Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2020-3628

Summary
Assigner-qualcomm
Assigner Org ID-2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At-22 Jun, 2020 | 07:10
Updated At-04 Aug, 2024 | 07:37
Rejected At-
Credits

Improper access due to socket opened by the logging application without specifying localhost address in Snapdragon Consumer IOT, Snapdragon Mobile in APQ8053, Rennell, SDX20

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:qualcomm
Assigner Org ID:2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At:22 Jun, 2020 | 07:10
Updated At:04 Aug, 2024 | 07:37
Rejected At:
â–¼CVE Numbering Authority (CNA)

Improper access due to socket opened by the logging application without specifying localhost address in Snapdragon Consumer IOT, Snapdragon Mobile in APQ8053, Rennell, SDX20

Affected Products
Vendor
Qualcomm Technologies, Inc.Qualcomm, Inc.
Product
Snapdragon Consumer IOT, Snapdragon Mobile
Versions
Affected
  • APQ8053, Rennell, SDX20
Problem Types
TypeCWE IDDescription
textN/AImproper Access Control Issue in On-Device Logging
Type: text
CWE ID: N/A
Description: Improper Access Control Issue in On-Device Logging
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.qualcomm.com/company/product-security/bulletins/june-2020-bulletin
x_refsource_CONFIRM
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/june-2020-bulletin
Resource:
x_refsource_CONFIRM
â–¼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.qualcomm.com/company/product-security/bulletins/june-2020-bulletin
x_refsource_CONFIRM
x_transferred
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/june-2020-bulletin
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:product-security@qualcomm.com
Published At:22 Jun, 2020 | 07:15
Updated At:21 Jul, 2021 | 11:39

Improper access due to socket opened by the logging application without specifying localhost address in Snapdragon Consumer IOT, Snapdragon Mobile in APQ8053, Rennell, SDX20

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary2.010.0HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 10.0
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
Qualcomm Technologies, Inc.
qualcomm
>>apq8053_firmware>>-
cpe:2.3:o:qualcomm:apq8053_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8053>>-
cpe:2.3:h:qualcomm:apq8053:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>rennell_firmware>>-
cpe:2.3:o:qualcomm:rennell_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>rennell>>-
cpe:2.3:h:qualcomm:rennell:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdx20_firmware>>-
cpe:2.3:o:qualcomm:sdx20_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdx20>>-
cpe:2.3:h:qualcomm:sdx20:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.qualcomm.com/company/product-security/bulletins/june-2020-bulletinproduct-security@qualcomm.com
Broken Link
https://www.qualcomm.com/company/product-security/bulletins/june-2020-security-bulletinnvd@nist.gov
Vendor Advisory
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/june-2020-bulletin
Source: product-security@qualcomm.com
Resource:
Broken Link
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/june-2020-security-bulletin
Source: nvd@nist.gov
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

