Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-1890

Summary
Assigner-qualcomm
Assigner Org ID-2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At-13 Jul, 2021 | 05:30
Updated At-03 Aug, 2024 | 16:25
Rejected At-
Credits

Improper length check of public exponent in RSA import key function could cause memory corruption. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:qualcomm
Assigner Org ID:2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At:13 Jul, 2021 | 05:30
Updated At:03 Aug, 2024 | 16:25
Rejected At:
▼CVE Numbering Authority (CNA)

Improper length check of public exponent in RSA import key function could cause memory corruption. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

Affected Products
Vendor
Qualcomm Technologies, Inc.Qualcomm, Inc.
Product
Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables
Versions
Affected
  • APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096AU, AQT1000, AR8031, AR8035, CSRA6620, CSRA6640, CSRB31024, FSM10055, FSM10056, MDM9205, MDM9640, MDM9650, MDM9655, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, PM8937, QCA4004, QCA4020, QCA6174A, QCA6175A, QCA6234, QCA6320, QCA6390, QCA6391, QCA6420, QCA6421, QCA6426, QCA6430, QCA6431, QCA6436, QCA6564, QCA6564A, QCA6564AU, QCA6574, QCA6574A, QCA6574AU, QCA6584AU, QCA6595, QCA6595AU, QCA6694, QCA6694AU, QCA6696, QCA8337, QCA9377, QCA9379, QCM2290, QCM4290, QCM6125, QCS2290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QSM8250, QSM8350, Qualcomm215, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8145P, SA8150P, SA8155, SA8155P, SA8195P, SC8180X+SDX55, SD 455, SD 636, SD 675, SD 8C, SD 8CX, SD429, SD439, SD450, SD460, SD480, SD632, SD660, SD662, SD665, SD670, SD675, SD678, SD690 5G, SD712, SD720G, SD730, SD750G, SD765, SD765G, SD768G, SD778G, SD780G, SD7c, SD820, SD821, SD835, SD850, SD855, SD865 5G, SD870, SD888 5G, SDA ...[truncated*]
Problem Types
TypeCWE IDDescription
textN/AImproper Restrictions of Operations within the Bounds of a Memory Buffer in Trusted Application
Type: text
CWE ID: N/A
Description: Improper Restrictions of Operations within the Bounds of a Memory Buffer in Trusted Application
Metrics
VersionBase scoreBase severityVector
3.18.4HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 8.4
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.qualcomm.com/company/product-security/bulletins/july-2021-bulletin
x_refsource_CONFIRM
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/july-2021-bulletin
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.qualcomm.com/company/product-security/bulletins/july-2021-bulletin
x_refsource_CONFIRM
x_transferred
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/july-2021-bulletin
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:product-security@qualcomm.com
Published At:13 Jul, 2021 | 06:15
Updated At:28 Jun, 2022 | 14:11

