Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2020-3628

Summary
Assigner-qualcomm
Assigner Org ID-2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At-22 Jun, 2020 | 07:10
Updated At-04 Aug, 2024 | 07:37
Rejected At-
Credits

Improper access due to socket opened by the logging application without specifying localhost address in Snapdragon Consumer IOT, Snapdragon Mobile in APQ8053, Rennell, SDX20

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:qualcomm
Assigner Org ID:2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At:22 Jun, 2020 | 07:10
Updated At:04 Aug, 2024 | 07:37
Rejected At:
â–¼CVE Numbering Authority (CNA)

Improper access due to socket opened by the logging application without specifying localhost address in Snapdragon Consumer IOT, Snapdragon Mobile in APQ8053, Rennell, SDX20

Affected Products
Vendor
Qualcomm Technologies, Inc.Qualcomm, Inc.
Product
Snapdragon Consumer IOT, Snapdragon Mobile
Versions
Affected
  • APQ8053, Rennell, SDX20
Problem Types
TypeCWE IDDescription
textN/AImproper Access Control Issue in On-Device Logging
Type: text
CWE ID: N/A
Description: Improper Access Control Issue in On-Device Logging
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.qualcomm.com/company/product-security/bulletins/june-2020-bulletin
x_refsource_CONFIRM
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/june-2020-bulletin
Resource:
x_refsource_CONFIRM
â–¼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.qualcomm.com/company/product-security/bulletins/june-2020-bulletin
x_refsource_CONFIRM
x_transferred
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/june-2020-bulletin
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:product-security@qualcomm.com
Published At:22 Jun, 2020 | 07:15
Updated At:21 Jul, 2021 | 11:39

Improper access due to socket opened by the logging application without specifying localhost address in Snapdragon Consumer IOT, Snapdragon Mobile in APQ8053, Rennell, SDX20

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary2.010.0HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 10.0
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
Qualcomm Technologies, Inc.
qualcomm
>>apq8053_firmware>>-
cpe:2.3:o:qualcomm:apq8053_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8053>>-
cpe:2.3:h:qualcomm:apq8053:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>rennell_firmware>>-
cpe:2.3:o:qualcomm:rennell_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>rennell>>-
cpe:2.3:h:qualcomm:rennell:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdx20_firmware>>-
cpe:2.3:o:qualcomm:sdx20_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdx20>>-
cpe:2.3:h:qualcomm:sdx20:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.qualcomm.com/company/product-security/bulletins/june-2020-bulletinproduct-security@qualcomm.com
Broken Link
https://www.qualcomm.com/company/product-security/bulletins/june-2020-security-bulletinnvd@nist.gov
Vendor Advisory
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/june-2020-bulletin
Source: product-security@qualcomm.com
Resource:
Broken Link
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/june-2020-security-bulletin
Source: nvd@nist.gov
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

553Records found
CVE-2017-18140
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.24% / 47.32%
||
7 Day CHG~0.00%
Published-11 Apr, 2018 | 15:00
Updated-16 Sep, 2024 | 19:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, when processing a call disconnection, there is an attempt to print the RIL token-id to the debug log. If eMBMS service is enabled while processing the call disconnect, a Use After Free condition may potentially occur.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_820asd_808_firmwaresd_400sd_415sd_616sd_425sd_430_firmwaremdm9607_firmwaresd_615mdm9650sd_650_firmwaresd_625sd_615_firmwaremsm8909w_firmwaremdm9607sd_210sd_820_firmwaresd_650sd_820sd_808sd_450_firmwaresd_845_firmwaresd_617sd_400_firmwaresd_820a_firmwaremdm9206sd_652sd_425_firmwaresd_212_firmwaresd_625_firmwaresd_450sd_845mdm9206_firmwaresd_430sd_810sd_835_firmwaremdm9650_firmwaresd_835sd_205sd_210_firmwaresd_415_firmwaresd_652_firmwaremsm8909wsd_810_firmwaresd_616_firmwaresd_205_firmwaresd_212sd_617_firmwareSnapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-416
Use After Free
CVE-2023-33028
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.10% / 28.44%
||
7 Day CHG~0.00%
Published-03 Oct, 2023 | 05:00
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy without Checking Size of Input in WLAN Firmware

Memory corruption in WLAN Firmware while doing a memory copy of pmk cache.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm8550_firmwaresd865_5gipq9574qcn9000_firmwareqcn6102_firmwareqca6595qcn9022ipq6028_firmwareimmersive_home_214_platformqca8081_firmwarewcd9370qcn9001qca8072qca6696wcd9340_firmwareipq5028_firmwarewcd9395_firmwareqcn6024qcn9003_firmwareqca6390ar9380qcc2073_firmwareqcc710_firmwareipq8076qca6426wcn6740_firmwareipq6018_firmwareqca9984_firmwareqcn6023qcn5124_firmwarewsa8832_firmwareimmersive_home_216_platformqca8337qca9994_firmwareqca6426_firmwarewcd9395ipq6000qca6574au_firmwareipq8078aipq8078a_firmwarewcn785x-5qam8295pqca6574auwcd9390wsa8810_firmwarewsa8845h_firmwareqcn9100_firmwareqca2064_firmwareqcn5122qca6554aqcn6024_firmwareqca9886_firmwareqcn9000ssg2115pqcc710qcn6132_firmwareqca2062_firmwareqsm8350_firmwareqcn5054sm8450_firmwareipq5332_firmwareqcn5052qca9980qfw7114wcd9385_firmwaresnapdragon_x55_5g_modem-rf_systemipq9574_firmwareqam8255p_firmwareipq8064ipq8074a_firmwareipq8076aqcn5164snapdragon_888_5g_mobile_platform_firmwaresnapdragon_ar2_gen_1_platform_firmwareqcs4490immersive_home_3210_platform_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwarewsa8845qcn6100_firmwareqca6564au_firmwarecsr8811_firmwarewsa8810qca8075qam8650pqca8085snapdragon_8\+_gen_2_mobile_platformsm8350-acqcn6100qca6595auwsa8840qcs8550_firmwareqca6390_firmwareqca9986_firmwareqfw7124_firmwareqca6436_firmwareqcn9012ipq8070a_firmwareqcn9070qcs4490_firmwaresnapdragon_8_gen_2_mobile_platformqcf8001qca8084sm8250-ac_firmwaresdx65mwcd9370_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareqcc2076qca6574aipq9570wcd9340qcm6490immersive_home_316_platform_firmwareqcn6122_firmwareqcn5154_firmwaresm8550p_firmwareimmersive_home_3210_platformqcm8550qcn5122_firmwareqcn9274qcn9024ipq8076a_firmwareqca6574snapdragon_x75_5g_modem-rf_systemipq9570_firmwaresxr2230p_firmwarear9380_firmwareqca2066_firmwareqcn9024_firmwarewsa8845hqca8082qca8072_firmwarewsa8830sm8550pqcn9074_firmwareipq8174qcn6122sa8255p_firmwareipq8174_firmwarewcn785x-1_firmwareqcc2073ar8035ipq8072aqca2065qca9985qcn6224ipq8071asc8280xp-absm8475_firmwareqcn6112qca6698aqwcn3950_firmwaressg2125p_firmwarewcn685x-1video_collaboration_vc3_platform_firmwareqcn6023_firmwareqcn5164_firmwareqcn9002ipq8078immersive_home_326_platform_firmwareqcs6490ipq9554_firmwaresc8280xp-bb_firmwareqcn9072wsa8830_firmwareqcn6224_firmwareqca6678aq_firmwareqca8386_firmwarewsa8845_firmwarewsa8832qca8082_firmwareqcc2076_firmwaresxr2130_firmwareqca6678aqar8035_firmwareqcn5022_firmwaresm8475qca9992snapdragon_888_5g_mobile_platformsm8250-ab_firmwareqca4024_firmwareqca0000_firmwaresd888_firmwareipq9008ipq9554qca6564auqca9992_firmwareqca9990ipq9008_firmwareqcn9074immersive_home_214_platform_firmwarewsa8815_firmwaresm8250-abqca8337_firmwareqcn5054_firmwareqca9888ipq5332qcn9013sg8275p_firmwareipq8173qcm6490_firmwareipq8072a_firmwaresm8350-ac_firmwareipq6010_firmwareqcm4490_firmwarewcn785x-5_firmwarewcn3950snapdragon_xr2_5g_platformqcn6112_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqca6797aq_firmwareipq5028qca9986qcf8001_firmwareqcn9070_firmwaresnapdragon_780g_5g_mobile_platformqca8085_firmwaresa8295p_firmwareqca9984ipq5010_firmwareqcn9022_firmwareqca9886qcn6132ipq6018qcn6102snapdragon_780g_5g_mobile_platform_firmwareqca6584ausd888qcn6274_firmwarewcn685x-5wcn6740ipq8065qfw7114_firmwareqca4024sc8280xp-ab_firmwareqca6595_firmwaresm8250-acqcn9001_firmwareimmersive_home_216_platform_firmwareipq8070awcd9380qam8255psxr2230pqca9990_firmwaresnapdragon_xr2_5g_platform_firmwareqcn9003qca8075_firmwareqcn5052_firmwaresnapdragon_auto_5g_modem-rf_firmwareqca2064sxr1230pqca2065_firmwareipq6010sdx65m_firmwarevideo_collaboration_vc3_platformsnapdragon_865_5g_mobile_platform_firmwareqca9980_firmwareqca9985_firmwareqam8295p_firmwareqca6698aq_firmwarewcd9385qca9994qsm8350sc8280xp-bbqca8084_firmwaresa8255psxr1230p_firmwarewcd9390_firmwareimmersive_home_318_platform_firmwarewcn6750qcn5024sg8275pwcn6750_firmwaresdx55_firmwareipq8071a_firmwaresnapdragon_auto_5g_modem-rfssg2125pqca6554a_firmwaresxr2130ipq6028qcm4490qcn9100immersive_home_326_platformqam8650p_firmwareqcn9013_firmwareqca2062qcs6490_firmwaresm8450snapdragon_x65_5g_modem-rf_systemipq8076_firmwareqca6584au_firmwareqcn5152_firmwareqcn6274qca6436qfw7124wsa8835wsa8840_firmwareqca6391_firmwareqca6595au_firmwareqca0000snapdragon_ar2_gen_1_platformipq8068qca6696_firmwaresnapdragon_865_5g_mobile_platformwcd9380_firmwareqca6574_firmwareqca8081wsa8815sd_8_gen1_5gqcn5124qam8775pipq8064_firmwareqca6797aqqcn5152ipq8065_firmwareqca6574a_firmwaresdx55qcn9072_firmwareqca9888_firmwareipq8074aimmersive_home_318_platformqca9889qcn5024_firmwaresd_8_gen1_5g_firmwareqcn9002_firmwarewcd9375_firmwareqca8386qca6391ipq5010qcn9274_firmwarewcn785x-1ipq8173_firmwareqcn9012_firmwaresnapdragon_8_gen_2_mobile_platform_firmwaresa8295pqcs8550ipq8068_firmwareipq6000_firmwareqam8775p_firmwaresd865_5g_firmwarewcd9375ipq8078_firmwarewcn685x-5_firmwareqca9889_firmwareqcn5154immersive_home_316_platformwsa8835_firmwareqca2066ssg2115p_firmwarecsr8811qcn5022snapdragon_x75_5g_modem-rf_system_firmwarewcn685x-1_firmwareSnapdragon
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-33083
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.20% / 42.11%
||
7 Day CHG~0.00%
Published-05 Dec, 2023 | 03:04
Updated-02 Dec, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in WLAN Host