553Records found
CVE-2018-13886
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.36% / 57.59%
||
7 Day CHG~0.00%
Published-24 May, 2019 | 16:44
Updated-05 Aug, 2024 | 09:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unchecked OTA field in GNSS XTRA3 lead to integer overflow and then buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, SDX20, SM7150, Snapdragon_High_Med_2016, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632mdm9635m_firmwaremdm9640_firmwaresd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdm439mdm9650sd_636sm7150_firmwaresd_615_firmwaresnapdragon_high_med_2016_firmwaremsm8909w_firmwaremsm8996ausd_820sd_650sd_450_firmwaresd_845_firmwaresm7150sd_410sd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_652sd_425_firmwaresd_625_firmwaresd_450mdm9635mmdm9615sd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sxr1130_firmwaresd_210_firmwaresd_600sd_652_firmwaresd_415_firmwaresxr1130msm8909wsd_616_firmwaresd_205_firmwaresd_415sd_212sd_650_firmwaresd_427_firmwaresd_712sd_412sdx20sd_616sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435mdm9655_firmwaresd_615sd_710_firmwaresdm630sd_625qm215sd_820_firmwaresd_210mdm9607sd_636_firmwaresd_439_firmwaremdm9150sd_429_firmwaresnapdragon_high_med_2016sd_212_firmwaresd_850_firmwaremdm9655sdm439_firmwaresd_412_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwareqm215_firmwaresd_430sd_427sd_670sd_435_firmwaremdm9615_firmwaresdx20_firmwaresd_710sd_410_firmwaresd_600_firmwaresd_205sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-11283
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.31% / 53.80%
||
7 Day CHG~0.00%
Published-22 Feb, 2021 | 06:26
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow can occur when playing an MKV clip due to lack of input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580fsm10055qfe2550qcs610pmi8996qdm5579qdm2307qfs2530qpa8802qln1030pm6125qat3519pm8150aqtc800hqdm5670qcs2290sa6155qca6335msm8917pm7150lqpa8821qln1020wtr3905qdm5671qat3518sd632wcn3998wcn3950sm4125sd720gqpa5460wcn3660bqfe4320qca4020qdm5652qpm8870qpm5679qbt2000msm8909wpm855pqca6420pm6150asdx20msdr735gwcn3999pm8150bqsm7250pm8996qcs6125qfe2101smb1360qca6430qcs405qat3522pmr735awcd9340sd765gsdr660qca6436wcn6851sa6155pqpa6560msm8937sdr865smb1358wcd9341pmi8952smr545qca6431qln5020wcd9371smb1350sd750gqdm3302wtr3950sa8150pqpm5657pm6350qdm5621qfe3340qtc800ssd660qdm5650wcn3988wtr3925sdr052smb1390pm6150lsd450qet4100wcn3610qpm6585qtc410swcn3991smb1355qln4650qpa8801sdm429wwcd9330wgr7640qat5568qet5100qca6564aupm6150qca6574pm7250bqfs2630qpa8842pmm8996auwcd9380qualcomm215qln4640qcs410smb1381sdr735pm7250wtr4905smb1395pm660lqpa8803ar8151smr526wtr5975wcn3980pmk8003qdm2301qsw8573qcs605wsa8815wcn6850qbt1000wcn3910qca6320smb1394wcn3680qfe4309sd835pm8009qpa8675sd730sdx55mpm670aqfe4373fcpm8008msm8953qsw8574pmi8998qfe2520pme605pm855lqcs603rsw8577qfe4302qpm5621qpm6582sd670apq8009wqfe4303pm670pm8150lqdm5677pm8005sa6145ppm215qdm2302pmm6155ausdxr1ar8031apq8096auwtr2965qpm5875sdx55qet5100mapq8053sa8155pcsra6640pm8350bhssd675sd439qet4101pmi8994qat3516pm670lwcn3660qpm5658qca9379pm855bqcm2290qpm5870pm8909wsa8830sdr051pm660qln5030pm4125qbt1500fsm10056qpa5581pmi632pm456mdm9650sd_636csra6620qpa5373qpm4621pmk8001qcs4290qet6100pmm855ausdr660gqpa8686sd690_5gsmb1396pm7150awcd9370pm8350qca6564sdr425qca6426qca9377qpm5641qat5516wtr2955qdm5620sd662smb1380qfe4308pm8350bhpm3003asa8155qat5533wcn3615qca6595ausm7350qtc800tqpm6670smb1354qdm2305qca6310qpm8820qpm4641pm8937qpm2630pm855sd429sdxr2_5gpm8250qca9367smb1398sdm630sd821qdm4643pmx55sd205sdr675qca6421sm6250qdm3301sa8195ppm8953qat5515qpm5677smb231qat3514wcd9326wcd9335wcd9385pm439qpm5620pmm8155auqpm4630qca6390wcd9375aqt1000apq8064auqpa8673qdm2310pmm8195auqln4642sda429wsd210sd820pmi8937pm8998pmk7350wcn3620apq8017qca6564asmr546qet6110qln5040qpm8895sdr845qpm5670wcn3990sd_675sd865_5gqca6595pmk8350qpm8830pm8350bqat5522wsa8835msm8996aupm8150cpmr735bsd888_5gsm6250prgr7640auqpa4360qpa4361qca6574amdm9206qca6174apm8350csmr525qpm4640wcn6750pmr525pm7350cqpm4650qtm525wtr6955sd855sd665qfe4305sd765pm640ppmx20pmd9607qat3555apq8009sd460qca6391smb1351qpa5461pm660aqpa4340qcm4290sdx50mpm640asdr8150qfs2608sdx20pm8916qtc801sqdm4650pmd9655qca6574ausd710qsw6310qcm6125qpm6621wsa8810qdm2308pmw3100pmx50qat3550wcn6856qdm5679wcn3680bsdr8250sd768gwcn6740qca6696qfe4301sm4350sdw2500pm8004pm640lpmk8002qpa2625sa6150psd845sm7250psdm830smb1357pm6250qpa5580Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-11193
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.40% / 60.06%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 10:00
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Buffer over read can happen while parsing mkv clip due to improper typecasting of data returned from atomsize' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM9206, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QM215, QSM8350, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SDA429W, SDA640, SDA660, SDA670, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM830, SDM845, SDW2500, SDX20, SDX20M, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm7250sm6250p_firmwareqcs610sm6125sdm640sdm450_firmwaresdm632sm7250_firmwaremdm9650qcs4290sa6155apq8009_firmwaremsm8917sdm670sm8350qcs605_firmwareqcs6125_firmwareapq8096sgsm6115sm7150psda845_firmwaresdw2500_firmwareapq8098sm4250sm4125mdm9206_firmwareqsm8350_firmwareqsm8350apq8037sa8155msm8905_firmwaresda660sdx55_firmwaresa6155_firmwaresxr1130msm8909wsm7250p_firmwareapq8009w_firmwaresxr2130papq8053_firmwaresda845sdx20msa6155p_firmwaresxr2130p_firmwaresda640sdm450sdm636_firmwareapq8098_firmwareqcs6125msm8998_firmwaresa8155_firmwaresdm630sm8250_firmwareqcs405msm8996sg_firmwaresa6145p_firmwareqm215sm4250_firmwaresm6250sdm830_firmwareapq8017_firmwaresdm710_firmwaresxr1120sa6155pqcs603_firmwaremsm8937msm8905sm8350p_firmwareqcs4290_firmwaresm8150_firmwaremsm8909sm7150p_firmwaresxr2130_firmwareapq8064ausm6250_firmwaremsm8953_firmwaresm6150_firmwaresda429wmsm8917_firmwaremsm8998sm7225_firmwaresdx20_firmwaresm8150sdm640_firmwareapq8017msm8996sxr1120_firmwaresm6125_firmwaresm8150pqcm6125_firmwaresm6115_firmwaresda429w_firmwareapq8096_firmwaresdm429wmsm8996au_firmwaresdm632_firmwarewcd9330sdm845apq8096sdx55m_firmwaresdm439sm6150psm6115p_firmwaresdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwareapq8096sg_firmwaresm7150sm6250pqcs410sda640_firmwaresxr2130sdx50m_firmwaremdm9206sm8350psdm670_firmwaresdm636sda670sm7225qcs605sm6115psm4125_firmwaresdm455_firmwaremsm8937_firmwaremdm9650_firmwaresdm429_firmwaresxr1130_firmwareapq8009wcd9330_firmwaremsm8909_firmwaresdx55msm6150p_firmwaresdm455sm6350sm7125sm4250p_firmwaremsm8920msm8953apq8064au_firmwareqcm4290msm8996sgsdx50msdx20sm8350_firmwareqcs603sdm660msm8920_firmwaresm6350_firmwaresa8155p_firmwaresdm710apq8009wsda670_firmwareqcm6125qcm4290_firmwaresdx20m_firmwareqcs610_firmwaremsm8996_firmwaresa6145psm4250papq8096ausdm439_firmwareqcs405_firmwaresdm630_firmwaresda660_firmwareqm215_firmwaresm7125_firmwaresdw2500sdx55msm8940apq8053apq8096au_firmwaresa8155psm8250sm8150p_firmwareapq8037_firmwaresm7250psdm830qcs410_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-11299
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.36% / 57.59%
||
7 Day CHG~0.00%
Published-17 Mar, 2021 | 06:01
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow can occur in video while playing the non-standard clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qca9377_firmwareqpm5679_firmwaresm6250p_firmwarepmd9607_firmwareqdm5579qfs2608_firmwareqfs2530qpm8870_firmwareqln1030pm6125qat5522_firmwarewcn3950_firmwarepm8150aqdm5670qca6595au_firmwareqpa5581_firmwaresa6155pm7150lqpa8821pm8998_firmwarewtr5975_firmwareqcs6125_firmwarepm456_firmwareqpa5580_firmwarewcn3998wcd9371_firmwarewcn3950sm4125sd720gmdm9206_firmwareqsw8573_firmwarewcn3660bsd450_firmwareqsm8350_firmwareqfe4320qsw8574_firmwareqsm8350sd460_firmwarepm8953_firmwareqpa4360_firmwarewcn3998_firmwareqfe2520_firmwareapq8009w_firmwarepm855papq8053_firmwareqca6420pm6150aqpm6670_firmwareqca9367_firmwarepm660_firmwarepm8150bsa8155_firmwareqfe2101qca6430qat3522pmr735awcd9340sdm830_firmwaresd765gsdr660qfs2630_firmwaresdr865qdm5620_firmwaresmb1358smr545qca6696_firmwareqln5020wcd9371sd870_firmwaresmb1350pmm855au_firmwarewtr3950sa8150ppm6350qdm5621qfe3340qtc800sqat3514_firmwaresd660sd865_5g_firmwarepm640p_firmwaresd660_firmwarewcn6750_firmwareqat5516_firmwarepm6150lsd450pm855l_firmwareqtc410swcn3991qpa8801sdm429wpm8150l_firmwareqat5533_firmwaresdx55m_firmwareqpa8673_firmwarepm6150smb1354_firmwaresd670_firmwareqca6574sd632_firmwareqfs2630qpa8842sdr052_firmwarepmm8996auwcd9380qualcomm215qln4640qcs410smb1380_firmwareqfe4309_firmwarepmk8350_firmwaresmb1381pm855p_firmwaresd690_5g_firmwarepm7250qca9379_firmwarewtr4905qpa8803sd439_firmwareqdm2301wcd9340_firmwarewsa8815wcn6850qfe2101_firmwareqdm5621_firmwareqdm2301_firmwaremsm8937_firmwaresd835wcn3980_firmwaresd730pm660l_firmwarepm6250_firmwarewcn6740_firmwarepm8008pm8350b_firmwareqtm525_firmwarepme605_firmwarepme605sd678_firmwareapq8064au_firmwareqpm5621_firmwareqcs603rsw8577qpa6560_firmwareqpa8802_firmwareqln4640_firmwareqfe4308_firmwareqpm5621qpm6582sd670pm8009_firmwareapq8009wqfe4303qfs2580_firmwareqcm4290_firmwarepm8150lpmi8998_firmwareqcs610_firmwaresa6145ppm660a_firmwarepm215ar8031wtr2965sdm630_firmwaresd820_firmwareqca6391_firmwarepmx20_firmwarepmi8937_firmwarewcd9370_firmwareqat3516_firmwaresdx55apq8053csra6640pm8350bhsqat3555_firmwarepmi8994qpa8803_firmwarewcn3660qca9379pm855bqpm5870pm8909wsa8830pm660qet6110_firmwareqdm5579_firmwarepm6125_firmwareqbt1500qpa5581mdm9650sd_636fsm10055_firmwareqbt1500_firmwareqpm5870_firmwarepmk8001qcs4290qet6100pmm855auqca6420_firmwaresmb1394_firmwareapq8009_firmwaresd690_5gsmb1396pm7150asd675_firmwarepm8350qca6564qpa4361_firmwarepm8350c_firmwareqpa5461_firmwareqca6426wcn3990_firmwareqca9377qpm5641qpa5373_firmwaresdw2500_firmwarewcd9385_firmwareqdm5650_firmwareqpa4340_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwarewtr2955rgr7640au_firmwarepm7250_firmwaresdr845_firmwareqdm5620smb1380pmk8002_firmwareqsw6310_firmwaresa8155qdm4650_firmwaresdx55_firmwarepmm6155au_firmwareqat5533wcn3615sm7250p_firmwarewcn3610_firmwareqsm7250_firmwareqpm6670pm7150l_firmwareqpm4641qat5515_firmwarepm855qpm8830_firmwaresd429pm8250qca9367sdm630qdm4643qfs2530_firmwarewcn3988_firmwarepmx55qpm4641_firmwaresd205sd429_firmwarepm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresa8195psdr735_firmwarepm8953qat5515qpm5677qat3514wcd9326wcd9335pm6350_firmwarepm8004_firmwaresdr8150_firmwareqcs4290_firmwarepm439qtc800h_firmwarepmk7350_firmwareqpm5620qpm4630qca6390wcd9375sd750g_firmwareaqt1000sm6250_firmwarepmm8195auqln4642msm8917_firmwareqpm5677_firmwaresdx20_firmwarewsa8815_firmwaresd888_5g_firmwarepmi8937pm8998pmk7350smr525_firmwareqpm8820_firmwarewtr3925_firmwareqfe4301_firmwareapq8017qln1020_firmwareqpm6621_firmwarepm670a_firmwareqcm6125_firmwarepmx55_firmwarewtr2955_firmwareqbt1000_firmwareqfe4373fc_firmwaresd865_5gqca6595smb1398_firmwareqpm8830pmm8996au_firmwareqat5522pm8150cpmr735bsd665_firmwareqpa4360pmk8003_firmwareqpa4361qpm4640_firmwaremdm9206qdm5679_firmwarepm8350csmr525qca6310_firmwareqfe4305_firmwarepm6150l_firmwarepmr525pm8150a_firmwareqca6574_firmwarewtr3950_firmwaresd665pm6150a_firmwarepm6150_firmwaresd765pmx20pmd9607qca6574a_firmwareqpm4630_firmwareqat3555apq8009qpa5461wtr2965_firmwarepm670_firmwareqfs2608sd480_firmwareqtc801sqpm5641_firmwaresd710pm8008_firmwaresdx20m_firmwareqpm6621pmr735a_firmwarepmw3100pmx50qca6564_firmwaresdr8250sd768gqln1030_firmwaresmb1350_firmwarewcn6740pmw3100_firmwarepm8004pm640lpmk8002sdw2500apq8096au_firmwaresd845sdm830smb1357qcs410_firmwareqpa5580fsm10055qfe2550sa6150p_firmwareqcs610pmi8996qpm5620_firmwareqdm2307qca6431_firmwareqpa8802qpm6585_firmwareqat3519qbt2000_firmwareqtc800hsa8150p_firmwareqcs2290sdr8250_firmwareqca6335msm8917csra6620_firmwareqcs605_firmwareqln1020sd_675_firmwaresmr546_firmwareqdm5671csra6640_firmwareqpm4650_firmwarewtr3905qat3518sd632sdr425_firmwaresmr526_firmwareqpa5460pm640a_firmwarewgr7640_firmwareqdm2305_firmwareqpm5670_firmwaresd710_firmwareqca4020qdm5652qca6574au_firmwareqpm8870wcd9375_firmwareqpm5679qbt2000sa6155_firmwaremsm8909wsdx20mpmx50_firmwareqpa8675_firmwaresdr735gqpa5460_firmwareqdm3301_firmwarepm8996qsm7250qcs6125sd662_firmwaresmb1360qcs405qualcomm215_firmwarersw8577_firmwareqdm2308_firmwarefsm10056_firmwarepm439_firmwareqca4020_firmwareqca6436sa6155pwcn6851qcs603_firmwareqpa6560msm8937sdr675_firmwarewcn3660_firmwarewcd9341pmi8952qdm4643_firmwarepm8937_firmwareqca6431sm7350_firmwareqet4100_firmwaresd750gqfe4320_firmwareqdm3302wcn3910_firmwareqpm5657qpm5875_firmwarewsa8830_firmwaresd855_firmwareqdm5650wcn3988wtr3925sdr052sa8195p_firmwaresmb1390qet4100wcn3610qpa8686_firmwareqpm6585sda429w_firmwarewcd9380_firmwaresmb1355qln4650qtc800t_firmwarewcd9330msm8996au_firmwaresdr735g_firmwarepm8350bhs_firmwarewgr7640qat5568qet5100qdm5671_firmwareqpa8801_firmwareqca6564auwcn6856_firmwarepm8005_firmwareqet4101_firmwarepm7250bqln4642_firmwarepmk8001_firmwaresmb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwarepm8996_firmwaresdx50m_firmwaresdr735smb1395pm660lar8151smr526wtr5975qca6430_firmwarepmk8003qtc801s_firmwarewcd9335_firmwareqat3522_firmwarewcn3980pm7350c_firmwareqca6335_firmwareqsw8573qcs605qbt1000wcn3910qca6320mdm9650_firmwaresmb1394qca6426_firmwarepm8350_firmwarewcn3660b_firmwarewcn3680qfe4309pm8009qpa8675sdr051_firmwarewcd9330_firmwaresdx55mpm670aqca6421_firmwarewtr3905_firmwareqfe4373fcmsm8953qat3518_firmwarepmi8998qfe2520qsw8574sd821_firmwarear8031_firmwarewcn3680_firmwarepm855lwcn6851_firmwareqdm5670_firmwarepm7150a_firmwarepm8150b_firmwareqfe4302sd_636_firmwaresmr545_firmwareqca6564a_firmwareqdm2310_firmwaresd480sd870pm670sd210_firmwareqdm5677pm8005pm855_firmwareqdm2302pmm6155ausdxr1pm855b_firmwareapq8096auqca6595_firmwareqcs405_firmwareqpm6582_firmwarepm640l_firmwarepmi8996_firmwareqln4650_firmwareqpm5875qet5100msa8155psd675sd439qet4101qat3516pm670lqpm5658qcm2290qpm5658_firmwarewcn3991_firmwareqdm5652_firmwarepmm8155au_firmwaresd678sdr051qln5030qcs2290_firmwarepm4125fsm10056pmi632qpa2625_firmwarepm456pm8350bh_firmwarecsra6620pmr735b_firmwareqet5100_firmwareqpa5373qpm4621smb1360_firmwareqet6100_firmwarepm670l_firmwaresdr660gsd765g_firmwareqpa8686smb1358_firmwareqca6390_firmwaresd730_firmwarewcd9370sdr425pmr525_firmwareqfe3340_firmwarear8151_firmwarepmi632_firmwareqat5516sd662qpa8821_firmwareqfe4308sdr660g_firmwarepm8350bhpm3003aqca6320_firmwarewcn3680b_firmwareqca6595auqca6436_firmwareqtc800tsm7350smb1354qca6564au_firmwareqdm2305sa6155p_firmwareqca6310qpm8820pm8937qpm2630qln5020_firmwaresdxr2_5gsmb1398sd821sa6145p_firmwaresdr675sm6250apq8017_firmwarewsa8810_firmwaresmb231sd765_firmwareqdm5677_firmwareqca6174a_firmwarewcd9385qdm2302_firmwareqat3550_firmwarepmm8155auqln5040_firmwarepm4125_firmwareapq8064auqpa8673qdm2310qfe2550_firmwaremsm8953_firmwareqln5030_firmwaresda429wsd210wcn3620_firmwareqfe4302_firmwaresd820smb1396_firmwarewcn6850_firmwarewcn3620wsa8835_firmwareqca6564asmr546qet6110pmi8952_firmwareqcm2290_firmwareqln5040qpm8895sdr845qpm5670wcn3990sd_675pmk8350qdm3302_firmwarepmi8994_firmwarepm8350bqdm2307_firmwaremsm8909w_firmwarewsa8835msm8996ausdm429w_firmwareqpm5657_firmwaresd888_5gsm6250prgr7640ausdr660_firmwarepm8909_firmwareqca6574apm8916_firmwaresmb1390_firmwareqca6174aqfe4303_firmwareqpm4640wcn6750pm7350cqet5100m_firmwareqpm4650qtm525wtr6955sd855sm4125_firmwareqfe4305wtr6955_firmwarepm640psd768g_firmwaresdr865_firmwarepm8250_firmwaresd460qca6391sdxr1_firmwaresmb1351smb1357_firmwareaqt1000_firmwarepm215_firmwareqpm8895_firmwarepm660aqpa4340qcm4290sdx50mpm640asdr8150sdx20pm8916smb1395_firmwareqdm4650pmd9655qca6574ausa8155p_firmwaresd205_firmwareqsw6310wcd9341_firmwareqcm6125wsa8810qtc410s_firmwareqpm2630_firmwaresmb231_firmwareqat5568_firmwareqdm2308qat3550wtr4905_firmwarewcn6856qdm5679wcn3680bsd835_firmwarepm3003a_firmwareqca6696qfe4301qtc800s_firmwaresmb1381_firmwaresd845_firmwareqpa2625sa6150ppmm8195au_firmwaresm7250psd720g_firmwareqpm4621_firmwarepm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-11182
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.43% / 62.11%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 05:00
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible heap overflow while parsing NAL header due to lack of check of length of data received from user in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qpm5679_firmwaresm6250p_firmwareqfs2530qpm8870_firmwareqln1030qpa8688pm6125qat5522_firmwarewcn3950_firmwarepm8150asc8180x\+sdx55qdm5670qca6595au_firmwareqpa5581_firmwaresa6155pm7150lqpa8821pm8998_firmwarewtr5975_firmwareqcs6125_firmwarepm456_firmwareqpa5580_firmwarewcn3998wcd9371_firmwarewcn3950sm4125sd720gqsw8573_firmwareqsw8574_firmwaresd460_firmwaresmb2351_firmwareqpa4360_firmwarewcn3998_firmwarepm855pqca6420pm6150apm660_firmwarepm8150bsa8155_firmwareqca6430qat3522pmr735awcd9340sdm830_firmwaresd765gsdr660sdr865qdm5620_firmwareqca6696_firmwareqln5020wcd9371pmm855au_firmwaresm4350_firmwaresd_8cxsa8150ppm6350qdm5621qtc800ssd865_5g_firmwaresd712pm640p_firmwarewcn6750_firmwareqat5516_firmwarepm6150lpm855l_firmwareqtc410swcn3991qpa8801pm8150l_firmwareqat5533_firmwaresdx55m_firmwareqpa8673_firmwarepm6150smb1354_firmwaresd670_firmwareqca6574qpa8842sdr052_firmwarewcd9380qcs410smb1380_firmwaresmb1381pm855p_firmwaresd690_5g_firmwarepm7250qpa8803qdm2301wcd9340_firmwarewsa8815wcn6850qdm5621_firmwareqdm2301_firmwaresd_8c_firmwarewcn3980_firmwaresd730pm660l_firmwarepm6250_firmwarepm8008qtm525_firmwarepme605_firmwarepme605qpm5621_firmwareqln1021aq_firmwareqcs603qpa6560_firmwareqpa8802_firmwareqln4640_firmwareqpm5621qpm6582sd670pm8009_firmwareqfs2580_firmwareqcm4290_firmwarepm8150lpmi8998_firmwareqcs610_firmwaresa6145pwtr2965qca6391_firmwarepm8150wcd9370_firmwareqat3516_firmwaresdx55qat3555_firmwareqpa8803_firmwarepm855bsmb2351qln1031qsm8250_firmwarewsa8830pm660qet6110_firmwarepm6125_firmwareqbt1500qpa5581qbt1500_firmwareqcs4290qet6100pmm855auqca6420_firmwaresd690_5gsmb1396pm7150asd675_firmwareqca6564qpa4361_firmwareqca6426wcn3990_firmwarewcd9385_firmwareqdm5650_firmwaresdxr2_5g_firmwarewcd9326_firmwarewhs9410pm7250_firmwaresdr845_firmwareqdm5620qln1021aqsmb1380pmk8002_firmwareqsw6310_firmwaresa8155qln1031_firmwaresdx55_firmwarepmm6155au_firmwareqat5533sm7250p_firmwareqsm7250_firmwarepm7150l_firmwareqat5515_firmwarepm855qpm8830_firmwarepm8250qfs2530_firmwarewcn3988_firmwarepmx55pm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresa8195psdr735_firmwareqpm5677qat5515wcd9326wcd9335pm6350_firmwarepm8004_firmwaresdr8150_firmwareqcs4290_firmwareqtc800h_firmwareqpm5620qca6390wcd9375sd750g_firmwareaqt1000sc8180x\+sdx55_firmwarepmm8195ausm6250_firmwareqln4642qpm5677_firmwarewsa8815_firmwarewtr3925_firmwaresmr525_firmwarepm8998qpm8820_firmwareqln1020_firmwarepm670a_firmwareqcm6125_firmwarepmx55_firmwaresd865_5gqca6595pm8150_firmwareqpm8830qat5522pm8150cpmr735bsd665_firmwareqpa4360pmk8003_firmwareqpa4361qdm5679_firmwaresmr525qca6310_firmwarepm6150l_firmwarepmr525pm8150a_firmwareqca6574_firmwareqln1036aq_firmwaresd665pm6150a_firmwarepm6150_firmwareqca6175asd765qca6574a_firmwareqat3555sd850_firmwarewtr2965_firmwarepm670_firmwareqln1036aqqtc801ssd710pm8008_firmwarepmr735a_firmwarepmx50qca6564_firmwaresdr8250sd768gqln1030_firmwarepm8004pm640lpmk8002sd845sdm830qcs410_firmwareqca6175a_firmwareqpa5580sa6150p_firmwareqcs610qpm5620_firmwareqdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqat3519qbt2000_firmwarepm855a_firmwareqtc800hsa8150p_firmwareqcs2290sdr8250_firmwareqca6335qln1020qcs605_firmwaresd_675_firmwareqdm5671pmc1000hqpm4650_firmwareqat3518sdr425_firmwaresmr526_firmwareqpa5460pm640a_firmwarewgr7640_firmwareqdm2305_firmwareqpm5670_firmwaresd710_firmwarepm845qdm5652qca6574au_firmwareqpm8870wcd9375_firmwareqpm5679qbt2000sa6155_firmwarewcd9360pmx50_firmwareqpa8675_firmwarewhs9410_firmwaresdr735gqpa5460_firmwareqdm3301_firmwareqsm7250qcs6125sd662_firmwareqdm2308_firmwareqca6436wcn6851sa6155pqcs603_firmwareqpa6560sdr675_firmwarepmc7180wcd9341qca6431qet4100_firmwaresd750gwcn3910_firmwareqpm5657wsa8830_firmwaresd855_firmwareqdm5650wcn3988wtr3925sdr052sa8195p_firmwaresmb1390qet4100qpa8686_firmwareqpm6585wcd9380_firmwaresmb1355qln4650sdr735g_firmwarewgr7640qet5100qdm5671_firmwareqpa8801_firmwareqca6564aupm8005_firmwareqet4101_firmwarepm7250bqln4642_firmwaresmb1355_firmwarepm7250b_firmwaresmb1351_firmwareqet4200aq_firmwaresdx50m_firmwaresdr735smb1395pm660lsmr526wtr5975qca6430_firmwarepmk8003qtc801s_firmwarewcd9335_firmwareqat3522_firmwarepm845_firmwarewcn3980qca6335_firmwareqsw8573qcs605sd7cwcn3910qca6426_firmwarepm8009qpa8675sdr051_firmwaresdx55mpm670aqca6421_firmwareqat3518_firmwareqsw8574pmi8998pm855lwcn6851_firmwareqdm5670_firmwarepm7150a_firmwarepm8150b_firmwarepmc1000h_firmwareqca6564a_firmwareqdm2310_firmwarepm670qdm5677pm8005qsm8250pm855_firmwareqdm2302pmm6155ausdxr1pm855b_firmwareqca6595_firmwareqpm6582_firmwarepm640l_firmwareqln4650_firmwaresa8155psd675qet4101qat3516pm670lqpm5658qcm2290qpm5658_firmwarewcn3991_firmwareqdm5652_firmwarepmm8155au_firmwaresdr051qln5030qcs2290_firmwarepm4125pmi632qpa2625_firmwarepm456sd7c_firmwarepmr735b_firmwareqet5100_firmwareqet6100_firmwarepm670l_firmwaresdr660gsd765g_firmwareqpa8686qca6390_firmwaresd730_firmwarewcd9370sdr425pmr525_firmwarepmi632_firmwaresd_8cx_firmwareqat5516sd662qpa8821_firmwaresdr660g_firmwarepm3003aqca6595auqca6436_firmwaresmb1354qca6564au_firmwareqdm2305sa6155p_firmwareqca6310qpm8820qpm2630qln5020_firmwaresdxr2_5gsa6145p_firmwaresdr675sm6250sd712_firmwarewsa8810_firmwaresd765_firmwareqdm5677_firmwareqet4200aqqca6174a_firmwarewcd9385qdm2302_firmwareqat3550_firmwarepmm8155auqln5040_firmwarepm4125_firmwareqpa8673qdm2310qln5030_firmwaresmb1396_firmwarewcn6850_firmwarewsa8835_firmwareqca6564aqet6110qln5040qcm2290_firmwareqpm8895sdr845qpm5670wcn3990sd_675pmc7180_firmwareqdm2307_firmwarewsa8835qpm5657_firmwaresm6250ppm855asdr660_firmwareqca6574asmb1390_firmwareqca6174awcn6750qpm4650qtm525wtr6955sd855sm4125_firmwarewtr6955_firmwarepm640psd768g_firmwaresdr865_firmwarepm8250_firmwarepm6250sd460qca6391sdxr1_firmwaresmb1351aqt1000_firmwareqpm8895_firmwareqcm4290sdx50mpm640asdr8150smb1395_firmwareqca6574ausa8155p_firmwareqsw6310wcd9341_firmwareqcm6125wsa8810qtc410s_firmwareqpm2630_firmwareqdm2308qat3550qdm5679sd_8cpm3003a_firmwareqca6696qtc800s_firmwaresm4350sd845_firmwaresmb1381_firmwareqpa2625sa6150pqpa8688_firmwarepmm8195au_firmwaresm7250psd720g_firmwaresd850qln4640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-11167
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 55.66%
||
7 Day CHG~0.00%
Published-21 Jan, 2021 | 09:41
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption while calculating L2CAP packet length in reassembly logic when remote sends more data than expected in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100qfs2580qfe2550pmi8996qdm2307qfs2530qpa8802qln1030pm6125qat3519pm8150aqtc800hqdm5670sa6155qca6335msm8917pm7150lqpa8821qln1020wtr3905qdm5671qat3518sd632wcn3998wcn3950qpa5460wcn3660bqfe4320qdm5652sd6905gqpm8870qpm5679qbt2000msm8909wpm855pqca6420wcd9360pm6150apm8150bqsm7250pm8996qfe2101qca6430qat3522qfe4455fcpmr735awcd9340sd765gqfe3440fcqca6436sdr660sa6155pqpa6560msm8937sdr865smb1358wcd9341pmi8952qca6431qln5020sd750gwtr3950pm6350qdm5621qtc800sqdm5650sd712wcn3988wtr3925qfe2080fcsdr052smb1390pm6150lsd450qet4100wcn3610qpm6585qtc410swcn3991smb1355qln4650qpa8801sdm429wwgr7640qet5100qca6564ausdxr25gpm6150pm7250bqca6574qpa8842pmm8996auwcd9380qualcomm215smb1381sdr735pm7250smb1395pm660lwtr4905qpa8803smr526wtr5975wcn3980pmk8003qdm2301qsw8573qcs605wsa8815qbt1000qca6320wcn3680qfe4309sd835pm8009sdx55mpm670aqfe4373fcpm8008msm8953qsw8574pmi8998pm855lqcs603sd8655gqfe4302qpm5621qpm6582apq8009wqfe4303pm670pm8150lqdm5677pm8005pm215qdm2302sdxr1apq8096auwtr2965sdx55apq8053sa8155psd675sd439qet4101pmi8994qat3516pm670lqpm5658wcn3660qca9379pm855bqln1031pm8909qfe4465fcsdr051pm660wsa8830qln5030qbt1500pmi632qpa5581pmk8001qet6100sdr660gpmm855auqpa8686smb1396pm7150awcd9370qca6426whs9410qat5516wtr2955qdm5620qln1021aqsmb1380qfe4308apq8037pm3003asa8155qat5533qca6595auwcn3615qtc800tpm8940qdm2305qca6310qpm8820pm8937qfe2081fcpm855sd429pm8250sd821pmx55sd205qca6421qdm3301pm8953qat5515qpm5677wcd9326wcd9335qet4200aqwcd9385pm439qca6390wcd9375apq8064auaqt1000qpa8673qdm2310qln4642sd210sd820pmi8937pm8998wcn3620apq8017qca6564aqet6110qln5040qpm8895sdr845qpm5670wcn3990qca6595qpm8830qat5522wsa8835msm8996aupm8150cpmr735brgr7640auqln1035bdqpa4360pm855aqca6574aqpa4361qca6174asmr525pmr525qpm4650qtm525sd855sd8cxsd665qfe4305qca6175asd765pm640pqat3555smb1351qca6391qfe2082fcmsm8920sdx50mpm640asdr8150qln1036aqqtc801sqca6574ausd710qsw6310wsa8810qdm2308pmw3100pmx50qat3550qdm5679wcn3680bsdr8250sd768gqca6696qfe4301sdw2500pm8004pm640lmsm8940pmk8002qpa2625sd845sm7250psdm830qpa5580Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-11279
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.32% / 54.94%
||
7 Day CHG~0.00%
Published-07 May, 2021 | 09:10
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption while processing crafted SDES packets due to improper length check in sdes packets recieved in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100qfe2080fc_firmwareqca9377_firmwareqfs2580qpm5679_firmwaremdm9640_firmwaresm6250p_firmwarepmd9607_firmwareqfe4455fc_firmwareqca8337qfs2530qpm8870_firmwareqln1030pm6125qat5522_firmwaremdm9645wcn3950_firmwarepm8150asc8180x\+sdx55qdm5670qca6595au_firmwarepm7150lqcc1110_firmwaremdm8215pm8998_firmwareqpa8821wtr5975_firmwareqcs6125_firmwarepm456_firmwareqpa5580_firmwaremsm8108sa415mwcn3998wcd9371_firmwaremsm8108_firmwarewcn3950wtr1605sd720gmdm9206_firmwareqsw8573_firmwarewcn3660bsd450_firmwareqfe4320qsw8574_firmwaremdm9230_firmwaresmb2351_firmwaremdm8215mpm8953_firmwareqpa4360_firmwarewcn3998_firmwareqfe2520_firmwareapq8009w_firmwarepm855papq8053_firmwareqca6420pm6150awtr4605_firmwareqca9367_firmwaremdm8207pm660_firmwarepm8150bsa8155_firmwareqca4004_firmwareqfe2101mdm9615mqca6430qat3522qfe4455fcpmr735awcd9306_firmwarewtr1625wcd9340mdm9625_firmwaresd765gsdr660qfe1045_firmwareqfe3345msm8209_firmwaresdr865mdm9250_firmwareqdm5620_firmwaresmb1358smr545qca6696_firmwareqln5020wcd9371sd870_firmwaresmb1350mdm8215_firmwarepmm855au_firmwarewtr3950qfe3340qdm5621qtc800sqca4004qat3514_firmwaremdm9330_firmwaresd660sd712pm640p_firmwaresd660_firmwareqat5516_firmwarepm6150lsd450sd8885gpm855l_firmwareqtc410swcn3991qfe3335_firmwareqpa8801pm8150l_firmwareqat5533_firmwaresdx55m_firmwaresdxr25gqpa8673_firmwarepm6150msm8976_firmwareqca6574sd632_firmwaresd670_firmwareqpa8842sdr052_firmwarepmm8996auwcd9380sd850qualcomm215qln4640qcs410smb1380_firmwareqfe4309_firmwaresmb1381pm855p_firmwareqfe3100_firmwarepm7250qca9379_firmwarewtr4905qpa8803sdx24_firmwaresd439_firmwaresdxr25g_firmwarepmd9645qdm2301wcd9340_firmwarewsa8815wcn6850qfe2101_firmwareqca6584_firmwareqdm2301_firmwaremsm8937_firmwareqdm5621_firmwaremdm9215_firmwaresd835wcn3980_firmwaresd730qfe3320_firmwarepm660l_firmwarepm6250_firmwarear6003_firmwarepm8008qtm525_firmwarepme605_firmwarewtr1605l_firmwarepme605sd678_firmwareqpm5621_firmwareqca6234qln1021aq_firmwareqcs603rsw8577qpa6560_firmwareqpa8802_firmwareqln4640_firmwareqfe4308_firmwareqpm5621qpm6582sd670pm8009_firmwareapq8009wqfe4303qfs2580_firmwareqcm4290_firmwarewcn6855pm8150lpmi8998_firmwareqcs610_firmwareapq8084_firmwaresdr105pm660a_firmwarepm215mdm8207_firmwaresdm630_firmwarewtr2965mdm9205_firmwareqca6391_firmwaresd820_firmwarepmx20_firmwarepm8150pmi8937_firmwarewcd9370_firmwareqat3516_firmwaresdx55apq8053qat3555_firmwarepmi8994qpa8803_firmwarewcn3660qca9379pm855bqca6234_firmwareqln1031smb2351pm8909mdm9150_firmwareqfe1040pm660qet6110_firmwarepm6125_firmwareqbt1500qfe1040_firmwarecsrb31024mdm9628_firmwareqfe2340_firmwaremdm9650pmx24_firmwareqbt1500_firmwarepmk8001qcs4290pmm855aumdm9250qca6420_firmwarepmd9635_firmwareapq8009_firmwarepm7150amdm9310_firmwaresd675_firmwarepm8350qpa4361_firmwareqca6426wcn3990_firmwareqca9377qpa5373_firmwaresdw2500_firmwarewcd9385_firmwareqdm5650_firmwareqpa4340_firmwarewcd9326_firmwaremdm9615m_firmwarewcn3615_firmwarewhs9410rgr7640au_firmwarewtr2955pm7250_firmwaresdr845_firmwareqdm5620qln1021aqsmb1380pmk8002_firmwareqsw6310_firmwaresa8155qca6584qln1031_firmwaresdx55_firmwareqat5533wcn3615sm7250p_firmwarewcn3610_firmwarepm8940mdm9207qsm7250_firmwarepm7150l_firmwarewcd9306qca6584aumsm8208qat5515_firmwarepm855qpm8830_firmwaresd429pm8250qca9367qfe2082fc_firmwaresdm630mdm9607_firmwaremdm9655_firmwaremsm8976sgqfs2530_firmwarepmx55sa415m_firmwarewcn3988_firmwaresd205sd429_firmwarepm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresdr735_firmwarepm8953qat5515qca6694qpm5677qat3514wcd9326wcd9335pm8004_firmwaresdr8150_firmwareqcs4290_firmwarepm439qtc800h_firmwareqpm5620mdm9625qca6390wcd9375aqt1000msm8976sc8180x\+sdx55_firmwaresm6250_firmwareqln4642msm8917_firmwareqpm5677_firmwaresdx20_firmwarewsa8815_firmwarewtr3925_firmwarepmi8937pm8998sdw3100smr525_firmwareqpm8820_firmwareqfe4301_firmwareapq8017ar6003qln1020_firmwaremdm9630_firmwareqcm6125_firmwarepmx55_firmwarewtr2955_firmwareqbt1000_firmwareqfe4373fc_firmwarepm8019qca6595pm8150_firmwareqpm8830pmm8996au_firmwareqat5522pm8150csd665_firmwareqpa4360qpa4361mdm9206wcn6855_firmwareqdm5679_firmwaresmr525wfr1620_firmwareqca6310_firmwareqfe4305_firmwarepm6150l_firmwarepmr525mdm9615pm8150a_firmwareqca6574_firmwarewtr3950_firmwareqln1036aq_firmwaresd665pm6150a_firmwarepm6150_firmwaresd765pmx20pmd9607qca6574a_firmwareqat3555sd850_firmwareapq8009mdm9310qfe2082fcsd8c_firmwarewtr2965_firmwarepm670_firmwarecsrb31024_firmwareqln1036aqqtc801spmi8940_firmwareqfe3320mdm8215m_firmwaremdm9607sd710mdm9645_firmwarepm8008_firmwareqln1035bd_firmwarepmr735a_firmwarepmw3100pmx50pm8018qfe3345_firmwaresdr8250sd768gqln1030_firmwaresmb1350_firmwarepmw3100_firmwarepm8004pm640lmsm8940pmk8002apq8096au_firmwaresdw2500sd845mdm9615_firmwaresd455_firmwaresmb1357pmd9655au_firmwareqcs410_firmwaremdm9330qpa5580pm8018_firmwareqfe2550qcs610pmi8996qpm5620_firmwareqfe1045qdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqat3519qbt2000_firmwarepm855a_firmwareqtc800hsdr8250_firmwareqca6335msm8917qln1020qcs605_firmwaresmr546_firmwarewtr3905qdm5671pmc1000hqpm4650_firmwaremdm8615m_firmwareqat3518sd8csd632smr526_firmwaremdm9628pm640a_firmwareqpa5460wgr7640_firmwareqdm2305_firmwareqpm5670_firmwaresd710_firmwareqca4020qdm5652qca6574au_firmwaremdm9630qpm8870wcd9375_firmwareqpm5679qbt2000msm8909wwcd9360pmx50_firmwareqpa8675_firmwarewhs9410_firmwareqpa5460_firmwarepm8940_firmwareqdm3301_firmwarepm8996qsm7250qcs6125qcc1110smb1360qualcomm215_firmwareqfe3440fcqdm2308_firmwarersw8577_firmwarepm439_firmwareqca4020_firmwareqca6436wcn6851qcs603_firmwareqpa6560msm8937sdr675_firmwarewcn3660_firmwarewcd9341pmi8952mdm9655pm8937_firmwareqca6431qet4100_firmwareqfe4320_firmwarewcn3910_firmwareqpm5657wtr1605_firmwaremdm9207_firmwaresd855_firmwareqdm5650wcn3988wtr3925qfe2080fcsdr052smb1390sdw3100_firmwaremsm8208_firmwareqet4100wcn3610mdm9640msm8608qpa8686_firmwareqpm6585qca8337_firmwarewcd9380_firmwaresmb1355qln4650qtc800t_firmwarewcd9330msm8996au_firmwarewgr7640csr6030qet5100qdm5671_firmwareqpa8801_firmwareqca6564auqtm527_firmwaresd636wcn6856_firmwarepm8005_firmwaremsm8940_firmwareqet4101_firmwarepm7250bqln4642_firmwarepmk8001_firmwaresmb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwaremdm9230pm8996_firmwareqet4200aq_firmwaresdx50m_firmwaresdr735smb358spm660lsmb358s_firmwarear8151smr526wtr5975qca6174qca6430_firmwareqtc801s_firmwarewcd9335_firmwareqat3522_firmwarewcn3980qca6335_firmwareqsw8573qcs605qbt1000wcn3910qca6320mdm9650_firmwareqca6426_firmwarepm8350_firmwarewcn3660b_firmwarewcn3680qfe4309pm8009qpa8675sdr051_firmwarewcd9330_firmwaresdx55mqca6421_firmwarewtr3905_firmwareqfe4373fcmsm8953qat3518_firmwarepmi8998qfe2520qsw8574sd821_firmwarewcn3680_firmwarepm855lwcn6851_firmwareqdm5670_firmwarepmd9635sd8655gpm7150a_firmwarepm8150b_firmwareqfe4302smr545_firmwarepmc1000h_firmwareqca6564a_firmwareqdm2310_firmwareqca6694au_firmwaremsm8976sg_firmwaresdr105_firmwarepmd9645_firmwaresd870sd8885g_firmwarepm670sd210_firmwarewtr1605lqdm5677pm8005pm855_firmwareqdm2302sdxr1pm855b_firmwareapq8096auqca6595_firmwareqpm6582_firmwarepm640l_firmwarepmi8996_firmwarewfr1620qln4650_firmwareqet5100msa8155psd675wtr4605sd439qet4101pm8952qat3516pm670lqpm5658qpm5658_firmwarewcn3991_firmwareqdm5652_firmwareqfe4465fcsd678sdr051qln5030pmi632qpa2625_firmwarepm456qfe2081fc_firmwaresmb1360_firmwareqet5100_firmwareqfe1100_firmwareqpa5373pm670l_firmwaresdr660gqfe2340sd455sd765g_firmwareqpa8686smb1358_firmwareqca6390_firmwareqca6174_firmwaresd730_firmwarewcd9370pmr525_firmwareqca6584au_firmwareqfe3340_firmwarear8151_firmwarepmi632_firmwareqat5516smb358_firmwareqpa8821_firmwareqfe4308sdr660g_firmwareapq8037pm3003aqca6320_firmwarewcn3680b_firmwareqca6595auqca6436_firmwareqtc800tqca6564au_firmwareqdm2305qca6310qpm8820pm8937qpm2630qfe2081fcqln5020_firmwaresa515m_firmwareapq8084sd821sdr675sm6250sd712_firmwareapq8017_firmwarewsa8810_firmwaresmb231qfe1100sd765_firmwareqdm5677_firmwareqet4200aqqca6174a_firmwarewcd9385mdm8615mqdm2302_firmwareqat3550_firmwareqln5040_firmwarepm8019_firmwareqpa8673qca6694_firmwareqdm2310qfe2550_firmwaremsm8953_firmwareqln5030_firmwareqca6694aupm8952_firmwaresd210wcn3620_firmwareqfe4302_firmwaresd820wcn6850_firmwarewcn3620wtr1625_firmwaresmb358csr6030_firmwareqca6564apmx24smr546qet6110pmi8952_firmwareqln5040qpm8895sdr845mdm9635m_firmwareqpm5670wcn3990qtm527qfe3440fc_firmwaresdx24pmi8994_firmwareqdm2307_firmwaremsm8909w_firmwaremsm8996auqfe1035qpm5657_firmwarepmi8940sm6250prgr7640auqln1035bdpm855asdr660_firmwarepm8909_firmwareqca6574apm8916_firmwaresmb1390_firmwareqca6174aqfe4303_firmwaremdm9635mpm8956_firmwareqet5100m_firmwareqpm4650mdm9205qtm525sa515mwtr6955qfe3335sd855sd8cxqfe4305wtr6955_firmwarepm640psd768g_firmwaresdr865_firmwaremsm8209qfe4465fc_firmwarepm8250_firmwaresmb1351qca6391sd8cx_firmwaresdxr1_firmwaresmb1357_firmwareaqt1000_firmwarepm215_firmwaremsm8920qpm8895_firmwarepm660aqpa4340qfe1035_firmwareqcm4290sdx50mpm640asdr8150sdx20pm8916pmd9655aumsm8920_firmwaremdm9215pmd9655qca6574ausa8155p_firmwaresd205_firmwareqsw6310sd8655g_firmwarewcd9341_firmwareqcm6125wsa8810qtc410s_firmwareqpm2630_firmwaresmb231_firmwareqdm2308wtr4905_firmwareqat3550mdm9150wcn6856qdm5679wcn3680bsd835_firmwarepm3003a_firmwareqca6696qfe4301qtc800s_firmwaresmb1381_firmwaresd845_firmwaremsm8608_firmwareqpa2625apq8037_firmwaresm7250psd720g_firmwarepm8956sd636_firmwarepm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-11138
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 55.66%
||
7 Day CHG~0.00%
Published-21 Jan, 2021 | 09:41
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uninitialized pointers accessed during music play back with incorrect bit stream due to an uninitialized heap memory result in instability in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100qfs2580qfe2550msm8960qcs610pmi8996qdm5579qfe1045qdm2307qfs2530qpa8802qln1030pm6125qat3519mdm9645pm8917pm8150asc8180x\+sdx55qtc800hqdm5670qcs2290sa6155qca6335msm8917pm7150lqpa8821mdm8215qln1020apq8076wtr3905qdm5671pmc1000hqfe2330msm8630qat3518sd632sd8cmsm8108sa415mwcn3998wcn3950sm4125sd720gwtr1605wtr2605mdm9628qpa5460wcn3660bwtr2655qfe4320qcc112qca4020mdm8215mqdm5652mdm9630qpm8870qpm5679qbt2000msm8909wpm855pqca6420wcd9360pm6150awtr1625lmsm8627sdr735gwcn3999pm8150bqsm7250pm8996qcs6125qfe2101mdm9615mqca6430qcc1110qat3522qfe4455fcpmr735awtr1625qcs405smb1360wcd9340wfr2600sd765gqfe3440fcwcd9320sdr660qca6436wcn6851sa6155pqpa6560qfe3345apq8052sdr865smb1358wcd9341pmi8952smr545mdm9655qca6431qln5020wcd9371smb1350sd750gqdm3302wtr3950sa8150pqpm5657pm6350qdm5621qfe3340qtc800smsm8226sd660qdm5650sd712wcn3988wtr3925qfe2080fcsdr052smb1390pm6150lsd450qet4100wcn3610msm8608mdm9640qpm6585qtc410swcn3991smb1355qln4650qpa8801sdm429wwcd9330wgr7640qat5568qet5100sd636qca6564aumsm8230pm6150qca6574pm7250bqfs2630qpa8842pmm8996auwcd9380qualcomm215mdm9230qln4640qcs410smb1381sdr735pm7250wtr4905smb1395pm660lqpa8803ar8151smr526wtr5975qca6174pmk8003wcn3980pmd9645qdm2301qsw8573qcs605wsa8815wcn6850wcn3910qca6320smb1394wcn3680qca9984pm8921sd835qfe4309qca1990pm8009qpa8675sd730sdx55mpm670aqfe4373fcpm8008msm8953qsw8574pmi8998mdm9225qfe2520apq8064pme605mdm9225mpm855lqcs603rsw8577pmd9635qfe4302qpm5621qpm6582sd670apq8009wqfe4303pm670pm8150lwtr1605lqdm5677pm8005qsm8250sa6145ppm215qdm2302pmm6155ausdxr1ar8031apq8096auwtr2965wfr1620pm8150qpm5875sdx55qet5100mapq8053sa8155pcsra6640pm8350bhssd675wtr4605sd439qet4101pm8952pmi8994qat3516pm670lwcd9310pm8226wcn3660qpm5658qca9379pm855bsmb2351qln1031qcm2290qpm5870pm8909qfe1040wsa8830qfe4465fcpm660sdr051msm8960sgqln5030msm8930pm4125qbt1500qpa5581pmi632pm456csrb31024mdm9650csra6620qpa5373qpm4621pmk8001qcs4290qet6100pmm855ausdr660gqfe2340sd455qpa8686pm8110sd690_5gsmb1396wcd9370pm8350qca6564sdr425qca6426qpm5641whs9410qat5516wtr2955qdm5620qln1021aqsd662smb1380qfe4308pm8350bhmdm8635mapq8037pm3003asa8155qat5533wcn3615qca6595aumsm8227wtr2100sm7350qtc800tpm8940qpm6670smb1354wcd9306qca6584auqdm2305qca6310msm8208qpm8820qpm4641pm8937qpm2630qfe2081fcpm855sd429sdxr2_5gpm8250msm8962mpq8064smb1398apq8084sdm630sd821apq8062qdm4643msm8976sgpmx55sd205sdr675sm6250qdm3301sa8195ppm8953qat5515qca6694qpm5677smb231qfe1100qat3514wcd9326wcd9335wcn3660aqet4200aqwcd9385mdm8615mpm439qpm5620pmm8155aumdm9625qpm4630qca6390wcd9375ar8035aqt1000msm8956msm8976apq8064aupmm8195auqpa8673qdm2310qln4642qca6694auapq8056msm8952sda429wsd210sd820mdm9625mpmi8937pm8998pmk7350sdw3100wcn3620apq8017ar6003mdm9235mqca6564asmr546pmx24qet6110qfe1055qln5040qpm8895sdr845qpm5670wcn3990apq8030sd865_5gpm8019qca6595pmk8350qpm8830pm8350bqat5522wsa8835msm8996aupm8150cpmr735bpmi8940sd888_5gsm6250prgr7640auqpa4360qln1035bdpm855aqpa4361qca6574aqca6174apm8350csmr525qpm4640wcn6750mdm9635mpmr525mdm9615pm7350cqpm4650qtm525wtr6955qfe3335pm8821sd855sd665sd8cxqfe4305qca6175asd765pm640ppmd9607msm8209qat3555apq8009sd460qca6391smb1351qpa5461mdm9310qfe2082fcmsm8920msm8610pm660aqpa4340qcm4290sdx50mpm640asdr8150qfs2608pm8916qln1036aqqtc801sqdm4650mdm9215pmd9655qca6574auqfe3320sd710mdm9607qsw6310qcm6125qpm6621wsa8810qdm2308pmw3100pmx50pm8018qat3550wcn6856qdm5679wcn3680bsdr8250sd768gwcn6740qca6696qfe4301pm8004pm640lmsm8940pmk8002qpa2625sa6150ppm7150a_sd845sm7250psdm830smb1357mdm9330sd850pm6250qpa5580Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-824
Access of Uninitialized Pointer
CVE-2020-11212
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.27% / 50.42%
||
7 Day CHG~0.00%
Published-21 Jan, 2021 | 09:41
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bounds reads while parsing NAN beacons attributes and OUIs due to improper length of field check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100qfs2580qca1023qca8337ar9380qfs2530qln1030qpa8688pm6125qcn5124mdm9645pm8150aqdm5670sa6155pm7150lqpa8821mdm8215apq8076qfe2320msm8108sa415mwcn3998wcn3950sm4125sd720gwtr1605wcn3660bqfe4320qcc112sd6905gpm855pqca6420pm6150apm8150bqca0000qfe2101qca6430qat3522qfe4455fcpmr735awcd9340sd765gsdr660qfe3345sdr865smb1358smr545qln5020wcd9371smb1350pmm8920ausa8150pwtr3950pm6350qdm5621qfe3340qtc800ssd660sd712qcn5121pm6150lsd450sd8885gqtc410swcn3991qpa8801ipq8078ipq8173sdxr25gpm6150qca6574qfs2630qpa8842pmm8996auwcd9380qualcomm215qln4640qcs410smb1381qcn5024pm7250wtr4905qpa8803pmd9645qdm2301wsa8815wcn6850qpm6375ipq6028ipq8064sd835pmp8074qca1990sd730pm8008pme605qca6234qcn5054qcs603rsw8577qca9994qca9980qpm5621qpm6582sd670qfe4303wcn6855pm8150lsa6145ppm215ar8031qpm5577wtr2965pm8150qca4024sdx55apq8053csra6640pmi8994wcn3660qca9379pm855bsmb2351qln1031qcn7606qpm5870pm8909qfe1040wsa8830pm660qpm6325qbt1500qpa5581csrb31024mdm9650qca9378apmk8001qca9992qcs4290pmm855auqet6100mdm9250smb1396pm7150aipq8072pm8350qca6564qca6426qca9377qca4531qpm5641whs9410wtr2955qdm5620qln1021aqipq8074asmb1380apq8094sa8155qca6584qat5533wcn3615pm8940qpm6670wcd9306qca6584aumsm8208qpm4641ipq8174pm855sd429pm8250qcn5052qca9367apq8092sdm630qdm4643pmx55qcn9074sd205qca6421qdm3301sa8195ppm8953qat5515qca6694qpm5677qat3514wcd9326wcd9335qcn6023pm439qpm5620qpm4630qca6390wcd9375aqt1000msm8976pmm8195auqln4642msm8994qfe2310pmi8937pm8998msm8916apq8017pm8019qca6595qpm8830apq8039qat5522pm8150cpmr735bqpa4360qcn5154qpa4361mdm9206pm8350csmr525qca9888pmr525mdm9615msm8929qca9886sd665qca6175asd765pmx20pmd9607qat3555apq8009qpa5461mdm9310qfe2082fcqfs2608qln1036aqqtc801sqfe3320sd710mdm9607qcn5122qpm6621pmx50pm8018qcn5022sdr8250sd768gpm8004pm640lmsm8940pmk8002qca8075qcn6024qcn9022sd845sdm830smb1357qpa5580qpm5579qfe2550qcs610qcn5550pmi8996qfe1045qdm2307qpa8802qat3519ipq8078aqtc800hqcs2290qca6335msm8917qcn5064qln1020wtr3905qca1990aqdm5671pmc1000hqfe2330qat3518sd632sd8cipq8076amdm9628qpa5460qca4020qca6428qdm5652ipq8071qpm8870qpm5679qbt2000wcd9360sdx20mwtr1625lsdr735gwcn3999qsm7250pm8996qcs6125ipq6010smb1360qcs405qfe3440fcqca6436wcn6851sa6155pqpa6560msm8937wcd9341pmi8952mdm9655qca6431sd750gqpm5657qdm5650wcn3988qca6438wtr3925qfe2080fcsdr052smb1390qca9898ipq4028qet4100wcn3610msm8608mdm9640qpm6585smb1355ipq8072aqln4650wcd9330wgr7640csr6030qat5568qet5100sd636qca6564auqcn5164pm8994pm7250bsdr735smb1395smb358spm660lar8151smr526wtr5975qca6174pmk8003wcn3980qsw8573msm8939qcs605qbt1000sd7cqca6320wcn3910wcn3680qca9984qfe4309qcn9024pm8009qpa8675sdx55mpm670aqfe4373fcmsm8953qsw8574pmi8998qfe2520pm855lipq8070sd8655gqfe4302pm670qdm5677pm8005ipq6018qdm2302pmm6155ausdxr1apq8096auqpm5875qet5100msa8155psd675wtr4605sd439qet4101pm8952qat3516pm670lqpm5658qcm2290qfe4465fcsdr051qcn9070qln5030pm4125pmi632pm456qca9378csra6620qpa5373qpm4621qcn9072sdr660gqfe2340sd455qpa8686ipq6000wcd9370sdr425ipq5018qca9369qcn7605qpm5541qat5516sd662qfe4308pm8350bhapq8037pm3003aqca6595auqtc800tsmb1354ipq5010qdm2305qca6310qpm8820pm8937qpm2630qfe2081fcqca9990smb1398sd821sdr675msm8992sm6250smb231qfe1100qca4010qet4200aqqca8081ipq8071awcd9385pmm8155auar8035csr8811apq8064auqpa8673qdm2310sd210sd820wcn3620qca6564asmr546pmx24qet6110qln5040qca8072qpm8895sdr845qpm5670wcn3990qcn9000qtm527pmk8350sdx24qcn9012pm8350bwsa8835msm8996auqfe1035pmi8940sm6250prgr7640auqln1035bdpm855aipq4018qca6574aqca9889qca6174aipq8074qpm4640wcn6750qpm4650qtm525sa515mwtr6955qfe3335sd855sd8cxqfe4305ipq8076pm640pqcn5021ipq8069qcn5152msm8209sd460qca6391smb1351ipq6005msm8920qcn9100mdm9626pm660aqpa4340qcm4290sdx50mpm640asdr8150sdx20pm8916qdm4650mdm9215pmd9655qca6574auqsw6310qcm6125wsa8810qdm2308qat3550wcn6856qdm5679wcn3680bqca6696qfe4301sm4350apq8016qpa2625sa6150pipq8070asm7250pipq4029pm8956sd850pm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-11264
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.26% / 49.05%
||
7 Day CHG-0.00%
Published-08 Sep, 2021 | 11:25
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper authentication of Non-EAPOL/WAPI plaintext frames during four-way handshake can lead to arbitrary network packet injection in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwareqca2066sd678sa6150p_firmwaresm7250sa8145p_firmwareqcs610wsa8830qca1062_firmwareqcs2290_firmwareqca8337sm7250_firmwarecsrb31024mdm9650sd_636csra6620qcs4290wcn3950_firmwaresa8150p_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqcs2290qca6390_firmwareqca2064_firmwareqca2062qca6174_firmwaresd690_5gsd730_firmwarecsra6620_firmwareqcs605_firmwaresd_675_firmwaresd675_firmwarewcd9370csra6640_firmwareqcs6125_firmwareqca6426qca6584au_firmwarewcn3990_firmwareqca9377sa415mwcn3998sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcn3950wcd9326_firmwaresd720gwcn3615_firmwarewcn3660bwcn3910_firmwareqca2065sd662sd460_firmwareqca1064sa8155qca6574au_firmwaresdx55_firmwarewcn3680b_firmwareqca6595auwcd9375_firmwarewcn3615wcn3998_firmwarewcn3999_firmwareqca6420qca6436_firmwareapq8053_firmwaresdx20mqca6564au_firmwareqca6584ausa6155p_firmwaresd778gwcn3999qrb5165_firmwaresdxr2_5gqcs6125sa8155_firmwaresd662_firmwaresdm630sa415m_firmwareqcs405qca6430sc8280xp_firmwarewcn3988_firmwaresa6145p_firmwaresm6250sd778g_firmwarewcd9340sa8195pwsa8810_firmwaresd765gsd765_firmwareqca6436wcd9326wcd9335sa6155pwcn6851qcs603_firmwareqca6174a_firmwareqcs4290_firmwarewcd9385wcd9341qca2066_firmwareqca6696_firmwareqca2065_firmwaresd750gsd870_firmwareqca1062ar8035qca6390sd_8cxaqt1000apq8064ausa8150psd750g_firmwaresm6250_firmwaremsm8953_firmwarewcd9375wsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwaresdx20_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwaresd660_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwareqca6564awcn6750_firmwareqcm6125_firmwareqcm2290_firmwarewcn3991qca8337_firmwarewcd9380_firmwarewcn3990sd_675msm8996au_firmwaresd780gsd865_5gqca6564ausdx24sdx55m_firmwarewcn6856_firmwaresd888wsa8835qca6574msm8996ausd665_firmwarewcd9380sd888_5gqcs410qca6574asd690_5g_firmwaresdx50m_firmwarewcn6855_firmwareqca6174asdx24_firmwaresm7325qca6174qca6430_firmwarewcd9335_firmwarewcn3980wcn6750qca6574_firmwareqcs605wcd9340_firmwaresd855wsa8815wcn6850sd665wcn3910mdm9650_firmwareqca6175asd765qca6426_firmwarewcn3660b_firmwareqca6574a_firmwaresd768g_firmwaresd835wcn3980_firmwaresd460qca6391sd730sdx55maqt1000_firmwareqca2062_firmwarewcn6740_firmwaremsm8953sd678_firmwareapq8064au_firmwarear8031_firmwarecsrb31024_firmwareqcm4290sdx50msdx20qrb5165sd480_firmwareqcs603wcn6851_firmwareqca6164_firmwareqca6574ausa8155p_firmwaresd_636_firmwareqca6564a_firmwarewcd9341_firmwareqcm6125qcm4290_firmwaresd480sd870sdx20m_firmwarewcn6855wsa8810qcs610_firmwarewcn6856sa6145pwcn3680bsd835_firmwaresd768gapq8096auar8031qcs405_firmwareqca1064_firmwaresa8145pqca6164qca6696sdm630_firmwareqca6391_firmwarewcn6740qca2064sd780g_firmwaresd845_firmwarewcd9370_firmwaresa6150psd888_firmwaresc8280xpapq8053apq8096au_firmwarecsra6640sa8155psd675sd845sdx55sd720g_firmwareqcs410_firmwareqca6175a_firmwarear8035_firmwareqcm2290sm7325_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-287
Improper Authentication
CVE-2020-11216
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.29% / 51.85%
||
7 Day CHG~0.00%
Published-21 Jan, 2021 | 09:41
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer over read can happen in video driver when playing clip with atomsize having value UINT32_MAX in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580fsm10055qfe2550qcs610pmi8996qdm5579qdm2307qfs2530qpa8802qln1030pm6125qat3519pm8150aqtc800hqdm5670sa6155qca6335msm8917pm7150lqpa8821qln1020wtr3905qdm5671qat3518sd632wcn3998wcn3950sd720gqpa5460wcn3660bqfe4320qca4020qdm5652sd6905gqpm8870qpm5679qbt2000msm8909wpm855pqca6420pm6150asdx20msdr735gpm8150bqsm7250pm8996qfe2101smb1360qca6430qcs405qat3522pmr735awcd9340sd765gsdr660qca6436wcn6851sa6155pqpa6560msm8937sdr865smb1358wcd9341pmi8952smr545qca6431qln5020wcd9371smb1350sd750gqdm3302wtr3950sa8150ppm6350qdm5621qfe3340qtc800ssd660qdm5650wcn3988wtr3925sdr052smb1390pm6150lsd450sd8885gqet4100wcn3610qpm6585qtc410swcn3991smb1355qln4650qpa8801sdm429wwcd9330wgr7640qat5568qet5100sd636qca6564ausdxr25gpm6150qca6574pm7250bqfs2630qpa8842pmm8996auwcd9380qualcomm215qln4640qcs410smb1381sdr735pm7250wtr4905smb1395pm660lqpa8803ar8151smr526wtr5975wcn3980pmk8003qdm2301qsw8573qcs605wsa8815wcn6850smb1394wcn3680qfe4309sd835pm8009qpa8675sd730sdx55mpm670aqfe4373fcpm8008msm8953qsw8574pmi8998qfe2520pme605pm855lqcs603rsw8577sd8655gqfe4302qpm5621qpm6582apq8009wqfe4303pm670pm8150lqdm5677pm8005sa6145ppm215qdm2302pmm6155ausdxr1ar8031apq8096auwtr2965qpm5875sdx55qet5100mapq8053sa8155pcsra6640pm8350bhssd675sd439qet4101pmi8994qat3516pm670lqpm5658qca9379pm855bqln1031qpm5870pm8909wsa8830sdr051pm660qln5030qbt1500fsm10056qpa5581pmi632pm456mdm9650csra6620qpa5373qpm4621pmk8001qcs4290qet6100pmm855ausdr660gsd455qpa8686smb1396pm7150awcd9370pm8350qca6564sdr425qca6426qca9377qpm5641qat5516wtr2955qdm5620qln1021aqsd662smb1380qfe4308pm8350bhapq8037pm3003asa8155qat5533wcn3615qca6595ausm7350pm8940qpm6670smb1354qdm2305qca6310qpm8820qpm4641pm8937pm855sd429pm8250qca9367smb1398sdm630sd821qdm4643pmx55sd205sdr675qca6421sm6250qdm3301sa8195ppm8953qat5515qpm5677smb231qat3514wcd9326wcd9335qet4200aqwcd9385pm439pmm8155auqpm4630qca6390wcd9375aqt1000apq8064auqpa8673qdm2310pmm8195auqln4642sda429wsd210sd820pmi8937pm8998pmk7350wcn3620apq8017qca6564asmr546qet6110qln5040qpm8895sdr845qpm5670wcn3990qca6595pmk8350qpm8830pm8350bqat5522wsa8835msm8996aupm8150cpmr735bsm6250prgr7640auqpa4360qpa4361qca6574amdm9206qca6174apm8350csmr525qpm4640wcn6750pmr525pm7350cqpm4650qtm525sd855sd665qfe4305qca6175asd765pm640ppmx20pmd9607qat3555apq8009sd460qca6391smb1351qpa5461msm8920pm660aqpa4340qcm4290sdx50mpm640asdr8150qfs2608sdx20pm8916qln1036aqqtc801sqdm4650pmd9655qca6574auqsw6310qpm6621wsa8810qdm2308pmw3100pmx50qat3550wcn6856qdm5679wcn3680bsdr8250sd768gwcn6740qca6696qfe4301sm4350sdw2500pm8004pm640lmsm8940pmk8002qpa2625sd845sm7250psdm830smb1357pm6250qpa5580Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-11116
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.31% / 54.12%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-04 Aug, 2024 | 11:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Possible out of bound write while processing association response received from host due to lack of check of IE length' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, APQ8098, Bitra, Kamorta, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCM2150, QCN7605, QCS405, QCS605, QCS610, QM215, SA6155P, Saipan, SC8180X, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarekamorta_firmwareqcm2150_firmwaremdm9640_firmwareqcs610sdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150apq8009_firmwaremsm8917sxr2130qcs605_firmwaresc8180xmdm9206qca9379_firmwareqca6174asdm636sda845_firmwareqca9377bitraapq8098qcn7605mdm9206_firmwareqcs605bitra_firmwaremsm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwareqca6574au_firmwaresdx55_firmwaremsm8909wapq8009apq8053_firmwaresda845sa6155p_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20qcm2150msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwaresdm660sc8180x_firmwareqcs405qca6574auqm215mdm9607qcn7605_firmwaresa6155pqcs610_firmwaremsm8937mdm9207c_firmwaremsm8905mdm9207cqca6174a_firmwaresm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwaresdm630_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940saipan_firmwaresm6150_firmwareapq8053msm8917_firmwareapq8096au_firmwaresm8250sm8150sdx20_firmwarekamortasaipanqca9379sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-11163
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.36% / 57.59%
||
7 Day CHG~0.00%
Published-22 Feb, 2021 | 06:25
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow while updating ikev2 parameters due to lack of check of input validation for certain parameters received from the ePDG server in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qpm5579qfs2580qca9377_firmwareqfe2550qpm5679_firmwaresm6250p_firmwareqcs610qca8337qdm2307qca6431_firmwareqfs2530qpm8870_firmwareqpa8802wcd9360_firmwareqpm6585_firmwarepm6125qat3519qbt2000_firmwareqat5522_firmwarepm855a_firmwarewcn3950_firmwarepm8150aqtc800hqdm5670sdr8250_firmwareqca6595au_firmwareqpm5541_firmwareqcs2290msm8917pm7150lqpa8821sd_675_firmwareqdm5671pmc1000hqpm4650_firmwareqcs6125_firmwareqat3518pm456_firmwareqpa5580_firmwaresdr425_firmwaresa415mwcn3998wcd9371_firmwaresmr526_firmwarewcn3950sm4125sd720gpm640a_firmwareqsw8573_firmwarewcn3660bwgr7640_firmwareqdm2305_firmwareqfe4320qpm5670_firmwareqsw8574_firmwaresd460_firmwaresmb2351_firmwareqdm5652qca6574au_firmwareqpa4360_firmwareqpm8870wcd9375_firmwarewcn3998_firmwareqpm5679qbt2000pm855pqca6420wcd9360pm6150apmx50_firmwareqpa8675_firmwarewhs9410_firmwarepm8150bqdm3301_firmwareqsm7250qcs6125sa8155_firmwaresd662_firmwareqfe2101smb1360qca6430qat3522pmr735awcd9340sd765gqualcomm215_firmwareqdm2308_firmwaresdr660pm439_firmwareqca6436qpa6560sdr675_firmwaresdr865qdm5620_firmwarewcd9341pmi8952pm8937_firmwareqca6696_firmwareqca6431qln5020wcd9371qet4100_firmwareqfe4320_firmwarepmm855au_firmwarewcn3910_firmwaresd_8cxqdm5621sd855_firmwaresd865_5g_firmwareqdm5650wcn3988wtr3925pm640p_firmwaresdr052smb1390wcn6750_firmwareqat5516_firmwarepm6150lpm855l_firmwareqet4100wcn3610qpa8686_firmwareqpm6585qtc410swcn3991qca8337_firmwarewcd9380_firmwaresmb1355qln4650qpa8801wgr7640qet5100qdm5671_firmwareqpa8801_firmwareqca6564aupm8150l_firmwareqat5533_firmwaresdx55m_firmwareqtm527_firmwareqpa8673_firmwarepm6150qet4101_firmwaresmb1354_firmwarepm7250bqln4642_firmwareqpa8842sdr052_firmwarewcd9380smb1355_firmwarepm7250b_firmwaresmb1351_firmwarequalcomm215qln4640qcs410qpm5579_firmwareqfe4309_firmwaresmb1381pm855p_firmwaresdx50m_firmwaresmb1395pm7250wtr4905qpa8803sdx24_firmwaresmr526qca6430_firmwarewcn3980qtc801s_firmwaresd439_firmwareqat3522_firmwareqdm2301qsw8573wcd9340_firmwarewsa8815wcn6850qfe2101_firmwarewcn3910qdm5621_firmwareqdm2301_firmwareqpm6375sd_8c_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680qfe4309pm8009wcn3980_firmwareqpa8675sd730sdr051_firmwaresdx55mpm6250_firmwareqca6421_firmwareqfe4373fcpm8008qtm525_firmwareqat3518_firmwareqsw8574wcn3680_firmwareqpm5621_firmwarepm855lqln1021aq_firmwareqdm5670_firmwareqpa6560_firmwareqpa8802_firmwareqln4640_firmwarepm7150a_firmwareqfe4308_firmwarepm8150b_firmwareqfe4302qpm5621qpm6582pmc1000h_firmwarepm8009_firmwareqdm2310_firmwarepm4250_firmwareqfe4303qfs2580_firmwareqcm4290_firmwarepm8150lsd210_firmwareqcs610_firmwareqdm5677pm855_firmwarepm215pm4250qdm2302pm855b_firmwareqpm6582_firmwareqpm5577wtr2965qpm6375_firmwareqca6391_firmwarepm640l_firmwarepm8150pmi8937_firmwarewcd9370_firmwareqat3516_firmwareqln4650_firmwaresdx55qet5100msa8155psd675sd439qet4101qat3555_firmwareqat3516qpa8803_firmwareqpm5658pm855bsmb2351qln1031ar8035_firmwareqcm2290qpm5658_firmwarewcn3991_firmwarepm8909qdm5652_firmwaresdr051qet6110_firmwareqln5030qpm6325pm6125_firmwareqcs2290_firmwareqbt1500pm4125pmi632qpa2625_firmwarepm456csrb31024smb1360_firmwarepmx24_firmwareqbt1500_firmwareqet5100_firmwareqcs4290pmm855ausd765g_firmwareqpa8686qca6420_firmwareqca6390_firmwaresd730_firmwarepm7150awcd9370sd675_firmwareqpa4361_firmwaresdr425pmr525_firmwareqca6426qca6584au_firmwarewcn3990_firmwareqca9377pmi632_firmwaresd_8cx_firmwarewcd9385_firmwareqdm5650_firmwaresdxr2_5g_firmwarewcd9326_firmwarewhs9410wcn3615_firmwarewtr2955qpm5541qat5516pm7250_firmwareqdm5620qln1021aqsd662qpa8821_firmwareqfe4308pmk8002_firmwareqsw6310_firmwarepm3003asa8155qln1031_firmwarewcn3680b_firmwaresdx55_firmwareqat5533wcn3615qca6595ausm7250p_firmwarewcn3610_firmwareqca6436_firmwareqsm7250_firmwaresmb1354pm7150l_firmwareqca6564au_firmwareqca6584auqdm2305qpm8820pm8937qat5515_firmwareqln5020_firmwaresa515m_firmwarepm855qpm8830_firmwaresd429pm8250sdxr2_5gqfs2530_firmwaresa415m_firmwarepmx55wcn3988_firmwaresd205sd429_firmwarepm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresdr675sm6250apq8017_firmwareqpm5677qat5515wsa8810_firmwaresd765_firmwarewcd9326qdm5677_firmwarepm8004_firmwareqca6174a_firmwaresdr8150_firmwareqcs4290_firmwarewcd9385qpm6325_firmwarepm439qtc800h_firmwareqdm2302_firmwareqat3550_firmwareqln5040_firmwarepm4125_firmwareqca6390wcd9375ar8035aqt1000qpa8673sm6250_firmwareqdm2310qfe2550_firmwareqln5030_firmwareqln4642msm8917_firmwareqpm5677_firmwaresd210qfe4302_firmwarewsa8815_firmwarewtr3925_firmwarepmi8937smr525_firmwarewcn6850_firmwareqpm8820_firmwareqfe4301_firmwareapq8017pmx24qcm6125_firmwareqet6110pmi8952_firmwareqcm2290_firmwareqln5040qpm8895qpm5670wcn3990sd_675pmx55_firmwarewtr2955_firmwareqtm527qfe4373fc_firmwaresd865_5gpm8150_firmwaresdx24qpm8830qdm2307_firmwareqat5522pm8150csd665_firmwaresm6250pqpa4360pm855asdr660_firmwaresc8180xqpa4361pm8909_firmwareqca6574aqpm5577_firmwarepm8916_firmwaresmb1390_firmwareqdm5679_firmwareqca6174asmr525qfe4305_firmwareqfe4303_firmwarewcn6750pm6150l_firmwarepmr525pm8150a_firmwareqet5100m_firmwareqpm4650qtm525sa515mqln1036aq_firmwaresd855sm4125_firmwaresd665qfe4305pm6150a_firmwarepm6150_firmwaresd765pm640pqca6574a_firmwaresd768g_firmwaresdr865_firmwareqat3555pm8250_firmwaresd460qca6391smb1351aqt1000_firmwarepm215_firmwareqpm8895_firmwarewtr2965_firmwareqcm4290csrb31024_firmwaresdx50mpm640asdr8150pm8916qln1036aqqtc801ssmb1395_firmwaresc8180x_firmwareqca6574ausa8155p_firmwaresd205_firmwareqsw6310pm8008_firmwarewcd9341_firmwareqcm6125wsa8810qtc410s_firmwarepmr735a_firmwareqdm2308wtr4905_firmwarepmx50qat3550qdm5679sd_8cwcn3680bsdr8250sd768gpm3003a_firmwareqca6696qfe4301smb1381_firmwarepm8004pm640lpmk8002qpa2625sm7250psd720g_firmwareqcs410_firmwarepm6250qpa5580Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2018-11930
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.27% / 49.88%
||
7 Day CHG~0.00%
Published-24 May, 2019 | 16:35
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper input validation on input data which is used to locate and copy the additional IEs in WLAN function can lead to potential integer truncation issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCS605, Qualcomm 215, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24, SM7150

