Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2020-35553

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-18 Dec, 2020 | 08:44
Updated At-04 Aug, 2024 | 17:09
Rejected At-
Credits

An issue was discovered on Samsung mobile devices with Q(10.0) and R(11.0) (Qualcomm SM8250 chipsets) software. They allows attackers to cause a denial of service (unlock failure) by triggering a power-shortage incident that causes a false-positive attack detection. The Samsung ID is SVE-2020-19678 (December 2020).

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:18 Dec, 2020 | 08:44
Updated At:04 Aug, 2024 | 17:09
Rejected At:
▼CVE Numbering Authority (CNA)

An issue was discovered on Samsung mobile devices with Q(10.0) and R(11.0) (Qualcomm SM8250 chipsets) software. They allows attackers to cause a denial of service (unlock failure) by triggering a power-shortage incident that causes a false-positive attack detection. The Samsung ID is SVE-2020-19678 (December 2020).

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://security.samsungmobile.com/securityUpdate.smsb
x_refsource_MISC
Hyperlink: https://security.samsungmobile.com/securityUpdate.smsb
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://security.samsungmobile.com/securityUpdate.smsb
x_refsource_MISC
x_transferred
Hyperlink: https://security.samsungmobile.com/securityUpdate.smsb
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:18 Dec, 2020 | 09:15
Updated At:18 Dec, 2020 | 18:50

An issue was discovered on Samsung mobile devices with Q(10.0) and R(11.0) (Qualcomm SM8250 chipsets) software. They allows attackers to cause a denial of service (unlock failure) by triggering a power-shortage incident that causes a false-positive attack detection. The Samsung ID is SVE-2020-19678 (December 2020).

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary2.07.8HIGH
AV:N/AC:L/Au:N/C:N/I:N/A:C
Type: Primary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 7.8
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C
CPE Matches
Google LLC
google
>>android>>10.0
cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*
Google LLC
google
>>android>>11.0
cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sm8250>>-
cpe:2.3:h:qualcomm:sm8250:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-920Primarynvd@nist.gov
CWE ID: CWE-920
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://security.samsungmobile.com/securityUpdate.smsbcve@mitre.org
Vendor Advisory
Hyperlink: https://security.samsungmobile.com/securityUpdate.smsb
Source: cve@mitre.org
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

537Records found
CVE-2023-21653
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.09% / 25.85%
||
7 Day CHG~0.00%
Published-05 Sep, 2023 | 06:23
Updated-02 Aug, 2024 | 09:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Reachable Assertion in Modem

Transient DOS in Modem while processing RRC reconfiguration message.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn6855_firmwareqca8337_firmwarewcd9380_firmwaresdx65_firmwareqca8337sdx70m_firmwareqcn6024_firmwarear8035wcn6856_firmwarear8035_firmwaresdx65qcn6024sdx70mqcn9024_firmwarewcd9380qcn9024wcn6855qca8081_firmwareqca8081wcn6856Snapdragonwcn6855_firmwareqca8337_firmwarewcd9380_firmwaresdx65_firmwareqcn9024_firmwaresdx70m_firmwareqca8081_firmwareqcn6024_firmwarewcn6856_firmwarear8035_firmware
CWE ID-CWE-617
Reachable Assertion
CVE-2023-20689
Matching Score-8
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-8
Assigner-MediaTek, Inc.
CVSS Score-7.5||HIGH
EPSS-1.10% / 77.11%
||
7 Day CHG~0.00%
Published-04 Jul, 2023 | 01:44
Updated-04 Dec, 2024 | 16:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan firmware, there is possible system crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664741; Issue ID: ALPS07664741.

Action-Not Available
Vendor-Google LLCMediaTek Inc.The Linux Foundation
Product-mt8765mt8385mt6739androidmt8788mt8321yoctomt8666mt8365mt8167MT6739, MT8167, MT8321, MT8365, MT8385, MT8666, MT8765, MT8788
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-20691
Matching Score-8
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-8
Assigner-MediaTek, Inc.
CVSS Score-7.5||HIGH
EPSS-1.10% / 77.11%
||
7 Day CHG~0.00%
Published-04 Jul, 2023 | 01:44
Updated-04 Dec, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan firmware, there is possible system crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664731; Issue ID: ALPS07664731.

Action-Not Available
Vendor-Google LLCMediaTek Inc.The Linux Foundation
Product-mt8765mt8385mt6739androidmt8788mt8321yoctomt8666mt8365mt8167MT6739, MT8167, MT8321, MT8365, MT8385, MT8666, MT8765, MT8788
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-20693
Matching Score-8
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-8
Assigner-MediaTek, Inc.
CVSS Score-7.5||HIGH
EPSS-1.10% / 77.11%
||
7 Day CHG~0.00%
Published-04 Jul, 2023 | 01:44
Updated-04 Dec, 2024 | 16:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan firmware, there is possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664711; Issue ID: ALPS07664711.

Action-Not Available
Vendor-Google LLCMediaTek Inc.The Linux Foundation
Product-mt6895mt8168mt8765androidmt6739mt8385mt8781mt8788mt6983mt8321yoctomt8666mt8365mt8167mt8195MT6739, MT6895, MT6983, MT8167, MT8168, MT8195, MT8321, MT8365, MT8385, MT8666, MT8765, MT8781, MT8788
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-20690
Matching Score-8
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-8
Assigner-MediaTek, Inc.
CVSS Score-7.5||HIGH
EPSS-1.10% / 77.11%
||
7 Day CHG~0.00%
Published-04 Jul, 2023 | 01:44
Updated-04 Dec, 2024 | 16:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan firmware, there is possible system crash due to an integer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664735; Issue ID: ALPS07664735.

Action-Not Available
Vendor-Google LLCMediaTek Inc.The Linux Foundation
Product-mt8168mt8765androidmt6739mt8385mt8788mt8321yoctomt8666mt8365mt8167MT6739, MT8167, MT8168, MT8321, MT8365, MT8385, MT8666, MT8765, MT8788
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-30344
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.34% / 55.90%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 10:11
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper authorization of a replayed LTE security mode command can lead to a denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaremdm9640_firmwaresm6250p_firmwareqcs610qca8337wcd9360_firmwaresdx65mdm9645wcn3950_firmwareqcs2290qca6595au_firmwaresd_675_firmwareqcs6125_firmwaresa415mwcn3998sd_8cx_gen2_firmwarewcn3950mdm9628sd720gmdm9206_firmwareqsw8573_firmwaresd_8_gen1_5g_firmwaresm6375_firmwarewcn3660bsd460_firmwaresm7315_firmwareqca6574au_firmwarewcd9375_firmwarewcn3998_firmwareqca8081_firmwaresdx12_firmwaremsm8909wapq8009w_firmwareqca6420apq8053_firmwarewcd9360sd680_firmwareqca9367_firmwaremdm8207sd_8cx_gen2qcs6125qca4004_firmwaresd662_firmwareqca6430wcd9306_firmwarewcd9340mdm9625_firmwarequalcomm215_firmwaresd765gsw5100qca6436sd680wcn6851mdm9250_firmwarewcd9341mdm9655qca6696_firmwaresd750gsd870_firmwarewcn3910_firmwaremdm9207_firmwareqca4004wsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwarewcn3988sd660_firmwaresm8475wcn6750_firmwarewcn3610mdm9640sm6375wcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwaresdm429wmsm8996au_firmwaresw5100pwcd9330qca6564ausdx55m_firmwarewcn6856_firmwareqet4101_firmwareqca6574wcd9380qualcomm215qcs410sd690_5g_firmwaresdx24_firmwareqca6430_firmwarewcd9335_firmwarewcn3980sd439_firmwareqsw8573wcd9340_firmwarewsa8815wcn6850sd7cwcn3910qca6584_firmwaremdm9650_firmwaremdm9215_firmwareqca6426_firmwarewcn3660b_firmwarewcn3980_firmwaresd730wcd9330_firmwaresdx55mwcn6740_firmwarear6003_firmwaremsm8953sd678_firmwarewcn6851_firmwareqca6564a_firmwareapq8009wqcm4290_firmwaresd480sd870wcn6855sw5100p_firmwaresd210_firmwareqcs610_firmwaresdxr1apq8096aumdm8207_firmwaremdm9205_firmwareqca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55sd888_firmwareapq8053sd675sd439qet4101ar8035_firmwareqcm2290wcn3991_firmwaremdm9150_firmwarewsa8830sd678qcs2290_firmwaresd7c_firmwarecsrb31024mdm9628_firmwaremdm9650qcs4290mdm9250sd765g_firmwareqca6420_firmwareqca6390_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwareqca6426qca6584au_firmwarewcn3990_firmwareqca9377sdw2500_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwaresd662qca6584wcn3680b_firmwaresdx55_firmwareqca6595auwcn3615sm7250p_firmwarewcn3610_firmwareqca6436_firmwaremdm9207qca6564au_firmwareqca6584ausd778gwcd9306sa515m_firmwareqcs6490sd429sdxr2_5gqca9367mdm9607_firmwaremdm9655_firmwaresa415m_firmwarewcn3988_firmwaresd205sd429_firmwaresm6250sd778g_firmwareapq8017_firmwarewsa8810_firmwaresd765_firmwarewcd9326wcd9335qca8081qca6174a_firmwareqcs4290_firmwarewcd9385qcs6490_firmwaremdm9625ar8035qca6390sd750g_firmwareaqt1000wcd9375sm6250_firmwaremsm8953_firmwaresda429wsd210wcn3620_firmwaresdx20_firmwareqcm6490sd888_5g_firmwarewcn6850_firmwarewcn3620wsa8815_firmwarewsa8835_firmwareapq8017qcx315qca6564aar6003qcm6125_firmwareqcm2290_firmwaremdm9635m_firmwarewcn3990sd_675sd780gsd865_5gsdx24sd888msm8909w_firmwareqcx315_firmwaremsm8996ausdm429w_firmwarewsa8835sd665_firmwaresd888_5gsm6250pqca6574amdm9206wcn6855_firmwareqca6174asm7325pwcn6750mdm9635mmdm9615mdm9205sa515mqca6574_firmwaresd855sm7325p_firmwaresd665sd765qca6574a_firmwaresd768g_firmwaresd850_firmwaresm7315sd460qca6391sdxr1_firmwareaqt1000_firmwaresdx65_firmwareqcm4290csrb31024_firmwareqcm6490_firmwaresdx20sd480_firmwaremdm9215qca6574aumdm9607sd205_firmwaremdm9645_firmwarewcd9341_firmwareqcm6125wsa8810mdm9150wcn6856wcn3680bsd768gwcn6740qca6696sdw2500apq8096au_firmwaremdm9615_firmwaresm7250psd720g_firmwaresdx12sw5100_firmwareqcs410_firmwaresd850Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2019-9430
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.5||HIGH
EPSS-0.50% / 64.95%
||
7 Day CHG~0.00%
Published-27 Sep, 2019 | 18:05
Updated-04 Aug, 2024 | 21:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Bluetooth, there is a possible null pointer dereference due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-109838296

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2019-9425
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.5||HIGH
EPSS-0.50% / 64.89%
||
7 Day CHG~0.00%
Published-27 Sep, 2019 | 18:05
Updated-04 Aug, 2024 | 21:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-110846194

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-9285
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.5||HIGH
EPSS-0.50% / 64.89%
||
7 Day CHG~0.00%
Published-27 Sep, 2019 | 18:05
Updated-04 Aug, 2024 | 21:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-111215315

