s_firmwaresmb231_firmwareqdm2308qat3550qdm5679sd_8cpm3003a_firmwareqca6696qtc800s_firmwaresm4350sd845_firmwaresmb1381_firmwareqpa2625sa6150pqpa8688_firmwarepmm8195au_firmwaresm7250psd720g_firmwaresd850qln4640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-20
Improper Input Validation
CVE-2020-0984
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.54% / 66.76%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 15:13
Updated-04 Aug, 2024 | 06:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An elevation of privilege vulnerability exists when the Microsoft AutoUpdate (MAU) application for Mac improperly validates updates before executing them, aka 'Microsoft (MAU) Office Elevation of Privilege Vulnerability'.

Action-Not Available
Vendor-Microsoft Corporation
Product-autoupdateMicrosoft AutoUpdate for Mac
CWE ID-CWE-20
Improper Input Validation
CVE-2022-20512
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.14%
||
7 Day CHG~0.00%
Published-16 Dec, 2022 | 00:00
Updated-21 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In navigateUpTo of Task.java, there is a possible way to launch an intent handler with a mismatched intent due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-238602879

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-20
Improper Input Validation
CVE-2013-3951
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.06% / 19.35%
||
7 Day CHG~0.00%
Published-05 Jun, 2013 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

sys/openbsd/stack_protector.c in libc in Apple iOS 6.1.3 and Mac OS X 10.8.x does not properly parse the Apple strings employed in the user-space stack-cookie implementation, which allows local users to bypass cookie randomization by executing a program with a call-path beginning with the stack-guard= substring, as demonstrated by an iOS untethering attack or an attack against a setuid Mac OS X program.

Action-Not Available
Vendor-n/aApple Inc.
Product-mac_os_xiphone_oswatchosn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2020-0130
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.12% / 32.46%
||
7 Day CHG~0.00%
Published-17 Sep, 2020 | 20:46
Updated-04 Aug, 2024 | 05:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In screencap, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege in a system process with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-123230379

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CWE ID-CWE-20
Improper Input Validation
CVE-2020-0041
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-22.95% / 95.70%
||
7 Day CHG~0.00%
Published-10 Mar, 2020 | 19:56
Updated-30 Jul, 2025 | 01:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.

In binder_transaction of binder.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-145988638References: Upstream kernel

Action-Not Available
Vendor-n/aAndroidGoogle LLC
Product-androidAndroidAndroid Kernel
CWE ID-CWE-20
Improper Input Validation
CVE-2020-0050
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 9.97%
||
7 Day CHG~0.00%
Published-10 Mar, 2020 | 20:03
Updated-04 Aug, 2024 | 05:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In nfa_hciu_send_msg of nfa_hci_utils.cc, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege in the NFC server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-124521372

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CVE-2025-24486
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.02% / 3.94%
||
7 Day CHG~0.00%
Published-12 Aug, 2025 | 16:59
Updated-14 Aug, 2025 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/a
Product-Intel(R) 700 Series Ethernet
CWE ID-CWE-20
Improper Input Validation
CVE-2025-24484
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-8.8||HIGH
EPSS-0.02% / 3.94%
||
7 Day CHG~0.00%
Published-12 Aug, 2025 | 16:58
Updated-14 Aug, 2025 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/a
Product-Intel(R) 800 Series Ethernet
CWE ID-CWE-20
Improper Input Validation
CVE-2023-40097
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.03% / 6.54%
||
7 Day CHG~0.00%
Published-04 Dec, 2023 | 22:40
Updated-02 Aug, 2024 | 18:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In hasPermissionForActivity of PackageManagerHelper.java, there is a possible URI grant due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-20
Improper Input Validation
CVE-2025-24060
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.16% / 37.49%
||
7 Day CHG~0.00%
Published-08 Apr, 2025 | 17:24
Updated-03 Jul, 2025 | 13:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft DWM Core Library Elevation of Privilege Vulnerability

Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2022_23h2windows_11_22h2windows_10_22h2windows_11_24h2windows_server_2025windows_server_2019windows_11_23h2windows_10_1809windows_10_21h2windows_server_2022Windows 10 Version 1809Windows 11 Version 23H2Windows 11 Version 24H2Windows Server 2022Windows Server 2019 (Server Core installation)Windows 10 Version 21H2Windows Server 2025 (Server Core installation)Windows 11 version 22H2Windows 10 Version 22H2Windows 11 version 22H3Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2019Windows Server 2025
CWE ID-CWE-20
Improper Input Validation
CVE-2020-0572
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 16.80%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 18:56
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in the firmware for Intel(R) Server Board S2600ST and S2600WF families may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-server_board_s2600stqrserver_board_s2600wf0rserver_board_s2600wf_firmwareserver_board_s2600stbrserver_board_s2600st_firmwareserver_board_s2600wfqrserver_board_s2600wftrIntel(R) Server Board S2600ST and S2600WF families
CWE ID-CWE-20
Improper Input Validation
CVE-2020-0555
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.93%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 03:29
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel(R) Wireless Bluetooth(R) products may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-ac_8265ac_9462ac_3165_firmwareac_9560_firmwareac_8265_firmwareac_7265_firmwareax200ac_3165ac_9461ac_8260ac_9260ac_9461_firmwareac_9462_firmwareac_3168ac_9560ax200_firmwareac_3168_firmwareax201ax201_firmwareac_9260_firmwareac_7265ac_8260_firmwareIntel(R) Wireless Bluetooth(R) Advisory
CWE ID-CWE-20
Improper Input Validation
CVE-2025-24058
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.16% / 37.49%
||
7 Day CHG~0.00%
Published-08 Apr, 2025 | 17:23
Updated-10 Jul, 2025 | 15:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows DWM Core Library Elevation of Privilege Vulnerability

Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2022_23h2windows_10_21h2windows_server_2019windows_11_23h2windows_server_2022windows_11_24h2windows_10_1809windows_server_2025windows_11_22h2windows_10_22h2Windows 10 Version 1809Windows 11 Version 23H2Windows 11 Version 24H2Windows Server 2022Windows Server 2019 (Server Core installation)Windows 10 Version 21H2Windows Server 2025 (Server Core installation)Windows 11 version 22H2Windows 10 Version 22H2Windows 11 version 22H3Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2019Windows Server 2025
CWE ID-CWE-20
Improper Input Validation
CVE-2025-24073
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.16% / 37.49%
||
7 Day CHG~0.00%
Published-08 Apr, 2025 | 17:23
Updated-03 Jul, 2025 | 13:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft DWM Core Library Elevation of Privilege Vulnerability

Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2022_23h2windows_11_22h2windows_10_22h2windows_11_24h2windows_10_1507windows_10_1607windows_server_2025windows_server_2019windows_11_23h2windows_10_1809windows_server_2016windows_10_21h2windows_server_2022Windows 10 Version 1809Windows 11 Version 23H2Windows 11 Version 24H2Windows Server 2016 (Server Core installation)Windows Server 2019 (Server Core installation)Windows 10 Version 21H2Windows 11 version 22H2Windows 10 Version 22H2Windows 11 version 22H3Windows 10 Version 1507Windows 10 Version 1607Windows Server 2016Windows Server 2025Windows Server 2022Windows Server 2025 (Server Core installation)Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2019
CWE ID-CWE-20
Improper Input Validation
CVE-2025-24074
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.16% / 37.49%
||
7 Day CHG~0.00%
Published-08 Apr, 2025 | 17:23
Updated-03 Jul, 2025 | 13:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft DWM Core Library Elevation of Privilege Vulnerability

Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2022_23h2windows_11_22h2windows_10_22h2windows_11_24h2windows_server_2025windows_server_2019windows_11_23h2windows_10_1809windows_10_21h2windows_server_2022Windows 10 Version 1809Windows 11 Version 23H2Windows 11 Version 24H2Windows Server 2022Windows Server 2019 (Server Core installation)Windows 10 Version 21H2Windows Server 2025 (Server Core installation)Windows 11 version 22H2Windows 10 Version 22H2Windows 11 version 22H3Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2019Windows Server 2025
CWE ID-CWE-20
Improper Input Validation
CVE-2025-24005
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-7.8||HIGH
EPSS-0.03% / 4.98%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 06:59
Updated-11 Jul, 2025 | 14:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Local Privilege Escalation via Vulnerable SSH Script

A local attacker with a local user account can leverage a vulnerable script via SSH to escalate privileges to root due to improper input validation.