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_427_firmwaresd_850mdm9150_firmwaresd_632sd_855mdm9640_firmwaresd_820asd_675msm8996au_firmwaresd_439sdx20sd_425sd_429sdm660sd_430_firmwaremdm9607_firmwaresd_435mdm9650sd_636sdm439sdm630sd_625sm7150_firmwareqm215mdm9607msm8996ausd_636_firmwaresd_450_firmwaresd_845_firmwaresm7150sd_439_firmwaresd_820a_firmwaremdm9150qcs605_firmwaresd_429_firmwaresd_675_firmwaremdm9206sd_425_firmwaresd_850_firmwaresdx24_firmwaresd_625_firmwaresd_450sd_855_firmwaresdm439_firmwaresdm630_firmwaresda660_firmwaresd_845qm215_firmwareqcs605mdm9206_firmwaresd_427sd_430sd_435_firmwaresd_632_firmwaremdm9650_firmwaresd_835_firmwaresdx20_firmwaresd_835sda660sdx24sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CVE-2018-11905
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.12% / 31.15%
||
7 Day CHG~0.00%
Published-07 Dec, 2018 | 14:00
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Possible buffer overflow in WLAN function due to lack of input validation in values received from firmware.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-11936
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 55.66%
||
7 Day CHG~0.00%
Published-24 May, 2019 | 16:35
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Index of array is processed in a wrong way inside a while loop and result in invalid index (-1 or something else) leads to out of bound memory access. in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9379, QCA9886, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 820, SD 820A, SD 835, SDX20, SDX24, Snapdragon_High_Med_2016