Memory corruption in WLAN Host while processing RRM beacon on the AP.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn5024_firmwareqcn9070ipq4028_firmwareqca8337qfw7124ar9380wcn785x-5ipq8173_firmwareqca9563_firmwareqcf8001flight_rb5_5g_platformflight_rb5_5g_platform_firmwareqcn6224_firmwareqcn5124qca4024_firmwareqca8082qcn9072qca8386qca9880_firmwareqca9992immersive_home_318_platform_firmwareipq8078aipq5028_firmwareipq6000qcn5152_firmwareqca0000_firmwarewcn685x-1qrb5165n_firmwareqcn9000_firmwareqca9984_firmwarewcd9385_firmwareimmersive_home_216_platformipq8076aimmersive_home_316_platformimmersive_home_316_platform_firmwareqca8386_firmwareqca9563qcn6024_firmwareqca8084_firmwareimmersive_home_318_platformipq8074aqcn5124_firmwareqcn9011_firmwareqca8082_firmwareqcn5164_firmwareqcn5122_firmwaresdx55_firmwareqca8081_firmwareqcn6023_firmwareqfw7114qrb5165nipq5010qca9986ipq8070_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareipq8065ipq8078a_firmwareqcn9274ipq8174qca9990qrb5165m_firmwareipq5028qca7500ipq4029_firmwareqcn5052qca0000qcf8001_firmwareipq6010ipq8068qcn6112_firmwareqcn9074qca8085sdx65mwcd9340qcn6132qcn6224qcn9013snapdragon_x75_5g_modem-rf_systemqca8081qcf8000ipq8071aqcn6023sdx65m_firmwareipq8071a_firmwarewcn685x-1_firmwareimmersive_home_3210_platformqca8085_firmwareqca9888_firmwareipq8068_firmwareqcn6122wcd9385ipq9008_firmwareqca9988_firmwareipq9570qcn5154_firmwarear8035csr8811qca9898_firmwareipq4019qcc710_firmwareqcn9100_firmwarerobotics_rb5_platformqca9992_firmwareipq5010_firmwareipq8074a_firmwareqca9898qcn5022_firmwareipq4028immersive_home_216_platform_firmwareqca9988wcn785x-1qca8072qca9985_firmwarerobotics_rb5_platform_firmwareipq4018_firmwareqca8337_firmwarewcd9380_firmwareqcn9000ipq8072aqca7500_firmwareqca9980_firmwareqcf8000_firmwareipq8076a_firmwarear9380_firmwareipq8078qca8084ipq8173ipq9008qcn9012qcn5164qca9558qca9558_firmwareimmersive_home_326_platform_firmwareqcn6122_firmwareipq8065_firmwarecsr8811_firmwareqcn6274wcd9380qcn5054_firmwareqcn5154qca8075_firmwareipq4018ipq4019_firmwareqcn5024wcn685x-5_firmwareqca9889qcn6132_firmwareqca9888qca8072_firmwareqca9985qca9994_firmwareqcn5052_firmwareqcn9012_firmwareqcn9274_firmwareipq8070a_firmwareqfw7114_firmwarewcn3980ipq6018_firmwareipq8076_firmwareqca9886qcn5502_firmwarewcd9340_firmwarepmp8074_firmwareqcn6112ipq8076qca9986_firmwareqca9984ipq6028ipq8064qcn5021pmp8074qcn5152ipq9574_firmwarewcn785x-5_firmwareqcn9024qrb5165mimmersive_home_3210_platform_firmwareqca6391wcn3980_firmwareipq8064_firmwareqcn9100qcn6274_firmwaresnapdragon_x65_5g_modem-rf_systemipq8078_firmwareipq9570_firmwareqcn5054qcn9070_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewcn685x-5ipq8070ipq6028_firmwareipq8072a_firmwareqcn5502qca9994qcn9011qca9531wcn785x-1_firmwareqca9889_firmwareipq9574qca9980qcn5122ipq8174_firmwareqcn9024_firmwareqca9880immersive_home_326_platformipq6018qcn5022qcn9013_firmwareqca9886_firmwareqcc710ipq6010_firmwareimmersive_home_214_platformqca6391_firmwareimmersive_home_214_platform_firmwareqca4024sdx55qca8075qcn5021_firmwareqcn9022_firmwareqcn6024qcn9022qca9990_firmwareipq8070aqcn9072_firmwareqca9531_firmwareipq6000_firmwareqcn9074_firmwareqfw7124_firmwareipq4029ar8035_firmwareSnapdragon
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-33082
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.19% / 41.45%
||
7 Day CHG~0.00%
Published-05 Dec, 2023 | 03:04
Updated-25 Feb, 2026 | 16:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in WLAN Host

Memory corruption while sending an Assoc Request having BTM Query or BTM Response containing MBO IE.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn5024_firmwareqcn9070ipq4028_firmwareqca8337qfw7124ar9380wcn785x-5ipq8173_firmwareqca9563_firmwareflight_rb5_5g_platformflight_rb5_5g_platform_firmwareqcn6224_firmwareqcn5124qca4024_firmwareqca8082qcn9072qca8386qca9880_firmwareqca9992immersive_home_318_platform_firmwareipq8078aipq5028_firmwareipq6000qcn5152_firmwareqca0000_firmwarewcn685x-1qrb5165n_firmwareqcn9000_firmwareqca9984_firmwareipq9554wcd9385_firmwareimmersive_home_216_platformipq8076aimmersive_home_316_platformimmersive_home_316_platform_firmwareqca8386_firmwareqca9563qcn6024_firmwareqca8084_firmwareimmersive_home_318_platformipq8074aqcn5124_firmwareqcn9011_firmwareqca8082_firmwareqcn5164_firmwareqcn5122_firmwaresdx55_firmwareqca8081_firmwareqcn6023_firmwareqfw7114qrb5165nipq5010qca9986ipq8070_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareipq8065ipq8078a_firmwareqcn9274ipq8174qca9990qrb5165m_firmwareipq5028qca7500ipq4029_firmwareqcn5052qca0000ipq6010ipq8068qcn6112_firmwareqcn9074qca8085sdx65mwcd9340qcn6132qcn6224qcn9013snapdragon_x75_5g_modem-rf_systemqca8081qcf8000ipq8071aqcn6023sdx65m_firmwareipq8071a_firmwarewcn685x-1_firmwareimmersive_home_3210_platformqca8085_firmwareqca9888_firmwareipq8068_firmwareqcn6122wcd9385ipq9008_firmwareqca9988_firmwareipq9570qcn5154_firmwarear8035csr8811qca9898_firmwareipq4019qcc710_firmwareqcn9100_firmwarerobotics_rb5_platformqca9992_firmwareipq5010_firmwareipq8074a_firmwareqca9898qcn5022_firmwareipq4028immersive_home_216_platform_firmwareqca9988wcn785x-1qca8072qca9985_firmwarerobotics_rb5_platform_firmwareipq4018_firmwareqca8337_firmwarewcd9380_firmwareqcn9000ipq8072aqca7500_firmwareqca9980_firmwareqcf8000_firmwareipq8076a_firmwarear9380_firmwareipq8078qca8084ipq8173ipq9008qcn9012qcn5164qca9558qca9558_firmwareimmersive_home_326_platform_firmwareqcn6122_firmwareipq8065_firmwarecsr8811_firmwareqcn6274wcd9380ipq9554_firmwareqcn5054_firmwareqcn5154qca8075_firmwareipq4018ipq4019_firmwareqcn5024wcn685x-5_firmwareqca9889qcn6132_firmwareqca9888qca8072_firmwareqca9985qca9994_firmwareqcn5052_firmwareqcn9012_firmwareqcn9274_firmwareipq8070a_firmwareqfw7114_firmwarewcn3980ipq6018_firmwareipq8076_firmwareqca9886qcn5502_firmwarewcd9340_firmwarepmp8074_firmwareqcn6112ipq8076qca9986_firmwareqca9984ipq6028ipq8064qcn5021pmp8074qcn5152ipq9574_firmwarewcn785x-5_firmwareqcn9024qrb5165mimmersive_home_3210_platform_firmwareqca6391wcn3980_firmwareipq8064_firmwareqcn9100qcn6274_firmwaresnapdragon_x65_5g_modem-rf_systemipq8078_firmwareipq9570_firmwareqcn5054qcn9070_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewcn685x-5ipq8070ipq6028_firmwareipq8072a_firmwareqcn5502qca9994qcn9011qca9531wcn785x-1_firmwareqca9889_firmwareipq9574qca9980qcn5122ipq8174_firmwareqcn9024_firmwareqca9880immersive_home_326_platformipq6018qcn5022qcn9013_firmwareqca9886_firmwareqcc710ipq6010_firmwareimmersive_home_214_platformqca6391_firmwareimmersive_home_214_platform_firmwareqca4024sdx55qca8075qcn5021_firmwareqcn9022_firmwareqcn6024qcn9022qca9990_firmwareipq8070aqcn9072_firmwareqca9531_firmwareipq6000_firmwareqcn9074_firmwareqfw7124_firmwareipq4029ar8035_firmwareSnapdragon
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-33045
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.21% / 43.48%
||
7 Day CHG~0.00%
Published-07 Nov, 2023 | 05:26
Updated-02 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input in WLAN Firmware

Memory corruption in WLAN Firmware while parsing a NAN management frame carrying a S3 attribute.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qam8255p_firmwareqca8337qfw7124ipq8173_firmwareqam8775pqcf8001qcn5124qca4024_firmwarewsa8840immersive_home_318_platform_firmwareipq8078aipq5028_firmwareqca6595au_firmwarewcn685x-1qca6554a_firmwareipq8076aqca8386_firmwareqcn6024_firmwareimmersive_home_316_platform_firmwaresd_8_gen1_5g_firmwareqca8084_firmwareqca6574au_firmwareqcn5164_firmwareqca8081_firmwareipq8078a_firmwareipq5028wsa8840_firmwareqca6698aqqca0000qcf8001_firmwareipq6010sc8380xp_firmwaresdx65mwcd9340qcn6132qcn9013qca6436qcf8000qca6698aq_firmwarewcn685x-1_firmwareqca9888_firmwareqam8775p_firmwareqcn6122qca6696_firmwareipq9008_firmwareqcn5154_firmwareqca6797aqqcc710_firmwaresm8250-ac_firmwarewsa8830_firmwaresd865_5g_firmwareqcn5022_firmwareimmersive_home_216_platform_firmwareqca8337_firmwarewcd9380_firmwaressg2125pipq8072aipq8076a_firmwareipq8078qca6564auqca8084ipq8173qcm8550ipq9008qcn5164qca6574csr8811_firmwarewcd9380ipq9554_firmwareqcn5024sxr1230pqcn9012_firmwareqcn5052_firmwareqcn9274_firmwareqfw7114_firmwarewsa8845qcc2073_firmwareipq6018_firmwarewcd9340_firmwarewsa8815qcn6112qca6426_firmwaresc8380xpipq6028qcn9024ipq9574_firmwareimmersive_home_3210_platform_firmwarewcn6740_firmwaresnapdragon_xr2_5g_platformsnapdragon_x65_5g_modem-rf_systemipq8078_firmwaresnapdragon_x75_5g_modem-rf_system_firmwareqca6797aq_firmwarewcn785x-1_firmwareqcn9024_firmwareipq8174_firmwaresnapdragon_8\+_gen_2_mobile_platformwsa8832ipq5332immersive_home_326_platformipq6018qcc710immersive_home_214_platformqca6595_firmwarewcd9395qca6391_firmwareimmersive_home_214_platform_firmwareqca4024sm8550p_firmwaresdx55sm8250ssg2115p_firmwareqfw7124_firmwareqam8255par8035_firmwareqcn5024_firmwarewsa8830qcn9070sxr2230p_firmwareqam8650pwcn785x-5qcn6224_firmwareqca8082qcn9072qca8386qca6390_firmwareipq6000ssg2115pqcn5152_firmwareqca0000_firmwareqca6426qca6584au_firmwareqcn9000_firmwaresm8450snapdragon_8_gen_2_mobile_platformsm8250-abipq9554wcd9385_firmwareimmersive_home_216_platformimmersive_home_316_platformimmersive_home_318_platformipq8074aqcn5124_firmwareqca8082_firmwareqcn5122_firmwaresdx55_firmwareqca6595auqcn6023_firmwarewsa8845h_firmwareqfw7114qca6436_firmwareipq5010qca6564au_firmwareqca6584ausnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareqcn9274ipq8174qcn5052sm8250_firmwareqcn6112_firmwaresm8250-acqcn9074qca8085wsa8810_firmwareqcn6224sm8450_firmwarewsa8845hsnapdragon_ar2_gen_1_platform_firmwaresnapdragon_x75_5g_modem-rf_systemwcd9395_firmwareqca8081ipq8071aqcn6023sdx65m_firmwareipq8071a_firmwareimmersive_home_3210_platformqca8085_firmwarewcd9385ipq9570qca6390ar8035csr8811wcd9390qcn9100_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwarewsa8835_firmwaresnapdragon_8_gen_2_mobile_platform_firmwarewcn785x-1qcn9000qcf8000_firmwareqca6554asd865_5gqca6595qcn9012immersive_home_326_platform_firmwareqcn6122_firmwarewsa8835sxr1230p_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwaresd_8_gen1_5gqcn6274qcn5154qca8075_firmwaressg2125p_firmwareqca6574awcn685x-5_firmwareqca9889qcn6132_firmwareqca9888qcc2076_firmwareipq8070a_firmwareipq8076_firmwareqca6574_firmwaresxr2230pipq8076wsa8845_firmwaresnapdragon_xr2_5g_platform_firmwareqca6574a_firmwareqcn5152wcn785x-5_firmwaresm8250-ab_firmwareqca6391qcn9100qcn6274_firmwarewsa8832_firmwareipq9570_firmwareqcn9070_firmwarewcn685x-5ipq6028_firmwareipq8072a_firmwareqca6574auqca9889_firmwareipq9574qcn5122wsa8810ipq5332_firmwaresm8550psnapdragon_ar2_gen_1_platformqcn5022qcn9013_firmwareqam8650p_firmwareipq6010_firmwarewcn6740qca6696qca8075qcn9022_firmwarewcd9390_firmwareqcn6024qcn9022qcc2076ipq8070aqcn9072_firmwareipq6000_firmwareqcn9074_firmwareqcc2073Snapdragonqcn5024_firmwareqam8255p_firmwareqca8337_firmwarewcd9380_firmwaresxr2230p_firmwareqcf8000_firmwareipq8076a_firmwareipq8173_firmwaresnapdragon_870_5g_mobile_platform_firmwarear8035_firmwareqcn6224_firmwareqca4024_firmwareimmersive_home_326_platform_firmwareqcn6122_firmwaresxr1230p_firmwareimmersive_home_318_platform_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwarecsr8811_firmwareipq5028_firmwareqca6595au_firmwareipq9554_firmwareqca8075_firmwaressg2125p_firmwareqcn5152_firmwareqca0000_firmwareqcn6132_firmwareqca6584au_firmwareqcn9000_firmwareqcn9012_firmwareqcn5052_firmwareqcn9274_firmwareqcc2076_firmwareipq8070a_firmwareqca6554a_firmwareqfw7114_firmwarewcd9385_firmwareqcn6024_firmwareqca8386_firmwareqcc2073_firmwareimmersive_home_316_platform_firmwareipq6018_firmwaresd_8_gen1_5g_firmwareipq8076_firmwareqca6574_firmwareqca8084_firmwarewcd9340_firmwareqcn5124_firmwarewsa8845_firmwaresnapdragon_xr2_5g_platform_firmwareqca6426_firmwareqca8082_firmwareqca6574a_firmwareqca6574au_firmwareqcn5122_firmwareqcn5164_firmwaresdx55_firmwarewsa8845h_firmwareqca8081_firmwareqcn6023_firmwareipq9574_firmwareimmersive_home_3210_platform_firmwareqca6436_firmwarewcn6740_firmwareqca6564au_firmwaresnapdragon_865\+_5g_mobile_platform_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareipq8078a_firmwareqcn6274_firmwarewsa8840_firmwareipq8078_firmwareipq9570_firmwareqcn9070_firmwaresnapdragon_x75_5g_modem-rf_system_firmwareqcf8001_firmwarewsa8832_firmwarefastconnect_6900_firmwareipq6028_firmwaresc8380xp_firmwareipq8072a_firmwareqcn6112_firmwareqca6797aq_firmwareqca9889_firmwareqcn9024_firmwareipq8174_firmwarewsa8810_firmwarefastconnect_7800_firmwaresnapdragon_ar2_gen_1_platform_firmwarewcd9395_firmwareipq5332_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqca6698aq_firmwaresdx65m_firmwareqcn9013_firmwareipq8071a_firmwareqam8650p_firmwareqca8085_firmwareqam8775p_firmwareqca9888_firmwareipq6010_firmwareqca6696_firmwareqca6595_firmwareipq9008_firmwareqca6391_firmwareqcn5154_firmwareimmersive_home_214_platform_firmwaresm8550p_firmwareqcc710_firmwareqcn9100_firmwareqcn9022_firmwarewsa8830_firmwarewcd9390_firmwaresd865_5g_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwarewsa8835_firmwareqcn9072_firmwareipq6000_firmwaresnapdragon_865_5g_mobile_platform_firmwaressg2115p_firmwareqcn9074_firmwarefastconnect_6800_firmwareqcn5022_firmwareqfw7124_firmwareimmersive_home_216_platform_firmwaresnapdragon_8_gen_2_mobile_platform_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-18160
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.22% / 44.22%
||
7 Day CHG~0.00%
Published-18 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 21:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