Action-Not Available
Vendor-Phoenix Contact GmbH & Co. KG
Product-charx_sec-3100charx_sec-3150charx_sec-3050_firmwarecharx_sec-3050charx_sec-3100_firmwarecharx_sec-3150_firmwarecharx_sec-3000_firmwarecharx_sec-3000CHARX SEC-3050CHARX SEC-3150CHARX SEC-3100CHARX SEC-3000
CWE ID-CWE-20
Improper Input Validation
CVE-2025-24062
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.16% / 37.49%
||
7 Day CHG~0.00%
Published-08 Apr, 2025 | 17:24
Updated-03 Jul, 2025 | 13:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft DWM Core Library Elevation of Privilege Vulnerability

Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2022_23h2windows_11_22h2windows_10_22h2windows_11_24h2windows_server_2025windows_11_23h2windows_10_21h2windows_server_2022Windows 11 Version 23H2Windows 11 Version 24H2Windows Server 2022Windows 10 Version 21H2Windows Server 2025 (Server Core installation)Windows 10 Version 22H2Windows 11 version 22H2Windows 11 version 22H3Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2025
CWE ID-CWE-20
Improper Input Validation
CVE-2023-39537
Matching Score-4
Assigner-AMI
ShareView Details
Matching Score-4
Assigner-AMI
CVSS Score-7.5||HIGH
EPSS-0.07% / 20.63%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 21:24
Updated-14 Aug, 2024 | 19:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper input validation in BIOS TCG2

AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper input validation via the local network. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity and availability.

Action-Not Available
Vendor-AMI
Product-aptio_vAptioVaptio_v
CWE ID-CWE-20
Improper Input Validation
CVE-2019-5700
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 13.59%
||
7 Day CHG~0.00%
Published-09 Oct, 2019 | 21:05
Updated-04 Aug, 2024 | 20:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA Shield TV Experience prior to v8.0.1, NVIDIA Tegra software contains a vulnerability in the bootloader, where it does not validate the fields of the boot image, which may lead to code execution, denial of service, escalation of privileges, and information disclosure.

Action-Not Available
Vendor-n/aGoogle LLCNVIDIA Corporation
Product-shield_experienceandroidNVIDIA SHIELD TV
CWE ID-CWE-20
Improper Input Validation
CVE-2023-38587
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.05% / 16.27%
||
7 Day CHG~0.00%
Published-19 Jan, 2024 | 20:03
Updated-17 Jun, 2025 | 21:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in some Intel NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_kit_nuc8i7bek_firmwarenuc_8_home_nuc8i3behfa_firmwarenuc_kit_nuc8i5behnuc_kit_nuc8i7beknuc_kit_nuc8i5behs_firmwarenuc_kit_nuc8i3beh_firmwarenuc_kit_nuc8i7behnuc_8_enthusiast_nuc8i7bekqa_firmwarenuc_8_enthusiast_nuc8i7bekqanuc_8_home_nuc8i5behfanuc_8_home_nuc8i5bekpa_firmwarenuc_kit_nuc8i7beh_firmwarenuc_kit_nuc8i3behsnuc_kit_nuc8i3beknuc_kit_nuc8i5beh_firmwarenuc_8_enthusiast_nuc8i7behganuc_kit_nuc8i5beknuc_kit_nuc8i5behsnuc_kit_nuc8i3behnuc_kit_nuc8i3bek_firmwarenuc_kit_nuc8i5bek_firmwarenuc_8_home_nuc8i5bekpanuc_8_home_nuc8i3behfanuc_8_enthusiast_nuc8i7behga_firmwarenuc_8_home_nuc8i5behfa_firmwarenuc_kit_nuc8i3behs_firmwareIntel NUC BIOS firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2019-5678
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-7.8||HIGH
EPSS-0.14% / 35.18%
||
7 Day CHG~0.00%
Published-31 May, 2019 | 21:12
Updated-04 Aug, 2024 | 20:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA GeForce Experience versions prior to 3.19 contains a vulnerability in the Web Helper component, in which an attacker with local system access can craft input that may not be properly validated. Such an attack may lead to code execution, denial of service or information disclosure.