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_427_firmwareqca9377_firmwareqca6584aumdm9640_firmwaresd_820amsm8996au_firmwaresdx20sd_425sdx24sd_430_firmwaremdm9607_firmwaresd_435mdm9650sd_625qca6574ausnapdragon_high_med_2016_firmwaresd_210mdm9607msm8996auqca6574sd_820_firmwaresd_820sd_450_firmwaresd_820a_firmwaremdm9206qca6174a_firmwareqca6174aqca9379_firmwareqca9886_firmwaresd_212_firmwaresd_425_firmwareqca6584au_firmwaresd_450sd_625_firmwaresdx24_firmwareqca9377mdm9206_firmwareqca6574_firmwareqca9886sd_427sd_430qca6584_firmwaresd_435_firmwaresd_835_firmwaremdm9650_firmwaresdx20_firmwaresd_835qca6584qca6574au_firmwaresd_205sd_210_firmwaresnapdragon_high_med_2016qca9379sd_205_firmwaresd_212mdm9640Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2018-11287
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.27% / 50.39%
||
7 Day CHG~0.00%
Published-20 Sep, 2018 | 13:00
Updated-05 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016, incorrect control flow implementation in Video while checking buffer sufficiency.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm636_firmwaresdm632_firmwaremsm8996au_firmwaresd430sd625_firmwaresdm632sd650_firmwaresdm660sdm439mdm9607_firmwaresdm630mdm9650sdm429sd425_firmwaresd205msm8909w_firmwaremdm9607msm8996ausd205_firmwaresd820a_firmwaresdm710sdm710_firmwaresd652_firmwaresd425sd652sd210_firmwaresd427_firmwaresd625mdm9206sd435sd212_firmwaresd835_firmwaresd435_firmwaresdm439_firmwaresdm636sd427sd212sdm630_firmwaresd820_firmwaresda660_firmwaresd845_firmwaremdm9206_firmwaresd430_firmwaresd450_firmwaresd845sd210sdm429_firmwaremdm9650_firmwaresd820sda660sd835sd650sd820asd850_firmwaremsm8909wsd450sdm660_firmwaresd850Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-20
Improper Input Validation
CVE-2018-11937
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.27% / 49.88%
||
7 Day CHG~0.00%
Published-24 May, 2019 | 16:35
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of input validation before copying can lead to a buffer over read in WLAN function in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24, SM7150