AGPS session failure in GNSS module due to cyphersuites are hardcoded and needed manual update everytime in snapdragon mobile and snapdragon wear in versions MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD 835, SD 845, SD 850

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9635m_firmwaresd_850_firmwaremdm9655mdm9635msd_845mdm9655_firmwaremdm9650msm8909w_firmwaresd_835_firmwaremdm9650_firmwaremdm9645mdm9645_firmwaresd_835sd_845_firmwaremsm8909wSnapdragon Mobile, Snapdragon Wear
CWE ID-CWE-310
Not Available
CVE-2023-33025
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.21% / 43.26%
||
7 Day CHG~0.00%
Published-02 Jan, 2024 | 05:38
Updated-17 Apr, 2025 | 18:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy without Checking Size of Input in Data Modem

Memory corruption in Data Modem when a non-standard SDP body, during a VOLTE call.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca8337_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm4490_firmwarewcd9380_firmwarewsa8830qcs4490_firmwaresnapdragon_x70_modem-rf_system_firmwaresnapdragon_x65_5g_modem-rf_systemqca8337wsa8832_firmwarefastconnect_6900fastconnect_6900_firmwaresnapdragon_680_4g_mobile_platform_firmwarewcn3988_firmwarewsa8835fastconnect_6700_firmwareqcn9024_firmwarewcn3950_firmwarewsa8810_firmwarewcd9380sm4450_firmwarewsa8810wsa8832fastconnect_6700snapdragon_x70_modem-rf_systemqca8081snapdragon_680_4g_mobile_platformwcd9370qcm4490qcs4490wcn3950qcn6024_firmwarear8035wcd9375wcd9370_firmwarewsa8815qcn6024snapdragon_685_4g_mobile_platformwsa8830_firmwarewcn3988sm4450wsa8815_firmwarewsa8835_firmwaresnapdragon_685_4g_mobile_platform_firmwareqcn9024wcd9375_firmwareqca8081_firmwarear8035_firmwareSnapdragon
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2017-18138
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.22% / 44.75%
||
7 Day CHG~0.00%
Published-11 Apr, 2018 | 15:00
Updated-16 Sep, 2024 | 16:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, in GERAN, a buffer overflow may potentially occur.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_412sd_808_firmwaresd_400sd_415sd_616sd_425sd_430_firmwaremdm9607_firmwaresd_615mdm9655_firmwaremdm9650sd_650_firmwaresd_625sd_615_firmwaremsm8909w_firmwaremdm9607sd_210mdm9645mdm9645_firmwaresd_650sd_820_firmwaresd_808sd_820sd_450_firmwaresd_845_firmwaresd_410sd_617sd_400_firmwaremdm9206sd_652sd_425_firmwaresd_212_firmwaresd_850_firmwaresd_625_firmwaresd_450mdm9655sd_412_firmwaresd_845mdm9206_firmwaresd_430sd_810sd_835_firmwaremdm9650_firmwaresd_410_firmwaresd_835sd_205sd_210_firmwaresd_415_firmwaresd_652_firmwaremsm8909wsd_810_firmwaresd_616_firmwaresd_205_firmwaresd_212sd_617_firmwareSnapdragon Mobile, Snapdragon Wear
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2023-28561
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.14% / 34.76%
||
7 Day CHG~0.00%
Published-08 Aug, 2023 | 09:15
Updated-02 Aug, 2024 | 13:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input in QESL

Memory corruption in QESL while processing payload from external ESL device to firmware.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn7606qcn7606_firmwareSnapdragonqcn7606_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-28581
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.13% / 32.98%
||
7 Day CHG~0.00%
Published-05 Sep, 2023 | 06:24
Updated-27 Feb, 2025 | 21:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Restriction of Operations within the Bounds of a Memory Buffer in WLAN Firmware

Memory corruption in WLAN Firmware while parsing receieved GTK Keys in GTK KDE.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_7800wcn6740_firmwaresnapdragon_865_5gwcd9380_firmwarewsa8830ssg2125psxr2230p_firmwaresnapdragon_ar2_gen_1_firmwarewsa8832_firmwaresd865_5gfastconnect_6900fastconnect_6800fastconnect_6900_firmwaresnapdragon_8_gen_1_firmwaresnapdragon_ar2_gen_1snapdragon_870_5gwsa8835sxr1230p_firmwaresnapdragon_8_gen_1sd_8_gen1_5gwcd9380wsa8810_firmwarefastconnect_7800_firmwarewsa8810wsa8832qca6436snapdragon_865\+_5gssg2125p_firmwaressg2115psnapdragon_865\+_5g_firmwaresxr1230pqca6426wcd9385wcn6740qca6391_firmwarewcd9385_firmwaresnapdragon_xr2_5g_firmwaresd_8_gen1_5g_firmwarewsa8815snapdragon_870_5g_firmwaresxr2230pwsa8830_firmwaresd865_5g_firmwareqca6426_firmwarewsa8815_firmwarewsa8835_firmwaressg2115p_firmwarefastconnect_6800_firmwaresnapdragon_865_5g_firmwareqca6391qca6436_firmwaresnapdragon_xr2_5gSnapdragon
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-28543
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.1||HIGH
EPSS-0.08% / 23.51%
||
7 Day CHG~0.00%
Published-05 Sep, 2023 | 06:29
Updated-27 Feb, 2025 | 21:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out of Bounds read in SNPE Library

A malformed DLC can trigger Memory Corruption in SNPE library due to out of bounds read, such as by loading an untrusted model (e.g. from a remote source).

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcs405sd845sd855_firmwareqcs405_firmwaresd845_firmwareqcs605qcs605_firmwaresd855Snapdragon
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-18145
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.21% / 42.90%
||
7 Day CHG~0.00%
Published-11 Apr, 2018 | 15:00
Updated-16 Sep, 2024 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, while the DPM native process is processing framework events, the iterator pointer is deleted after processing an event. When processing subsequent events, a Use After Condition will occur.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_652sd_212_firmwaresd_625_firmwaresd_450sd_616sd_845sd_615sd_650_firmwaresd_625sd_615_firmwaresd_210msm8909w_firmwaresd_212sd_820_firmwaresd_650sd_820sd_835_firmwaresd_835sd_205sd_450_firmwaresd_845_firmwaresd_210_firmwaresd_415_firmwaresd_652_firmwaremsm8909wsd_616_firmwaresd_205_firmwaresd_415Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-416
Use After Free
CVE-2017-18318
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.22% / 44.22%
||
7 Day CHG~0.00%
Published-28 Nov, 2018 | 15:00
Updated-05 Aug, 2024 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Missing validation check on CRL issuer name in Snapdragon Automobile, Snapdragon Mobile in versions MSM8996AU, SD 410/12, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 810, SD 820, SD 820A.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_652sd_425_firmwaresd_820asd_412sd_625_firmwaresd_450msm8996au_firmwaresd_412_firmwaresd_425sd_430_firmwaresd_430sd_625sd_810sd_820_firmwaresd_810_firmwaremsm8996ausd_820sd_650sd_410_firmwaresd_450_firmwaresd_652_firmwaresd_410sd_820a_firmwaresd_650_firmwareSnapdragon Automobile, Snapdragon Mobile
CWE ID-CWE-20
Improper Input Validation
CVE-2018-11922
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.12% / 31.70%
||
7 Day CHG~0.00%
Published-26 Nov, 2024 | 08:55
Updated-09 Jan, 2025 | 20:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Configurations in Android Build

Wrong configuration in Touch Pal application can collect user behavior data without awareness by the user.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-215sda660sd_210_firmwaresd_439sd_625sd_450mdm9640sd_425sd_210sd_429_firmwaresdm439_firmwaresd_625_firmwaresd_205sd_439_firmwaresd_429mdm9650_firmwaresd_427_firmwaresd_435_firmwaremdm9206sd_632sdx20mdm9650mdm9206_firmwaresd_845sd_435sd_212_firmwaresd_850sd_450_firmwaresd_427mdm9640_firmwaresd_850_firmwaresd_632_firmwaresd_205_firmwaresd_212sd_425_firmwaresda660_firmwaresdm439mdm9607mdm9607_firmware215_firmwaresd_430sdx20_firmwaresd_430_firmwaresd_845_firmwareSnapdragon
CVE-2017-18132
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.21% / 42.90%
||
7 Day CHG~0.00%
Published-11 Apr, 2018 | 15:00
Updated-16 Sep, 2024 | 17:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9206, MDM9607, MDM8996, an out-of-bounds access can potentially occur in tz_assign().

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9206mdm9607msm8996mdm9206_firmwaremdm9607_firmwaremsm8996_firmwareSnapdragon Automobile, Snapdragon Mobile
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-18135
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.22% / 44.75%
||
7 Day CHG~0.00%
Published-11 Apr, 2018 | 15:00
Updated-16 Sep, 2024 | 20:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile MDM9650, MDM9655, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850, in the Wireless Data Service (WDS) module, a buffer overflow can occur.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_652sd_850sd_850_firmwaresd_625_firmwaresd_450mdm9655sd_845mdm9655_firmwaremdm9650sd_625sd_835_firmwaremdm9650_firmwaresd_650sd_835sd_450_firmwaresd_845_firmwaresd_652_firmwaresd_650_firmwareSnapdragon Mobile
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-18074
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.30% / 52.68%
||
7 Day CHG~0.00%
Published-11 Apr, 2018 | 15:00
Updated-16 Sep, 2024 | 22:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 800, SD 808, SD 810, SD 820, SD 835, while playing a .wma file with modified media header with non-standard bytes per second parameter value, a reachable assert occurs.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9635m_firmwaremdm9640_firmwaresd_412sd_808_firmwaresd_400sd_415sd_616sd_425sd_430_firmwaremdm9607_firmwaresd_615mdm9655_firmwaremdm9650sd_615_firmwaremsm8909w_firmwaremdm9607sd_210mdm9645mdm9645_firmwaresd_820_firmwaremdm9625_firmwaresd_808sd_820sd_410sd_400_firmwaresd_425_firmwaresd_212_firmwaremdm9655sd_412_firmwaremdm9635mmdm9625sd_430sd_810sd_835_firmwaremdm9650_firmwaresd_410_firmwaresd_835sd_205sd_210_firmwaresd_415_firmwaremsm8909wsd_810_firmwaresd_616_firmwaresd_205_firmwaresd_212mdm9640Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-20
Improper Input Validation
CVE-2024-45569
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.25% / 48.03%
||
7 Day CHG~0.00%
Published-03 Feb, 2025 | 16:51
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Validation of Array Index in WLAN Host Communication