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-9397
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.5||HIGH
EPSS-0.50% / 64.89%
||
7 Day CHG~0.00%
Published-27 Sep, 2019 | 18:05
Updated-04 Aug, 2024 | 21:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Bluetooth, there is possible controlled termination due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115747410

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-20
Improper Input Validation
CVE-2019-9402
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.5||HIGH
EPSS-0.50% / 64.89%
||
7 Day CHG~0.00%
Published-27 Sep, 2019 | 18:05
Updated-04 Aug, 2024 | 21:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Bluetooth, there is possible controlled termination due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115372550

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-20
Improper Input Validation
CVE-2025-27029
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.06% / 17.17%
||
7 Day CHG~0.00%
Published-03 Jun, 2025 | 05:53
Updated-20 Aug, 2025 | 20:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN HAL

Transient DOS while processing the tone measurement response buffer when the response buffer is out of range.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm8735_firmwareipq5312_firmwarewcn7880_firmwaresm8750p_firmwareqcn6422_firmwareqca8101ipq5332wcd9395wsa8845h_firmwaresm8750ipq5424_firmwareqcn9274_firmwareipq9048qca8084_firmwarewcd9378qca8082_firmwareqca0000_firmwaresm6650_firmwareipq9008wsa8835_firmwareipq5312qcn6402_firmwareqcn5224_firmwaresnapdragon_8_gen_3_mobile_platformsm7635wcn7861_firmwarewsa8840_firmwareqcn6432_firmwarewcn6450qca8085_firmwareqca8080_firmwareimmersive_home_326_platform_firmwareqca8102wcn7861qca8112wsa8845_firmwareipq5302ipq5302_firmwareqca8384qcn5124_firmwareqca8082qca8385_firmwareipq9554_firmwareimmersive_home_326_platformipq9048_firmwareqcn9074_firmwareqca8112_firmwaresm8750pwcn6755_firmwareqca8080qca8075qca8084qcn6402wcn7750ipq9570qca8075_firmwareqmp1000qcn9000_firmwareipq9570_firmwareqcn9160ipq5300qca8085wcd9395_firmwarewsa8830_firmwaresm6650wsa8832_firmwareqca8384_firmwareipq5424wsa8835wsa8845wsa8840fastconnect_7800snapdragon_8_gen_3_mobile_platform_firmwareqca8081_firmwarewsa8830wsa8832qcn5224qca8102_firmwareqcn6432qxm8083wcn7860qcn6412_firmwareqcn5124wcn6650_firmwareimmersive_home_3210_platformqca8385qca8386_firmwarewcn7860_firmwareqcn9160_firmwaresm8750_firmwarewcn6755wsa8845hwcd9390_firmwareqcf8001_firmwareqcn9012qcf8000_firmwarewcn6650wcn7881_firmwareqca8101_firmwaresm6650pipq9008_firmwarewcd9390ipq9574qcf8000qcn9074qcn6422fastconnect_7800_firmwareqca8081wcn7880ipq9574_firmwarewcn6450_firmwareqca8386sm6650p_firmwareqcn9024_firmwareqca8111sm8735qcn9274qcn6412qcn9024ipq5300_firmwarewcn7881qxm8083_firmwareqmp1000_firmwarewcd9378_firmwareimmersive_home_3210_platform_firmwareqca0000ipq9554sm7635_firmwareipq5332_firmwareqca8111_firmwareqcn9012_firmwareqcn9000wcn7750_firmwareqcf8001Snapdragon
CWE ID-CWE-126
Buffer Over-read
CVE-2025-27057
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.05% / 16.20%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 12:49
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Host

Transient DOS while handling beacon frames with invalid IE header length.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm8550_firmwareimmersive_home_214wcn6650ipq9574qcn9000_firmwareqca6595sm8735qcn9022wcd9335ipq6028_firmwarewcd9370qca8081_firmwareqcn5224qca6696qam8620p_firmwarewcn7880_firmwarewcd9340_firmwaresa8530pwcd9341_firmwareipq5028_firmwarewcd9395_firmwaresxr2330p_firmwareqcn6024wcn7881_firmwarewcn7750wcn6450qcc2073_firmwareqcc710_firmwareipq8076fastconnect_6700qcn6422_firmwareipq6018_firmwareqcn6023qcn5124_firmwarewsa8832_firmwareqca8337wcd9395ipq9048ipq6000qca6574au_firmwareipq8078asnapdragon_x72_5g_modem-rfipq8078a_firmwareqam8295pwcd9341ipq5312wcd9390qca6574ausa8620p_firmwarewsa8845h_firmwaresa9000p_firmwaresrv1hqcn9100_firmwaresm8650q_firmwareqcn5122qcs9100qca6554aqcs5430wcn7860qcn6024_firmwareqcm5430qcm5430_firmwaresa8770pqcn9000ssg2115pqca8111qcc710qcn6132_firmwaresa8540pqca8101qca6777aqfastconnect_6900qcn6402qcn6432immersive_home_326_firmwareipq5332_firmwaresa7255psm8635qcn5052qfw7114wcd9385_firmwareipq9574_firmwareqam8255p_firmwareipq8074a_firmwareipq8076aqcn5164snapdragon_x65_5g_modem-rfqca6787aqwsa8845sa6155pqcn9160qca6564au_firmwarecsr8811_firmwareqca8075qam8650pvideo_collaboration_vc5_platform_firmwaresa9000psrv1h_firmwareqca8085qca6595ausxr2250p_firmwaresa6155p_firmwarewsa8840snapdragon_ar1_gen_1srv1m_firmwareqcs8550_firmwareqca6698ausnapdragon_8_gen_2_mobile_firmwareqfw7124_firmwaresm8750pqcn9012ipq8070a_firmwareqcn9070qcf8001wcn3910_firmwareqca8384sw-only_firmwareqca8084sm8635psnapdragon_8_gen_2_mobileqca8112qmp1000wcn3910sdx65mwcd9370_firmwareqcc2076qca8102sa7255p_firmwaresnapdragon_x72_5g_modem-rf_firmwareqca6574asm7635p_firmwareipq9570snapdragon_8\+_gen_2_mobilesa8195pwcd9340qcs8250_firmwareqcm2290snapdragon_auto_5g_modem-rf_gen_2qcm6490ipq5302sa8540p_firmwareqcn6122_firmwareqcn5154_firmwareipq9048_firmwaresxr2250psm8550p_firmwareqcm8550qcn5122_firmwareqcn9274qcn9024ipq8076a_firmwareqca8384_firmwareqca6574sa8775pipq9570_firmwaresxr2230p_firmwareqca6777aq_firmwareqca6698au_firmwareqcn9011sa8775p_firmwareqamsrv1hqcn6412_firmwarewsa8845hqcn9024_firmwareqca8082sm8650qqcm2290_firmwaresa8155p_firmwaresa8155pwsa8830ipq5312_firmwaresm8550pqcf8000_firmwareqcn9074_firmwareipq8174immersive_home_318_firmwareqcn6122sa8255p_firmwaresm7675_firmwareqcc2073ipq8174_firmwarear8035sm7635_firmwareipq8072aqamsrv1m_firmwarewcn7750_firmwaresa8650p_firmwareimmersive_home_216_firmwarewcn6450_firmwaresm7635pimmersive_home_316qcf8000sfp_firmwaresrv1l_firmwareqcs9100_firmwareqcn6224ipq8071aqcs615qcn6112ssg2125p_firmwarewcn3950_firmwareqxm8083qca6698aqsa7775p_firmwareqca8112_firmwaresa8530p_firmwaresm7635wcd9378sm8635p_firmwaresm6650p_firmwarefastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwarewcn3990qcn6023_firmwareqcn5164_firmwaresnapdragon_x75_5g_modem-rf_firmwareqca8102_firmwareipq8078snapdragon_8_gen_3_mobileqcs6490qcs8250ipq9554_firmwareqcn9072wsa8830_firmwareqcn6224_firmwareqca6678aq_firmwareqca8386_firmwarewsa8845_firmwarewsa8832qca8082_firmwarewcd9378_firmwareqcc2076_firmwaresrv1limmersive_home_216srv1msm7675pqca6678aqqcn6432_firmwarear8035_firmwareqcn5022_firmwarewcn7860_firmwaresc8380xpqca4024_firmwareipq9008ipq9554qca6564auipq9008_firmwareqcn9074ipq5300_firmwareqca8111_firmwaresa8195p_firmwareqca8337_firmwareqca9888ipq5332sg8275p_firmwareipq8173qcm6490_firmwareipq8072a_firmwareipq6010_firmwarevision_intelligence_400_firmwarewcn3950qcn6112_firmwareqca8385sm8750snapdragon_auto_5g_modem-rf_gen_2_firmwareqca6797aq_firmwareipq5028qca8085_firmwareqcf8001_firmwareqcn9070_firmwaresa8295p_firmwaresw-onlyqcn9022_firmwareipq5010_firmwareqcn6132qca8101_firmwareipq6018qcn9160_firmwareqca6584auqcn6274_firmwarewcn6755_firmwareqcn9011_firmwarewcn6650_firmwaresc8380xp_firmwareipq5424snapdragon_8_gen_3_mobile_firmwareqcn5224_firmwareqfw7114_firmwareqca4024qcs7230qca6595_firmwarefastconnect_7800_firmwareqcn6422immersive_home_214_firmwareipq5302_firmwareqxm8083_firmwareipq5300ipq8070asm8635_firmwarefastconnect_6900_firmwarewcd9380qam8255psxr2230pqca8080qmp1000_firmwarewcn7880sxr2330pwcn6755qca8075_firmwareimmersive_home_3210qcf8000qcn5052_firmwaresxr1230pwcn7881sm6650ipq6010sdx65m_firmwarevideo_collaboration_vc3_platformqca8385_firmwaresm6650pqca6688aqqam8295p_firmwareqcn6402_firmwarewcn3990_firmwareqca6698aq_firmwareqcs2290wcd9385qcs2290_firmwareqca8084_firmwareipq5424_firmwaresa8255pqcs7230_firmwaresxr1230p_firmwarewcd9390_firmwareqcn5024qcs615_firmwaresg8275psdx55_firmwareimmersive_home_326ipq8071a_firmwaresm8750_firmwaressg2125pqca6554a_firmwareqca8080_firmwareipq6028snapdragon_x65_5g_modem-rf_firmwareqcn9100qamsrv1mwcn7861_firmwarewcn7861qam8650p_firmwarevideo_collaboration_vc5_platformqcs6490_firmwaresm6650_firmwareipq8076_firmwareqam8620pwcd9335_firmwareqca6584au_firmwareqcn5152_firmwareqcn6274qfw7124wsa8835wsa8840_firmwareqca6391_firmwareqca6595au_firmwareqcs8300_firmwareqca6696_firmwareqcs8300wcd9380_firmwareqca6574_firmwareqca8081qcn5124qam8775psnapdragon_ar2_gen_1_firmwareqca6797aqqcn5152snapdragon_x75_5g_modem-rfqcn6412sa8620pqca6574a_firmwaresdx55qcn9072_firmwareqca9888_firmwareipq8074aimmersive_home_3210_firmwareqca9889qcn5024_firmwarewcd9375_firmwareqca6787aq_firmwareqca8386snapdragon_ar1_gen_1_firmwareqca6391immersive_home_318ipq5010qcn9274_firmwaresa7775pipq8173_firmwareqcs5430_firmwareqcn9012_firmwaresa8770p_firmwaresa8295pqcs8550ipq6000_firmwaresm8735_firmwarefastconnect_7800sa8650pqam8775p_firmwaresm8750p_firmwarewcd9375snapdragon_8\+_gen_2_mobile_firmwareipq8078_firmwareqca6688aq_firmwareqca9889_firmwaresnapdragon_ar2_gen_1immersive_home_316_firmwareqamsrv1h_firmwaresm7675qcn5154vision_intelligence_400wsa8835_firmwaressg2115p_firmwarecsr8811qcn5022sm7675p_firmwareqcf8000sfpSnapdragon
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2025-27065
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.05% / 14.49%
||
7 Day CHG~0.00%
Published-06 Aug, 2025 | 07:26
Updated-20 Aug, 2025 | 19:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Firmware