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_427_firmwaresd_712sd_850mdm9150_firmwaresd_855mdm9640_firmwaresd_820asd_675msm8996au_firmwaresdx20sd_670_firmwaresd_425sdm660sdx24sd_430_firmwaremdm9607_firmwaresd_435mdm9650sd_636sd_710_firmwaresdm630sd_625qca6574ausm7150_firmwaremdm9607msm8996ausd_636_firmwaresd_450_firmwaresd_845_firmwaresm7150sd_820a_firmwaremdm9150qcs605_firmwaresd_675_firmwaremdm9206sd_425_firmwaresd_850_firmwaresdx24_firmwaresd_625_firmwaresd_450sd_855_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_845mdm9206_firmwareqcs605sd_427sd_430sd_670sd_435_firmwaresd_835_firmwaremdm9650_firmwaresd_710sdx20_firmwaresd_835qca6574au_firmwaresda660sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-11940
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.27% / 49.88%
||
7 Day CHG~0.00%
Published-24 May, 2019 | 16:36
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of check in length before using memcpy in WLAN function can lead to OOB access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCS605, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_712sd_850mdm9150_firmwaresd_855mdm9640_firmwaresd_820amsm8996au_firmwaresdx20sd_670_firmwaresdm660sdx24sdm630mdm9607_firmwaresd_710_firmwaresd_636mdm9650sd_625sd_820_firmwaremdm9607msm8996ausd_636_firmwaresd_820sd_845_firmwaresd_820a_firmwaremdm9150qcs605_firmwaremdm9206sd_850_firmwaresdx24_firmwaresd_625_firmwaresd_855_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_845mdm9206_firmwareqcs605sd_670sd_835_firmwaremdm9650_firmwaresd_710sdx20_firmwaresd_835sda660sxr1130_firmwaresxr1130sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-11949
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.27% / 49.88%
||
7 Day CHG~0.00%
Published-24 May, 2019 | 16:44
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Failure to initialize the extra buffer can lead to an out of buffer access in WLAN function in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_427_firmwaresd_712sd_850mdm9150_firmwaresd_855mdm9640_firmwaresd_820amsm8996au_firmwaresdx20sd_670_firmwaresd_425sdm660sdx24sd_430_firmwaremdm9607_firmwaresd_435mdm9650sd_636sd_710_firmwaresdm630sd_625mdm9607msm8996ausd_636_firmwaresd_450_firmwaresd_845_firmwaresd_820a_firmwaremdm9150qcs605_firmwaremdm9206sd_425_firmwaresd_850_firmwaresdx24_firmwaresd_625_firmwaresd_450sd_855_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_845mdm9206_firmwareqcs605sd_427sd_430sd_670sd_435_firmwaresd_835_firmwaremdm9650_firmwaresd_710sdx20_firmwaresd_835sda660sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-665
Improper Initialization
CVE-2020-11291
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.36% / 57.59%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 06:20
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow while updating ikev2 parameters for delete payloads received during informational exchange due to lack of check of input validation for certain parameters received from the ePDG server in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwarewsa8830sd678sm6250p_firmwareqcs610qca6431_firmwarecsrb31024wcd9360_firmwareqcs4290wcn3950_firmwaresc8180x\+sdx55sd765g_firmwareqca6420_firmwareqca6595au_firmwareqca6390_firmwaremsm8917sd690_5gsd730_firmwarewcd9370sd_675_firmwaresd675_firmwareqcs6125_firmwareqca6426qca6584au_firmwarewcn3990_firmwareqca9377sa415mwcn3998sd_8cx_firmwarewcd9371_firmwaresdxr2_5g_firmwarewcd9385_firmwarewcd9326_firmwaresd720gwcn3615_firmwarewcn3950whs9410wcn3660bsd450_firmwaresa8155qca6574au_firmwaresdx55_firmwarewcn3680b_firmwareqca6595auwcd9375_firmwarewcn3615wcn3998_firmwaresm7250p_firmwareqca6420qca6436_firmwareapq8053_firmwarewcd9360qca6564au_firmwareqca6584auwhs9410_firmwaresa515m_firmwaresdxr2_5gqcs6125sa8155_firmwaremsm8976sgsa415m_firmwareqca6430wcn3988_firmwareqca6421sm6250wcd9340apq8017_firmwarewsa8810_firmwaresd765gsd765_firmwareqca6436wcd9326wcd9335wcn6851qca6174a_firmwareqcs4290_firmwarewcd9385wcd9341qca6431qca6696_firmwarewcd9371sd750gsd870_firmwareqca6390wcd9375sd_8cxaqt1000msm8976sd750g_firmwaresc8180x\+sdx55_firmwaresm6250_firmwaremsm8953_firmwarewcn3910_firmwarewsa8830_firmwaremsm8917_firmwaresd855_firmwaresd865_5g_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwarewsa8815_firmwarewsa8835_firmwareapq8017sd450qcm6125_firmwarewcn3991wcd9380_firmwarewcn3990sd_675sd865_5gqca6564ausdx24sdx55m_firmwarewcn6856_firmwaremsm8940_firmwaremsm8976_firmwaresd670_firmwarewsa8835sd665_firmwarewcd9380sd888_5gsm6250pqcs410qca6574asd690_5g_firmwaresdx50m_firmwarewcn6855_firmwareqca9379_firmwareqca6174asdx24_firmwareqca6430_firmwarewcd9335_firmwarewcn3980sa515mwcd9340_firmwaresd855wsa8815wcn6850sd665wcn3910sd_8c_firmwaresd765qca6426_firmwarewcn3660b_firmwareqca6574a_firmwaresd768g_firmwarewcn3980_firmwaresd730qca6391sdx55mqca6421_firmwareaqt1000_firmwaremsm8920msm8953sd678_firmwareqcm4290csrb31024_firmwaresdx50msd480_firmwarewcn6851_firmwaremsm8920_firmwareqca6574ausa8155p_firmwaresd670msm8976sg_firmwarewcd9341_firmwareqcm6125qcm4290_firmwaresd480sd870wcn6855wsa8810qcs610_firmwarewcn6856sd_8cwcn3680bsd768gqca6696qca6391_firmwaresd845_firmwarewcd9370_firmwaresdx55msm8940apq8053sa8155psd675sd845sm7250psd720g_firmwareqcs410_firmwareqca9379Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2019-2249
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.48% / 64.96%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 17:11
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Kernel can do a memory read from arbitrary address passed by user during execution of a syscall in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9205, MDM9650, QCA8081, QCS605, SD 427, SD 435, SD 450, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_427_firmwaresd_712sd_850sd_855sd_730_firmwaresd_675sdx20sd_670_firmwaresdm660sdm630sd_710_firmwaresd_435mdm9650sd_636sd_625ipq8074_firmwaresnapdragon_high_med_2016_firmwaresd_636_firmwaresd_450_firmwaresd_845_firmwareqca8081qcs605_firmwaresd_675_firmwaresd_730snapdragon_high_med_2016sd_665sd_850_firmwaresd_625_firmwareipq8074sd_450sd_712_firmwaresdm630_firmwaremdm9205_firmwaresd_8cx_firmwaresda660_firmwaremdm9205sd_845sd_427qcs605sd_8cxsd_670sd_435_firmwaresd_835_firmwaremdm9650_firmwaresd_710sdx20_firmwaresd_835sda660sxr1130_firmwareqca8081_firmwaresxr1130sd_665_firmwaresdm660_firmwaresd_855_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-2276
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.27% / 49.88%
||
7 Day CHG~0.00%
Published-25 Jul, 2019 | 16:33
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound read occurs while processing beaconing request due to lack of check on action frames received from user controlled space in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS405, QCS605, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 845 / SD 850, SD 855, SDM630, SDM660, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_712qca9377_firmwaresd_850sd_855sd_730_firmwaresd_820asd_675msm8996au_firmwaresd_670_firmwaresdm660sdx24sdm630mdm9607_firmwaresd_710_firmwaresd_636qcs405qca6574aumdm9607msm8996ausd_636_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwareqca6174a_firmwareqca6174aqca9379_firmwaresd_665sd_730sd_850_firmwaresdx24_firmwareqcs405_firmwareqca9377sd_712_firmwaresdm630_firmwaresd_845qcs605sd_670sd_710qca6574au_firmwareqca9379sd_665_firmwaresdm660_firmwaresd_855_firmwareSnapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-2245
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 55.66%
||
7 Day CHG~0.00%
Published-24 May, 2019 | 16:44
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible integer underflow can happen when calculating length of elementary stream map from invalid packet length which is later used to read from input buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SM7150, Snapdragon_High_Med_2016