Memory corruption while parsing the ML IE due to invalid frame content.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_7800_firmwareipq6000_firmwareqcm6490_firmwareqcn6224_firmwareipq8076acsr8811_firmwaresa7775p_firmwaresa8775pqca6574au_firmwareqcn6132_firmwareqam8775psa8195pqcs615qca6584ausnapdragon_x65_5g_modem-rf_firmwareqca9889_firmwareqcn5152sa8255psxr2230pipq6028qcn5022_firmwareqcc710_firmwaresa8540p_firmwaresnapdragon_8\+_gen_2_mobilesxr2230p_firmwaresm7635_firmwareipq9574_firmwareqca6574ipq9048qcn5164_firmwareipq8070aqxm8083qcm8550sa8650psa8770p_firmwareqca6698aq_firmwareqcn5024_firmwareqcf8000_firmwaresa8775p_firmwareqamsrv1m_firmwareqca9888qca8075immersive_home_216qca6688aqqcn5122_firmwareqcn6412qcn9100sa8530p_firmwareipq8173ipq8071aqcn6402qcf8001ipq8174_firmwareqcn5164qca8082_firmwaresnapdragon_8_gen_3_mobile_firmwareqam8255p_firmwarewcd9375ipq9570_firmwaresm6650qca8085sa6155pvideo_collaboration_vc3_platformqcn5052ipq5010_firmwareqamsrv1h_firmwareipq5028qcn5052_firmwarewsa8830_firmwareqca8081qcn9022immersive_home_316_firmwaresdx65m_firmwarewcd9385wsa8840_firmwareqfw7124_firmwareipq6028_firmwaresxr2250p_firmwarewsa8840qcn6402_firmwareipq8078a_firmwareqfw7124ipq6000qca6696immersive_home_3210_firmwaresa8155p_firmwareqca4024ipq9048_firmwareqca6595qca8337ipq8071a_firmwareqca8337_firmwareqcn9012qam8650pipq9570qcs8300sxr2330pqcf8000sfp_firmwaresrv1mqcn9012_firmwareqcs5430_firmwareqcn9070_firmwareqcf8000qam8775p_firmwaresm8635p_firmwareqcn5154_firmwareipq8074aqcm5430qcs9100wcd9378sm7675_firmwaresa8295p_firmwareqca8085_firmwaresm8750psa9000pwsa8835sm8750p_firmwareqcn9024qca8081_firmwareqcn9074qca6797aq_firmwareqca0000_firmwarefastconnect_7800wcd9340snapdragon_8_gen_2_mobileipq8174qcn6112_firmwarewcd9378_firmwareqca6574auqca8084_firmwareqcn9024_firmwaresm6650_firmwaresnapdragon_auto_5g_modem-rf_gen_2qca6584au_firmwareqca6777aqfastconnect_6700immersive_home_326qca6696_firmwaresnapdragon_x72_5g_modem-rf_firmwareqcs9100_firmwaresrv1m_firmwarewsa8832fastconnect_6700_firmwareipq5302wcd9390_firmwareqcn6274qcs615_firmwaresm8635immersive_home_216_firmwareipq5028_firmwareqca6554a_firmwareipq5332qca8082sm8635_firmwareqca6787aqipq6018_firmwareipq8072a_firmwareqcn9000_firmwareipq5300_firmwareqcf8000sfpsdx55_firmwareqca6574a_firmwaresa8620pqca9888_firmwareqca8075_firmwareqcn6023sm8750_firmwareqxm8083_firmwareipq5332_firmwareipq6010srv1lipq8078_firmwareqca6554asa8530psrv1h_firmwareqca9889qcn5124ipq8070a_firmwareipq9554_firmwareqcs8300_firmwareqcs6490sa8540psa9000p_firmwaresm8550psa7775pqcn6432_firmwaresxr2330p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwarewsa8835_firmwareqca8386_firmwaresa7255pwcn7860qamsrv1mqcs5430qam8295p_firmwareqca6787aq_firmwarewcn7881_firmwareqcn9074_firmwareqcn9100_firmwareqcs8550_firmwaresdx65mqcm6490ipq5312wcn7881qcn5154ipq9554sa8650p_firmwareqcn6274_firmwaresm8750snapdragon_x65_5g_modem-rfqca8084qcn9274_firmwarecsr8811qca6688aq_firmwareqcn9000wcn6650ipq8173_firmwarewsa8845_firmwareqcn6412_firmwarevideo_collaboration_vc3_platform_firmwareqca6574_firmwareqcm8550_firmwarewcn6755_firmwarear8035srv1l_firmwarewsa8845hipq9008_firmwarewcn6450_firmwaresa6155p_firmwareqcn6122_firmwareqcn6112wcn7880_firmwareipq9008wcd9395_firmwareqcn5122sm7635fastconnect_6900ipq9574qcn9160qca6574aqcn6432wcd9375_firmwarewcd9385_firmwareqam8650p_firmwareqcn9274qcn6422immersive_home_318_firmwareipq8078asa8295psa8620p_firmwareqcn5152_firmwaresa7255p_firmwareqca6595_firmwareqamsrv1hsdx55immersive_home_214snapdragon_x75_5g_modem-rf_firmwarewcd9380ipq5302_firmwareimmersive_home_326_firmwaresa8155pwcn7861_firmwarewsa8832_firmwareimmersive_home_214_firmwarewcn6755qca6564auimmersive_home_318snapdragon_8_gen_2_mobile_firmwareqcs6490_firmwareqca6595au_firmwareipq8072aqca0000qcn6224sa8255p_firmwareqca6595auqam8255psrv1hipq5010qam8620psm8550p_firmwarear8035_firmwaresa8195p_firmwaresm7675wsa8845h_firmwareimmersive_home_3210wsa8845wcn6650_firmwarewcd9380_firmwarewcn6450qcn5124_firmwaresm8635pipq8076wcd9370wcd9340_firmwareimmersive_home_316qca8386qca6678aqsnapdragon_x75_5g_modem-rfqca6564au_firmwareqam8295pqcn6122qcn6132wcn7880qam8620p_firmwareqcn6024qca6797aqqca4024_firmwaresm7675pqcn5022qcs8550sxr2250pqcm5430_firmwareqcn5024sm7675p_firmwareipq6010_firmwareqcn6422_firmwareqcn6024_firmwareipq6018ipq8078ipq5300ipq8076_firmwareqcc710ipq5312_firmwareqcf8001_firmwaresnapdragon_8_gen_3_mobilesnapdragon_x72_5g_modem-rfqcn9160_firmwarewcn7861ipq8074a_firmwarewsa8830qcn6023_firmwaresnapdragon_8\+_gen_2_mobile_firmwarewcn7860_firmwaresa8770pqca6777aq_firmwareqcn9070qca6678aq_firmwareqca6698aqfastconnect_6900_firmwareqcn9022_firmwareqcn9072_firmwareipq8076a_firmwareqfw7114wcd9390wcd9395qfw7114_firmwareqcn9072wcd9370_firmwareSnapdragon
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2017-18136
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.24% / 47.32%
||
7 Day CHG~0.00%
Published-11 Apr, 2018 | 15:00
Updated-16 Sep, 2024 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 820, SD 820A, SD 835, SD 845, in the omx aac component, a Use After Free condition may potentially occur.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9635m_firmwaremdm9640_firmwaresd_820asd_617_firmwaresd_808_firmwaresd_400sd_415sd_616sd_425sd_430_firmwaremdm9607_firmwaresd_615mdm9650sd_650_firmwaresd_625sd_615_firmwaremsm8909w_firmwaremdm9607sd_210sd_820_firmwaresd_650sd_820sd_808sd_450_firmwaresd_845_firmwaresd_617sd_400_firmwaresd_820a_firmwaremdm9206sd_652sd_425_firmwaresd_212_firmwaresd_625_firmwaresd_450mdm9635mmdm9615sd_845mdm9206_firmwaresd_430sd_835_firmwaremdm9615_firmwaremdm9650_firmwaresd_835sd_205sd_210_firmwaresd_415_firmwaresd_652_firmwaremsm8909wsd_616_firmwaresd_205_firmwaresd_212mdm9640Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-416
Use After Free
CVE-2017-18137
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.22% / 44.75%
||
7 Day CHG~0.00%
Published-11 Apr, 2018 | 15:00
Updated-16 Sep, 2024 | 19:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile MDM9640, MDM9645, MDM9650, MDM9655, SD 450, SD 625, SD 650/52, SD 810, SD 820, SD 835, while processing the IPv6 pdp address of the pdp context, a buffer overflow can occur.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_652mdm9640_firmwaresd_625_firmwaresd_450mdm9655mdm9655_firmwaremdm9650sd_625sd_810sd_820_firmwaresd_835_firmwaresd_820mdm9645mdm9645_firmwaresd_650mdm9650_firmwaresd_835sd_450_firmwaresd_652_firmwaresd_810_firmwaresd_650_firmwaremdm9640Snapdragon Mobile
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-18134
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.22% / 44.75%
||
7 Day CHG~0.00%
Published-11 Apr, 2018 | 15:00
Updated-17 Sep, 2024 | 01:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile SD 845, SD 850, a buffer overflow may potentially occur while processing a response from the SIM card.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850_firmwaresd_845sd_850sd_845_firmwareSnapdragon Mobile
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-18129
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.21% / 42.90%
||
7 Day CHG~0.00%
Published-11 Apr, 2018 | 15:00
Updated-16 Sep, 2024 | 22:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9206, MDM9607, SD 845, MSM8996, MSM8998, it is possible for IPA (internet protocol accelerator) channels owned by one security domain to be controlled from other domains.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9206mdm9607msm8998sd_845_firmwaremsm8996msm8998_firmwaresd_845mdm9206_firmwaremdm9607_firmwaremsm8996_firmwareSnapdragon Automobile, Snapdragon Mobile
CWE ID-CWE-668
Exposure of Resource to Wrong Sphere
CVE-2017-17773
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.56% / 67.83%
||
7 Day CHG~0.00%
Published-15 Mar, 2018 | 21:00
Updated-05 Aug, 2024 | 20:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Snapdragon Automobile, Snapdragon Wearable and Snapdragon Mobile MDM9206,MDM9607,MDM9650,SD 210/SD 212/SD 205,SD 400,SD 410/12,SD 425,SD 430,SD 450,SD 600,SD 602A,SD 615/16/SD 415,SD 617,SD 625,SD 650/52,SD 800,SD 808,SD 810,SD 820,SD 820Am,SD 835,SD 845,MSM8909W, improper input validation in video_fmt_mp4r_process_atom_avc1() causes a potential buffer overflow.

Action-Not Available
Vendor-n/aQualcomm Technologies, Inc.
Product-sd_412sd_808_firmwaresd_602a_firmwaresd_400sd_415sd_616sd_425sd_430_firmwaremdm9607_firmwaresd_615mdm9650sd_650_firmwaresd_625sd_615_firmwaresd_210mdm9607sd_820_firmwaresd_820sd_650msm8909w_firmwaresd_808sd_450_firmwaresd_800sd_845_firmwaresd_410sd_617s820am_firmwaresd_400_firmwares820ammdm9206sd_652sd_425_firmwaresd_212_firmwaresd_800_firmwaresd_625_firmwaresd_450sd_412_firmwaresd_602asd_845mdm9206_firmwaresd_430sd_810sd_835_firmwaremdm9650_firmwaresd_410_firmwaresd_835sd_205sd_600_firmwaresd_210_firmwaresd_415_firmwaresd_652_firmwaresd_600msm8909wsd_810_firmwaresd_616_firmwaresd_205_firmwaresd_212sd_617_firmwaren/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-13924
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.36% / 57.59%
||
7 Day CHG~0.00%
Published-22 Jul, 2019 | 13:47
Updated-05 Aug, 2024 | 09:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of check to prevent the buffer length taking negative values can lead to stack overflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCA6174A, QCA8081, QCS404, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632mdm9635m_firmwaremdm9640_firmwaresd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdm439qcs404_firmwaremdm9650sd_636sd_615_firmwaresnapdragon_high_med_2016_firmwaremsm8909w_firmwaremsm8996ausd_820sd_650sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_652sd_425_firmwareqca6174asd_665qcs404sd_625_firmwareipq8074sd_450mdm9635msd_8cx_firmwaremdm9615sd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sxr1130_firmwaresd_210_firmwaresd_415_firmwaresd_652_firmwareqca8081_firmwaresxr1130msm8909wsd_665_firmwaresd_616_firmwaresd_205_firmwaresd_415sd_212sd_650_firmwaresd_427_firmwaresd_712sd_855sd_730_firmwarequalcomm_215sdx20sd_616sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435mdm9655_firmwaresd_615sd_710_firmwareqcs405sdm630sd_625ipq8074_firmwaresd_820_firmwaresd_210mdm9607sd_636_firmwaremdm9625_firmwaresd_439_firmwareqca8081qualcomm_215_firmwaremdm9150sd_429_firmwareqca6174a_firmwaresd_730sd_212_firmwaresnapdragon_high_med_2016sd_850_firmwaremdm9655sdm439_firmwareqcs405_firmwaresd_712_firmwaresd_855_firmwaresdm630_firmwaresda660_firmwaremdm9625sd_8cxsd_430sd_427sd_670sd_435_firmwaremdm9615_firmwaresdx20_firmwaresd_710sd_205sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-13911
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 55.66%
||
7 Day CHG~0.00%
Published-14 Jun, 2019 | 17:02
Updated-05 Aug, 2024 | 09:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bounds memory read and access may lead to unexpected behavior in GNSS XTRA Parser in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632mdm9635m_firmwaremdm9640_firmwaresd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdm439mdm9650sd_636snapdragon_high_med_2016_firmwaremsm8909w_firmwaremsm8996ausd_820sd_650sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_652sd_425_firmwaresd_625_firmwaresd_450mdm9635msd_8cx_firmwaremdm9615sd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sxr1130_firmwaresd_210_firmwaresd_652_firmwaresxr1130msm8909wsd_205_firmwaresd_212sd_650_firmwaresd_427_firmwaresd_712sd_855sd_730_firmwaresdx20sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435mdm9655_firmwaresd_710_firmwaresdm630sd_625qm215sd_820_firmwaresd_210mdm9607sd_636_firmwaresd_439_firmwaremdm9150sd_429_firmwaresd_730snapdragon_high_med_2016sd_212_firmwaresd_850_firmwaremdm9655sdm439_firmwaresd_855_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_8cxsd_430qm215_firmwaresd_427sd_670sd_435_firmwaremdm9615_firmwaresdx20_firmwaresd_710sd_205sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-18133
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.21% / 42.90%
||
7 Day CHG~0.00%
Published-11 Apr, 2018 | 15:00
Updated-16 Sep, 2024 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, an out of bound access for ebi channel array can potentially occur.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9206sd_210mdm9607mdm9650_firmwaresd_212_firmwaresd_212sd_835_firmwaresd_835sd_205sd_210_firmwaresd_205_firmwaremdm9206_firmwaremdm9607_firmwaremdm9650Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-13887
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 55.66%
||
7 Day CHG~0.00%
Published-24 May, 2019 | 16:44
Updated-05 Aug, 2024 | 09:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Untrusted header fields in GNSS XTRA3 function can lead to integer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8909W, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 835, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, SDX20, SM7150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaremdm9635m_firmwaresd_632sd_675sd_439sd_670_firmwaresd_429sdm439mdm9650sd_636sm7150_firmwaremsm8909w_firmwaresd_450_firmwaresd_845_firmwaresm7150qcs605_firmwaresd_675_firmwaremdm9206sd_425_firmwaresd_625_firmwaresd_450mdm9635msd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sxr1130_firmwaresd_210_firmwaresd_600sxr1130msm8909wsd_205_firmwaresd_212sd_427_firmwaresd_712sdx20sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435mdm9655_firmwaresd_710_firmwaresdm630sd_625qm215mdm9607sd_210sd_636_firmwaresd_439_firmwaremdm9150sd_429_firmwaresd_212_firmwaresd_850_firmwaremdm9655sdm439_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwareqm215_firmwaresd_427sd_430sd_670sd_435_firmwaresd_710sdx20_firmwaresd_600_firmwaresd_205sdm660_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2017-18127
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.22% / 44.75%
||
7 Day CHG~0.00%
Published-11 Apr, 2018 | 15:00
Updated-17 Sep, 2024 | 00:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 835, SD 845, while processing a SetParam command packet in the VR service, the extracted name_len and value_len values are not checked and could potentially cause a buffer overflow in subsequent calls to memcpy().