Transient DOS while processing a frame with malformed shared-key descriptor.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm8735_firmwareipq5312_firmwareqca6574sm8750p_firmwaressg2115p_firmwaresa7255psa7775pqam8650p_firmwareipq5332wcd9395sxr2330pwsa8845h_firmwareipq5424_firmwareipq9048qca8084_firmwarewcd9378qca8082_firmwareqca6595_firmwareqca0000_firmwareqca6678aqqcc2073_firmwaresnapdragon_865_5g_mobile_platform_firmwareipq9008wsa8835_firmwareqca6698aq_firmwareqcn6402_firmwaresnapdragon_ar2_gen_1_platformsnapdragon_8_gen_3_mobile_platformsm7635qca6426qamsrv1h_firmwareqcn6432_firmwarewcn6450qca6574a_firmwareqca8085_firmwaresxr2230p_firmwaresxr2250p_firmwareqfw7124snapdragon_865_5g_mobile_platformwcd9370qca8337qca8102snapdragon_8\+_gen_2_mobile_platformqca6436_firmwarewcn7861snapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)_firmwareqca8112fastconnect_6800_firmwarewsa8815_firmwarewsa8845_firmwareipq5302qca6391_firmwareqcc2073wcd9375sd_8_gen1_5gqca8384qcn6274_firmwareqcn5124_firmwareqca6564ausnapdragon_870_5g_mobile_platform_\(sm8250-ac\)_firmwareimmersive_home_326_platformqcc2076_firmwareqca6574ausnapdragon_x75_5g_modem-rf_systemqcn9074_firmwareqca6584au_firmwareqamsrv1m_firmwaresnapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)sa9000pqca8112_firmwaresm8750psnapdragon_ar1_gen_1_platform_firmwareqca8080sm7675qca6688aqwcn7750qca6787aq_firmwareqca6554a_firmwareqca6584ausc8380xpqca8075_firmwareqmp1000qam8255p_firmwareqcn9011qca6787aqqca6688aq_firmwareipq5300qca8085wcd9380_firmwaresd_8_gen1_5g_firmwareqca6574aqca6797aq_firmwarewsa8830_firmwareqcs8550wsa8832_firmwareqca8384_firmwareqcs8550_firmwaressg2125psnapdragon_xr2_5g_platformqcm8550qcm8550_firmwareipq5424wsa8835qca8081_firmwarefastconnect_6800qcn5224qca6426_firmwareqcn6224qca8102_firmwarewcn7860qxm8083sa8620p_firmwaresd865_5g_firmwareqca6595au_firmwareqca6696_firmwarewcd9385_firmwareimmersive_home_3210_platformwcn6740wcd9370_firmwaresm8650q_firmwarewsa8815qca6574au_firmwaresm8750_firmwarewcn6755qca6595ausa7775p_firmwaresa8255pwsa8845hwcd9390_firmwarewsa8810snapdragon_x75_5g_modem-rf_system_firmwarewcn6650qca8101_firmwaresnapdragon_ar1_gen_1_platform_\"luna1\"ipq9008_firmwareipq9574sa8775p_firmwaresrv1h_firmwareqcn9074fastconnect_7800_firmwareqca8081wcd9340_firmwareipq9574_firmwareqca8386sm6650p_firmwareqca8111sm8735sm8650qqcn9024wcn7881qxm8083_firmwaresm8635pqmp1000_firmwareqca0000ssg2115pipq5332_firmwarewcn6755_firmwareqcn9000qcn6224_firmwareqam8255pwcn7880_firmwaresnapdragon_ar1_gen_1_platformsm8635p_firmwareqam8775p_firmwarewsa8810_firmwareqcn6422_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwareqca8101qca6678aq_firmwareqca6696sm8550pqcc710sm8750qca6391qcn9274_firmwareqam8775psm6650_firmwareqca6554aipq5312snapdragon_ar2_gen_1_platform_firmwareqcn5224_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqca6777aq_firmwaresnapdragon_xr2_5g_platform_firmwaresxr2250pwcn7861_firmwaresnapdragon_x72_5g_modem-rf_system_firmwaressg2125p_firmwarewsa8840_firmwareqcc710_firmwaresa8620pqca8080_firmwareimmersive_home_326_platform_firmwaresxr2330p_firmwaresm8550p_firmwarewcd9380fastconnect_6900_firmwaresnapdragon_8_gen_1_mobile_platform_firmwaresrv1m_firmwareqam8650psm7675_firmwareipq5302_firmwaresxr1230p_firmwareqca8082sm7675pqca8385_firmwareipq9554_firmwareipq9048_firmwareqamsrv1hsnapdragon_8_gen_1_mobile_platformqca6777aqqamsrv1msxr2230pqca8084qca8075qcn6402sa9000p_firmwaresm7675p_firmwareipq9570sm8635_firmwareqcc2076qcn9000_firmwareipq9570_firmwarear8035qcn9160snapdragon_ar1_gen_1_platform_\"luna1\"_firmwarewcd9395_firmwarewcn6740_firmwarewcd9375_firmwaresm6650sa8255p_firmwarear8035_firmwarewsa8845sa8775psrv1hfastconnect_7800wsa8840snapdragon_8_gen_3_mobile_platform_firmwareqca8337_firmwarewsa8830wsa8832snapdragon_8_gen_2_mobile_platformsrv1mqcn6432sxr1230pwcd9385qcn6412_firmwareqcn5124sa8650p_firmwaresnapdragon_auto_5g_modem-rf_gen_2wcn6650_firmwaresnapdragon_x72_5g_modem-rf_systemqca8385qca6436sa7255p_firmwareqca8386_firmwarewcn7860_firmwareqcn9160_firmwaresm8635sc8380xp_firmwareqcf8001_firmwareqcn9012qcf8000_firmwareqca6797aqsnapdragon_870_5g_mobile_platform_\(sm8250-ac\)qcn6274wcn7881_firmwareqfw7114sm6650pqfw7114_firmwarewcd9340wcd9390qcf8000sa8770p_firmwareqcn6422qca6564au_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresd865_5gqca6595wcn7880wcn6450_firmwarefastconnect_6900qcn9024_firmwareqcn9274qcn9011_firmwareqcn6412ipq5300_firmwaresa8650psa8770pwcd9378_firmwareqca6574_firmwareqca6698aqimmersive_home_3210_platform_firmwareipq9554qfw7124_firmwaresm7635_firmwareqca8111_firmwareqcn9012_firmwarewcn7750_firmwareqcf8001Snapdragon
CWE ID-CWE-126
Buffer Over-read
CVE-2019-9401
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.5||HIGH
EPSS-0.50% / 64.89%
||
7 Day CHG~0.00%
Published-27 Sep, 2019 | 18:05
Updated-04 Aug, 2024 | 21:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Bluetooth, there is possible controlled termination due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-115375248

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-20
Improper Input Validation
CVE-2019-9394
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.5||HIGH
EPSS-0.50% / 64.89%
||
7 Day CHG~0.00%
Published-27 Sep, 2019 | 18:05
Updated-04 Aug, 2024 | 21:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Bluetooth, there is possible controlled termination due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-116351796

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-20
Improper Input Validation
CVE-2019-9389
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.5||HIGH
EPSS-0.50% / 64.89%
||
7 Day CHG~0.00%
Published-27 Sep, 2019 | 18:05
Updated-04 Aug, 2024 | 21:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-117567058

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-18670
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.11% / 30.64%
||
7 Day CHG~0.00%
Published-07 Apr, 2020 | 14:45
Updated-05 Aug, 2024 | 21:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) software. android.intent.action.SIOP_LEVEL_CHANGED allows a serializable intent reboot. The Samsung ID is SVE-2017-8363 (May 2017).

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidn/a
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2017-18674
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.12% / 32.42%
||
7 Day CHG~0.00%
Published-07 Apr, 2020 | 14:38
Updated-05 Aug, 2024 | 21:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung mobile devices with N(7.0) software. The time service (aka Timaservice) allows a kernel panic. The Samsung ID is SVE-2017-8593 (May 2017).

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2017-18685
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.12% / 32.42%
||
7 Day CHG~0.00%
Published-07 Apr, 2020 | 14:16
Updated-05 Aug, 2024 | 21:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) software. The InputMethod application can cause a system crash via a malformed serializable object in an Intent. The Samsung ID is SVE-2016-7123 (February 2017).

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2017-18664
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.11% / 30.70%
||
7 Day CHG~0.00%
Published-07 Apr, 2020 | 15:33
Updated-05 Aug, 2024 | 21:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), and M(6.0) software. There is a NULL pointer exception in PersonManager, causing memory corruption. The Samsung ID is SVE-2017-8286 (June 2017).

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2017-18682
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.12% / 32.42%
||
7 Day CHG~0.00%
Published-07 Apr, 2020 | 14:24
Updated-05 Aug, 2024 | 21:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.0) software. Because of incorrect exception handling and an unprotected intent, AudioService can cause a system crash, The Samsung IDs are SVE-2017-8114, SVE-2017-8116, and SVE-2017-8117 (March 2017).

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidn/a
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2017-18679
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.12% / 32.42%
||
7 Day CHG~0.00%
Published-07 Apr, 2020 | 14:30
Updated-05 Aug, 2024 | 21:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung mobile devices with M(6.0) software. SLocation can cause a system crash via a call to an API that is not implemented. The Samsung ID is SVE-2017-8285 (April 2017).

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2017-18675
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.11% / 30.64%
||
7 Day CHG~0.00%
Published-07 Apr, 2020 | 14:37
Updated-05 Aug, 2024 | 21:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) (Exynos7420 or Exynox8890 chipsets) software. The Camera application can leak uninitialized memory via ion. The Samsung ID is SVE-2016-6989 (April 2017).

Action-Not Available
Vendor-n/aGoogle LLCSamsung
Product-androidexynox_8890exynos_7420n/a
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2017-18650
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.11% / 30.64%
||
7 Day CHG~0.00%
Published-07 Apr, 2020 | 15:53
Updated-05 Aug, 2024 | 21:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung mobile devices with N(7.x) software. There is a WifiStateMachine IllegalArgumentException and reboot if a malformed wpa_supplicant.conf is read. The Samsung ID is SVE-2017-9828 (October 2017).

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidn/a
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CVE-2017-18651
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.11% / 30.64%
||
7 Day CHG~0.00%
Published-07 Apr, 2020 | 15:51
Updated-05 Aug, 2024 | 21:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung mobile devices with M(6.x) and N(7.x) software. There is an Integer Overflow in process_M_SetTokenTUIPasswd during handling of a trusted application, leading to memory corruption. The Samsung IDs are SVE-2017-9008 and SVE-2017-9009 (October 2017).