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_632sd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdm439mdm9650sd_636sm7150_firmwaresd_615_firmwaresnapdragon_high_med_2016_firmwaremsm8909w_firmwaremsm8996ausd_820sd_450_firmwaresd_845_firmwaresm7150sd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_425_firmwaresd_625_firmwaresd_450sd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sd_210_firmwaresd_600sd_415_firmwaremsm8909wsd_616_firmwaresd_205_firmwaresd_415sd_212sd_427_firmwaresd_712sd_855sdx20sd_616sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_615sd_710_firmwaresdm630sd_625qm215sd_820_firmwaresd_210mdm9607sd_636_firmwaresd_439_firmwaresd_429_firmwaresnapdragon_high_med_2016sd_212_firmwaresd_850_firmwaresdm439_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwareqm215_firmwaresd_430sd_427sd_670sd_435_firmwaresdx20_firmwaresd_710sd_600_firmwaresd_205sdm660_firmwaresd_855_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CVE-2019-2303
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.29% / 52.50%
||
7 Day CHG~0.00%
Published-21 Nov, 2019 | 14:38
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SNDCP module may access array out side its boundary when it receives malformed XID message. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9635m_firmwareqcm2150_firmwaremdm9640_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresnapdragon_high_med_2016_firmwaresm6150msm8909w_firmwaremsm8976_firmwaremsm8996ausm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaresc8180xmdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwaremdm9635mapq8098mdm9615mdm9205mdm9206_firmwaremsm8939qcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwaremdm9655_firmwaresdm660sc8180x_firmwaresdm710qm215mdm9607apq8017_firmwaremdm9625_firmwaresdm710_firmwaremsm8939_firmwaremdm9150msm8937msm8905snapdragon_high_med_2016sm8150_firmwaremsm8909sxr2130_firmwaremdm9655apq8096ausdm439_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwaremdm9625qm215_firmwaremsm8976sdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250msm8998sm8150sdx20_firmwaresdm850mdm9615_firmwareapq8017nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-11176
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.22% / 44.88%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 06:20
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While processing server certificate from IPSec server, certificate validation for subject alternative name API can cause heap overflow which can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwarewsa8830sd678sm6250p_firmwareqcs610qca8337qca6431_firmwarecsrb31024wcd9360_firmwareqcs4290wcn3950_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqca6390_firmwaremsm8917sd690_5gsd730_firmwarewcd9370sd_675_firmwaresd675_firmwareqcs6125_firmwareqca6426qca6584au_firmwarewcn3990_firmwareqca9377sa415mwcn3998sd_8cx_firmwarewcd9371_firmwaresdxr2_5g_firmwarewcd9385_firmwarewcd9326_firmwaresd720gwcn3615_firmwarewcn3950whs9410wcn3660bsd450_firmwaresa8155qca6574au_firmwaresdx55_firmwarewcn3680b_firmwareqca6595auwcd9375_firmwarewcn3615wcn3998_firmwaresm7250p_firmwareqca6420qca6436_firmwareapq8053_firmwarewcd9360qca6564au_firmwareqca6584auwhs9410_firmwaresa515m_firmwaresdxr2_5gqcs6125sa8155_firmwaremsm8976sgsa415m_firmwareqca6430wcn3988_firmwareqca6421sm6250wcd9340apq8017_firmwarewsa8810_firmwaresd765gsd765_firmwareqca6436wcd9326wcd9335wcn6851qca6174a_firmwareqcs4290_firmwarewcd9385wcd9341qca6431qca6696_firmwarewcd9371sd750gsd870_firmwarear8035qca6390sd_8cxaqt1000msm8976sd750g_firmwaresm6250_firmwarewcd9375msm8953_firmwarewcn3910_firmwarewsa8830_firmwaremsm8917_firmwaresd855_firmwaresd865_5g_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwarewsa8815_firmwarewsa8835_firmwareapq8017wcn6750_firmwaresd450qcm6125_firmwarewcn3991qca8337_firmwarewcd9380_firmwarewcn3990sd_675sd865_5gqca6564ausdx24sdx55m_firmwarewcn6856_firmwaremsm8940_firmwaremsm8976_firmwaresd670_firmwarewsa8835sd665_firmwarewcd9380sd888_5gsm6250pqcs410sc8180xqca6574asd690_5g_firmwaresdx50m_firmwarewcn6855_firmwareqca9379_firmwareqca6174asdx24_firmwareqca6430_firmwarewcd9335_firmwarewcn3980wcn6750sa515mwcd9340_firmwaresd855wsa8815wcn6850sd665wcn3910sd_8c_firmwaresd765qca6426_firmwarewcn3660b_firmwareqca6574a_firmwaresd768g_firmwarewcn3980_firmwaresd730qca6391sdx55mqca6421_firmwareaqt1000_firmwaremsm8920msm8953sd678_firmwareqcm4290csrb31024_firmwaresdx50msd480_firmwarewcn6851_firmwaremsm8920_firmwaresc8180x_firmwareqca6574ausa8155p_firmwaresd670msm8976sg_firmwarewcd9341_firmwareqcm6125qcm4290_firmwaresd480sd870wcn6855wsa8810qcs610_firmwarewcn6856sd_8cwcn3680bsd768gqca6696qca6391_firmwaresd845_firmwarewcd9370_firmwaresdx55msm8940apq8053sa8155psd675sd845sm7250psd720g_firmwareqcs410_firmwareqca9379ar8035_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-2268
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.34% / 56.21%
||
7 Day CHG~0.00%
Published-21 Nov, 2019 | 14:38
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible OOB read issue in P2P action frames while handling WLAN management frame in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8996AU, MSM8998, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS405, QCS605, SDA660, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresdm636_firmwaremsm8996au_firmwareapq8098_firmwaresdm845sdx20msm8998_firmwaresdm660sdm630mdm9607_firmwaremdm9650qcs405qca6574ausdm710sm6150mdm9607msm8996auapq8017_firmwaresdm710_firmwareapq8009_firmwaresdm670qcs605_firmwaremdm9207c_firmwaremdm9206mdm9207cqca6174a_firmwareqca6174aqca9379_firmwaresdm670_firmwareapq8096ausdm636qcs405_firmwareqca9377sdm630_firmwareapq8098sda660_firmwaremdm9206_firmwareqcs605apq8053apq8096au_firmwaresm6150_firmwaremdm9650_firmwaremsm8998sdx20_firmwareqca6574au_firmwaresda660apq8017apq8009qca9379apq8053_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-2256
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.66% / 70.77%
||
7 Day CHG~0.00%
Published-14 Jun, 2019 | 17:02
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An unprivileged user can craft a bitstream such that the payload encoded in the bitstream gains code execution in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_632sd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdm439mdm9650sd_636snapdragon_high_med_2016_firmwaremsm8909w_firmwaremsm8996ausd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaresd_425_firmwaresd_625_firmwaresd_450sd_8cx_firmwaresd_845qcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sxr1130_firmwaresd_210_firmwaresxr1130msm8909wsd_205_firmwaresd_212sd_427_firmwaresd_712sd_855sd_425sdm660sd_430_firmwaresd_710_firmwaresd_435sdm630sd_625qm215sd_210sd_636_firmwaresd_820_firmwaresd_439_firmwaresd_429_firmwaresnapdragon_high_med_2016sd_212_firmwaresd_850_firmwaresdm439_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwareqm215_firmwaresd_427sd_430sd_8cxsd_670sd_435_firmwaresd_710sd_205sdm660_firmwaresd_855_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2019-2283
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.31% / 54.12%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 17:11
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper validation of read and write index of tx and rx fifo`s before calculating pointer can lead to out-of-bound access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632mdm9640_firmwaresd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdx24sdm439mdm9650sd_636msm8909w_firmwaremsm8996ausd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_425_firmwaresdx24_firmwaresd_625_firmwaresd_450sd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sd_210_firmwaremsm8909wsd_205_firmwaresd_212sd_427_firmwaresd_712sd_855sd_730_firmwarequalcomm_215sdx20sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_710_firmwaresdm630sd_625sd_820_firmwaresd_210mdm9607sd_636_firmwaresd_439_firmwarequalcomm_215_firmwaremdm9150sd_429_firmwaresd_730sd_212_firmwaresd_850_firmwaresd_855_firmwaresdm439_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_430sd_427sd_670sd_435_firmwaresdx20_firmwaresd_710sd_205sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-2320
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 55.66%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 08:30
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bounds write in a MT SMS/SS scenario due to improper validation of array index in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9635m_firmwareqcm2150_firmwaremdm9640_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresnapdragon_high_med_2016_firmwaresm6150msm8909w_firmwaremsm8976_firmwaremsm8996ausm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaremdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwaremdm9635mapq8098mdm9615mdm9205mdm9206_firmwaremsm8939qcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwaremdm9655_firmwaresdm660sdm710qm215mdm9607apq8017_firmwaremdm9625_firmwaresdm710_firmwaremsm8939_firmwaremdm9150msm8937msm8905snapdragon_high_med_2016sm8150_firmwaremsm8909sxr2130_firmwaremdm9655apq8096ausdm439_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwaremdm9625qm215_firmwaremsm8976sdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250msm8998sm8150sdx20_firmwaresdm850mdm9615_firmwareapq8017nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-129
Improper Validation of Array Index
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-20590
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.15% / 35.20%
||
7 Day CHG~0.00%
Published-24 Mar, 2020 | 19:01
Updated-05 Aug, 2024 | 02:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung mobile devices with O(8.x) (Qualcomm chipsets) software. There is an integer underflow in the Secure Storage Trustlet. The Samsung ID is SVE-2019-13952 (July 2019).

Action-Not Available
Vendor-n/aQualcomm Technologies, Inc.Google LLC
Product-sdm660androidn/a
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CVE-2019-2271
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.37% / 58.76%
||
7 Day CHG~0.00%
Published-21 Nov, 2019 | 14:38
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer over read can happen while parsing downlink session management OTA messages if network sends un-intended values in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9635m_firmwareqcm2150_firmwaremdm9640_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresnapdragon_high_med_2016_firmwaresm6150msm8909w_firmwaremsm8976_firmwaremsm8996aumdm915_firmwaresm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaresc8180xmdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwaremdm9635mapq8098mdm9615mdm9205mdm9206_firmwaremsm8939qcs605mdm915msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwaremdm9655_firmwaresdm660sc8180x_firmwaresdm710qm215mdm9607apq8017_firmwaremdm9625_firmwaresdm710_firmwaremsm8939_firmwaremsm8937msm8905snapdragon_high_med_2016sm8150_firmwaremsm8909sxr2130_firmwaremdm9655apq8096ausdm439_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwaremdm9625qm215_firmwaremsm8976sdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250msm8998sm8150sdx20_firmwaresdm850mdm9615_firmwareapq8017nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-2327
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.36% / 57.59%
||
7 Day CHG~0.00%
Published-25 Jul, 2019 | 16:33
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow can occur when playing clip with incorrect element size in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632sd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdm439mdm9650sd_636sd_615_firmwaresnapdragon_high_med_2016_firmwaremsm8996ausd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_425_firmwaresd_665sd_625_firmwaresd_450sd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sd_210_firmwaresd_600sd_415_firmwaremsm8909_firmwaresd_665_firmwaresd_616_firmwaresd_205_firmwaresd_415sd_212sd_427_firmwaresd_712sd_855sd_730_firmwarequalcomm_215sdx20sd_616sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_615sd_710_firmwaresdm630qcs405sd_625sd_820_firmwaresd_210mdm9607sd_636_firmwaresd_439_firmwarequalcomm_215_firmwaremdm9150sd_429_firmwaresd_730snapdragon_high_med_2016sd_212_firmwaresd_850_firmwaremsm8909sdm439_firmwareqcs405_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_430sd_427sd_670sd_435_firmwaresdx20_firmwaresd_710sd_600_firmwaresd_205sdm660_firmwaresd_855_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2019-2323
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 55.66%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 17:11
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of check to ensure crypto engine data passed by user is initialized can result in bus error in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632mdm9640_firmwaresd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdx24sdm439mdm9650sd_636msm8909w_firmwaremsm8996ausd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_425_firmwaresd_665sdx24_firmwaresd_625_firmwaresd_450sd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sd_210_firmwaremsm8909wsd_665_firmwaresd_205_firmwaresd_212sd_427_firmwaresd_712sd_855sd_730_firmwarequalcomm_215sdx20sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_710_firmwaresdm630qcs405sd_625sd_820_firmwaresd_210mdm9607sd_636_firmwaresd_439_firmwarequalcomm_215_firmwaremdm9150sd_429_firmwaresd_730sd_212_firmwaresd_850_firmwaresd_855_firmwaresdm439_firmwareqcs405_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_430sd_427sd_670sd_435_firmwaresdx20_firmwaresd_710sd_205sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-1187
DEPRECATED: Use of Uninitialized Resource
CVE-2019-2332
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 55.66%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 17:11
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption while accessing the memory as payload size is not validated before access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9615, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632mdm9640_firmwaresd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdx24sdm439mdm9650sd_636sd_615_firmwaremsm8909w_firmwaremsm8996ausd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_425_firmwaresd_665sdx24_firmwaresd_625_firmwaresd_450mdm9615sd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sd_210_firmwaresd_600sd_415_firmwaremsm8909wsd_665_firmwaresd_616_firmwaresd_205_firmwaresd_415sd_212sd_427_firmwaresd_712sd_855sd_730_firmwarequalcomm_215sdx20sd_616sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_615sd_710_firmwaresdm630qcs405sd_625sd_820_firmwaresd_210mdm9607sd_636_firmwaresd_439_firmwarequalcomm_215_firmwaremdm9150sd_429_firmwaresd_730sd_212_firmwaresd_850_firmwaresd_855_firmwaresdm439_firmwareqcs405_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_430sd_427sd_670sd_435_firmwaremdm9615_firmwaresdx20_firmwaresd_710sd_600_firmwaresd_205sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-20556
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.15% / 35.20%
||
7 Day CHG~0.00%
Published-24 Mar, 2020 | 18:23
Updated-05 Aug, 2024 | 02:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung mobile devices with P(9.0) (SM6150, SM8150, SM8150_FUSION, exynos7885, exynos9610, and exynos9820 chipsets) software. RKP memory corruption allows attackers to control the effective address in EL2. The Samsung ID is SVE-2019-15221 (October 2019).