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_652sd_212_firmwaresd_625_firmwaresd_450sd_845sd_430_firmwaresd_430sd_650_firmwaresd_625sd_210msm8909w_firmwaresd_820_firmwaresd_820sd_650sd_835_firmwaresd_835sd_205sd_450_firmwaresd_845_firmwaresd_210_firmwaresd_652_firmwaremsm8909wsd_205_firmwaresd_212Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-18071
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.26% / 48.87%
||
7 Day CHG~0.00%
Published-11 Apr, 2018 | 15:00
Updated-16 Sep, 2024 | 23:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, debug policy can potentially be bypassed.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9206sd_652sd_425_firmwaresd_212_firmwaresd_625_firmwaresd_450sd_425sd_430_firmwaremdm9607_firmwaremdm9206_firmwaresd_430sd_625msm8909w_firmwaremdm9607sd_210sd_212sd_650sd_205sd_450_firmwaresd_210_firmwaresd_652_firmwaremsm8909wsd_205_firmwaresd_650_firmwareSnapdragon Mobile, Snapdragon Wear
CVE-2017-17772
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.8||HIGH
EPSS-0.15% / 36.01%
||
7 Day CHG~0.00%
Published-26 Nov, 2024 | 08:55
Updated-09 Jan, 2025 | 21:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Multiple buffer overread vulnerabilities in WLAN

In multiple functions that process 802.11 frames, out-of-bounds reads can occur due to insufficient validation.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_820asd_845sd_625_firmwaresd_820sd_625sd_850sd_820a_firmwaresd_835_firmwaresd_450_firmwaresd_820_firmwaresd_835sd_450sd_850_firmwaresd_845_firmwareSnapdragon
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-18130
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.21% / 42.90%
||
7 Day CHG~0.00%
Published-11 Apr, 2018 | 15:00
Updated-16 Sep, 2024 | 18:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 820, SD 820A, SD 835, SD 845, while playing an ASF file, a buffer over-read can potentially occur.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_820asd_808_firmwaresd_400sd_415sd_616sd_425sd_430_firmwaremdm9607_firmwaresd_615mdm9650sd_650_firmwaresd_625sd_615_firmwaresd_210mdm9607sd_820_firmwaresd_820sd_650sd_808sd_450_firmwaresd_845_firmwaresd_617sd_400_firmwaresd_820a_firmwaremdm9206sd_652sd_425_firmwaresd_212_firmwaresd_625_firmwaresd_450sd_845mdm9206_firmwaresd_430sd_835_firmwaremdm9650_firmwaresd_835sd_205sd_210_firmwaresd_415_firmwaresd_652_firmwaresd_616_firmwaresd_205_firmwaresd_212sd_617_firmwareSnapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-21631
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.07% / 22.36%
||
7 Day CHG~0.00%
Published-04 Jul, 2023 | 04:46
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in Modem

Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from network.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_wear_3100_firmwaresw5100papq8017sd865_5gwcd9335snapdragon_8\+_gen_1wcd9370qca8081_firmwaresnapdragon_429_firmwareqca4004qca6696wcd9340_firmwaresnapdragon_430_firmwarewcd9341_firmwareqcn6024qca6426sc8180x-absnapdragon_auto_4gwcn6740_firmwarefastconnect_6700wcn3610snapdragon_208_firmwaresnapdragon_695_5gsnapdragon_888_5gwsa8832_firmwareqca8337qca6426_firmwaresnapdragon_4_gen_2_firmwareqca6574au_firmwarewcd9341snapdragon_wear_1300qca6574auwsa8810_firmwaresnapdragon_429csra6640sc8180x-af_firmwaremsm8209_firmwaresnapdragon_690_5gsnapdragon_778g\+_5g_firmwaresnapdragon_865\+_5gsnapdragon_765_5gwcn3660b_firmwarefastconnect_6800_firmwaresnapdragon_x24_firmwaresnapdragon_865\+_5g_firmwaresnapdragon_855\+\/860qcn6024_firmwaresnapdragon_x65_5gsnapdragon_636_firmwaresnapdragon_888\+_5g_firmwarec-v2x_9150snapdragon_x50_5gsnapdragon_xr2_5g_firmwaremsm81089205sc8180xp-acsnapdragon_765g_5g_firmwaresnapdragon_660_firmwaresnapdragon_4_gen_2fastconnect_6900wcd9385_firmwareqca6421snapdragon_778g_5gwcd9360snapdragon_x70_firmwareqcs4490snapdragon_662_firmwaresc8180xp-afsnapdragon_x50_5g_firmwaresnapdragon_x24snapdragon_wear_3100qca6421_firmwaresc8180x-adqca6564au_firmwarewsa8810205snapdragon_855_firmware315_5g_firmwareqca6595ausm7315_firmwaresnapdragon_865_5g_firmwaresnapdragon_wear_2500wcd9326_firmwareqcs8550_firmwareqca6436_firmwaresc8180x-afqcs4490_firmwarewcn3910_firmwareqts110snapdragon_680_4gqca6420wcn3910snapdragon_212_firmwarewcd9370_firmwarecsrb31024snapdragon_480\+_5g_firmwaresnapdragon_765_5g_firmwarewcn3660bqca6574awcn3620_firmwareqca6174asnapdragon_695_5g_firmwaresnapdragon_750g_5g_firmwarewcd9340qcm2290sc8180xp-aa_firmwareqcm6490215snapdragon_x55_5g_firmwarewcn3988qcn9024qca6430_firmwaresc8180x-aasnapdragon_439_firmwaresdx57msmart_audio_400qcn9024_firmwaresc8180xp-ac_firmwarewcd9326qcm2290_firmwareqca6564asnapdragon_wear_2100_firmwarewsa8830snapdragon_870_5g_firmwaresnapdragon_x65_5g_firmwaresnapdragon_wear_2100sc8180x\+sdx55_firmwaresnapdragon_888\+_5gar8035snapdragon_208wcn3620qcm4325snapdragon_782gsc8180x\+sdx55wcn3950_firmwareqca6698aqfastconnect_6200sc8180x-aa_firmwarewcn3680bsm7325p_firmwarewcd9360_firmwaresnapdragon_210_firmwaresnapdragon_630snapdragon_430fastconnect_6700_firmwaresnapdragon_768g_5gvideo_collaboration_vc3_platform_firmwarewcn3990snapdragon_778g_5g_firmwaresnapdragon_780g_5gqcs6490snapdragon_210snapdragon_778g\+_5gfastconnect_6200_firmwarewsa8830_firmwareqca6431sd660_firmwaresnapdragon_7c\+_gen_3wsa8832sdx57m_firmwaresxr2130_firmwarear8035_firmwaresnapdragon_680_4g_firmwaremsm8608_firmwaresd888_firmwaresnapdragon_630_firmwaremsm8209snapdragon_439wcd9306qca6564ausnapdragon_460snapdragon_636snapdragon_wear_1300_firmwaresc8180xp-adwsa8815_firmwaresnapdragon_865_5gqca8337_firmwaresnapdragon_665_firmwaresnapdragon_auto_4g_firmwareqcm4290snapdragon_480_5g_firmwaresnapdragon_4_gen_1_firmwaresd_455_firmwaremsm8608snapdragon_685_4gqca9377_firmwareqcm6490_firmwaresnapdragon_w5\+_gen_1snapdragon_665sm7250p_firmware205_firmwareqcm4490_firmwarewcn3950snapdragon_690_5g_firmwareqca4004_firmwareapq8037smart_audio_400_firmwaresnapdragon_460_firmwaresmart_audio_200_firmwaresd_455snapdragon_auto_5g_firmwaresm7250pcsrb31024_firmwaresnapdragon_768g_5g_firmwaresc8180x-ad_firmwaresd888snapdragon_wear_2500_firmwaresw5100_firmwarewcn6740fastconnect_6800snapdragon_662fastconnect_7800_firmwaresnapdragon_855\+\/860_firmwarefastconnect_6900_firmwaresc8180xp-aaapq8017_firmwarewcd93809205_firmwaresmart_audio_200snapdragon_xr2_5g215_firmwaresnapdragon_888_5g_firmwaresnapdragon_765g_5gsw5100video_collaboration_vc3_platformaqt1000wcd9306_firmwarec-v2x_9150_firmwaresnapdragon_x70sd855qca6431_firmwaresnapdragon_8_gen_1_firmwaresc8180x-ab_firmwarewcn3990_firmwaresm7315snapdragon_750g_5gqca6698aq_firmwareqcs2290qca6564a_firmwarewcd9385msm8909w_firmwareqcs2290_firmwaresc8180xp-ab_firmwarewcn3615wcn3610_firmwaresnapdragon_8_gen_1qcs4290sc8180xp-abqca6430snapdragon_782g_firmwaresnapdragon_855sdx55_firmwaresnapdragon_x55_5gsc8180xp-ad_firmwarewcn3615_firmwaresxr2130msm8108_firmwareqcm4490snapdragon_4_gen_1snapdragon_870_5gcsra6640_firmwaresnapdragon_480\+_5gqca6174a_firmwaresnapdragon_685_4g_firmwaresm7325papq8037_firmwareqca6420_firmwareaqt1000_firmwareqcs6490_firmwaresnapdragon_480_5gsd855_firmwarewcd9335_firmwarewcn3980_firmwareqca6436sc8180x-acwsa8835qca6595au_firmwareqca6391_firmwaresc8180x-ac_firmwaresw5100p_firmwareqca6696_firmwareqcs4290_firmwarewcd9380_firmwarecsra6620qca8081sd660mdm9628wsa8815sg4150pqca9377snapdragon_auto_5gmdm9628_firmwareqcm4325_firmwaresnapdragon_660qca6574a_firmwaresdx55qcm4290_firmwaresnapdragon_8\+_gen_1_firmwarewcd9375_firmwaresnapdragon_7c\+_gen_3_firmware315_5gqca6391snapdragon_w5\+_gen_1_firmwareqts110_firmwaresg4150p_firmwaresnapdragon_780g_5g_firmwaresc8180xp-af_firmwarecsra6620_firmwareqcs8550fastconnect_7800sd865_5g_firmwaresnapdragon_425_firmwarewcd9375wcn3988_firmwaresnapdragon_212wsa8835_firmwarewcn3980msm8909wsnapdragon_425wcn3680b_firmwareSnapdragon
CWE ID-CWE-20
Improper Input Validation
CVE-2018-11953
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.27% / 49.88%
||
7 Day CHG~0.00%
Published-24 May, 2019 | 16:44
Updated-05 Aug, 2024 | 08:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While processing ssid IE length from remote AP, possible out-of-bounds access may occur due to crafted ssid IE length in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 650/52, SD 820, SD 820A, SDM439, SDX20