Action-Not Available
Vendor-NVIDIA CorporationMicrosoft Corporation
Product-windowsgeforce_experienceNVIDIA GeForce Experience
CWE ID-CWE-20
Improper Input Validation
CVE-2021-20268
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.18% / 39.80%
||
7 Day CHG~0.00%
Published-09 Mar, 2021 | 17:16
Updated-03 Aug, 2024 | 17:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls dev_map_init_map or sock_map_alloc. This flaw allows a local user to crash the system or possibly escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kernelkernel
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2025-21460
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 5.38%
||
7 Day CHG~0.00%
Published-06 May, 2025 | 08:32
Updated-09 May, 2025 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in Automotive Software platform based on QNX

Memory corruption while processing a message, when the buffer is controlled by a Guest VM, the value can be changed continuously.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qam8295pqca6696_firmwaresa8775psa8770p_firmwaresa9000pqam8295p_firmwareqam8255p_firmwareqca6698aq_firmwaresrv1lsa8540p_firmwareqca6696srv1h_firmwaresa8775p_firmwaresa6150p_firmwareqca6595sa8295psa8620p_firmwareqca6688aq_firmwareqam8620psa6155p_firmwareqam8775p_firmwaresa8155_firmwaresa8195p_firmwareqca6574au_firmwaresa8155p_firmwaresa8255p_firmwaresa8155qam8255pqca6595ausa8145p_firmwareqca6698aqsrv1msa8150pqamsrv1hsa7775p_firmwaresa8650pqam8650psa6155sa7775pqca6574ausa9000p_firmwareqam8775psa6145psa8195pqca6574a_firmwaresa6150pqca6595au_firmwaresrv1l_firmwaresa8255psa8540psa8295p_firmwareqca6595_firmwareqca6688aqqca6574asa8620pqamsrv1h_firmwaresa8150p_firmwaresa7255p_firmwaresrv1hsa6145p_firmwaresa6155_firmwaresa8770pqam8650p_firmwareqamsrv1msa6155psa8155psa8145psa7255pqam8620p_firmwaresa8650p_firmwareqamsrv1m_firmwaresrv1m_firmwareSnapdragon
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-39535
Matching Score-4
Assigner-AMI
ShareView Details
Matching Score-4
Assigner-AMI
CVSS Score-7.5||HIGH
EPSS-0.07% / 20.63%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 21:23
Updated-29 Aug, 2024 | 20:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper input validation in BIOS

AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper input validation via the local network. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity and availability.

Action-Not Available
Vendor-AMI
Product-aptio_vAptioVaptio_v
CWE ID-CWE-20
Improper Input Validation
CVE-2025-21234
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.33% / 54.83%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 18:03
Updated-02 Apr, 2025 | 13:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability

Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_11_24h2windows_11_22h2windows_server_2022windows_server_2022_23h2windows_10_21h2windows_10_22h2windows_server_2025windows_11_23h2Windows 11 version 22H3Windows 10 Version 21H2Windows 11 Version 23H2Windows Server 2022, 23H2 Edition (Server Core installation)Windows 10 Version 22H2Windows Server 2025 (Server Core installation)Windows Server 2022Windows Server 2025Windows 11 version 22H2Windows 11 Version 24H2
CWE ID-CWE-20
Improper Input Validation
CVE-2025-21375
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.15% / 36.09%
||
7 Day CHG~0.00%
Published-11 Feb, 2025 | 17:58
Updated-12 Mar, 2025 | 01:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2012windows_10_1809windows_10_22h2windows_10_21h2windows_server_2022_23h2windows_11_22h2windows_11_23h2windows_10_1607windows_11_24h2windows_server_2025windows_server_2022windows_10_1507windows_server_2019windows_server_2008windows_server_2016Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2025 (Server Core installation)Windows Server 2008 Service Pack 2Windows Server 2008 R2 Service Pack 1Windows Server 2012 R2 (Server Core installation)Windows Server 2025Windows Server 2012Windows 10 Version 1507Windows 11 version 22H2Windows 10 Version 1607Windows Server 2022Windows Server 2008 Service Pack 2Windows Server 2019Windows Server 2012 (Server Core installation)Windows Server 2008 Service Pack 2 (Server Core installation)Windows 10 Version 21H2Windows 10 Version 22H2Windows 11 Version 23H2Windows Server 2016Windows Server 2012 R2Windows 11 version 22H3Windows Server 2019 (Server Core installation)Windows 10 Version 1809Windows 11 Version 24H2Windows Server 2016 (Server Core installation)Windows Server 2022, 23H2 Edition (Server Core installation)
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-20
Improper Input Validation
CVE-2023-36407
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-10.65% / 93.01%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 17:57
Updated-29 Apr, 2025 | 23:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Hyper-V Elevation of Privilege Vulnerability