Action-Not Available
Vendor-n/aGoogle LLCQualcomm Technologies, Inc.Samsung
Product-exynos_9610sm6150sm8150androidexynos_7885sm8150_fusionexynos_9820n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-2331
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 55.66%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 17:11
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible Integer overflow because of subtracting two integers without checking if the result would overflow or not in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9615, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632mdm9640_firmwaresd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdx24sdm439mdm9650sd_636sd_615_firmwaremsm8909w_firmwaremsm8996ausd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_425_firmwaresd_665sdx24_firmwaresd_625_firmwaresd_450mdm9615sd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sd_210_firmwaresd_600sd_415_firmwaremsm8909wsd_665_firmwaresd_616_firmwaresd_205_firmwaresd_415sd_212sd_427_firmwaresd_712sd_855sd_730_firmwarequalcomm_215sdx20sd_616sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_615sd_710_firmwaresdm630qcs405sd_625sd_820_firmwaresd_210mdm9607sd_636_firmwaresd_439_firmwarequalcomm_215_firmwaremdm9150sd_429_firmwaresd_730sd_212_firmwaresd_850_firmwaresd_855_firmwaresdm439_firmwareqcs405_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_430sd_427sd_670sd_435_firmwaremdm9615_firmwaresdx20_firmwaresd_710sd_600_firmwaresd_205sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-2311
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.36% / 57.59%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow in WLAN handler due to lack of validation of destination buffer size before copying it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8996, MSM8996AU, MSM8998, QCA6174A, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9886, QCS605, SA6155P, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwareapq8096_firmwaremdm9640_firmwaremsm8996au_firmwaresdm845apq8096sdx24mdm9650sm7150_firmwaresm6150qca6574msm8996ausm7150apq8009_firmwaresdm670qcs605_firmwaremdm9206qca9379_firmwareqca6174asdm670_firmwaresdx24_firmwareqca6584au_firmwareipq8074sdm636sda845_firmwareqca9377apq8098mdm9206_firmwareqca6574_firmwareqca9886qcs605qca6584_firmwaremdm9650_firmwareqca6584qca6574au_firmwaresda660sxr1130_firmwareqca8081_firmwaresxr1130apq8009apq8053_firmwaresda845sdm850_firmwareqca6584ausa6155p_firmwaresdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660sdm630mdm9607_firmwareipq8074_firmwareqca6574ausdm710mdm9607apq8017_firmwaresdm710_firmwaresa6155pqca8081mdm9207c_firmwaremsm8996_firmwaremdm9207cqca6174a_firmwareqca9886_firmwaresm8150_firmwareapq8096ausdm630_firmwaresda660_firmwareapq8053sm6150_firmwareapq8096au_firmwaremsm8998sm8150sdx20_firmwaresdm850apq8017msm8996qca9379sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-2300
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.36% / 57.59%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow in WLAN handler due to lack of validation of destination buffer size before copying into it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8098, IPQ8074, MDM9206, MDM9207C, MDM9607, MSM8996, MSM8996AU, MSM8998, QCA6174A, QCA6574AU, QCA8081, QCA9377, QCA9379, QCA9886, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwareapq8096_firmwaremsm8996au_firmwaresdm845apq8096sm7150_firmwaresm6150msm8996ausm7150apq8009_firmwaresdm670qcs605_firmwaremdm9206qca9379_firmwareqca6174asdm670_firmwareipq8074sdm636sda845_firmwareqca9377apq8098mdm9206_firmwareqcs605qca9886qca6574au_firmwaresda660sxr1130_firmwareqca8081_firmwaresxr1130apq8009apq8053_firmwaresda845sdm850_firmwaresdm636_firmwareapq8098_firmwaremsm8998_firmwaresdm660sdm630mdm9607_firmwareipq8074_firmwareqca6574ausdm710mdm9607apq8017_firmwaresdm710_firmwareqca8081mdm9207c_firmwaremsm8996_firmwaremdm9207cqca6174a_firmwareqca9886_firmwaresm8150_firmwaresdm630_firmwaresda660_firmwareapq8053sm6150_firmwaremsm8998sm8150sdm850apq8017msm8996qca9379sdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-2294
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 55.66%
||
7 Day CHG~0.00%
Published-30 Sep, 2019 | 15:40
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Usage of hard-coded magic number for calculating heap guard bytes can allow users to corrupt heap blocks without heap algorithm knowledge in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9655, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_632mdm9635m_firmwaresd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdm439sd_636snapdragon_high_med_2016_firmwaremsm8909w_firmwaremsm8996ausd_820sd_650sd_450_firmwaresd_845_firmwaresd_410sd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_652sd_425_firmwaresd_665sd_625_firmwaresd_450mdm9635msd_8cx_firmwaremdm9615mdm9205mdm9206_firmwaresd_845qcs605sd_632_firmwaresd_835_firmwaresd_835sda660sxr1130_firmwaresd_210_firmwaresd_652_firmwaresxr1130msm8909wsd_665_firmwaresd_205_firmwaresd_212sd_650_firmwaresd_427_firmwaresd_712sd_855sd_730_firmwaresd_412qualcomm_215sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435mdm9655_firmwaresd_710_firmwaresdm630sd_625sd_820_firmwaresd_210mdm9607sd_636_firmwaremdm9625_firmwaresd_439_firmwarequalcomm_215_firmwaresd_429_firmwaresd_730snapdragon_high_med_2016sd_212_firmwaresd_850_firmwaremdm9655sdm439_firmwaresd_412_firmwaresd_712_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwaremdm9625sd_8cxsd_430sd_427sd_670sd_435_firmwaremdm9615_firmwaresd_710sd_410_firmwaresd_205sdm660_firmwaresd_855_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-330
Use of Insufficiently Random Values
CVE-2020-11134
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 55.66%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 05:00
Updated-04 Aug, 2024 | 11:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible stack out of bound write might happen due to time bitmap length and bit duration fields of the attributes like NAN ranging setup attribute inside a NAN management frame are not Properly validated in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qpm5679_firmwaresm6250p_firmwareqca8337ipq8173_firmwareqfs2608_firmwareqfs2530qpm8870_firmwareqpa8688pm6125qcn5124qat5522_firmwarewcn3950_firmwarepm8150aqdm5670qca6595au_firmwareqpm5541_firmwareqpa5581_firmwaresa6155pm7150lqpa8821qcs6125_firmwarepm456_firmwareqpa5580_firmwarewcn3998wcd9371_firmwarewcn3950qcn6024_firmwaresd720gsm4125qsw8573_firmwareqsw8574_firmwaresd460_firmwaresmb2351_firmwareqpa4360_firmwareqca8081_firmwarewcn3998_firmwarepm855pqca6420pm6150aqpm6670_firmwareipq8070_firmwareipq8078a_firmwarepm8150bipq8072_firmwaresa8155_firmwareqca6430qat3522pmr735awcd9340sd765gsdr660qfs2630_firmwaresdr865qdm5620_firmwareqca9888_firmwareqca6696_firmwareqln5020wcd9371qcn5154_firmwarepmm855au_firmwaresd_8cxsa8150ppm6350qdm5621sd865_5g_firmwarepm640p_firmwareqcn5121qcn5022_firmwareqcn7606_firmwareqat5516_firmwarepm6150lwcn6750_firmwarepm855l_firmwareqca6428_firmwareqtc410swcn3991qpa8801ipq8078pm8150l_firmwareipq8173qat5533_firmwaresdx55m_firmwareqpa8673_firmwarepm6150smb1354_firmwareqca6574qfs2630qpa8842csr8811_firmwaresdr052_firmwarewcd9380qln4640qcs410qpm5579_firmwarepmk8350_firmwareqcn5024pm855p_firmwaresd690_5g_firmwaresmb1381pm7250qpa8803qcn9012_firmwareqdm2301ipq6018_firmwarewcd9340_firmwarewsa8815wcn6850pmp8074_firmwareqdm5621_firmwareqdm2301_firmwareqpm6375sd_8c_firmwareipq6028pmp8074wcn3980_firmwaresd730pm6250_firmwarepm8008pm8350b_firmwareqtm525_firmwareqcn5064_firmwareipq8078_firmwareqpm5621_firmwareqcn5054qln1021aq_firmwareqpa6560_firmwareqpa8802_firmwareqln4640_firmwareqpm5621qpm6582qcn9024_firmwareipq8174_firmwarepm8009_firmwareqfs2580_firmwarewcn6855qcn7605_firmwarepm8150lqcs610_firmwaresa6145par8031qpm5577wtr2965qca6391_firmwarepm8150qca4024wcd9370_firmwareqat3516_firmwaresdx55qcn5021_firmwarecsra6640qat3555_firmwareqpa8803_firmwarepm855bsmb2351qln1031qcn7606qpm5870wsa8830qet6110_firmwareqpm6325pm6125_firmwareqbt1500qpa5581qbt1500_firmwareqpm5870_firmwareqet6100pmm855auqca6420_firmwaresd690_5gsmb1396pm7150asd675_firmwareipq8072pm8350qpa5461_firmwareqpa4361_firmwarepm8350c_firmwareqca6426wcn3990_firmwareqca9984_firmwareqpm5641wcd9385_firmwareqdm5650_firmwaresdxr2_5g_firmwarewhs9410pm7250_firmwareqdm5620qln1021aqipq8074apmk8002_firmwareqsw6310_firmwaresa8155qln1031_firmwareqdm4650_firmwareqcn5122_firmwaresdx55_firmwareqat5533qcn6023_firmwaresm7250p_firmwareqsm7250_firmwareqpm6670pm7150l_firmwareqca6584auqpm4641qat5515_firmwareipq8174pm855qpm8830_firmwarepm8250qcn5052qdm4643qfs2530_firmwarewcn3988_firmwarepmx55qpm4641_firmwareqcn9074pm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresa8195psdr735_firmwareqpm5677qat5515qca6694wcd9335pm6350_firmwareqcn6023pm8004_firmwaresdr8150_firmwareqtc800h_firmwareqpm5620qpm4630qca6390wcd9375sd750g_firmwareaqt1000sm6250_firmwareqln4642qpm5677_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwaresmr525_firmwarewsa8815_firmwarewtr3925_firmwareqpm8820_firmwareqpm6621_firmwareqcm6125_firmwarepmx55_firmwaresd865_5gqca6595pm8150_firmwaresmb1398_firmwareqpm8830qat5522pm8150cpmr735bsd665_firmwareqpa4360pmk8003_firmwareqcn5154qca8075_firmwareqpa4361ipq6005_firmwareqpm4640_firmwareqpm5577_firmwarewcn6855_firmwareqdm5679_firmwarepm8350csmr525qca9888ipq8070a_firmwarepm6150l_firmwarepmr525pm8150a_firmwareqca6574_firmwareqln1036aq_firmwaresd665pm6150a_firmwarepm6150_firmwareqca6175asd765qca6574a_firmwareqpm4630_firmwareqat3555qpa5461wtr2965_firmwareqfs2608qcn9070_firmwareqln1036aqqtc801sipq6028_firmwareipq8072a_firmwareqpm5641_firmwareqca9889_firmwareqcn5122pm8008_firmwareqpm6621pmr735a_firmwarepmx50qcn5022sdr8250sd768gpm8004pm640lpmk8002qca8075qcn6024qcn9022ipq6000_firmwareqcs410_firmwareqca6175a_firmwareqpa5580qpm5579sa6150p_firmwareqcs610qcn5550qpm5620_firmwareqdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqat3519qbt2000_firmwareqca4024_firmwarepm855a_firmwareipq8078aqtc800hsa8150p_firmwaresdr8250_firmwareqcn5064csra6620_firmwaresd_675_firmwareqdm5671csra6640_firmwarepmc1000hqpm4650_firmwareqat3518sdr425_firmwaresmr526_firmwareipq8076apm640a_firmwarewgr7640_firmwareqdm2305_firmwareqpm5670_firmwareqca6428qdm5652qca6574au_firmwareqcn5164_firmwareipq8071qpm8870wcd9375_firmwareqpm5679qbt2000sa6155_firmwarewcd9360qca6438_firmwarepmx50_firmwareqpa8675_firmwarewhs9410_firmwaresdr735gwcn3999qdm3301_firmwareqsm7250qcs6125ipq6010sd662_firmwareqcs405qdm2308_firmwareqca6436wcn6851sa6155pqpa6560sdr675_firmwarepmc7180wcd9341qdm4643_firmwareqca6431qet4100_firmwaresd750gwcn3910_firmwareqpm5657qpm5875_firmwarewsa8830_firmwaresd855_firmwareqdm5650wcn3988qca6438wtr3925sdr052sa8195p_firmwaresmb1390qet4100qpa8686_firmwareipq5018_firmwareqpm6585qca8337_firmwarewcd9380_firmwaresmb1355ipq8072aqln4650sdr735g_firmwarewgr7640ipq8076a_firmwareqat5568qdm5671_firmwareqet5100qca6564auqpa8801_firmwareqtm527_firmwarewcn6856_firmwareqcn5164qet4101_firmwarepm7250bqln4642_firmwaresmb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwareqcn5054_firmwareqet4200aq_firmwaresdx50m_firmwaresdr735smb1395smr526qca8072_firmwareqca6430_firmwarepmk8003qcn5052_firmwareqtc801s_firmwareqat3522_firmwarewcd9335_firmwarewcn3980qsw8573sd7cwcn3910qca6426_firmwarepm8350_firmwareqca9984qcn9024pm8009qpa8675qcn5550_firmwaresdr051_firmwaresdx55mqca6421_firmwareqat3518_firmwareqsw8574ar8031_firmwarepm855lwcn6851_firmwareqdm5670_firmwareipq8070pm7150a_firmwarepm8150b_firmwarepmc1000h_firmwareqca6564a_firmwareqdm2310_firmwareqcn5121_firmwareqdm5677ipq6018pm855_firmwareqdm2302pm855b_firmwareqca6595_firmwareqcs405_firmwareqpm6582_firmwareqpm6375_firmwarepm640l_firmwareqln4650_firmwareqpm5875qet5100msa8155psd675qet4101qat3516qpm5658ar8035_firmwareqpm5658_firmwareqcn5024_firmwarewcn3991_firmwareqdm5652_firmwarepmm8155au_firmwaresdr051qcn9070qln5030pm4125pmi632qpa2625_firmwarepm456sd7c_firmwarepm8350bh_firmwarecsra6620pmr735b_firmwareqet5100_firmwareqpm4621qcn9072qet6100_firmwaresdr660gsd765g_firmwareqpa8686qca6390_firmwareipq6000sd730_firmwarewcd9370qcn5152_firmwaresdr425pmr525_firmwareqca6584au_firmwareqcn9000_firmwareipq5018pmi632_firmwaresd_8cx_firmwareqcn7605qpm5541qat5516sd662qpa8821_firmwareqcn5124_firmwaresdr660g_firmwarepm8350bhpm3003aqca6595auwcn3999_firmwareqca6436_firmwaresmb1354ipq5010qca6564au_firmwareqdm2305sa6155p_firmwareqpm8820qln5020_firmwaresa515m_firmwaresdxr2_5gsmb1398sa6145p_firmwaresdr675sm6250wsa8810_firmwaresd765_firmwareqdm5677_firmwareqca8081qet4200aqipq8071aipq8071a_firmwarewcd9385qpm6325_firmwareqdm2302_firmwareqat3550_firmwarepmm8155auqln5040_firmwarepm4125_firmwarear8035csr8811qpa8673qca6694_firmwareqdm2310qln5030_firmwareqcn9100_firmwaresmb1396_firmwarewcn6850_firmwarewsa8835_firmwareqca6564aqet6110qln5040qca8072qpm8895qpm5670wcn3990qcn9000sd_675qtm527pmk8350qcn9012pmc7180_firmwarepm8350bqdm2307_firmwarewsa8835qpm5657_firmwaresd888_5gsm6250ppm855asdr660_firmwareqca6574asmb1390_firmwareqca9889ipq8074qpm4640wcn6750qet5100m_firmwareipq8076_firmwareqpm4650qtm525sa515msd855sm4125_firmwareipq8076pm640pqcn5021qcn5152sd768g_firmwaresdr865_firmwarepm8250_firmwaresd460qca6391smb1351ipq6005aqt1000_firmwareqcn9100qpm8895_firmwaresdx50mpm640asdr8150smb1395_firmwareqdm4650pmd9655ipq8074_firmwareqca6574ausa8155p_firmwareqsw6310wcd9341_firmwareqcm6125wsa8810qtc410s_firmwareqat5568_firmwareqdm2308qat3550wcn6856qdm5679sd_8cipq6010_firmwarepm3003a_firmwareqca6696smb1381_firmwareqpa2625sa6150pqcn9022_firmwareqpa8688_firmwareipq8070aqcn9072_firmwaresm7250psd720g_firmwareipq8071_firmwareqcn9074_firmwareqpm4621_firmwarepm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-129
Improper Validation of Array Index
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-43552
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.23% / 45.30%
||
7 Day CHG~0.00%
Published-04 Mar, 2024 | 10:48
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in WLAN Host Communication

Memory corruption while processing MBSSID beacon containing several subelement IE.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm8550_firmwareimmersive_home_214sa6150p_firmwaresw5100pipq9574qcn9000_firmwareqca6595qcn9022ipq6028_firmwareqca8081_firmwareqca6696wcd9340_firmwareipq5028_firmwarewcd9395_firmwareqcn6024qcc2073_firmwareqcc710_firmwareipq8076ipq6018_firmwareqcn6422_firmwareqcn6023qcn5124_firmwarewsa8832_firmwareqca8337wcd9395ipq6000ipq8078aqca6574au_firmwareipq8078a_firmwareqam8295pipq5312qca6574auwcd9390wsa8845h_firmwaresa9000p_firmwaresrv1hqcn9100_firmwareqcn5122qca6554aqcn6024_firmwaresa8770pqcn9000ssg2115pqcc710qcn6132_firmwarefastconnect_6900qcn6402qcn6432immersive_home_326_firmwareipq5332_firmwareqcn5052qfw7114wcd9385_firmwareipq9574_firmwareqam8255p_firmwareipq8074a_firmwareipq8076aqcn5164snapdragon_x65_5g_modem-rfwsa8845sa6155pqca6564au_firmwarecsr8811_firmwareqca8075qam8650pvideo_collaboration_vc5_platform_firmwareqca8085sa9000psrv1h_firmwareqca6595ausa6155p_firmwarewsa8840srv1m_firmwaresnapdragon_8_gen_2_mobile_firmwareqfw7124_firmwareqcn9012ipq8070a_firmwareqcn9070qcf8001qca8084snapdragon_8_gen_2_mobilesdx65mqcc2076ipq9570qca6574asnapdragon_8\+_gen_2_mobilesa8195pwcd9340qcs8250_firmwaresnapdragon_auto_5g_modem-rf_gen_2ipq5302qcn6122_firmwareqcn5154_firmwaresm8550p_firmwareqcm8550wcn3988qcn5122_firmwareqcn9274qcn9024ipq8076a_firmwaresa8775pqca6574ipq9570_firmwaresxr2230p_firmwaresa8775p_firmwareqamsrv1hqcn6412_firmwareqcn9024_firmwarewsa8845hqca8082sa6150psa8155p_firmwaresa8155pwsa8830ipq5312_firmwaresm8550pqcf8000_firmwaresa6145pqcn9074_firmwareipq8174immersive_home_318_firmwareqcn6122ipq8174_firmwaresa8255p_firmwareqcc2073ar8035ipq8072aqamsrv1m_firmwaresa8650p_firmwareimmersive_home_216_firmwareimmersive_home_316qcn6224ipq8071aqcn6112qca6698aqssg2125p_firmwareqrb5165nsa8145p_firmwaresa8150p_firmwareqcn6023_firmwareqcn5164_firmwaresnapdragon_x75_5g_modem-rf_firmwareipq8078qcs8250wsa8830_firmwareqcn9072qcn6224_firmwareqca6678aq_firmwareqca8386_firmwarewsa8845_firmwarewsa8832qca8082_firmwareqcc2076_firmwareimmersive_home_216srv1mqca6678aqqcn6432_firmwarear8035_firmwareqcn5022_firmwareqca4024_firmwareqca0000_firmwareipq9008qca6564auipq9008_firmwareqcn9074sa8195p_firmwareqca8337_firmwareqca9888ipq5332qcn9013sg8275p_firmwareipq8173ipq8072a_firmwareipq6010_firmwareqcn6112_firmwareflight_rb5_5gqca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareipq5028qca8085_firmwareqcf8001_firmwareqcn9070_firmwaresa8295p_firmwareqcn9022_firmwareipq5010_firmwareqcn6132ipq6018qca6584auqcn6274_firmwaresw5100_firmwareqfw7114_firmwareqca4024qca6595_firmwareqcs7230fastconnect_7800_firmwareqcn6422immersive_home_214_firmwareipq5302_firmwareipq8070afastconnect_6900_firmwarerobotics_rb5_firmwarewcd9380sa6145p_firmwareqam8255psxr2230psa8150pimmersive_home_3210qca8075_firmwareqcf8000qcn5052_firmwaresxr1230pipq6010sdx65m_firmwaresw5100qam8295p_firmwareqcn6402_firmwareqca6698aq_firmwarewcd9385qca8084_firmwaresa8255pqcs7230_firmwaresxr1230p_firmwarewcd9390_firmwareqcn5024sg8275psdx55_firmwareimmersive_home_326ipq8071a_firmwareflight_rb5_5g_firmwaressg2125pqca6554a_firmwareipq6028snapdragon_x65_5g_modem-rf_firmwareqcn9100qamsrv1mrobotics_rb5qam8650p_firmwareqcn9013_firmwarevideo_collaboration_vc5_platformipq8076_firmwareqca6584au_firmwareqcn5152_firmwareqcn6274qrb5165n_firmwareqfw7124wcn3980_firmwarewsa8835qca6595au_firmwareqca6391_firmwareqca0000wsa8840_firmwaresw5100p_firmwareqca6696_firmwarewcd9380_firmwareqca6574_firmwareqca8081qcn5124qam8775pqca6797aqsnapdragon_ar2_gen_1_firmwareqcn5152snapdragon_x75_5g_modem-rfqcn6412qca6574a_firmwaresdx55qcn9072_firmwareqca9888_firmwareipq8074aimmersive_home_3210_firmwareqca9889qcn5024_firmwareqca8386qca6391immersive_home_318ipq5010qcn9274_firmwareipq8173_firmwareqcn9012_firmwaresa8770p_firmwaresa8295pipq6000_firmwarefastconnect_7800sa8650pqam8775p_firmwaresnapdragon_8\+_gen_2_mobile_firmwareipq8078_firmwareqca9889_firmwaresnapdragon_ar2_gen_1wcn3988_firmwareimmersive_home_316_firmwareqamsrv1h_firmwareqcn5154sa8145pwsa8835_firmwaressg2115p_firmwarecsr8811qcn5022wcn3980Snapdragonqcn6412_firmwareqca6574a_firmwarewsa8832_firmwareqcn5124_firmwareflight_rb5_5g_platform_firmwaresa8150p_firmwareqcn9024_firmwareqcs7230_firmwareqcn9070_firmwaresrv1h_firmwareqcn6422_firmwarewsa8835_firmwarecsr8811_firmwaresa8255p_firmwarewcn3988_firmwarequalcomm_video_collaboration_vc5_platform_firmwareipq8076a_firmwareqcn9022_firmwareipq8076_firmwareipq8074a_firmwaresa8155p_firmwareqcn6224_firmwareqca8386_firmwareqcn5164_firmwareqcn5052_firmwareimmersive_home_3210_platform_firmwareqca6698aq_firmwareqca8081_firmwareqcn6402_firmwaresa8770p_firmwarewcd9385_firmwarefastconnect_7800_firmwarewsa8845h_firmwareqcm8550_firmwareipq8078_firmwaressg2125p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcn6024_firmwareqamsrv1m_firmwareipq8070a_firmwareqca6595_firmwareipq5302_firmwareqca0000_firmwareqcn5152_firmwareqam8650p_firmwareqcn6274_firmwareqcn6432_firmwaresrv1m_firmwareimmersive_home_316_platform_firmwareqrb5165n_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqcn5024_firmwaresa8195p_firmwareqcc2073_firmwareqca9889_firmwareipq8173_firmwareqcn9012_firmwareipq6018_firmwareqcn9100_firmwaresw5100_firmwaresa9000p_firmwarewcd9340_firmwarear8035_firmwareqca8084_firmwareqcn5022_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewsa8845_firmwareqcf8001_firmwareqcc710_firmwareqca8075_firmwareqca6574au_firmwareqcf8000_firmwaresa6155p_firmwareqcn9274_firmwareipq8071a_firmwareqcn9074_firmwareqca6678aq_firmwareqcn5122_firmwaresdx65m_firmwareipq5312_firmwareqca6564au_firmwarewcn3980_firmwareqca4024_firmwareqcn9000_firmwareqca6696_firmwareimmersive_home_326_platform_firmwareqcn6122_firmwaresa8775p_firmwareimmersive_home_318_platform_firmwareqcn9013_firmwareqca8337_firmwareipq6000_firmwareqcn5154_firmwareqca6595au_firmwarewcd9390_firmwareqamsrv1h_firmwaresm8550p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqca6554a_firmwaresnapdragon_ar2_gen_1_platform_firmwareipq9570_firmwareipq8078a_firmwarewcd9395_firmwaresa6145p_firmwaresa8295p_firmwaresa6150p_firmwaresxr1230p_firmwareqcn9072_firmwareqfw7124_firmwareqca6391_firmwareqcc2076_firmwareipq8174_firmwareipq6010_firmwarefastconnect_6900_firmwarewsa8840_firmwareqca9888_firmwarewcd9380_firmwareqca6584au_firmwareqam8775p_firmwareimmersive_home_216_platform_firmwareipq9008_firmwaresw5100p_firmwareqfw7114_firmwarewsa8830_firmwareqca8085_firmwaresxr2230p_firmwareqam8295p_firmwaressg2115p_firmwareqca6574_firmwaresg8275p_firmwaresa8145p_firmwareqcn6112_firmwareqcn6023_firmwareipq5028_firmwarerobotics_rb5_platform_firmwareipq6028_firmwareipq8072a_firmwareipq9574_firmwareqca6797aq_firmwareipq5010_firmwaresdx55_firmwareqca8082_firmwareipq5332_firmwareimmersive_home_214_platform_firmwareqam8255p_firmwaresa8650p_firmwareqcs8250_firmwareqcn6132_firmware
CWE ID-CWE-416
Use After Free
CVE-2019-2302
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.40% / 60.51%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 17:11
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While processing vendor command which contains corrupted channel count, an integer overflow occurs and finally will lead to heap overflow. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8976, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS405, QCS605, SDA845, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM8150