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaremdm9150_firmwaresd_632mdm9640_firmwaresd_820amsm8996au_firmwaresd_439sdx20sd_415sd_616sd_425sd_429sdm439mdm9607_firmwaresd_615mdm9650sd_650_firmwaresd_625qca6574ausd_615_firmwaremsm8909w_firmwaremdm9607msm8996auqm215sd_210sd_650sd_820_firmwaresd_820sd_450_firmwaresd_439_firmwaresd_820a_firmwaremdm9150sd_429_firmwaremdm9206sd_652qca6174a_firmwareqca6174aqca9379_firmwaresd_212_firmwaresd_425_firmwaresd_625_firmwaresd_450sdm439_firmwareqca9377mdm9206_firmwareqm215_firmwaresd_632_firmwaremdm9650_firmwaresdx20_firmwaresd_205qca6574au_firmwaresd_210_firmwaresd_415_firmwaresd_652_firmwaremsm8909wqca9379sd_616_firmwaresd_205_firmwaresd_212mdm9640Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-14909
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.11% / 28.86%
||
7 Day CHG~0.00%
Published-05 Dec, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a count value that is read from a file is not properly validated.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-20
Improper Input Validation
CVE-2017-14917
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.11% / 28.86%
||
7 Day CHG~0.00%
Published-05 Dec, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, buffer sizes in the message passing interface are not properly validated.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-14916
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.11% / 28.86%
||
7 Day CHG~0.00%
Published-05 Dec, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, buffer sizes in the message passing interface are not properly validated.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-14906
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.56% / 67.86%
||
7 Day CHG~0.00%
Published-30 Mar, 2018 | 15:00
Updated-16 Sep, 2024 | 16:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mobile MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, PKCS7 padding is not supported by the crypto storage APIs.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidSnapdragon IoT, Snapdragon Mobile
CVE-2017-14911
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.02% / 77.03%
||
7 Day CHG~0.00%
Published-30 Mar, 2018 | 15:00
Updated-17 Sep, 2024 | 02:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mobile, Snapdragon Automobile APQ8096AU, MDM9206, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 625, SD 650/52, SD 820, SD 835, it is possible for the XBL loader to skip the authentication of device config.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9206sd_652sd_425_firmwaresd_212_firmwaresd_625_firmwareapq8096aumsm8996au_firmwaresd_425sd_430_firmwaremdm9206_firmwaresd_430mdm9650sd_625apq8096au_firmwaresd_210sd_820_firmwaremsm8996ausd_820sd_650sd_835_firmwaremdm9650_firmwaresd_212sd_835sd_205sd_210_firmwaresd_652_firmwaresd_205_firmwaresd_650_firmwareSnapdragon IoT, Snapdragon Mobile, Snapdragon Automobile
CWE ID-CWE-287
Improper Authentication
CVE-2017-14918
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.12% / 31.78%
||
7 Day CHG~0.00%
Published-05 Dec, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the GPS location wireless interface, a Use After Free condition can occur.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-416
Use After Free
CVE-2017-14912
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.70% / 71.92%
||
7 Day CHG~0.00%
Published-30 Mar, 2018 | 15:00
Updated-17 Sep, 2024 | 01:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mobile [VERSION]: MDM9206, MDM9607, MDM9650, MSM8909W, SD 200, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 835, the attributes of buffers in Secure Display were not marked properly.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_412sd_400sd_415sd_616sd_425sd_430_firmwaremdm9607_firmwaresd_615mdm9650sd_650_firmwaresd_625sd_615_firmwaremsm8909w_firmwaremdm9607sd_210sd_650sd_800sd_410sd_617sd_400_firmwaremdm9206sd_652sd_425_firmwaresd_212_firmwaresd_800_firmwaresd_625_firmwaresd_412_firmwaremdm9206_firmwaresd_430sd_835_firmwaremdm9650_firmwaresd_410_firmwaresd_835sd_205sd_210_firmwaresd_415_firmwaresd_652_firmwaremsm8909wsd_616_firmwaresd_205_firmwaresd_212sd_617_firmwareSnapdragon IoT, Snapdragon Mobile
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-14915
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.83% / 74.30%
||
7 Day CHG~0.00%
Published-30 Mar, 2018 | 15:00
Updated-17 Sep, 2024 | 02:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before 2018-01-05 on Qualcomm Snapdragon Mobile SD 625, SD 650/52, SD 835, accessing SPCOM functions with a compromised client structure can result in a Use After Free condition.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_652sd_625sd_835_firmwaresd_625_firmwaresd_650sd_835sd_652_firmwaresd_650_firmwareSnapdragon Mobile
CWE ID-CWE-416
Use After Free
CVE-2017-14914
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.11% / 28.86%
||
7 Day CHG~0.00%
Published-05 Dec, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, handles in the global client structure can become stale.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-20
Improper Input Validation
CVE-2017-14907
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.07% / 20.39%
||
7 Day CHG~0.00%
Published-05 Dec, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, cryptographic strength is reduced while deriving disk encryption key.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CVE-2022-40510
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.12% / 31.74%
||
7 Day CHG~0.00%
Published-08 Aug, 2023 | 09:14
Updated-03 Aug, 2024 | 12:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer copy without checking size of input in Audio.

Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresd_8cx_gen3_firmwaremdm9640_firmwaresm6250p_firmwareqcs610qca8337qca6431_firmwarewcd9360_firmwaresdx65wcn3950_firmwaresc8180x\+sdx55sa8150p_firmwareqcs2290qca6595au_firmwaresa6155qca6335msm8917sd_455_firmwarecsra6620_firmwareqcs605_firmwareapq8076sd_675_firmwarecsra6640_firmwareqcs6125_firmwaresd632msm8108sa415msm4375wcn3998wcd9371_firmwaremsm8108_firmwareqam8295pwcn3950qcn6024_firmwaresd720gsm4125mdm9206_firmwaresd_8cx_gen2_firmwaremdm9628sd_8_gen1_5g_firmwarewcn3660bsd450_firmwaresd710_firmwaresd460_firmwareqca4020wcn7850qca6574au_firmwarewcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwaresdx12_firmwaremsm8909wapq8009w_firmwareqca6420wcd9360sd680_firmwareqca9367_firmwaremdm8207wcn3999sd_8cx_gen2qrb5165_firmwareqrb5165m_firmwareqcs6125sa8155_firmwaresd662_firmwareqcs405qca6430wcd9306_firmwarewcd9340sd626_firmwaresd765gsw5100sd680qca4020_firmwareqca6436wcn6851sa6155pqcs603_firmwarewcn7851_firmwaremsm8937msm8209_firmwaremdm9250_firmwarewcn3660_firmwarewcd9341pm8937_firmwareqca6696_firmwareqca6431wcd9371sd870_firmwaresd750gwcn3910_firmwaresxr2150p_firmwaresd_8cxsa8150pmdm9207_firmwarewsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwaresd712wcn3988sd660_firmwarewcn7850_firmwaresa8195p_firmwaremsm8208_firmwarewcn6750_firmwaresa8295p_firmwaresd450wcn3610msm8608mdm9640wcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwaresdm429wsw5100pmsm8996au_firmwarewcd9330sd625_firmwareqca6564ausdx55m_firmwarewcn6856_firmwaremsm8940_firmwaresd670_firmwareqca6574sd632_firmwarewcd9380qcs410sd690_5g_firmwaresdx50m_firmwareqca9379_firmwaresdx24_firmwareqcn9012_firmwaresd626qca6430_firmwaresd439_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqcs605wcd9340_firmwarewsa8815wcn6850sd7cwcn3910qca6320msm8937_firmwaremdm9650_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680sd695qca9984sd835qcn9024wcn3980_firmwaresd730wcd9330_firmwaresdx55mqcc5100_firmwaresa8295pqca6421_firmwarewcn6740_firmwaresd678_firmwareapq8064au_firmwarear8031_firmwarewcn3680_firmwareqrb5165wcn6851_firmwareqcs603sd670sd_636_firmwareqcn9024_firmwareqca6564a_firmwareapq8009wqcm4290_firmwaresd480sd870wcn6855sw5100p_firmwaresd210_firmwareqcs610_firmwareqsm8250sa6145psd695_firmwaresdxr1ar8031apq8096auqca6595_firmwareqcs405_firmwaremdm8207_firmwaresdm630_firmwaresd820_firmwareqca6391_firmwarewcd9370_firmwareqm215_firmwaresd780g_firmwaresdx55sa8155pcsra6640sd675sd439wcn3660qca9379sxr2150par8035_firmwareqsm8250_firmwareqcm2290wcn3991_firmwaremdm9150_firmwarewsa8830sd678qcs2290_firmwaresd7c_firmwarecsrb31024mdm9628_firmwaremdm9650sd_636csra6620qcs4290mdm9250sd765g_firmwareqca6420_firmwareqca6390_firmwareapq8009_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwaresd625qca6426qca6584au_firmwarewcn3990_firmwareqrb5165n_firmwareapq8076_firmwareqca9984_firmwareqca9377sdw2500_firmwaresd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwaresd662qam8295p_firmwareapq8037qcn9011_firmwaresa8155qca6320_firmwarewcn3680b_firmwaresdx55_firmwarewcn3615qca6595auwcn3999_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwareqrb5165nmdm9207wcd9306qca6584ausd778gqca6564au_firmwaremsm8208sa6155p_firmwareqca6310pm8937wcn7851sd429sa515m_firmwareqcs6490sdxr2_5gqca9367sdm630mdm9607_firmwaresa415m_firmwarewcn3988_firmwareqcn9074sd205qm215qca6421sd429_firmwaresd778g_firmwaresa6145p_firmwaresa8195psm6250sd712_firmwareapq8017_firmwarewsa8810_firmwaresm4375_firmwaresd765_firmwarewcd9326wcd9335qca8081qca6174a_firmwareqcs4290_firmwarewcd9385qcs6490_firmwaresd_8cx_gen3qca6390wcd9375sd750g_firmwareaqt1000ar8035apq8064ausc8180x\+sdx55_firmwaresm6250_firmwaresda429wmsm8917_firmwaresd210wcn3620_firmwaresdx20_firmwarewsa8815_firmwaresd888_5g_firmwaresd820qcm6490wcn6850_firmwarewsa8835_firmwarewcn3620apq8017qcx315qca6564aqcm6125_firmwareqcm2290_firmwarewcn3990sd_675sd780gsd865_5gqca6595qcc5100sdx24qcn9012msm8909w_firmwareqcx315_firmwarewsa8835msm8996ausdm429w_firmwaresd665_firmwaresd_8_gen1_5gsd888_5gsm6250pqca6574amdm9206wcn6855_firmwareqca6174asm7325pqca6310_firmwarewcn6750sa515mqca6574_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665sd765qca6574a_firmwaresd768g_firmwaremsm8209qrb5165msd850_firmwareapq8009sd460qca6391sdxr1_firmwareaqt1000_firmwaremsm8920sdx65_firmwareqcm4290csrb31024_firmwareqcm6490_firmwaresdx50msdx20sd480_firmwaremsm8920_firmwareqcn9011sd_455qca6574ausd710sa8155p_firmwaremdm9607sd205_firmwarewcd9341_firmwareqcm6125wsa8810mdm9150wcn6856wcn3680bsd835_firmwaresd768gwcn6740qca6696sd845_firmwaremsm8608_firmwaresdw2500msm8940apq8096au_firmwareqcn6024sd845apq8037_firmwaresm7250psd720g_firmwaresdx12sw5100_firmwareqcs410_firmwareqcn9074_firmwaresd850Snapdragonqca9377_firmwaresd_8cx_gen3_firmwaremdm9150_firmwarewcn3991_firmwaremdm9640_firmwaresm6250p_firmwareqcs2290_firmwareqca6431_firmwaresd7c_firmwaremdm9628_firmwarewcd9360_firmwarewcn3950_firmwaresa8150p_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqca6390_firmwareapq8009_firmwaresd730_firmwaresd_455_firmwarecsra6620_firmwareqcs605_firmwaresd_675_firmwaresd675_firmwarecsra6640_firmwareqcs6125_firmwareqca6584au_firmwareapq8076_firmwareqrb5165n_firmwarewcn3990_firmwareqca9984_firmwaresdw2500_firmwaresd_8cx_firmwaremsm8108_firmwaresdxr2_5g_firmwaresd_8cx_gen2_firmwareqcn6024_firmwarewcd9326_firmwarewcd9371_firmwaremdm9206_firmwarewcd9385_firmwaresd_8_gen1_5g_firmwarewcn3615_firmwaresd450_firmwaresd710_firmwaresd460_firmwareqam8295p_firmwareqcn9011_firmwareqca6320_firmwareqca6574au_firmwaresdx55_firmwarewcn3680b_firmwarewcd9375_firmwareqca8081_firmwaresa6155_firmwaresdx12_firmwaresm7250p_firmwarewcn3998_firmwareapq8009w_firmwarewcn3610_firmwareqca6436_firmwarewcn3999_firmwareqca6564au_firmwaresd680_firmwaresa6155p_firmwareqca9367_firmwaresa515m_firmwareqrb5165_firmwareqrb5165m_firmwaresa8155_firmwaresd662_firmwaremdm9607_firmwaresa415m_firmwarewcn3988_firmwaresa6145p_firmwaresd429_firmwarewcd9306_firmwaresd712_firmwaresd778g_firmwareapq8017_firmwaresd626_firmwarewsa8810_firmwarequalcomm215_firmwaresm4375_firmwaresd765_firmwareqca4020_firmwareqcs603_firmwarewcn7851_firmwaremsm8209_firmwareqca6174a_firmwaremdm9250_firmwareqcs4290_firmwarewcn3660_firmwarepm8937_firmwareqca6696_firmwareqcs6490_firmwaresd870_firmwarewcn3910_firmwaresxr2150p_firmwaresd750g_firmwaresm6250_firmwaremdm9207_firmwarewsa8830_firmwaremsm8917_firmwaresd855_firmwaresd865_5g_firmwarewcn3620_firmwaresdx20_firmwarewsa8815_firmwaresd888_5g_firmwarewcn6850_firmwaresd660_firmwarewcn7850_firmwarewsa8835_firmwaresa8195p_firmwaremsm8208_firmwaresa8295p_firmwarewcn6750_firmwareqcm6125_firmwareqcm2290_firmwareqca8337_firmwaresda429w_firmwarewcd9380_firmwaremsm8996au_firmwaresd625_firmwaresdx55m_firmwarewcn6856_firmwaremsm8940_firmwaremsm8909w_firmwareqcx315_firmwaresd632_firmwaresd670_firmwaresdm429w_firmwaresd665_firmwaresd690_5g_firmwaresdx50m_firmwarewcn6855_firmwareqca9379_firmwaresdx24_firmwareqca6310_firmwareqca6430_firmwareqcn9012_firmwarewcd9335_firmwaresd439_firmwareqca6335_firmwareqca6574_firmwarewcd9340_firmwaresm4125_firmwaresm7325p_firmwaremsm8937_firmwaremdm9650_firmwareqca6426_firmwarewcn3660b_firmwareqca6574a_firmwaresd768g_firmwaresd850_firmwarewcn3980_firmwaresdxr1_firmwarewcd9330_firmwareqcc5100_firmwareqca6421_firmwareaqt1000_firmwarewcn6740_firmwaresdx65_firmwaresd678_firmwareapq8064au_firmwarear8031_firmwarecsrb31024_firmwareqcm6490_firmwarewcn3680_firmwaresd480_firmwarewcn6851_firmwaremsm8920_firmwaresa8155p_firmwaresd_636_firmwaresd205_firmwareqca6564a_firmwareqcn9024_firmwarewcd9341_firmwareqcm4290_firmwaresw5100p_firmwaresd210_firmwareqcs610_firmwaresd835_firmwaresd695_firmwareqcs405_firmwareqca6595_firmwaremdm8207_firmwaresdm630_firmwaresd820_firmwareqca6391_firmwaresd845_firmwaremsm8608_firmwaresd780g_firmwarewcd9370_firmwareapq8096au_firmwareapq8037_firmwaresd720g_firmwaresw5100_firmwareqcn9074_firmwareqcs410_firmwarear8035_firmwareqsm8250_firmware
CWE ID-CWE-457
Use of Uninitialized Variable
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-40537
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.3||HIGH
EPSS-0.10% / 26.49%
||
7 Day CHG~0.00%
Published-07 Mar, 2023 | 04:43
Updated-03 Aug, 2024 | 12:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Validation of Array Index in Bluetooth HOST