Improper length check of public exponent in RSA import key function could cause memory corruption. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary3.18.4HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary2.07.2HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 8.4
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 7.2
Base severity: HIGH
Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
Qualcomm Technologies, Inc.
qualcomm
>>apq8017_firmware>>-
cpe:2.3:o:qualcomm:apq8017_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8017>>-
cpe:2.3:h:qualcomm:apq8017:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8037_firmware>>-
cpe:2.3:o:qualcomm:apq8037_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8037>>-
cpe:2.3:h:qualcomm:apq8037:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8053_firmware>>-
cpe:2.3:o:qualcomm:apq8053_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8053>>-
cpe:2.3:h:qualcomm:apq8053:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8064au_firmware>>-
cpe:2.3:o:qualcomm:apq8064au_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8064au>>-
cpe:2.3:h:qualcomm:apq8064au:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8096au_firmware>>-
cpe:2.3:o:qualcomm:apq8096au_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8096au>>-
cpe:2.3:h:qualcomm:apq8096au:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>aqt1000_firmware>>-
cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>aqt1000>>-
cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>ar8031_firmware>>-
cpe:2.3:o:qualcomm:ar8031_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>ar8031>>-
cpe:2.3:h:qualcomm:ar8031:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>ar8035_firmware>>-
cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>ar8035>>-
cpe:2.3:h:qualcomm:ar8035:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>csra6620_firmware>>-
cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>csra6620>>-
cpe:2.3:h:qualcomm:csra6620:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>csra6640_firmware>>-
cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>csra6640>>-
cpe:2.3:h:qualcomm:csra6640:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>csrb31024_firmware>>-
cpe:2.3:o:qualcomm:csrb31024_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>csrb31024>>-
cpe:2.3:h:qualcomm:csrb31024:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>fsm10055_firmware>>-
cpe:2.3:o:qualcomm:fsm10055_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>fsm10055>>-
cpe:2.3:h:qualcomm:fsm10055:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>fsm10056_firmware>>-
cpe:2.3:o:qualcomm:fsm10056_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>fsm10056>>-
cpe:2.3:h:qualcomm:fsm10056:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9205_firmware>>-
cpe:2.3:o:qualcomm:mdm9205_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9205>>-
cpe:2.3:h:qualcomm:mdm9205:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9640_firmware>>-
cpe:2.3:o:qualcomm:mdm9640_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9640>>-
cpe:2.3:h:qualcomm:mdm9640:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9650_firmware>>-
cpe:2.3:o:qualcomm:mdm9650_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9650>>-
cpe:2.3:h:qualcomm:mdm9650:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9655_firmware>>-
cpe:2.3:o:qualcomm:mdm9655_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9655>>-
cpe:2.3:h:qualcomm:mdm9655:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8917_firmware>>-
cpe:2.3:o:qualcomm:msm8917_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8917>>-
cpe:2.3:h:qualcomm:msm8917:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8920_firmware>>-
cpe:2.3:o:qualcomm:msm8920_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8920>>-
cpe:2.3:h:qualcomm:msm8920:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8937_firmware>>-
cpe:2.3:o:qualcomm:msm8937_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8937>>-
cpe:2.3:h:qualcomm:msm8937:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8940_firmware>>-
cpe:2.3:o:qualcomm:msm8940_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8940>>-
cpe:2.3:h:qualcomm:msm8940:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8953_firmware>>-
cpe:2.3:o:qualcomm:msm8953_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8953>>-
cpe:2.3:h:qualcomm:msm8953:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8996au_firmware>>-
cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8996au>>-
cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>pm8937_firmware>>-
cpe:2.3:o:qualcomm:pm8937_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>pm8937>>-
cpe:2.3:h:qualcomm:pm8937:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca4004_firmware>>-
cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca4004>>-
cpe:2.3:h:qualcomm:qca4004:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-787Primarynvd@nist.gov
CWE ID: CWE-787
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.qualcomm.com/company/product-security/bulletins/july-2021-bulletinproduct-security@qualcomm.com
Vendor Advisory
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/july-2021-bulletin
Source: product-security@qualcomm.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

2197Records found
CVE-2024-33047
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.04% / 10.84%
||
7 Day CHG~0.00%
Published-02 Sep, 2024 | 10:22
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in Display