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2017-18663
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.11% / 30.64%
||
7 Day CHG~0.00%
Published-07 Apr, 2020 | 15:35
Updated-05 Aug, 2024 | 21:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung mobile devices with N(7.x) software. Because of missing Intent exception handling, system_server can have a NullPointerException with a crash of a system process. The Samsung IDs are SVE-2017-9122, SVE-2017-9123, SVE-2017-9124, and SVE-2017-9126 (July 2017).

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidn/a
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2022-25735
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.14% / 35.45%
||
7 Day CHG~0.00%
Published-09 Feb, 2023 | 06:58
Updated-03 Aug, 2024 | 04:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Null Pointer Dereference in MODEM

Denial of service in modem due to missing null check while processing TCP or UDP packets from server

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwarewsa8830ssg2125psxr2230p_firmwarewcd9330wcn6856_firmwarecsra6620qca4024_firmwarewsa8835sxr1230p_firmwarewcd9380csra6620_firmwaressg2125p_firmwaressg2115pmdm9206csra6640_firmwarewcn6855_firmwaresxr1230pwcd9335_firmwarewcn3980wcn3998wcd9385_firmwaremdm9205mdm9206_firmwarewsa8815sxr2230pqca4020wcn7850wcn3999_firmwarewcn3998_firmwarewcn3980_firmwarewcd9330_firmwaremdm9207wcd9306mdm8207wcn3999wcn7851ar8031_firmwarewsa8832_firmwareqca4004_firmwaremdm9607_firmwareqcs405qts110mdm9607wcd9306_firmwarewsa8810_firmwarewsa8810wsa8832qca4020_firmwarewcn6855wcd9335wcn7851_firmwarewcn6856wcd9385ar8031qcs405_firmwaremdm8207_firmwaremdm9205_firmwareqca4024mdm9207_firmwareqca4004csra6640wsa8830_firmwarewsa8815_firmwarewsa8835_firmwarewcn7850_firmwaressg2115p_firmwareqts110_firmwareSnapdragonwcd9380_firmwaresxr2230p_firmwarear8031_firmwarewsa8832_firmwarewcn6856_firmwareqca4004_firmwaremdm9607_firmwareqca4024_firmwarewcd9306_firmwaresxr1230p_firmwarewsa8810_firmwareqca4020_firmwaressg2125p_firmwarecsra6620_firmwarewcn7851_firmwarewcn6855_firmwarecsra6640_firmwareqcs405_firmwarewcd9335_firmwaremdm8207_firmwaremdm9205_firmwarewcd9385_firmwaremdm9206_firmwaremdm9207_firmwarewsa8830_firmwarewsa8815_firmwarewsa8835_firmwarewcn7850_firmwaressg2115p_firmwarewcn3999_firmwarewcn3998_firmwarewcn3980_firmwarewcd9330_firmwareqts110_firmware
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2022-25685
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.14% / 34.60%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in Modem module due to improper authorization while error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwarewcd9340_firmwarewcn3615_firmwareqca6595au_firmwareqca6310sd429_firmwaresd730apq8037_firmwareapq8009qca6174a_firmwaresd_675_firmwaresd855_firmwaresd662_firmwarewcd9371sdx50mqcs405_firmwareqcn6024_firmwareqcs6490sdx55sd460_firmwareqca6696qca6421wcn3610_firmwarewcn7850qca6426_firmwaremsm8937qcm4290_firmwarewcn3660bsd820sd720gwcn3660b_firmwaresd665_firmwaresd460sd205_firmwarewcd9360_firmwarewsa8830sd768gwcn6740_firmwarewcn6856wsa8815qca6390sda429w_firmwaresdx50m_firmwarewcn3680bsd480wcn7851_firmwaresw5100sd855wcn3620_firmwareqcs6490_firmwarewcd9340wcn6850sdx55_firmwarewcn3950msm8608qca6320_firmwareapq8037sdxr2_5g_firmwareqcm6490qcn6024qca6174awcd9335sd7c_firmwaresd765g_firmwaresd835qca6574awcn3680b_firmwaremsm8108_firmwaresd865_5g_firmwareqca6421_firmwareapq8017_firmwareqcm6125_firmwareqca6574au_firmwaresd662sdm429w_firmwaresd835_firmwarewcn6750qcs610_firmwaresm7325pmsm8917_firmwaresd695_firmwareqcm2290_firmwareqcc5100wcd9380sd_675qcm4290msm8108qcs405csra6640msm8208qca6431_firmwaresd480_firmwaresd695sd730_firmwareqca8081wcd9375_firmwarear8035_firmwaresd888sm7315_firmwaresm7325p_firmwarewcn6856_firmwaresd870aqt1000qca6390_firmwarear8035qcn9024_firmwarewcn6855_firmwarewcd9360wcn6855sd780g_firmwareqcx315_firmwaresdx65_firmwareqcm2290wcn3910sd870_firmwareqcm6490_firmwaresm6250sa515mqca6431sa515m_firmwareqca6595auwcd9370sd821_firmwareqcs4290_firmwaresd888_firmwarewcn3990wcn3980sd429sd439_firmwaresd690_5gsm7315qca8081_firmwaresd765_firmwaresd720g_firmwaresd765gwsa8835sdx55mmsm8208_firmwaremsm8917wcn3998wcn6850_firmwaresm6250pqca8337_firmwarewsa8810_firmwarewcn3991_firmwarewsa8815_firmwareqcs2290sd820_firmwarewcn6740msm8608_firmwaresd7cwcd9385qca6436sd678qca6574auwcn7850_firmwaresdx65wcd9385_firmwarewcn6750_firmwareqcs410_firmwarewsa8810sd210sd680sd888_5gsw5100p_firmwareaqt1000_firmwarewsa8835_firmwaresd678_firmwarewcd9335_firmwareqcs6125sm7250p_firmwareapq8009_firmwareqca6391qcn9024wcn3991csra6620wcn3998_firmwarecsra6640_firmwarewcn6851sd778g_firmwarewcd9370_firmwaresd675sd439sd675_firmwareqca6574a_firmwaresd665sda429wsdx57mqcx315qcc5100_firmwaresd210_firmwaresd888_5g_firmwarewsa8830_firmwareqca6320qcm6125qca8337sd_8_gen1_5g_firmwaresm6250_firmwaresdxr2_5gwcd9341wcn3980_firmwareqcs2290_firmwarewcn6851_firmwaresdm429wwcd9326qcs610sd680_firmwareqca6391_firmwaresd205wcd9326_firmwaresm7250pcsra6620_firmwaremsm8937_firmwarewcn3610wcn3910_firmwaremsm8209apq8017sw5100_firmwarewcd9375sd750g_firmwareqca6696_firmwaresm6250p_firmwaresd865_5gsd780gsdx57m_firmwareqca6426sdx55m_firmwaresd690_5g_firmwareqcs6125_firmwaresm8475sd778gwcd9371_firmwarewcn3950_firmwarewcn3988wcn3990_firmwarewcn3615sd750gwcn3620sd765sd768g_firmwarewcn3988_firmwarewcn7851qca6310_firmwareqcs4290msm8209_firmwaresw5100pqca6436_firmwarewcd9341_firmwaresd821qcs410Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-287
Improper Authentication
CVE-2022-25672
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.19% / 41.10%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in MODEM due to reachable assertion while processing SIB1 with invalid Bandwidth in Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwareqca8081_firmwarewsa8835wcn3998qcn6024_firmwareqca8337_firmwarewsa8810_firmwarewsa8815_firmwaresd695_firmwarewcd9380wcn7850wcd9385wcn7850_firmwaresd695sdx65wcd9385_firmwaresd480_firmwaresm4375wcd9375qca8081wcd9375_firmwarear8035_firmwarewsa8810wcn6856_firmwarewsa8830wcn6856wsa8815sm8475wcn3988wsa8835_firmwaresd480sm4375_firmwarewcn7851_firmwarear8035qcn9024_firmwarewcn6855_firmwareqcn9024wcn3998_firmwarewcn6855wcn3988_firmwarewcd9370_firmwarewcn7851sdx65_firmwareqcn6024wsa8830_firmwarewcd9370qca8337sd_8_gen1_5g_firmwareSnapdragon Mobile
CWE ID-CWE-617
Reachable Assertion
CVE-2022-25669
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.28% / 50.67%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 05:25
Updated-03 Aug, 2024 | 04:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in video due to buffer over read while parsing MP4 clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresm6250p_firmwareqcs610wcn3950_firmwareqca6595au_firmwaresa6155qca6335csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwarewcn3998wcd9371_firmwarewcn3950sm4125mdm9628sd720gmdm9206_firmwaresd_8_gen1_5g_firmwarewcn3660bsd710_firmwaresd460_firmwareqca4020sm7315_firmwarewcn7850qca6574au_firmwarewcd9375_firmwarewcn3998_firmwaresa6155_firmwaremsm8909wapq8009w_firmwareqca6420apq8053_firmwaresm7450_firmwaresd680_firmwareqca9367_firmwarewcn3999sa8155_firmwaresd662_firmwareqcs405qca6430wcd9340qualcomm215_firmwaresd765gsw5100qca4020_firmwareqca6436sd680sa6155pwcn6851qcs603_firmwarewcn7851_firmwaremdm9250_firmwarewcd9341qca6696_firmwarewcd9371sd750gsd870_firmwarewcn3910_firmwarewsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwarewcn3988sd660_firmwarewcn7850_firmwaresa8195p_firmwaresm8475wcn6750_firmwarewcn3610wcn3991wcd9380_firmwaresdm429wmsm8996au_firmwaresw5100pwcd9330qca6564ausdx55m_firmwarewcn6856_firmwaresd670_firmwareqca6574wcd9380qualcomm215qcs410sd690_5g_firmwaresdx50m_firmwareqca9379_firmwareqca6430_firmwarewcd9335_firmwarewcn3980sd439_firmwareqca6335_firmwareqcs605wcd9340_firmwarewsa8815wcn6850wcn3910qca6320mdm9650_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680sd835wcn3980_firmwaresd730wcd9330_firmwaresdx55msm8475_firmwarewcn6740_firmwaremsm8953sd678_firmwarear8031_firmwarewcn3680_firmwarewcn6851_firmwareqcs603sd_636_firmwaresd670qca6564a_firmwareapq8009wqcm4290_firmwaresd480sd870wcn6855wsa8832sw5100p_firmwareqcs610_firmwaresa6145psdxr1apq8096auar8031qcs405_firmwareqca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55sd888_firmwareapq8053sa8155pcsra6640sd675sd439sm8475p_firmwareqca9379wcn3991_firmwarewsa8830sd678mdm9628_firmwaremdm9650sd_636csra6620qcs4290mdm9250sd765g_firmwareqca6420_firmwareqca6390_firmwareapq8009_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwareqca6564qca6426wcn3990_firmwareqca9377sdw2500_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwaresd662sa8155qca6320_firmwarewcn3680b_firmwaresdx55_firmwareqca6595auwcn3615wcn3999_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwareqca6564au_firmwaresd778gsa6155p_firmwareqca6310wcn7851qcs6490sd429sdxr2_5gqca9367mdm9607_firmwarewcn3988_firmwaresa6145p_firmwaresd429_firmwaresm6250sd778g_firmwaresa8195pwsa8810_firmwaresd765_firmwarewcd9326wcd9335qca6174a_firmwareqcs4290_firmwarewcd9385qcs6490_firmwareqca6390wcd9375sd750g_firmwareaqt1000sm6250_firmwaremsm8953_firmwarewcn3620_firmwaresdx20_firmwareqcm6490sd888_5g_firmwarewcn6850_firmwarewcn3620wsa8835_firmwarewsa8815_firmwaresm7450qca6564awcn3990sd_675sd780gsd865_5gsd888msm8909w_firmwarewsa8835msm8996ausdm429w_firmwaresd888_5gsm6250pqca6574amdm9206wcn6855_firmwareqca6174asm7325pqca6310_firmwarewcn6750qca6574_firmwaresd855sm4125_firmwaresm7325p_firmwaresd765qca6574a_firmwaresd768g_firmwaresm7315apq8009qca6391sd460sdxr1_firmwareaqt1000_firmwaremdm9626qcm4290qcm6490_firmwaresdx50mwsa8832_firmwaresdx20sd480_firmwaremdm9626_firmwareqca6574ausa8155p_firmwaresd710mdm9607wcd9341_firmwarewsa8810wcn6856wcn3680bsd835_firmwareqca6564_firmwaresd768gwcn6740qca6696sd845_firmwaresdw2500apq8096au_firmwaresd845sm7250psd720g_firmwaresw5100_firmwareqcs410_firmwaresm8475pSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-25710
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.20% / 42.74%
||
7 Day CHG~0.00%
Published-15 Nov, 2022 | 00:00
Updated-22 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service due to null pointer dereference when GATT is disconnected in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3615_firmwaremsm8996auqca6595au_firmwareqca6175a_firmwareapq8009qca6174a_firmwareqca6564a_firmwaremdm9150_firmwareqam8295pwcn3998ar8031_firmwaremdm9650_firmwareqcs405_firmwaresdx55wsa8810_firmwarewsa8815_firmwaresa8150pmdm9206_firmwaremdm9607qca6696mdm9628wcn3610_firmwaresa6155qca6564auwcn3660bqca6574auwcn3660b_firmwaremdm9640sa6150papq8096ausdx20m_firmwaresa8155pmsm8996au_firmwarewcd9360_firmwarewsa8810sa6145p_firmwaresd626wsa8815sd626_firmwarewcn3680bqca6175asa6155pwcd9335_firmwaresa8150p_firmwareqca9379sa8145p_firmwarewcn3999_firmwareapq8009_firmwareqca6574csra6620wcn3998_firmwarecsra6640_firmwaresa8145psa415msdx55_firmwareqca6574_firmwaresa415m_firmwareqca6564aqca6584au_firmwaresdx20msa8195pqca6574a_firmwareqca6174awcd9335wcn3999sa8155_firmwaremdm9650wcn3680b_firmwareqca6574aqca6595_firmwareqca4020_firmwareapq8017_firmwarewcn3980_firmwareqca6574au_firmwarecsrb31024_firmwaremdm9250_firmwaresa4150p_firmwaresdx20qam8295p_firmwaresa8295pwcd9326sa8295p_firmwareqca9379_firmwaresa6155p_firmwaresa4150pwcd9326_firmwareqca9367_firmwaresa8155p_firmwarecsra6620_firmwarear8031sa6145psdx20_firmwareqca9377_firmwareqcs405wcn3610qca6595csra6640mdm9628_firmwareapq8017apq8096au_firmwareqca6584qca6696_firmwaresa6150p_firmwareqca6584auqca6564au_firmwarecsrb31024qca9377mdm9150qca9367wcn3615sa8155wcd9360sa6155_firmwareqca6584_firmwaremdm9250sa515mmdm9206mdm9640_firmwaresa515m_firmwaresa8195p_firmwareqca6595auqca4020mdm9607_firmwarewcn3980Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2022-25647
Matching Score-8
Assigner-Snyk
ShareView Details
Matching Score-8
Assigner-Snyk
CVSS Score-7.7||HIGH
EPSS-1.67% / 81.35%
||
7 Day CHG~0.00%
Published-01 May, 2022 | 15:30
Updated-17 Sep, 2024 | 03:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Deserialization of Untrusted Data