Memory corruption in Bluetooth HOST while processing the AVRC_PDU_GET_PLAYER_APP_VALUE_TEXT AVRCP response.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresa6150p_firmwareqcs610qca8337wcn3950_firmwaresa8150p_firmwareqcs2290qca6595au_firmwareqca6335msm8917csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaresd632msm8108wcn3998msm8108_firmwarewcn3950sm4125sd720gmdm9628sd_8_gen1_5g_firmwarewcn3660bsd450_firmwaresd710_firmwaresd460_firmwaresm7315_firmwarewcn7850qca6574au_firmwarewcd9375_firmwarewcn3998_firmwaremsm8909wapq8009w_firmwareqca6420sdx20msd680_firmwareqrb5165_firmwareqrb5165m_firmwareqcs6125sa8155_firmwaresd662_firmwareqcs405qca6430wcd9340sd626_firmwaresd765gqualcomm215_firmwaresw5100sd680qca6436wcn6851sa6155pwcn7851_firmwaremsm8209_firmwaremdm9250_firmwarewcn3660_firmwarewcd9341qca6696_firmwaresd870_firmwaresd750gwcn3910_firmwaresxr2150p_firmwaresa8150pwsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwaresnapdragon_4_gen_1wcn3988sd660_firmwarewcn7850_firmwaresa8195p_firmwaresm8475msm8208_firmwareqcn7606_firmwarewcn6750_firmwaresd450wcn3610msm8608wcn3991qca8337_firmwarewcd9380_firmwaresdm429wsw5100pmsm8996au_firmwaresd625_firmwareqca6564ausdx55m_firmwarewcn6856_firmwaresd670_firmwareqca6574sd632_firmwarewcd9380qualcomm215qcs410sd690_5g_firmwaresdx50m_firmwaresdx24_firmwareqcn9012_firmwaresd626qca6430_firmwaresd439_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqcs605wcd9340_firmwarewsa8815wcn6850wcn3910qca6320mdm9650_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680sd695sd835wcn3980_firmwaresd730sdx55mqcc5100_firmwarewcn6740_firmwaresd678_firmwareapq8064au_firmwarear8031_firmwarewcn3680_firmwareqrb5165wcn6851_firmwaresd670sd_636_firmwareqca6564a_firmwareapq8009wqcm4290_firmwaresd480sd870wcn6855sw5100p_firmwaresd210_firmwareqcs610_firmwaresa6145psd695_firmwaresdxr1ar8031apq8096auqcs405_firmwaresa8145psdm630_firmwareqca6391_firmwarewcd9370_firmwaresd780g_firmwaresdx55sd888_firmwaresa8155pcsra6640sd675sd439wcn3660sxr2150pqcm2290qcn7606wcn3991_firmwaremdm9150_firmwarewsa8830sd678sa8145p_firmwareqcs2290_firmwaremdm9628_firmwaresnapdragon_4_gen_1_firmwaremdm9650sd_636csra6620qcs4290mdm9250sd765g_firmwareqca6420_firmwareqca6390_firmwareapq8009_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwaresd625qca6426qca6584au_firmwarewcn3990_firmwareqrb5165n_firmwareqca9377sdw2500_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwaresd662qcn9011_firmwaresa8155qca6320_firmwarewcn3680b_firmwaresdx55_firmwarewcn3615qca6595ausm7250p_firmwarewcn3610_firmwareqca6436_firmwareqrb5165nqca6564au_firmwareqca6584ausd778gsa6155p_firmwaremsm8208qca6310wcn7851sd429qcs6490sdxr2_5gsdm630mdm9607_firmwarewcn3988_firmwareqcn9074sd205sd429_firmwaresa6145p_firmwaresd778g_firmwaresm6250sa8195papq8017_firmwarewsa8810_firmwaresd765_firmwarewcd9326wcd9335qca6174a_firmwareqcs4290_firmwarewcd9385qcs6490_firmwareqca6390wcd9375sd750g_firmwareaqt1000apq8064ausm6250_firmwaremsm8917_firmwaresd210wcn3620_firmwaresdx20_firmwarewsa8815_firmwaresd888_5g_firmwareqcm6490wcn6850_firmwarewsa8835_firmwarewcn3620apq8017qca6564aqcm6125_firmwareqcm2290_firmwarewcn3990sd_675sd780gsd865_5gqcc5100sdx24qcn9012sd888msm8909w_firmwarewsa8835msm8996ausdm429w_firmwaresd665_firmwaresd888_5gqca6574awcn6855_firmwareqca6174asm7325pqca6310_firmwarewcn6750qca6574_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665sd765qca6574a_firmwaresd768g_firmwaremsm8209qrb5165msm7315apq8009sd460qca6391sdxr1_firmwareaqt1000_firmwareqcm4290qcm6490_firmwaresdx50msdx20sd480_firmwareqcn9011qca6574ausd710sa8155p_firmwaremdm9607sd205_firmwarewcd9341_firmwaresdx20m_firmwareqcm6125wsa8810mdm9150wcn6856wcn3680bsd835_firmwaresd768gwcn6740qca6696sd845_firmwaremsm8608_firmwaresdw2500sa6150papq8096au_firmwaresd845sm7250psd720g_firmwaresw5100_firmwareqcn9074_firmwareqcs410_firmwareSnapdragon
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2022-40515
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.3||HIGH
EPSS-0.10% / 26.49%
||
7 Day CHG~0.00%
Published-07 Mar, 2023 | 04:43
Updated-03 Aug, 2024 | 12:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Double free in Video

Memory corruption in Video due to double free while playing 3gp clip with invalid metadata atoms.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresa6150p_firmwareqcs610wcn3950_firmwaresa8150p_firmwareqcs2290qca6595au_firmwareqca6335csra6620_firmwareqcs605_firmwareapq8076sd_675_firmwarecsra6640_firmwareqcs6125_firmwaremsm8108wcn3998msm8108_firmwarewcn3950sm4125sd720gmdm9628mdm9206_firmwaresd_8_gen1_5g_firmwarewcn3660bsd710_firmwaresd460_firmwaresm7315_firmwarewcn7850qca6574au_firmwarewcd9375_firmwarewcn3998_firmwaremsm8909wapq8009w_firmwareqca6420sdx20msd680_firmwareqca9367_firmwareqcs6125apq8056_firmwaresd662_firmwareqcs405qca6430wcd9340sd626_firmwaresd765gqualcomm215_firmwaresw5100sd680qca6436wcn6851sa6155pwcn7851_firmwareapq8052msm8209_firmwaremdm9250_firmwarewcd9341qca6696_firmwaresd870_firmwaresd750gwcn3910_firmwaresxr2150p_firmwaresa8150pwsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwaresnapdragon_4_gen_1wcn3988sd660_firmwarewcn7850_firmwaresa8195p_firmwaresm8475msm8208_firmwareqcn7606_firmwarewcn6750_firmwarewcn3610msm8608wcn3991sda429w_firmwarewcd9380_firmwaresdm429wsw5100pmsm8996au_firmwarewcd9330sd625_firmwareqca6564ausdx55m_firmwarewcn6856_firmwaremsm8976_firmwareqca6574sd670_firmwarewcd9380qualcomm215qcs410sd690_5g_firmwaresdx50m_firmwaresd626qca6430_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqcs605wcd9340_firmwarewsa8815wcn6850wcn3910msm8956_firmwareqca6320mdm9650_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680sd695sd835wcn3980_firmwaresd730wcd9330_firmwaresdx55mqcc5100_firmwarewcn6740_firmwaresd821_firmwaresd678_firmwareapq8064au_firmwarear8031_firmwarewcn3680_firmwarewcn6851_firmwaresd670qca6564a_firmwareapq8009wmsm8976sg_firmwareqcm4290_firmwaresd480sd870wcn6855sw5100p_firmwaresd210_firmwareqcs610_firmwaresa6145psd695_firmwaresdxr1ar8031apq8096auqcs405_firmwaresa8145psd820_firmwareqca6391_firmwarewcd9370_firmwaresd780g_firmwaresdx55sd888_firmwaresa8155pcsra6640sd675sxr2150pqcm2290qcn7606wcn3991_firmwaremdm9150_firmwarewsa8830sd678sa8145p_firmwareqcs2290_firmwaremdm9628_firmwaresnapdragon_4_gen_1_firmwaremdm9650csra6620qcs4290mdm9250sd765g_firmwareqca6420_firmwareqca6390_firmwareapq8009_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwaresd625qca6564qca6426wcn3990_firmwareapq8076_firmwareqca9377sdw2500_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwaresd662qca6320_firmwarewcn3680b_firmwaresdx55_firmwarewcn3615qca6595ausm7250p_firmwarewcn3610_firmwareqca6436_firmwareqca6564au_firmwaresd778gsa6155p_firmwareqca6310msm8208wcn7851sd429qcs6490sdxr2_5gqca9367sd821mdm9607_firmwaremsm8976sgwcn3988_firmwareqcn9074sd205sd429_firmwaresa6145p_firmwaresd778g_firmwaresm6250sa8195pwsa8810_firmwaresd765_firmwarewcd9326wcd9335qca6174a_firmwareqcs4290_firmwarewcd9385qcs6490_firmwareqca6390wcd9375sd750g_firmwareaqt1000msm8956msm8976sm6250_firmwareapq8064aumsm8952apq8056sda429wsd210wcn3620_firmwaresdx20_firmwarewsa8815_firmwaresd888_5g_firmwaresd820qcm6490wcn6850_firmwarewsa8835_firmwarewcn3620qca6564aqcm6125_firmwareqcm2290_firmwarewcn3990sd_675sd780gsd865_5gqcc5100sd888msm8952_firmwaremsm8909w_firmwarewsa8835msm8996ausdm429w_firmwaresd665_firmwaresd888_5gqca6574amdm9206wcn6855_firmwareqca6174asm7325pqca6310_firmwarewcn6750apq8052_firmwareqca6574_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665sd765qca6574a_firmwaresd768g_firmwaremsm8209sm7315apq8009sd460qca6391sdxr1_firmwareaqt1000_firmwareqcm4290qcm6490_firmwaresdx50msdx20sd480_firmwareqca6574ausd710sa8155p_firmwaremdm9607sd205_firmwarewcd9341_firmwaresdx20m_firmwareqcm6125wsa8810mdm9150wcn6856wcn3680bsd835_firmwareqca6564_firmwaresd768gwcn6740qca6696sd845_firmwaremsm8608_firmwaresdw2500sa6150papq8096au_firmwaresd845sm7250psd720g_firmwaresw5100_firmwareqcn9074_firmwareqcs410_firmwareSnapdragonqca9377_firmwarewcn3991_firmwaremdm9150_firmwaresa6150p_firmwaresa8145p_firmwareqcs2290_firmwaremdm9628_firmwaresnapdragon_4_gen_1_firmwarewcn3950_firmwaresa8150p_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqca6390_firmwareapq8009_firmwaresd730_firmwarecsra6620_firmwareqcs605_firmwaresd_675_firmwaresd675_firmwarecsra6640_firmwareqcs6125_firmwareapq8076_firmwarewcn3990_firmwaresdw2500_firmwaremsm8108_firmwaresdxr2_5g_firmwarewcd9385_firmwarewcd9326_firmwarewcn3615_firmwaremdm9206_firmwaresd_8_gen1_5g_firmwaresd710_firmwaresd460_firmwaresm7315_firmwareqca6320_firmwareqca6574au_firmwaresdx55_firmwarewcn3680b_firmwarewcd9375_firmwarewcn3998_firmwaresm7250p_firmwareapq8009w_firmwarewcn3610_firmwareqca6436_firmwareqca6564au_firmwaresd680_firmwaresa6155p_firmwareqca9367_firmwareapq8056_firmwaresd662_firmwaremdm9607_firmwarewcn3988_firmwaresa6145p_firmwaresd429_firmwaresd778g_firmwaresd626_firmwarewsa8810_firmwarequalcomm215_firmwaresd765_firmwarewcn7851_firmwaremsm8209_firmwareqca6174a_firmwaremdm9250_firmwareqcs4290_firmwareqca6696_firmwareqcs6490_firmwaresd870_firmwarewcn3910_firmwaresxr2150p_firmwaresd750g_firmwaresm6250_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewcn3620_firmwaresdx20_firmwarewsa8815_firmwaresd888_5g_firmwarewcn6850_firmwaresd660_firmwarewcn7850_firmwarewsa8835_firmwaresa8195p_firmwaremsm8208_firmwareqcn7606_firmwarewcn6750_firmwareqcm6125_firmwareqcm2290_firmwaresda429w_firmwarewcd9380_firmwaremsm8996au_firmwaresd625_firmwaresdx55m_firmwarewcn6856_firmwaremsm8952_firmwaremsm8909w_firmwaremsm8976_firmwaresd670_firmwaresdm429w_firmwaresd665_firmwaresd690_5g_firmwaresdx50m_firmwarewcn6855_firmwareqca6310_firmwareqca6430_firmwarewcd9335_firmwareapq8052_firmwareqca6335_firmwareqca6574_firmwarewcd9340_firmwaresm4125_firmwaresm7325p_firmwaremsm8956_firmwaremdm9650_firmwareqca6426_firmwarewcn3660b_firmwareqca6574a_firmwaresd768g_firmwarewcn3980_firmwaresdxr1_firmwarewcd9330_firmwareqcc5100_firmwareaqt1000_firmwarewcn6740_firmwaresd821_firmwaresd678_firmwareapq8064au_firmwarear8031_firmwareqcm6490_firmwarewcn3680_firmwaresd480_firmwarewcn6851_firmwaresa8155p_firmwaresd205_firmwareqca6564a_firmwaremsm8976sg_firmwarewcd9341_firmwaresdx20m_firmwareqcm4290_firmwaresw5100p_firmwaresd210_firmwareqcs610_firmwaresd835_firmwareqca6564_firmwaresd695_firmwareqcs405_firmwaresd820_firmwareqca6391_firmwaresd845_firmwaremsm8608_firmwaresd780g_firmwarewcd9370_firmwaresd888_firmwareapq8096au_firmwaresd720g_firmwaresw5100_firmwareqcn9074_firmwareqcs410_firmware
CWE ID-CWE-415
Double Free
CVE-2017-11006
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.12% / 31.78%
||
7 Day CHG~0.00%
Published-05 Dec, 2017 | 19:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a Use After Free condition can occur during positioning.