Windows Hyper-V Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2022_23h2windows_11_22h2windows_11_21h2windows_server_2022windows_11_23h2Windows 11 version 21H2Windows 11 version 22H3Windows 11 Version 23H2Windows 11 version 22H2Windows Server 2022Windows Server 2022, 23H2 Edition (Server Core installation)
CWE ID-CWE-20
Improper Input Validation
CVE-2025-21235
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.33% / 54.83%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 18:03
Updated-02 Apr, 2025 | 13:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability

Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_11_24h2windows_11_22h2windows_server_2022windows_server_2022_23h2windows_10_21h2windows_10_22h2windows_server_2025windows_11_23h2Windows 11 version 22H3Windows 10 Version 21H2Windows 11 Version 23H2Windows Server 2022, 23H2 Edition (Server Core installation)Windows 10 Version 22H2Windows Server 2025 (Server Core installation)Windows Server 2022Windows Server 2025Windows 11 version 22H2Windows 11 Version 24H2
CWE ID-CWE-20
Improper Input Validation
CVE-2023-36731
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.72% / 71.60%
||
7 Day CHG~0.00%
Published-10 Oct, 2023 | 17:07
Updated-14 Apr, 2025 | 22:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Win32k Elevation of Privilege Vulnerability

Win32k Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607Windows 10 Version 1607Windows Server 2008 Service Pack 2Windows Server 2012 (Server Core installation)Windows Server 2016 (Server Core installation)Windows 11 version 22H2Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 10 Version 1809Windows 10 Version 22H2Windows Server 2016Windows Server 2012 R2Windows 10 Version 1507Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1Windows Server 2019 (Server Core installation)Windows Server 2008 Service Pack 2Windows Server 2012Windows Server 2012 R2 (Server Core installation)Windows 11 version 21H2Windows Server 2022Windows Server 2019Windows 10 Version 21H2
CWE ID-CWE-20
Improper Input Validation
CVE-2025-21370
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.27% / 49.86%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 18:04
Updated-02 Apr, 2025 | 13:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability

Windows Virtualization-Based Security (VBS) Enclave Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_11_23h2windows_11_22h2windows_11_24h2Windows 11 Version 23H2Windows 11 version 22H2Windows 11 version 22H3Windows 11 Version 24H2
CWE ID-CWE-20
Improper Input Validation
CVE-2021-1085
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-7.3||HIGH
EPSS-0.04% / 12.02%
||
7 Day CHG~0.00%
Published-29 Apr, 2021 | 18:50
Updated-03 Aug, 2024 | 15:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA vGPU driver contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where there is the potential to write to a shared memory location and manipulate the data after the data has been validated, which may lead to denial of service and escalation of privileges and information disclosure but attacker doesn't have control over what information is obtained. This affects vGPU version 12.x (prior to 12.2), version 11.x (prior to 11.4) and version 8.x (prior to 8.7).