The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks.

Action-Not Available
Vendor-n/aNetApp, Inc.Google LLCDebian GNU/LinuxOracle Corporation
Product-debian_linuxgraalvmretail_order_brokerfinancial_services_crime_and_compliance_management_studioactive_iq_unified_managergsoncom.google.code.gson:gson
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2022-25691
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.19% / 41.10%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in Modem due to reachable assertion while processing SIB1 with invalid SCS and bandwidth settings in Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwareqca8081_firmwarewsa8835wcn3998qcn6024_firmwareqca8337_firmwarewsa8810_firmwarewsa8815_firmwaresd695_firmwarewcd9380wcn7850wcd9385wcn7850_firmwaresd695sdx65wcd9385_firmwaresd480_firmwaresm4375wcd9375qca8081wcd9375_firmwarear8035_firmwarewsa8810wcn6856_firmwarewsa8830wcn6856wsa8815sm8475wcn3988wsa8835_firmwaresd480sm4375_firmwarewcn7851_firmwarear8035qcn9024_firmwarewcn6855_firmwareqcn9024wcn3998_firmwarewcn6855wcn3988_firmwarewcd9370_firmwarewcn7851sdx65_firmwareqcn6024wsa8830_firmwarewcd9370qca8337sd_8_gen1_5g_firmwareSnapdragon Mobile
CWE ID-CWE-617
Reachable Assertion
CVE-2022-25702
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.19% / 41.10%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in modem due to reachable assertion while processing reconfiguration message in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwarewcd9340_firmwarewcn3615_firmwaresd429_firmwareapq8037_firmwareapq8009sd855_firmwaresdx50mqcn6024_firmwaresdx55qca6421wcn3610_firmwarewcn7850qca6426_firmwaremsm8937wcn3660bwcn3660b_firmwaresm4375sd205_firmwarewsa8830sd768gwcn6740_firmwarewcn6856wsa8815qca6390sda429w_firmwaresdx50m_firmwarewcn3680bsd480wcn7851_firmwarewcn3620_firmwaresd855wcd9340wcn6850sdx55_firmwaremsm8608sdxr2_5g_firmwareapq8037qcn6024sd765g_firmwarewcn3680b_firmwaremsm8108_firmwaresd865_5g_firmwareqca6421_firmwareapq8017_firmwaresdm429w_firmwarewcn6750msm8917_firmwaresd695_firmwarewcd9380msm8108qca6431_firmwaremsm8208sd695sd480_firmwareqca8081wcd9375_firmwarear8035_firmwaresd888sm7315_firmwarewcn6856_firmwaresd870aqt1000qca6390_firmwarear8035qcn9024_firmwarewcn6855_firmwarewcn6855sd780g_firmwareqcx315_firmwaresdx65_firmwaresd870_firmwaresa515mqca6431sa515m_firmwarewcd9370sd888_firmwarewcn3980sd429sd439_firmwaresd690_5gsm7315qca8081_firmwaresd765_firmwaresd765gwsa8835sdx55mmsm8208_firmwaremsm8917wcn3998wcn6850_firmwarewsa8810_firmwareqca8337_firmwarewsa8815_firmwarewcn3991_firmwarewcn6740msm8608_firmwarewcd9385qca6436wcn7850_firmwaresdx65wcd9385_firmwarewcn6750_firmwarewsa8810sd210aqt1000_firmwarewsa8835_firmwaresm4375_firmwaresm7250p_firmwareapq8009_firmwareqca6391qcn9024wcn3991wcn3998_firmwarewcn6851wcd9370_firmwaresd439sda429wqcx315sd210_firmwarewsa8830_firmwareqca8337sd_8_gen1_5g_firmwarefsm10055_firmwaresdxr2_5gfsm10055wcd9341wcn3980_firmwarewcn6851_firmwaresdm429wwcd9326qca6391_firmwaresd205wcd9326_firmwaresm7250pmsm8937_firmwarewcn3610msm8209apq8017wcd9375sd750g_firmwaresd865_5gsd780gqca6426sdx55m_firmwaresd690_5g_firmwaresm8475wcn3988wcn3615sd750gwcn3620sd765sd768g_firmwarewcn3988_firmwarewcn7851msm8209_firmwareqca6436_firmwarewcd9341_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-617
Reachable Assertion
CVE-2022-25734
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.14% / 35.54%
||
7 Day CHG~0.00%
Published-09 Feb, 2023 | 06:58
Updated-24 Mar, 2025 | 18:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Loop with Unreachable Exit Condition in MODEM

Denial of service in modem due to missing null check while processing IP packets with padding