Action-Not Available
Vendor-Google LLCQualcomm Technologies, Inc.
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-416
Use After Free
CVE-2017-11076
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.8||HIGH
EPSS-0.21% / 43.06%
||
7 Day CHG~0.00%
Published-26 Nov, 2024 | 08:55
Updated-09 Jan, 2025 | 21:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use of Out-of-range Pointer Offset in Video

On some hardware revisions where VP9 decoding is hardware-accelerated, the frame size is not programmed correctly into the decoder hardware which can lead to an invalid memory access by the decoder.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_615sd_820sdm632_firmwaremsm8909w_firmwaresd_210_firmwaresd_625sd_616_firmwaresdm632sd_810sdm636_firmwaresdm710_firmwaresd_450sd_820asd_425sd_210sdm439_firmwaresd_625_firmwaresd_415_firmwaresd_205msm8996au_firmwaresdm660_firmwaresnapdragon_high_med_2016_firmwaresd_435_firmwaresd_427_firmwaresdm710sd_820_firmwaresd_835sdm429sd_616sd_810_firmwaresdm630sd_845sd_435sd_212_firmwaresnapdragon_high_med_2016sdm429_firmwaresd_820a_firmwaresd_835_firmwaresd_450_firmwaresd_427sdm660sd_205_firmwaremsm8996ausd_212sd_425_firmwaresdm630_firmwaremsm8909wsdm439sd_415sdm636sd_430sd_615_firmwaresd_430_firmwaresd_845_firmwareSnapdragon
CWE ID-CWE-823
Use of Out-of-range Pointer Offset
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-40514
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.32% / 54.90%
||
7 Day CHG+0.02%
Published-09 Feb, 2023 | 06:58
Updated-03 Aug, 2024 | 12:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer copy without checking size of input in WLAN Firmware

Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_8cx_gen3_firmwareqca2066sa6150p_firmwaresm6250p_firmwareqcs610qca8337ar9380ipq8173_firmwareqca6431_firmwarewcd9360_firmwaresdx65qcn5124qca4024_firmwarewcn3950_firmwareipq8078aipq5028_firmwaresa8150p_firmwareqcs2290qca6595au_firmwaresa6155qca6335qca2062sd_455_firmwarecsra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaresa415mwcn3998qca6554a_firmwarewcd9371_firmwareqam8295pwcn3950qcn6024_firmwaresd720gsm4125sd_8cx_gen2_firmwareipq8076aqca8386_firmwaresd_8_gen1_5g_firmwareqca8084_firmwareqsm8350_firmwaresd710_firmwareqsm8350sd460_firmwaresm7315_firmwarewcn7850qca6574au_firmwareqcn5164_firmwarewcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwareqca6420wcd9360qca9986sd680_firmwareipq8065ipq8078a_firmwareqca6678aq_firmwarewcn3999sd_8cx_gen2qrb5165_firmwareipq5028qrb5165m_firmwareqca6698aqqcs6125sa8155_firmwareipq6010sd662_firmwareipq8068qcs405qca6430wcd9340qcn6132sd765gsw5100sd680qca6436wcn6851sa6155pqcs603_firmwarewcn7851_firmwareqca6698aq_firmwareqca9888_firmwareqcn6122wcd9341ipq8068_firmwareqca2066_firmwareqca6696_firmwareqca6431wcd9371sd870_firmwaresd750gqca1062qcn5154_firmwarewcn3910_firmwaresxr2150p_firmwaresd_8cxsa8150pwsa8830_firmwareqca9992_firmwaresd660sd865_5g_firmwaresnapdragon_4_gen_1sd712sd855_firmwarewcn3988sd660_firmwarewcn7850_firmwaresa8195p_firmwaresm8475qcn5022_firmwarewcn6750_firmwaresa8295p_firmwareipq5018_firmwareqca9985_firmwarewcn3991qca8337_firmwarewcd9380_firmwaressg2125pipq8072aqca9980_firmwaresw5100pipq8076a_firmwareipq8078qca8084sdx55m_firmwareipq8173qca6564auwcn6856_firmwareqcn5164sd670_firmwareqca6574csr8811_firmwarewcd9380qcn5054_firmwareqcs410qcn5024sd690_5g_firmwaresdx50m_firmwaresxr1230pqca8072_firmwareqca9985qcn9012_firmwareqca6430_firmwareqcn9274_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980qca6335_firmwareipq6018_firmwareqcm4325_firmwareqcs605wcd9340_firmwarewsa8815wcn6850sd7cqcn6112wcn3910qca6320qca9986_firmwareqca6426_firmwaresd695ipq6028ipq8064sd835qca9984qcn9024ipq9574_firmwarewcn3980_firmwaresd730sdx55mipq8064_firmwareqcc5100_firmwaresa8295pqca6421_firmwareqca2062_firmwarewcn6740_firmwareqca6678aqsd678_firmwarear8031_firmwareipq8078_firmwareqcn5054qrb5165wcn6851_firmwareqcs603qca9994qca9980sd670qcn9024_firmwareipq8174_firmwaresd_636_firmwareqca6564a_firmwareqcm4290_firmwaresd480sd870wcn6855wsa8832sw5100p_firmwareqcs610_firmwareqsm8250sa6145pipq6018qca9886_firmwaresd695_firmwaresdxr1ar8031qca6595_firmwareqcs405_firmwaresa8145psdm630_firmwareqca6391_firmwaresa4150p_firmwareqca4024wcd9370_firmwareqca2064sd780g_firmwaresdx55sd888_firmwaresa8155pcsra6640sd675ssg2115p_firmwaresxr2150par8035_firmwareqsm8250_firmwareqcm2290qcn5024_firmwarewcn3991_firmwarewsa8830sd678qcn9070sxr2230p_firmwaresa8145p_firmwareqca1062_firmwareqcs2290_firmwaresd7c_firmwarecsrb31024snapdragon_4_gen_1_firmwaresd_636csra6620qca8082qcn9072qca8386qca9992qcs4290sd765g_firmwareqca6420_firmwareqca6390_firmwareqca2064_firmwaresd690_5gipq6000sd730_firmwarewcd9370sd675_firmwaressg2115pqcn5152_firmwareqca6426qca6584au_firmwarewcn3990_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwareipq5018sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwareipq8074aqca2065sd662qcn5124_firmwareqam8295p_firmwareqcn6102_firmwareqcn9011_firmwareqca1064sa8155qcn6100_firmwareqca8082_firmwareqca6320_firmwareqcn5122_firmwaresdx55_firmwareqca6595auqcn6023_firmwarewcn3999_firmwaresm7250p_firmwareqca6436_firmwareqrb5165nipq5010qca6564au_firmwareqca6584ausd778gsa6155p_firmwareqca6310qcn9274ipq8174wcn7851sa515m_firmwareqca9990qcs6490qcn5052sdxr2_5gsdm630qcn6112_firmwaresa415m_firmwarewcn3988_firmwareqcn9074sa6145p_firmwareqca6421qca8085sd778g_firmwaresm6250sa8195psd712_firmwarewsa8810_firmwaresd765_firmwarewcd9326wcd9335sg4150pqca8081qcn6023ipq8071aipq8071a_firmwareqcs4290_firmwarewcd9385qca8085_firmwareqcs6490_firmwareqca2065_firmwaresd_8cx_gen3qca6390wcd9375sd750g_firmwareaqt1000ar8035csr8811sm6250_firmwareqcn9100_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwarewsa8815_firmwareqcm6490wcn6850_firmwarewsa8835_firmwareqca6564asa4150psg4150p_firmwareqcm6125_firmwareqcm4325qca8072qcm2290_firmwarewcn3990qcn9000sd_675sd780gqca6554asd865_5gqca6595ar9380_firmwareqcc5100qcn9012sd888qcn6122_firmwareipq8065_firmwaresxr1230p_firmwarewsa8835sd665_firmwaresd888_5gsm6250pqcn5154qca8075_firmwaresc8180xssg2125p_firmwareqca6574awcn6855_firmwareqca9889sm7325pqcn6132_firmwareqca9888qca6310_firmwareqca9994_firmwarewcn6750ipq8070a_firmwareipq8076_firmwaresa515mqca6574_firmwareqca9886sd855sm4125_firmwaresm7325p_firmwaresd665sxr2230pipq8076sd765qca6574a_firmwareqcn5152sd768g_firmwareqrb5165msd850_firmwaresm7315sd460qca6391sdxr1_firmwareaqt1000_firmwareqcn6102qcn9100sdx65_firmwareqcm4290csrb31024_firmwareqcm6490_firmwarewsa8832_firmwaresdx50mqcn9070_firmwaresd480_firmwareipq6028_firmwareipq8072a_firmwareqcn9011sc8180x_firmwaresd_455qca6574auqca9889_firmwaresd710sa8155p_firmwareqcn5122ipq9574wcd9341_firmwareqcm6125wsa8810wcn6856qcn5022sd835_firmwaresd768gipq6010_firmwareqca1064_firmwarewcn6740qca6696sd845_firmwaresa6150pqca8075qcn9022_firmwareqcn6024qcn9022sd845qca9990_firmwareipq8070aqcn6100qcn9072_firmwaresm7250pipq6000_firmwaresd720g_firmwaresw5100_firmwareqcn9074_firmwareqcs410_firmwaresd850Snapdragon
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-11011
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.24% / 47.32%
||
7 Day CHG~0.00%
Published-11 Apr, 2018 | 15:00
Updated-17 Sep, 2024 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 820, SD 835, a Use After Free condition can occur in a communication API.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9206sd_425_firmwaresd_212_firmwaresd_625_firmwaresd_450sd_425sd_430_firmwaremdm9607_firmwaremdm9206_firmwaresd_430sd_625sd_210mdm9607sd_820_firmwaresd_820sd_835_firmwaresd_835sd_205sd_450_firmwaresd_210_firmwaresd_205_firmwaresd_212Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-416
Use After Free
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • ...
  • 11
  • 12
  • Next
Details not found