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaremdm9640_firmwaresdm636_firmwaresdm845_firmwaremsm8996au_firmwaresdm845sdx20sdm660sdx24mdm9607_firmwaremdm9650qcs405qca6574ausdm710msm8909w_firmwaremdm9607msm8976_firmwaremsm8996ausm6150apq8017_firmwaresdm710_firmwareqcn7605_firmwaresdm670qcs605_firmwaremdm9207c_firmwaremdm9206msm8905mdm9207cqca6174a_firmwareqca6174aqca9379_firmwaresdm670_firmwaresm8150_firmwaremsm8909sdx24_firmwareapq8096ausdm636qcs405_firmwareqca9377sda845_firmwareqcn7605mdm9206_firmwareqcs605msm8976apq8053apq8096au_firmwaresm6150_firmwaremdm9650_firmwaresm8150sdx20_firmwaremsm8905_firmwareqca6574au_firmwareapq8017msm8909wqca9379msm8909_firmwareapq8053_firmwaresdm660_firmwaresda845mdm9640Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-2307
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.64% / 70.19%
||
7 Day CHG~0.00%
Published-25 Jul, 2019 | 16:33
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible integer underflow due to lack of validation before calculation of data length in 802.11 Rx management configuration in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS405, QCS605, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDM630, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresd_850mdm9150_firmwaremdm9640_firmwaresd_820asd_675msm8996au_firmwaresd_670_firmwaresdx24mdm9650sd_636msm8996ausd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_425_firmwareqca9379_firmwareqca6174asd_665sdx24_firmwaresd_625_firmwaresd_450qca9377sd_845mdm9206_firmwareqcs605sd_835_firmwaremdm9650_firmwaresd_835qca6574au_firmwaresd_210_firmwaresd_600sd_665_firmwaresd_205_firmwaresd_212sd_427_firmwaresd_712sd_855sd_730_firmwaresdx20sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_710_firmwaresdm630qcs405sd_625qca6574ausd_820_firmwaresd_210mdm9607sd_636_firmwaremdm9150qca6174a_firmwaresd_730sd_212_firmwaresd_850_firmwaresd_855_firmwareqcs405_firmwaresd_712_firmwaresdm630_firmwaresd_430sd_427sd_670sd_435_firmwaresdx20_firmwaresd_710sd_600_firmwaresd_205qca9379sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CVE-2019-2289
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.05% / 16.66%
||
7 Day CHG~0.00%
Published-21 Nov, 2019 | 14:38
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of integrity check allows MODEM to accept any NAS messages which can result into authentication bypass of NAS in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9635m_firmwareqcm2150_firmwaremdm9640_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresnapdragon_high_med_2016_firmwaresm6150msm8909w_firmwaremsm8976_firmwaremsm8996aumdm915_firmwaresm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaresc8180xmdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwaremdm9635mapq8098mdm9615mdm9205mdm9206_firmwaremsm8939qcs605mdm915msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwaremdm9655_firmwaresdm660sc8180x_firmwaresdm710qm215mdm9607apq8017_firmwaremdm9625_firmwaresdm710_firmwaremsm8939_firmwaremsm8937msm8905snapdragon_high_med_2016sm8150_firmwaremsm8909sxr2130_firmwaremdm9655apq8096ausdm439_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwaremdm9625qm215_firmwaremsm8976sdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250msm8998sm8150sdx20_firmwaresdm850mdm9615_firmwareapq8017nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
CVE-2019-2325
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 55.66%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 17:11
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of boundary access due to token received from ADSP and is used without validation as an index into the array in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632mdm9640_firmwaresd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdx24sdm439mdm9650sd_636sd_615_firmwaremsm8909w_firmwaremsm8996ausd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_425_firmwaresd_665sdx24_firmwaresd_625_firmwaresd_450sd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sd_210_firmwaresd_415_firmwaremsm8909wsd_665_firmwaresd_616_firmwaresd_205_firmwaresd_415sd_212sd_427_firmwaresd_712sd_855sd_730_firmwarequalcomm_215sdx20sd_616sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_615sd_710_firmwaresdm630qcs405sd_625sd_820_firmwaresd_210mdm9607sd_636_firmwaresd_439_firmwarequalcomm_215_firmwaremdm9150sd_429_firmwaresd_730sd_212_firmwaresd_850_firmwaresd_855_firmwaresdm439_firmwareqcs405_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_430sd_427sd_670sd_435_firmwaresdx20_firmwaresd_710sd_205sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2019-2324
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.25% / 48.29%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 17:11
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When ADSP is compromised, the audio port index that`s returned from ADSP might be out of the valid range and leads to out of boundary access in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9615, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 845 / SD 850, SD 855, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaremdm9640_firmwaresd_820asd_675sd_670_firmwaresdx24mdm9650sd_615_firmwaremsm8909w_firmwaresd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwaresd_675_firmwaremdm9206sd_425_firmwaresd_665sdx24_firmwaresd_625_firmwaresd_450mdm9615sd_845mdm9206_firmwaremdm9640mdm9650_firmwaresd_210_firmwaresd_600sd_415_firmwaremsm8909wsd_665_firmwaresd_616_firmwaresd_205_firmwaresd_415sd_212sd_427_firmwaresd_712sd_855sd_730_firmwaresdx20sd_616sd_425sd_430_firmwaremdm9607_firmwaresd_435sd_615sd_710_firmwaresd_625sd_210mdm9607sd_820_firmwaremdm9150sd_730sd_212_firmwaresd_850_firmwaresd_712_firmwaresd_427sd_430sd_670sd_435_firmwaremdm9615_firmwaresd_710sdx20_firmwaresd_600_firmwaresd_205sd_855_firmwareSnapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2023-43534
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.6||HIGH
EPSS-0.16% / 37.04%
||
7 Day CHG~0.00%
Published-06 Feb, 2024 | 05:47
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use of Out-of-range Pointer Offset in WLAN HOST

Memory corruption while validating the TID to Link Mapping action request frame, when a station connects to an access point.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm8550_firmwarewsa8845_firmwarewsa8832qcc2076_firmwareqca6595srv1mqca8081_firmwarear8035_firmwareqca6696wcd9340_firmwarewcd9395_firmwareqcc2073_firmwareqcc710_firmwareqca6564auwsa8832_firmwaresa8195p_firmwareqca8337_firmwareqca8337wcd9395qca6574au_firmwareqca6574auwcd9390flight_rb5_5g_platformwsa8845h_firmwaresa9000p_firmwaresrv1hqca6554asa8770pqca6584auqcn6274_firmwaressg2115pqcc710qfw7114_firmwareqca6595_firmwareqcs7230fastconnect_6900fastconnect_7800_firmwareqfw7114wcd9385_firmwarefastconnect_6900_firmwareqam8255p_firmwarewcd9380qam8255psxr2230psnapdragon_ar2_gen_1_platform_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwarewsa8845sa6155pqca6564au_firmwaresxr1230pqam8650pvideo_collaboration_vc5_platform_firmwaresa9000psnapdragon_8\+_gen_2_mobile_platformsrv1h_firmwareqca6595ausa6155p_firmwarewsa8840qca6688aqsrv1m_firmwareqcs8550_firmwareqfw7124_firmwarewcd9385snapdragon_8_gen_2_mobile_platformsa8255pqcs7230_firmwaresxr1230p_firmwarewcd9390_firmwareqcc2076ssg2125pqca6554a_firmwareqca6574asa8195pwcd9340qcs8250_firmwareqamsrv1mqam8650p_firmwarevideo_collaboration_vc5_platformsm8550p_firmwareqcm8550qca6584au_firmwareqcn6274qca6574qfw7124qrb5165n_firmwaresa8775pqca6595au_firmwareqca6391_firmwaresnapdragon_x75_5g_modem-rf_systemsxr2230p_firmwarewsa8835wsa8840_firmwaresa8775p_firmwaresnapdragon_ar2_gen_1_platformqamsrv1hqca6696_firmwarewsa8845hwcd9380_firmwareqca6574_firmwaresa8155p_firmwareqca8081sa8155pwsa8830qam8775psm8550psa8255p_firmwareflight_rb5_5g_platform_firmwareqcc2073ar8035qca6574a_firmwareqamsrv1m_firmwaresa8650p_firmwarerobotics_rb5_platformqca6391qcn6224ssg2125p_firmwareqrb5165nsa8770p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwarerobotics_rb5_platform_firmwareqcs8550fastconnect_7800sa8650pqam8775p_firmwareqca6688aq_firmwareqamsrv1h_firmwarewsa8835_firmwaressg2115p_firmwaresnapdragon_x75_5g_modem-rf_system_firmwareqcs8250wsa8830_firmwareqcn6224_firmwareSnapdragonsnapdragon
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-823
Use of Out-of-range Pointer Offset
CVE-2023-43553
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.29% / 52.24%
||
7 Day CHG~0.00%
Published-04 Mar, 2024 | 10:48
Updated-09 Jan, 2025 | 16:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use of Out-of-range Pointer Offset in WLAN HOST

Memory corruption while parsing beacon/probe response frame when AP sends more supported links in MLIE.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wsa8830qcn6422wcd9395ipq8078sm8550p_firmwareqcn9022wsa8832_firmwareqca8084_firmwareqcn9013qca6678aq_firmwarewcd9390_firmwareqcc710qcn6224qamsrv1m_firmwareqca4024ipq6028srv1m_firmwareipq8074a_firmwareqca6698aqipq5312qam8650pqfw7124wcd9340_firmwareqcn6132qcn9274_firmwareimmersive_home_316qcn5164_firmwareqcn5052qca6564au_firmwareqcn9012ar8035_firmwareimmersive_home_326sa8155pqcn9072sa8255p_firmwareqca6595qcs8550_firmwareqcn9100sa8195psa9000p_firmwaressg2125p_firmwareipq8076asa8255pqcc2073ipq8070a_firmwaresnapdragon_x65_5g_modem-rf_firmwarewcd9380qcn9072_firmwareqcn6432_firmwarecsr8811_firmwareipq6018_firmwarear8035qam8775p_firmwareqca6797aqqcn6422_firmwareqca8085_firmwareimmersive_home_326_firmwaresnapdragon_ar2_gen_1_firmwaresa8650pqca6584ausrv1mqcs8550qca9889_firmwareqca8337srv1h_firmwareqca9889qca8386qcn5024qcn6402_firmwaresa6155pqcn5024_firmwarecsr8811ipq8078aqca6574aqca6574qcn9100_firmwareqcn5052_firmwarefastconnect_7800immersive_home_214_firmwarewcd9340sxr1230pipq6018qca6574au_firmwareqcn9012_firmwareipq8078a_firmwaresa9000pqca8075sxr2230p_firmwarewsa8832fastconnect_6900ipq5028_firmwareipq8072a_firmwareqcn9024fastconnect_6900_firmwareqcc710_firmwareipq8174_firmwareqcn9274qca6584au_firmwareqcn9074_firmwarefastconnect_7800_firmwareipq5312_firmwarewcd9390qcn5122qcn6023_firmwareqfw7124_firmwareqcc2076wcd9385_firmwareqca8337_firmwaresa7255p_firmwareqcn9074qamsrv1h_firmwareipq8076a_firmwarewsa8845h_firmwaresdx65m_firmwareqcn6024_firmwaresxr1230p_firmwareqcn6122_firmwareimmersive_home_216ipq9570snapdragon_ar2_gen_1ipq8072aqam8255pqcn6122sm8550pipq5302_firmwaresnapdragon_8\+_gen_2_mobile_firmwaresnapdragon_8\+_gen_2_mobileimmersive_home_214ipq6010_firmwareqcn9022_firmwarewsa8830_firmwareipq8173ipq9574qcn5152ipq5332_firmwaresdx55snapdragon_x75_5g_modem-rfsnapdragon_x65_5g_modem-rfqcn5124_firmwareipq8074aqcf8000_firmwareqam8775pipq6000_firmwareipq5302qcn5154qca4024_firmwareqca8084qcn5122_firmwaresa8155p_firmwaresa8195p_firmwareqca6696ipq5332sxr2230pwsa8835ipq8078_firmwareqcc2073_firmwareipq9574_firmwaresnapdragon_8_gen_2_mobile_firmwaresa6155p_firmwareipq6028_firmwareqca6595au_firmwareqcn5164ipq9008_firmwareipq6000ipq8076qcn9024_firmwareqcn6224_firmwareqfw7114sa7255pqca9888_firmwareqcf8001sa8775p_firmwareqcn6112_firmwareipq5010_firmwareqcn6274qcn5152_firmwareqca9888qcn5154_firmwareqcn6274_firmwareqca0000_firmwaresrv1hsa8775pipq8071a_firmwareqca0000ssg2115p_firmwareqcn9000immersive_home_3210_firmwaressg2125pwcd9385immersive_home_316_firmwareipq8174qca6554a_firmwareqfw7114_firmwareipq6010immersive_home_216_firmwareqca6574auqcn5022_firmwareqcn6432qca6574_firmwareqca6698aq_firmwarewsa8840sdx65mipq8071aqcf8001_firmwareqcn5124wsa8840_firmwareqcc2076_firmwaresdx55_firmwaressg2115pipq5010qcn6132_firmwareqam8650p_firmwareqca6554asnapdragon_x75_5g_modem-rf_firmwareqcf8000qca8075_firmwareqca6595auipq5028wcd9380_firmwaresa8770p_firmwarewsa8835_firmwareipq8070asnapdragon_8_gen_2_mobileqca8082_firmwaresa8770pqcn6402qcn9070wcd9395_firmwareipq9570_firmwareqcn6023qca8081qcn6412ipq8173_firmwareqam8255p_firmwareqca8386_firmwareqcn5022qcn6112sa8650p_firmwareqca6595_firmwareimmersive_home_3210qca6564auqca6696_firmwareqca8081_firmwarewsa8845_firmwareimmersive_home_318wsa8845hqcn9000_firmwarewsa8845qca6574a_firmwareqca6678aqqamsrv1mqcn9013_firmwareipq9008qcn6024qca8082qca8085qcn6412_firmwareqca6797aq_firmwareqcn9070_firmwareqamsrv1himmersive_home_318_firmwareipq8076_firmwareSnapdragonqcn6412_firmwareqca6574a_firmwarewsa8832_firmwareqcn5124_firmwareqcn9024_firmwareqcn9070_firmwaresrv1h_firmwareqcn6422_firmwarewsa8835_firmwarecsr8811_firmwaresa8255p_firmwareipq8076a_firmwareqcn9022_firmwareipq8076_firmwareipq8074a_firmwaresa8155p_firmwareqcn6224_firmwareqca8386_firmwareqcn5164_firmwareqcn5052_firmwareimmersive_home_3210_platform_firmwareqca6698aq_firmwareqca8081_firmwareqcn6402_firmwaresa8770p_firmwarewcd9385_firmwarefastconnect_7800_firmwarewsa8845h_firmwareipq8078_firmwaressg2125p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcn6024_firmwareqamsrv1m_firmwareipq8070a_firmwareqca6595_firmwareipq5302_firmwareqca0000_firmwareqcn5152_firmwareqam8650p_firmwareqcn6274_firmwaresa7255p_firmwareqcn6432_firmwaresrv1m_firmwareimmersive_home_316_platform_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqcn5024_firmwaresa8195p_firmwareqcc2073_firmwareqca9889_firmwareipq8173_firmwareqcn9012_firmwareipq6018_firmwareqcn9100_firmwaresa9000p_firmwarewcd9340_firmwarear8035_firmwareqca8084_firmwareqcn5022_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewsa8845_firmwareqcf8001_firmwareqcc710_firmwareqca8075_firmwareqca6574au_firmwareqcf8000_firmwaresa6155p_firmwareqcn9274_firmwareipq8071a_firmwareqcn9074_firmwareqca6678aq_firmwareqcn5122_firmwareqcs8550_firmwareipq5312_firmwaresdx65m_firmwareqca6564au_firmwareqca4024_firmwareqcn9000_firmwareqca6696_firmwareimmersive_home_326_platform_firmwareqcn6122_firmwaresa8775p_firmwareimmersive_home_318_platform_firmwareqcn9013_firmwareqca8337_firmwareipq6000_firmwareqcn5154_firmwareqca6595au_firmwarewcd9390_firmwareqamsrv1h_firmwaresm8550p_firmwareqca6554a_firmwaresnapdragon_ar2_gen_1_platform_firmwareipq9570_firmwareipq8078a_firmwarewcd9395_firmwaresxr1230p_firmwareqcn9072_firmwareqfw7124_firmwareqcc2076_firmwareipq8174_firmwareipq6010_firmwarefastconnect_6900_firmwarewsa8840_firmwareqca9888_firmwarewcd9380_firmwareqca6584au_firmwareqam8775p_firmwareimmersive_home_216_platform_firmwareipq9008_firmwareqfw7114_firmwarewsa8830_firmwareqca8085_firmwaresxr2230p_firmwaressg2115p_firmwareqca6574_firmwareqcn6112_firmwareqcn6023_firmwareipq5028_firmwareipq6028_firmwareipq8072a_firmwareipq9574_firmwareqca6797aq_firmwareipq5010_firmwaresdx55_firmwareqca8082_firmwareipq5332_firmwareimmersive_home_214_platform_firmwareqam8255p_firmwaresa8650p_firmwareqcn6132_firmware
CWE ID-CWE-823
Use of Out-of-range Pointer Offset
CVE-2023-43520
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.6||HIGH
EPSS-0.27% / 49.93%
||
7 Day CHG~0.00%
Published-06 Feb, 2024 | 05:47
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Stack-based Buffer Overflow in WLAN HOST

Memory corruption when AP includes TID to link mapping IE in the beacons and STA is parsing the beacon TID to link mapping IE.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm8550_firmwaresa6150p_firmwarewsa8845_firmwarewsa8832qcc2076_firmwareqca6595srv1mqca8081_firmwarear8035_firmwareqca6696wcd9340_firmwarewcd9395_firmwareqcc2073_firmwareqcc710_firmwareqca6564auwsa8832_firmwaresa8195p_firmwareqca8337_firmwareqca8337wcd9395qca6574au_firmwareqca6574auwcd9390flight_rb5_5g_platformwsa8845h_firmwaresa9000p_firmwaresrv1hqca6554asa8770pqca6584auqcn6274_firmwaressg2115pqcc710qfw7114_firmwareqca6595_firmwareqcs7230fastconnect_6900fastconnect_7800_firmwareqfw7114wcd9385_firmwarefastconnect_6900_firmwareqam8255p_firmwarewcd9380sa6145p_firmwareqam8255psxr2230psa8150psnapdragon_ar2_gen_1_platform_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwarewsa8845sa6155pqca6564au_firmwaresxr1230pqam8650pvideo_collaboration_vc5_platform_firmwaresa9000psnapdragon_8\+_gen_2_mobile_platformsrv1h_firmwareqca6595ausa6155p_firmwarewsa8840qca6688aqsrv1m_firmwareqcs8550_firmwareqfw7124_firmwarewcd9385snapdragon_8_gen_2_mobile_platformsa8255pqcs7230_firmwaresxr1230p_firmwarewcd9390_firmwareqcc2076ssg2125pqca6554a_firmwareqca6574asa8195pwcd9340qcs8250_firmwareqamsrv1mqam8650p_firmwarevideo_collaboration_vc5_platformsm8550p_firmwareqcm8550qca6584au_firmwareqcn6274qca6574qfw7124qrb5165n_firmwaresa8775pqca6595au_firmwareqca6391_firmwaresnapdragon_x75_5g_modem-rf_systemsxr2230p_firmwarewsa8835wsa8840_firmwaresa8775p_firmwaresnapdragon_ar2_gen_1_platformqamsrv1hqca6696_firmwarewsa8845hwcd9380_firmwaresa6150pqca6574_firmwaresa8155p_firmwareqca8081sa8155pwsa8830qam8775psm8550psa6145psa8255p_firmwareflight_rb5_5g_platform_firmwareqcc2073ar8035qca6574a_firmwareqamsrv1m_firmwaresa8650p_firmwarerobotics_rb5_platformqca6391qcn6224ssg2125p_firmwareqrb5165nsa8770p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwarerobotics_rb5_platform_firmwareqcs8550fastconnect_7800sa8145p_firmwaresa8650pqam8775p_firmwareqca6688aq_firmwaresa8150p_firmwareqamsrv1h_firmwaresa8145pwsa8835_firmwaressg2115p_firmwaresnapdragon_x75_5g_modem-rf_system_firmwareqcs8250wsa8830_firmwareqcn6224_firmwareSnapdragon
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 11
  • 12
  • Next
Details not found