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwarewsa8830ssg2125psxr2230p_firmwarewcd9330wcn6856_firmwarecsra6620qca4024_firmwarewsa8835sxr1230p_firmwarewcd9380csra6620_firmwaressg2125p_firmwaressg2115pmdm9206csra6640_firmwarewcn6855_firmwaresxr1230pwcd9335_firmwarewcn3980wcn3998wcd9385_firmwaremdm9205mdm9206_firmwarewsa8815sxr2230pqca4020wcn7850wcn3999_firmwarewcn3998_firmwarewcn3980_firmwarewcd9330_firmwaremdm9207wcd9306mdm8207wcn3999wcn7851ar8031_firmwarewsa8832_firmwareqca4004_firmwaremdm9607_firmwareqcs405qts110mdm9607wcd9306_firmwarewsa8810_firmwarewsa8810wsa8832qca4020_firmwarewcn6855wcd9335qca4010wcn7851_firmwarewcn6856wcd9385ar8031qcs405_firmwaremdm8207_firmwaremdm9205_firmwareqca4024mdm9207_firmwareqca4004csra6640wsa8830_firmwarewsa8815_firmwarewsa8835_firmwarewcn7850_firmwaressg2115p_firmwareqca4010_firmwareqts110_firmwareSnapdragon
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2022-25749
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.28% / 50.67%
||
7 Day CHG~0.00%
Published-19 Oct, 2022 | 00:00
Updated-22 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Transient Denial-of-Service in WLAN due to buffer over-read while parsing MDNS frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwareqcn9072_firmwaremsm8996auwcn3615_firmwaresd730apq8009ipq6028qca6696qca6421qcn9070wcn7850qcn5122qsm8250_firmwareqca6564ausdx24wcn3660bsd720gipq8078asd460msm8996au_firmwaresdx24_firmwareqcn5124qca6430ipq9008_firmwareqcs6490_firmwaresd_8cx_gen3_firmwaresd_8cx_firmwaresdxr2_5g_firmwaresd_8cx_gen2_firmwaresd712qca8386qca6574asd865_5g_firmwareapq8017_firmwaresd835_firmwaresa8295p_firmwaresm7325pqcn5024mdm8215qcc5100qcs405qca6595qca6431_firmwaresd480_firmwareapq8064au_firmwaresm7315_firmwareqca9367qca6390_firmwaresc8180x\+sdx55qca6584_firmwareipq8070asd870_firmwareqcm6490_firmwareipq8078_firmwareqca6595auqcs4290_firmwarewcn3980qca2066sm4125_firmwaresm7315qcn9022sd765_firmwareqca9888_firmwaresdx55mqam8295pwcn6850_firmwaresm6250pwcn3991_firmwaresa8150pwcn6740ipq8078qca6436apq8064auipq8069ipq8071aqca4024qca6694_firmwareqca2062_firmwareqca2066_firmwaresw5100p_firmwareqcn9012wsa8835_firmwareapq8009_firmwareqca6391qcn9024qcn5052_firmwarecsra6620wcn3998_firmwaresd778g_firmwaresd675ipq8074aqcx315qcc5100_firmwareqca6554a_firmwareipq8071qcn6122sdx12sd660csrb31024_firmwaresa4150p_firmwaresdx20ipq8070qcs610qcn9012_firmwaresm7250psa8155p_firmwarecsra6620_firmwarewcn3610sdx20_firmwarewcn3910_firmwareqrb5165_firmwaresd750g_firmwareqca6696_firmwareqca2064sxr2150psd865_5gipq8071_firmwareqca9377qcn9003_firmwarewcn3990_firmwarewcn3950_firmwarewcn3988wcn3615qca8085sd750gsd768g_firmwareqcs605mdm9615_firmwaremdm9640_firmwareqca4020qca9367_firmwareipq8074a_firmwareqcn5021_firmwareqcn6102ipq4018wcd9340_firmwaresd850qca6175a_firmwaresd_675_firmwaresd855_firmwaresd662_firmwareqcn5054_firmwareqca9889sdx50mwcd9371qca1023sd_455_firmwaremdm9628wcn3610_firmwaresa6155qcm4290_firmwarewcn3660b_firmwaresm4375sdx20m_firmwarewcd9360_firmwareqrb5165m_firmwareqsm8350_firmwaresd768gwcn6740_firmwarewcn6856sdx50m_firmwareqca6175asa6155pipq8074_firmwaresa8150p_firmwaresd480wcd9330wcn7851_firmwaremdm8215_firmwareqca4024_firmwaresa8145pwcn3950ipq6018_firmwareqcn5122_firmwareqcn7605ipq8078a_firmwarewcn3680b_firmwareipq6010qca6421_firmwareqca6438_firmwareqca6574au_firmwaresd662qrb5165n_firmwareqca2065_firmwareipq4029_firmwareqam8295p_firmwareqca6564_firmwareqcs610_firmwareqcn5054ar8031qca6438qcm4290qcn6102_firmwareqcn5052sd660_firmwaresd730_firmwareqca6174_firmwaresd888qca0000wcn6856_firmwareqcn6132_firmwareaqt1000qcn5152_firmwareqcs603ar8035qca8072_firmwareqsm8250qca6420wcd9360qca4531qca9898_firmwareqcm2290mdm9250qcn9011sa515msd845_firmwareqca6428_firmwaresa515m_firmwareqca9994_firmwareapq8076ipq6028_firmwareqcn6023mdm9645_firmwareqca8081_firmwareqca9984qca9898qca8075_firmwareqcn5164qcs2290qrb5165mqca1064_firmwaresd7csd678qca6574auwcd9385_firmwareapq8096auqcs410_firmwareqcn9000_firmwareipq8173_firmwaresd680qcn9001_firmwareqca9379sm4375_firmwareipq6010_firmwaresd_8cxsa8195pqca6574a_firmwareqca9888qca6694sa8155_firmwarewsa8830_firmwareipq8174_firmwaresd_8_gen1_5g_firmwareqcn6100wcd9341sd680_firmwareqca9992_firmwareqca2065apq8096au_firmwareqcn9001qca6584sd780gqca6335_firmwaresdx55m_firmwareqcs6125_firmwareqcn9100ipq8072_firmwaresa8155ipq6000sd765qca6564wcd9330_firmwareqcn9022_firmwareqcs4290ipq5028sa4155pqca9369qcn7606sd845qcs410qca6428mdm9310qca6595au_firmwareqca1062qca6310qcn9000qcn7606_firmwareipq8074mdm9607qca6426_firmwareqca4531_firmwaresa6150psd710_firmwareqca9889_firmwarewsa8830ipq8072wsa8815qcn9003ipq9008wcn3680bsd855wcd9340qca0000_firmwaresdx55_firmwaresxr2150p_firmwareqca8386_firmwaresc8180x\+sdx55_firmwareqcn5022_firmwaresa4155p_firmwaremdm9650qca8072sd765g_firmwareqca8084_firmwareqcm6125_firmwarewcn6750sd_636_firmwaresd695_firmwareqca9994qca6335sd_675qcn5024_firmwarecsra6640mdm9215_firmwareqca6430_firmwareqca8081sm7325p_firmwareqca6584ausd870ipq6018ipq5018_firmwareqcn9024_firmwareipq4028_firmwareqcn9011_firmwaresa6155_firmwarewcn6855qcx315_firmwareipq8072awcn3910ipq8070a_firmwaresm6250sdm630_firmwareqca6431wcd9370sd888_firmwareqcn5152qca9992sd720g_firmwaresd765gsd670qcn9002_firmwareqcn9274sd_455wsa8810_firmwarewsa8815_firmwaresd850_firmwareipq8076aqcn7605_firmwaresa8155psdxr1wsa8810sdm630aqt1000_firmwareipq8076wcd9335_firmwaresm7250p_firmwareqcn5154_firmwarear9380_firmwaremdm9310_firmwarewcn6851wcd9370_firmwareqca6420_firmwareqcn6023_firmwareqca8082_firmwareipq4028qcm6125ipq8174ipq8064_firmwareqca4020_firmwareqca6391_firmwarewcd9326_firmwaresa6145papq8017qca8085_firmwarewcd9375msm8976_firmwareipq8076_firmwaremdm9215qca2062qca9980_firmwaresm6250p_firmwaresd778gwcd9371_firmwareipq8071a_firmwaremsm8976qca9980sd712_firmwarewcn7851qcn9002qca6310_firmwaresd710qca6436_firmwaresa8195p_firmwaresd_636wcd9341_firmwareipq6000_firmwareqca8082qca6174a_firmwareqca6564a_firmwareqcn5021mdm9650_firmwareqcs405_firmwareqcn6024_firmwareqcs6490ipq5018sdx55sd460_firmwareqca9990qca1064sd820sd665_firmwaresa6145p_firmwareipq5028_firmwaresm4125qca6390ipq5010_firmwaresa8145p_firmwaresw5100wcn6850csr8811sa415mqcs603_firmwareqca6584au_firmwareqca6320_firmwareqcn9100_firmwareqcm6490qcn6024qca6174awcd9335wcn3999sd7c_firmwaresd670_firmwaresd835qca6595_firmwareqrb5165nqrb5165mdm9250_firmwaresa8295pqcn9074qca6174qcm2290_firmwareqcn9274_firmwarewcd9380mdm9628_firmwareqca2064_firmwaresd695ipq8064qca9369_firmwaresd_8cx_gen3ipq8069_firmwarewcd9375_firmwaresa6150p_firmwarear8035_firmwareipq8070_firmwareqcn6100_firmwaresdx12_firmwareqcn6112wcn6855_firmwaresd780g_firmwareqca1023_firmwaresdx65_firmwareqcn5124_firmwaremdm9206sdxr1_firmwareqcn5164_firmwaremdm9607_firmwarewcn3990apq8076_firmwaresd690_5gqca1062_firmwarewsa8835wcn3998ar8031_firmwarecsr8811_firmwareqca8337_firmwaremdm9206_firmwareqcn6122_firmwaresd820_firmwareqca9990_firmwareipq8072a_firmwarewcd9385wcn7850_firmwareqcn6112_firmwaresdx65ipq4029mdm9640wcn6750_firmwaresd888_5gqcn9070_firmwarepmp8074qca8075pmp8074_firmwaresd678_firmwarewcn3999_firmwareqcs6125qca9984_firmwareqca6574qsm8350wcn3991csra6640_firmwareqca6574_firmwaresa415m_firmwareipq8076a_firmwarear9380qca6564asdx20msd675_firmwaresd665sd888_5g_firmwareqca6320qca8337sm6250_firmwaresdxr2_5gqcn6132wcn3980_firmwareqcs2290_firmwarewcn6851_firmwareipq4018_firmwarewcd9326qca8084qca9379_firmwaresa6155p_firmwareqcn9074_firmwaresa4150pqcn5154qca9377_firmwaremdm9645sw5100_firmwareipq8173qcn9072qca6564au_firmwarecsrb31024qca6426sd690_5g_firmwareqcn5022sm8475qcs605_firmwareipq5010wcn3988_firmwareqca6554asw5100pmdm9615sd_8cx_gen2Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-25692
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.06% / 18.96%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in Modem due to reachable assertion while processing the common config procedure in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd429wcd9380_firmwareqca6595au_firmwaresd429_firmwaresd690_5gqca8081_firmwaresd765_firmwaresd765gwsa8835sdx55mwcn3998wcn6850_firmwareqcn6024_firmwareqcs6490sdx55wsa8810_firmwareqca8337_firmwarewsa8815_firmwarewcn3991_firmwareqca6696wcn6740wcn3610_firmwarewcn7850wcd9385wcn3660bwcn7850_firmwaresdx65wcd9385_firmwarewcn3660b_firmwaresm4375wcn6750_firmwarewsa8810wcd9360_firmwarewcd9341_firmwarewsa8830sd888_5gsd768gwcn6740_firmwarewcn6856wsa8815qca6390sda429w_firmwarewcn3680bwsa8835_firmwaresd480wcn7851_firmwarewcn3620_firmwaresm4375_firmwaresm7250p_firmwareqcs6490_firmwareqca6391qcn9024wcn3991wcn3998_firmwarewcn6850wcn6851sdx55_firmwaresd778g_firmwarewcd9370_firmwareqca6574a_firmwareqcm6490sda429wqcn6024sdx57mqcx315sd888_5g_firmwarewsa8830_firmwareqca8337sd765g_firmwarewcn3680b_firmwareqca6574asd_8_gen1_5g_firmwaresd865_5g_firmwarewcd9341wcn3980_firmwarewcn6851_firmwaresdm429w_firmwaresdm429wwcn6750sm7325pqca6391_firmwaresm7250psd695_firmwarewcd9380wcn3610sd695sd480_firmwarewcd9375qca8081wcd9375_firmwarear8035_firmwareqca6696_firmwaresd865_5gsm7325p_firmwaresd780gwcn6856_firmwaresd870sdx57m_firmwaresdx55m_firmwaresd690_5g_firmwaresm8475sd778gwcn3988qca6390_firmwarear8035qcn9024_firmwarewcn6855_firmwarewcn3620sd765sd768g_firmwarewcd9360wcn6855sd780g_firmwareqcx315_firmwarewcn3988_firmwarewcn7851sdx65_firmwaresd870_firmwareqcm6490_firmwaresa515msa515m_firmwareqca6595auwcd9370wcn3980Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-617
Reachable Assertion
CVE-2022-25689
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.14% / 35.54%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in Modem due to reachable assertion in Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-ar8035_firmwarewcd9380_firmwarewcn6856_firmwarewcn6856qca8081_firmwarear8035qcn9024_firmwarewcn6855_firmwareqcn9024qcn6024_firmwarewcn6855qca8337_firmwaresdx65_firmwarewcd9380qcn6024sdx65qca8337qca8081Snapdragon Mobile
CWE ID-CWE-617
Reachable Assertion
CVE-2017-18678
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.11% / 30.64%
||
7 Day CHG~0.00%
Published-07 Apr, 2020 | 14:32
Updated-05 Aug, 2024 | 21:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.x) software. An attacker can crash system processes via a Serializable object because of missing exception handling. The Samsung IDs are SVE-2017-8109, SVE-2017-8110, SVE-2017-8115, SVE-2017-8118, and SVE-2017-8119 (April 2017).