Memory corruption when the captureRead QDCM command is invoked from user-space.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm429w_firmwareqcs5430wsa8845_firmwaresnapdragon_7c\+_gen_3wsa8840wsa8845hwcd9380_firmwarewcd9370qcm5430qcm5430_firmwaresnapdragon_429_firmwarewsa8830wcd9385sc8380xpsnapdragon_8cx_gen_3_firmwaresc8380xp_firmwarefastconnect_6700wcn3620wcd9375_firmwarefastconnect_6900fastconnect_7800_firmwaresnapdragon_7c\+_gen_3_firmwarewcd9370_firmwareqcs5430_firmwarewcd9385_firmwarefastconnect_6900_firmwaresnapdragon_8cx_gen_3wcd9380qcm6490_firmwarewcn3660bwcn3620_firmwarefastconnect_7800wcd9375qcm6490wsa8845fastconnect_6700_firmwarewsa8845h_firmwaresnapdragon_429video_collaboration_vc3_platform_firmwareqcs6490_firmwarewsa8835_firmwaresdm429wqcs6490wcn3660b_firmwarewsa8835wsa8840_firmwarewsa8830_firmwarevideo_collaboration_vc3_platformSnapdragonqcm5430_firmwarewcd9380_firmwareqcs6490_firmwareqcm6490_firmwareqcs5430_firmwarewsa8840_firmwarequalcomm_video_collaboration_vc3_platform_firmwarewcd9385_firmwarefastconnect_6900_firmwarewcd9370_firmwaresc8380xp_firmwarewsa8830_firmwarewsa8845_firmwarewcn3620_firmwaresdm429w_firmwarefastconnect_6700_firmwarewcn3660b_firmwarewsa8835_firmwaresnapdragon_429_mobile_platform_firmwarefastconnect_7800_firmwarewcd9375_firmwarewsa8845h_firmware
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2024-33022
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.03% / 8.37%
||
7 Day CHG~0.00%
Published-05 Aug, 2024 | 14:21
Updated-20 Nov, 2024 | 19:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Integer Overflow or Wraparound in Automotive GPU