Action-Not Available
Vendor-nutanixVMware (Broadcom Inc.)NVIDIA CorporationCitrix (Cloud Software Group, Inc.)Red Hat, Inc.
Product-enterprise_linux_kernel-based_virtual_machinehypervisorvirtual_gpu_managervsphereahvNVIDIA Virtual GPU Software
CWE ID-CWE-20
Improper Input Validation
CVE-2023-29495
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-7.5||HIGH
EPSS-0.06% / 17.86%
||
7 Day CHG~0.00%
Published-19 Jan, 2024 | 20:03
Updated-09 May, 2025 | 15:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation for some Intel NUC BIOS firmware before version IN0048 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_8_mainstream-g_kit_nuc8i5inhnuc_8_mainstream-g_kit_nuc8i5inh_firmwarenuc_8_mainstream-g_kit_nuc8i7inhnuc_8_mainstream-g_kit_nuc8i7inh_firmwareIntel NUC BIOS firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2023-30657
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-6.2||MEDIUM
EPSS-0.04% / 10.57%
||
7 Day CHG~0.00%
Published-06 Jul, 2023 | 02:51
Updated-24 Oct, 2024 | 15:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation vulnerability in EnhancedAttestationResult prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities.

Action-Not Available
Vendor-SamsungSamsung Electronics
Product-androidSamsung Mobile Devices
CWE ID-CWE-20
Improper Input Validation
CVE-2023-30712
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-6.8||MEDIUM
EPSS-0.10% / 28.27%
||
7 Day CHG~0.00%
Published-06 Sep, 2023 | 03:11
Updated-26 Sep, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation in Settings Suggestions prior to SMR Sep-2023 Release 1 allows attackers to launch arbitrary activity.

Action-Not Available
Vendor-SamsungSamsung Electronics
Product-androidSamsung Mobile Devices
CWE ID-CWE-20
Improper Input Validation
CVE-2023-30658
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-8.5||HIGH
EPSS-0.04% / 10.10%
||
7 Day CHG~0.00%
Published-06 Jul, 2023 | 02:51
Updated-24 Oct, 2024 | 15:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation vulnerability in DataProfile prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities.

Action-Not Available
Vendor-SamsungSamsung Electronics
Product-androidSamsung Mobile Devices
CWE ID-CWE-20
Improper Input Validation
CVE-2023-30659
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-6.2||MEDIUM
EPSS-0.04% / 10.57%
||
7 Day CHG~0.00%
Published-06 Jul, 2023 | 02:51
Updated-24 Oct, 2024 | 15:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation vulnerability in Transaction prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities.

Action-Not Available
Vendor-SamsungSamsung Electronics
Product-androidSamsung Mobile Devices
CWE ID-CWE-20
Improper Input Validation
CVE-2023-30664
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-8.5||HIGH
EPSS-0.04% / 10.10%
||
7 Day CHG~0.00%
Published-06 Jul, 2023 | 02:51
Updated-31 Oct, 2024 | 17:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation vulnerability in RegisteredMSISDN prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities.

Action-Not Available
Vendor-SamsungSamsung Electronics
Product-androidSamsung Mobile Devices
CWE ID-CWE-20
Improper Input Validation
CVE-2023-30655
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-8.5||HIGH
EPSS-0.04% / 10.10%
||
7 Day CHG~0.00%
Published-06 Jul, 2023 | 02:51
Updated-24 Oct, 2024 | 16:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation vulnerability in SCEPProfile prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities.

Action-Not Available
Vendor-SamsungSamsung Electronics
Product-androidSamsung Mobile Devices
CWE ID-CWE-20
Improper Input Validation
CVE-2023-30690
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-8.5||HIGH
EPSS-0.04% / 12.54%
||
7 Day CHG~0.00%
Published-04 Oct, 2023 | 03:01
Updated-19 Sep, 2024 | 19:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation vulnerability in Duo prior to SMR Oct-2023 Release 1 allows local attackers to launch privileged activities.

Action-Not Available
Vendor-SamsungSamsung Electronics
Product-androidSamsung Mobile Devices
CWE ID-CWE-20
Improper Input Validation
CVE-2023-30656
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-8.5||HIGH
EPSS-0.04% / 10.10%
||
7 Day CHG~0.00%
Published-06 Jul, 2023 | 02:51
Updated-24 Oct, 2024 | 16:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation vulnerability in LSOItemData prior to SMR Jul-2023 Release 1 allows attackers to launch certain activities.

Action-Not Available
Vendor-SamsungSamsung Electronics
Product-androidSamsung Mobile Devices
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • ...
  • 5
  • 6
  • 7
  • ...
  • 10
  • 11
  • Next
Details not found