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidn/a
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2022-25670
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.15% / 36.77%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 05:25
Updated-03 Aug, 2024 | 04:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in WLAN HOST due to buffer over read while unpacking frames in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwarewsa8830sd678mdm9640_firmwaresm6250p_firmwarewcn3998_firmwareqcs2290_firmwareqca8337mdm9628_firmwaremdm9650sdx65csra6620qcs4290wcn3950_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqcs2290qca6390_firmwareapq8009_firmwaresa6155msm8917sd690_5gsd730_firmwarewcd9370csra6620_firmwareqcs605_firmwaresd_675_firmwaresd675_firmwarecsra6640_firmwareqca6426sd632wcn3990_firmwareqrb5165n_firmwareqca9377wcn3998sdw2500_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcn3950sm4125mdm9628sd720gwcd9326_firmwarewcn3615_firmwaresd_8_gen1_5g_firmwarewcn3660bsd450_firmwaresd662sd460_firmwareqca4020sa8155qca6584qca6574au_firmwaresdx55_firmwarewcn3680b_firmwareqca6595auqca8081_firmwaresa6155_firmwaresdx12_firmwaremsm8909wsm7250p_firmwareapq8009w_firmwareqca6420qca6436_firmwareapq8053_firmwareqrb5165nwcn3610_firmwaresm7450_firmwareqca6564au_firmwaresa6155p_firmwareqca9367_firmwarepm8937wcn3999wcn7851sd429qrb5165_firmwareqrb5165m_firmwaresdxr2_5gqca9367sa8155_firmwaresd662_firmwaremdm9607_firmwareqcs405qca6430wcn3988_firmwaresa6145p_firmwaresd429_firmwaresm6250sa8195papq8017_firmwarewsa8810_firmwarequalcomm215_firmwaresd765gsd765_firmwareqca4020_firmwareqca6436wcd9326sa6155pwcd9335wcn6851qca8081wcn7851_firmwaremsm8937qca6174a_firmwareqcs4290_firmwarewcd9385wcd9341wcn3660_firmwarepm8937_firmwareqca6696_firmwaresd750gsd870_firmwarear8035qca6390sd750g_firmwareaqt1000wcd9375wcn3910_firmwaresm6250_firmwaremsm8953_firmwarewsa8830_firmwaremsm8917_firmwaresd855_firmwaresd865_5g_firmwarewcn3620_firmwaresdx20_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwarewcn3620wsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresm7450apq8017sm8475qca6564awcn6750_firmwaresd450wcn3610mdm9640qcm2290_firmwarewcn3991qca8337_firmwarewcd9380_firmwarewcn3990sd_675sd865_5gwcn3615qca6564ausdx55m_firmwarewcn6856_firmwarewcd9375_firmwaremsm8909w_firmwareqca6574sd632_firmwarewsa8835wcd9380sd888_5gsm6250pwcn3999_firmwarequalcomm215qca6574asd690_5g_firmwarewcn6855_firmwareqca9379_firmwareqca6174aqca6430_firmwarewcd9335_firmwarewcn3980sd439_firmwarewcn6750qca6574_firmwareqcs605sd855sm4125_firmwarewcn6850wsa8815wcn3910qca6584_firmwaremsm8937_firmwaremdm9650_firmwareqca6175asd765qca6426_firmwarewcn3660b_firmwarewcn3680qca6574a_firmwaresd768g_firmwareqrb5165mwcn3980_firmwareapq8009qca6391sd460sd730sdx55msm8475_firmwareaqt1000_firmwaremsm8953sdx65_firmwaremdm9626sd678_firmwarear8031_firmwareqcm4290wcn3680_firmwarewsa8832_firmwaresdx20qrb5165wcn6851_firmwaremdm9626_firmwareqca6574ausa8155p_firmwaremdm9607qca6564a_firmwareapq8009wwcd9341_firmwareqcm4290_firmwaresd870wsa8810wcn6855wsa8832wcn6856sa6145pwcn3680bsd768gapq8096auar8031qcs405_firmwareqca6696qca6391_firmwarewcd9370_firmwaresdw2500sdx55apq8053apq8096au_firmwarecsra6640sa8155psd675sd439sm7250psd720g_firmwaresdx12wcn3660sm8475p_firmwareqca9379qca6175a_firmwarear8035_firmwareqcm2290sm8475pSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-18671
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.11% / 30.64%
||
7 Day CHG~0.00%
Published-07 Apr, 2020 | 14:43
Updated-05 Aug, 2024 | 21:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung mobile devices with L(5.0/5.1), M(6.0), and N(7.x) software. Intents related to Wi-Fi have incorrect exception handling, leading to a crash of system processes. The Samsung ID is SVE-2017-8389 (May 2017).

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidn/a
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2022-25673
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.19% / 41.10%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in MODEM due to reachable assertion while processing configuration from network in Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-ar8035_firmwarewcd9380_firmwarewcn6856_firmwarewsa8830wcn6856sm8475qca8081_firmwarewsa8835_firmwarewsa8835wcn7851_firmwarear8035qcn9024_firmwarewcn6855_firmwareqcn9024qcn6024_firmwareqca8337_firmwarewcn6855wcn7851sdx65_firmwarewcd9380wcn7850qcn6024wcn7850_firmwarewsa8830_firmwaresdx65qca8337sd_8_gen1_5g_firmwareqca8081Snapdragon Mobile
CWE ID-CWE-617
Reachable Assertion
CVE-2022-25733
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.16% / 37.77%
||
7 Day CHG~0.00%
Published-09 Feb, 2023 | 06:58
Updated-03 Aug, 2024 | 04:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Null Pointer Dereference in MODEM

Denial of service in modem due to null pointer dereference while processing DNS packets

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwarewsa8830ssg2125psxr2230p_firmwarewcd9330wcn6856_firmwarecsra6620qca4024_firmwarewsa8835sxr1230p_firmwarewcd9380csra6620_firmwaressg2125p_firmwaressg2115pmdm9206csra6640_firmwarewcn6855_firmwaresxr1230pwcd9335_firmwarewcn3980wcn3998wcd9385_firmwaremdm9205mdm9206_firmwarewsa8815sxr2230pqca4020wcn7850wcn3999_firmwarewcn3998_firmwarewcn3980_firmwarewcd9330_firmwaremdm9207wcd9306mdm8207wcn3999wcn7851ar8031_firmwarewsa8832_firmwareqca4004_firmwaremdm9607_firmwareqcs405qts110mdm9607wcd9306_firmwarewsa8810_firmwarewsa8810wsa8832qca4020_firmwarewcn6855wcd9335qca4010wcn7851_firmwarewcn6856wcd9385ar8031qcs405_firmwaremdm8207_firmwaremdm9205_firmwareqca4024mdm9207_firmwareqca4004csra6640wsa8830_firmwarewsa8815_firmwarewsa8835_firmwarewcn7850_firmwaressg2115p_firmwareqca4010_firmwareqts110_firmwareSnapdragonwcd9380_firmwaresxr2230p_firmwarear8031_firmwarewsa8832_firmwarewcn6856_firmwareqca4004_firmwaremdm9607_firmwareqca4024_firmwarewcd9306_firmwaresxr1230p_firmwarewsa8810_firmwareqca4020_firmwaressg2125p_firmwarecsra6620_firmwarewcn7851_firmwarewcn6855_firmwarecsra6640_firmwareqcs405_firmwarewcd9335_firmwaremdm8207_firmwaremdm9205_firmwarewcd9385_firmwaremdm9206_firmwaremdm9207_firmwarewsa8830_firmwarewsa8815_firmwarewsa8835_firmwarewcn7850_firmwaressg2115p_firmwarewcn3999_firmwarewcn3998_firmwarewcn3980_firmwarewcd9330_firmwareqca4010_firmwareqts110_firmware
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2022-25739
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.12% / 32.11%
||
7 Day CHG~0.00%
Published-04 Apr, 2023 | 04:46
Updated-03 Aug, 2024 | 04:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Null Point Dereference in MODEM

Denial of service in modem due to missing null check while processing the ipv6 packet received during ECM call

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9306wcd9380_firmwarewsa8830ssg2125psnapdragon_wear_1300sxr2230p_firmwaremdm8207mdm9207wcd9330snapdragon_wear_1200snapdragon_x5_lte_modem_firmwarewsa8832_firmwarewcn785x-5wcn685x-5qca4004_firmwarewcn785x-1_firmwareqts110wcd9306_firmwaresxr1230p_firmwarewsa8835wcd9380wsa8832snapdragon_ar2_gen_1_platform_firmwaresnapdragon_wear_1100_firmwaressg2125p_firmwaresnapdragon_wear_1200_firmwaressg2115psnapdragon_ar2_gen_1_platformmdm9206wcn685x-5_firmwarewcn685x-1_firmwaresxr1230pwcd9385wcn685x-1mdm8207_firmwaresnapdragon_wear_1100mdm9205_firmwarewcd9385_firmwaremdm9205mdm9206_firmwaremdm9207_firmwareqca4004sxr2230pwsa8830_firmwarewsa8835_firmwaressg2115p_firmwaresnapdragon_wear_1300_firmwarewcn785x-5_firmwarewcd9330_firmwarewcn785x-1snapdragon_x5_lte_modemqts110_firmwareSnapdragon9205_lte_modem_firmwarewcd9380_firmwaresnapdragon_wear_1300_platform_firmware9207_lte_modem_firmwaresxr2230p_firmwaresnapdragon_x5_lte_modem_firmwaremdm8207_firmwarewsa8832_firmwarewcd9385_firmwarefastconnect_6900_firmwareqca4004_firmwaresnapdragon_1200_wearable_platform_firmwaresnapdragon_1100_wearable_platform_firmware9206_lte_modem_firmwarewsa8830_firmwarewcd9306_firmwaresxr1230p_firmwarewsa8835_firmwarefastconnect_7800_firmwaressg2115p_firmwaresnapdragon_ar2_gen_1_platform_firmwarewcd9330_firmwaressg2125p_firmwareqts110_firmware
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2022-25741
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.20% / 42.74%
||
7 Day CHG~0.00%
Published-15 Nov, 2022 | 00:00
Updated-22 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in WLAN due to potential null pointer dereference while accessing the memory location in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwarewcd9340_firmwareqca6595au_firmwaresd429_firmwaresd730qca6175a_firmwaresd_675_firmwaresd855_firmwaresd662_firmwaresdx50mqcs405_firmwareqcn6024_firmwareqcs6490sdx55sd460_firmwareqca6696qca6421wcn7850sa6155qca6564auqca6426_firmwareqcm4290_firmwarewcn3660bsd720gwcn3660b_firmwaresa6150psd460sd710_firmwarewcd9360_firmwareqrb5165m_firmwaresa6145p_firmwarewcd9341_firmwarewsa8830sd768gsm4125wcn6740_firmwarewcn6856qca6390wsa8815sdx50m_firmwareqca6175asa6155psa8150p_firmwareqca6430sa8145p_firmwaresw5100sd855wcn3620_firmwareqcs6490_firmwarewcn7851_firmwarewcd9340wcn6850sa8145psa415msdx55_firmwarewcn3950sxr2150p_firmwareqca6584au_firmwaresdxr2_5g_firmwareqcm6490qcn6024wcd9335sd835sd765g_firmwareqca6574aqca6595_firmwareqrb5165nsd865_5g_firmwareqca6421_firmwareqrb5165qca6574au_firmwaresd662qrb5165n_firmwaresdm429w_firmwaresd835_firmwareqam8295p_firmwaresa8295pwcn6750qcs610_firmwaresa8295p_firmwaresm7325psd_636_firmwareqcm2290_firmwareqcc5100wcd9380sd_675qcm4290qcs405qca6595csra6640qca6431_firmwaresd660_firmwaresd730_firmwareqca6430_firmwareqca8081ar8035_firmwaresa6150p_firmwaresd888sm7315_firmwareqca6584ausm7325p_firmwaresd870wcd9375_firmwarewcn6856_firmwareaqt1000qca6390_firmwarear8035qcn9024_firmwarewcn6855_firmwarewcd9360qca6420sa6155_firmwaresd780g_firmwarewcn6855sdx65_firmwareqcm2290wcn3910sd870_firmwareqcm6490_firmwaresm6250sa515msdxr1_firmwareqca6431sa515m_firmwareqca6595auwcd9370sd888_firmwareqcs4290_firmwarewcn3990wcn3980sd429sm4125_firmwaresd690_5gsm7315qca8081_firmwaresd765_firmwaresd720g_firmwaresd765gwsa8835sdx55mqam8295pwcn3998wcn6850_firmwarewsa8810_firmwareqca8337_firmwarewsa8815_firmwarewcn3991_firmwaresa8150pqcs2290qrb5165mwcn6740wcd9385qca6436sd678qca6574auwcn7850_firmwaresdx65wcd9385_firmwarewcn6750_firmwareqcs410_firmwaresa8155psdxr1wsa8810sd680sd888_5gsw5100p_firmwareaqt1000_firmwarewsa8835_firmwaresd678_firmwarewcd9335_firmwaresm7250p_firmwareqca6391qcn9024qca6574csra6620wcn3991wcn3998_firmwarecsra6640_firmwareqca6574_firmwarewcn6851sa415m_firmwaresd778g_firmwarewcd9370_firmwaresd675qca6420_firmwaresa8195pqca6574a_firmwaresd675_firmwareqcc5100_firmwareqca6554a_firmwaresa8155_firmwaresd888_5g_firmwarewsa8830_firmwareqca8337sd_8_gen1_5g_firmwaresm6250_firmwaresdxr2_5gwcd9341wcn3980_firmwareqcs2290_firmwaresd660csrb31024_firmwarewcn6851_firmwaresa4150p_firmwaresdm429wwcd9326qcs610sa6155p_firmwaresd680_firmwareqca6391_firmwaresa4150pwcd9326_firmwaresm7250psa8155p_firmwarecsra6620_firmwaresa6145pwcn3910_firmwareqrb5165_firmwaresw5100_firmwarewcd9375sd750g_firmwareqca6696_firmwaresxr2150psd865_5gsd780gqca6564au_firmwarecsrb31024qca6426sdx55m_firmwaresd690_5g_firmwaresm8475sd778gwcn3950_firmwarewcn3988wcn3990_firmwaresa8155sd750gwcn3620sd765sd768g_firmwarewcn3988_firmwarewcn7851qca6554aqcs4290sd710sw5100pqca6436_firmwaresa8195p_firmwaresd_636qcs410Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2022-25742
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.30% / 53.24%
||
7 Day CHG~0.00%
Published-15 Nov, 2022 | 00:00
Updated-22 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Denial of service in modem due to infinite loop while parsing IGMPv2 packet from server in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca4020_firmwarewcd9306_firmwarewcn3980_firmwareqca4010wcn3998wcd9306ar8031_firmwaremdm9205qcs405_firmwarewsa8810_firmwarewsa8815_firmwaremdm9207_firmwaremdm9206_firmwaremdm9607qca4010_firmwarecsra6620_firmwarear8031mdm9205_firmwareqcs405csra6640mdm8207_firmwareqca4024wsa8810wcn3980wsa8815qca4004wcd9335_firmwarewcn3999_firmwarewcd9330wcn3998_firmwaremdm8207csra6620qca4024_firmwarecsra6640_firmwarewcd9330_firmwaremdm9207mdm9206wcn3999wcd9335qca4020mdm9607_firmwareqca4004_firmwareSnapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2024-27229
Matching Score-8
Assigner-Google Devices
ShareView Details
Matching Score-8
Assigner-Google Devices
CVSS Score-7.5||HIGH
EPSS-1.49% / 80.28%
||
7 Day CHG~0.00%
Published-11 Mar, 2024 | 18:55
Updated-27 Mar, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ss_SendCallBarringPwdRequiredIndMsg of ss_CallBarring.c, there is a possible null pointer deref due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroid
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2023-33112
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.23% / 45.67%
||
7 Day CHG~0.00%
Published-02 Jan, 2024 | 05:38
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Firmware

Transient DOS when WLAN firmware receives "reassoc response" frame including RIC_DATA element.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1010_firmwareqcm8550_firmwareqcs410_firmwaresa6150p_firmwaresw5100pwsa8832wsa8845_firmwareqca6595qcs610_firmwarewcd9335wcd9370qca8081_firmwaressg2125p_firmwarear8035_firmwareqca6696wsa8830_firmwareqrb5165msnapdragon_888_5g_mobile_platformwcd9341_firmwaresnapdragon_w5\+_gen_1_wearable_platform_firmwaresa4150p_firmwarewcd9395_firmwareqcn6024sd888_firmwarewcn6740_firmwarefastconnect_6700qca6564ausa4150pwsa8815_firmwarewsa8832_firmwaresa8195p_firmwareqca8337_firmwaresnapdragon_x12_lte_modem_firmwareqca8337qdu1110wcd9395snapdragon_680_4g_mobile_platformsg8275p_firmwareqca9377_firmwareqcm6490_firmwareqca6574au_firmwareqam8295pwcd9341qcm4490_firmwareqca6574auqru1032snapdragon_x12_lte_modemflight_rb5_5g_platformwcd9390wcn3950wsa8810_firmwarewsa8845h_firmwarecsra6640snapdragon_x65_5g_modem-rf_system_firmwareqca6797aq_firmwaresnapdragon_7c\+_gen_3_computeqca6554asnapdragon_780g_5g_mobile_platformsa8295p_firmwareqcn6024_firmwaresa4155p_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaresnapdragon_695_5g_mobile_platformsnapdragon_4_gen_1_mobile_platform_firmwarevideo_collaboration_vc1_platform_firmwaresa4155psnapdragon_778g\+_5g_mobile_platformsnapdragon_780g_5g_mobile_platform_firmwareqca6584ausd888ssg2115pqcn9011_firmwareqru1062_firmwaresnapdragon_4_gen_2_mobile_platformsw5100_firmwarewcn6740snapdragon_480\+_5g_mobile_platform_firmwareqru1062snapdragon_695_5g_mobile_platform_firmwareqca6595_firmwareqcs7230fastconnect_7800_firmwarefastconnect_6900snapdragon_685_4g_mobile_platform_firmwarevideo_collaboration_vc1_platformqru1032_firmwaresnapdragon_782g_mobile_platform_firmwarewcd9385_firmwarefastconnect_6900_firmwareqam8255p_firmwarewcd9380sa6145p_firmwareqam8255psxr2230psnapdragon_888_5g_mobile_platform_firmwaresnapdragon_4_gen_1_mobile_platformsa8150psnapdragon_ar2_gen_1_platform_firmwareqcs4490snapdragon_8_gen_1_mobile_platform_firmwaresnapdragon_778g_5g_mobile_platformsnapdragon_685_4g_mobile_platformsnapdragon_8\+_gen_2_mobile_platform_firmwarewsa8845sa6155psnapdragon_auto_5g_modem-rf_firmwareqca6564au_firmwaresxr1230pwsa8810qam8650pqdu1000_firmwarevideo_collaboration_vc5_platform_firmwaresnapdragon_8\+_gen_2_mobile_platformwcn3950_firmwaresw5100qca6595auvideo_collaboration_vc3_platformsm7315_firmwareqdu1010sa6155p_firmwarewsa8840qam8295p_firmwareqcs8550_firmwareqdu1210_firmwaresm7315qca6698aq_firmwarewcd9385qcn9012snapdragon_8\+_gen_1_mobile_platformmdm9650_firmwareqcs4490_firmwaresnapdragon_8_gen_2_mobile_platformsnapdragon_7c\+_gen_3_compute_firmwaresa8255pqcs7230_firmwaresxr1230p_firmwarewcd9390_firmwaresnapdragon_778g\+_5g_mobile_platform_firmwaresg8275pwcd9370_firmwaremdm9650qdx1011_firmwaresnapdragon_auto_5g_modem-rfqdu1110_firmwareqdu1000qca6554a_firmwaressg2125pqca6574aqru1052qcm4490qca6174asa8195pcsra6640_firmwareqcs8250_firmwareqdu1210snapdragon_820_automotive_platform_firmwareqca6174a_firmwareqcm6490sm7325pqam8650p_firmwarevideo_collaboration_vc5_platformsm8550p_firmwareqcm8550wcn3988qcs6490_firmwaresnapdragon_x65_5g_modem-rf_systemqcn9024qca6584au_firmwarewcd9335_firmwareqrb5165n_firmwareqca6574snapdragon_480_5g_mobile_platform_firmwarewcn3980_firmwarewsa8835qca6595au_firmwareqca6391_firmwaresxr2230p_firmwarewsa8840_firmwareqdu1010_firmwaresw5100p_firmwareqcn9011snapdragon_ar2_gen_1_platformsnapdragon_782g_mobile_platformqca6696_firmwareqcn9024_firmwarewsa8845hwcd9380_firmwaresa6150pqca6574_firmwareqcs410sa8155p_firmwarecsra6620qca8081wsa8815sa8155psd_8_gen1_5gwsa8830qam8775pqca6797aqqca9377sm8550psa6145psnapdragon_8\+_gen_1_mobile_platform_firmwareqcm4325_firmwaresa8255p_firmwareflight_rb5_5g_platform_firmwarear8035qca6574a_firmwaresnapdragon_480\+_5g_mobile_platformqrb5165m_firmwareqcm4325sd_8_gen1_5g_firmwarerobotics_rb5_platformwcd9375_firmwareqca6391qcn9012_firmwaresmart_audio_400_platform_firmwareqca6698aqsnapdragon_778g_5g_mobile_platform_firmwaresnapdragon_480_5g_mobile_platformqru1052_firmwareqrb5165ncsra6620_firmwaresa8295psnapdragon_8_gen_1_mobile_platformrobotics_rb5_platform_firmwareqcs8550snapdragon_8_gen_2_mobile_platform_firmwarefastconnect_6200fastconnect_7800sa8145p_firmwaresm7325p_firmwareqam8775p_firmwaresnapdragon_888\+_5g_mobile_platformqdx1011wcd9375sa8150p_firmwaresmart_audio_400_platformsnapdragon_w5\+_gen_1_wearable_platformwcn3988_firmwarefastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwaresa8145psnapdragon_888\+_5g_mobile_platform_firmwarewsa8835_firmwaressg2115p_firmwaresnapdragon_680_4g_mobile_platform_firmwareqcs6490qcs8250snapdragon_820_automotive_platformwcn3980fastconnect_6200_firmwareqdx1010qcs610Snapdragonsnapdragon
CWE ID-CWE-126
Buffer Over-read
CVE-2022-23593
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.31% / 53.52%
||
7 Day CHG~0.00%
Published-04 Feb, 2022 | 22:32
Updated-22 Apr, 2025 | 18:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Segfault in `simplifyBroadcast` in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. The `simplifyBroadcast` function in the MLIR-TFRT infrastructure in TensorFlow is vulnerable to a segfault (hence, denial of service), if called with scalar shapes. If all shapes are scalar, then `maxRank` is 0, so we build an empty `SmallVector`. The fix will be included in TensorFlow 2.8.0. This is the only affected version.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • ...
  • 10
  • 11
  • Next
Details not found