Memory corruption while allocating memory in HGSL driver.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qam8255p_firmwareqca9377_firmwaresnapdragon_662_mobile_platform_firmwarewsa8830sa6150p_firmwaresa8145p_firmwareqcs610qca8337qam8650pqfw7124sg8275p_firmwareqam8775pmdm9628_firmwareqamsrv1mflight_rb5_5g_platformqru1052csra6620flight_rb5_5g_platform_firmwareqcn6224_firmwarewsa8840wcn3950_firmwaresrv1l_firmwaresa8150p_firmwareqca6595au_firmwarevideo_collaboration_vc3_platformwcd9370csra6620_firmwarecsra6640_firmwaresnapdragon_460_mobile_platform_firmwareqcs6125_firmwareqca6584au_firmwareqdu1110qep8111_firmwareqrb5165n_firmwaresnapdragon_8_gen_2_mobile_platformqca9377qamsrv1hwcd9385_firmwareqam8295pwcn3950mdm9628fastconnect_6200qamsrv1h_firmwaresnapdragon_460_mobile_platformqam8295p_firmwareqcn9011_firmwaresa9000p_firmwareqca6574au_firmwaresa7255pqca6595auqca8081_firmwaresnapdragon_8_gen_3_mobile_platformqfw7114wcd9375_firmwarewsa8845h_firmwaresnapdragon_680_4g_mobile_platform_firmwareqrb5165nsnapdragon_w5\+_gen_1_wearable_platform_firmwareqca6564au_firmwareqca6584ausa6155p_firmwareqca9367_firmwaresa8620p_firmwareqcm8550_firmwaresnapdragon_auto_5g_modem-rf_firmwaresnapdragon_x72_5g_modem-rf_systemsmart_audio_400_platform_firmwaresa8775p_firmwareqcs6490qrb5165m_firmwarewsa8840_firmwareqca6698aqqca9367qcs6125sa4155p_firmwarevideo_collaboration_vc5_platformqcs8550_firmwarewcn3988_firmwareqru1062_firmwaresa6145p_firmwaresrv1hsa7775p_firmwarefastconnect_6700_firmwaresa8195pwcd9340wsa8810_firmwareqcn6224sw5100wsa8845hwcd9395_firmwaresa8255p_firmwaresa6155pqcs7230qdu1000_firmwareqca8081sg4150psnapdragon_x35_5g_modem-rf_systemsnapdragon_x75_5g_modem-rf_systemqca6698aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2sa7775pqam8620pqca6174a_firmwaresa8770p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqam8775p_firmwaresa8255pwcd9341wcd9385qca6696_firmwareqcs6490_firmwareqca6797aqar8035qru1052_firmwarewcd9375sa8150pwcd9390qcc710_firmwarerobotics_rb5_platformsnapdragon_662_mobile_platformsnapdragon_685_4g_mobile_platformwcd9335wsa8830_firmwarewcn3988wsa8815_firmwarewsa8835_firmwaresnapdragon_685_4g_mobile_platform_firmwaresa8195p_firmwarevideo_collaboration_vc5_platform_firmwareqca6564asa8295p_firmwaresa4150psa8770psg4150p_firmwareqcm6125_firmwareqcm4325snapdragon_8_gen_2_mobile_platform_firmwarerobotics_rb5_platform_firmwareqca8337_firmwarewcd9380_firmwaresw5100psnapdragon_w5\+_gen_1_wearable_platformqca6595qru1032qca6564auqcm8550qcs7230_firmwareqcn9012qdu1010_firmwareqdx1011qdu1000wsa8835qca6574qdu1110_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwaresnapdragon_auto_5g_modem-rfsa4155pqcn6274wcd9380fastconnect_6700snapdragon_x72_5g_modem-rf_system_firmwareqcs410qca6574asmart_audio_400_platformqca6174avideo_collaboration_vc3_platform_firmwaresg8275pqcn9012_firmwareqep8111qfw7114_firmwarewcd9335_firmwareqru1062wcn3980wsa8845qcm4325_firmwaresa8650pqca6574_firmwaresa9000pwcd9340_firmwarewsa8815qru1032_firmwarewsa8845_firmwareqca6574a_firmwarefastconnect_6200_firmwaresa8775pqrb5165mwcn3980_firmwareqca6391sa8295pfastconnect_7800snapdragon_x35_5g_modem-rf_system_firmwareqcn6274_firmwaresa8650p_firmwarefastconnect_6900snapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwaresrv1h_firmwareqcn9011video_collaboration_vc1_platform_firmwareqca6797aq_firmwareqdu1010qca6574ausa8155p_firmwaresrv1lqdx1011_firmwareqca6564a_firmwaresa7255p_firmwarewcd9341_firmwarefastconnect_7800_firmwareqcm6125sa8620psnapdragon_8\+_gen_2_mobile_platformwsa8810qdx1010_firmwaresw5100p_firmwareqcs610_firmwaresm8550psnapdragon_680_4g_mobile_platformqamsrv1m_firmwaresrv1m_firmwaresa6145pqam8650p_firmwareqcc710qca6595_firmwaresa8145pwcd9395qca6696qca6391_firmwareqcs8550sa4150p_firmwarewcd9370_firmwaresm8550p_firmwareqdx1010sa6150psnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwaresa8155pcsra6640qdu1210video_collaboration_vc1_platformsrv1msw5100_firmwareqam8620p_firmwareqcs410_firmwareqfw7124_firmwareqam8255pqdu1210_firmwarear8035_firmwareSnapdragonqam8255p_firmwareqca9377_firmwarequalcomm_video_collaboration_vc1_platform_firmwaresnapdragon_662_mobile_platform_firmwarerobotics_rb5_platform_firmwaresa6150p_firmwareqca8337_firmwaresa8145p_firmwarewcd9380_firmwaresg8275p_firmwareqcs7230_firmwaremdm9628_firmwareqdu1010_firmwarear8035_firmwareflight_rb5_5g_platform_firmwareqcn6224_firmwareqdu1110_firmwarewcn3950_firmwaresrv1l_firmwaresa8150p_firmwareqca6595au_firmwaresnapdragon_x72_5g_modem-rf_system_firmwarecsra6620_firmwarecsra6640_firmwaresnapdragon_460_mobile_platform_firmwareqcs6125_firmwareqca6584au_firmwareqep8111_firmwareqrb5165n_firmwareqcn9012_firmwarewcd9335_firmwareqfw7114_firmwarequalcomm_video_collaboration_vc3_platform_firmwarewcd9385_firmwareqcm4325_firmwareqamsrv1h_firmwareqca6574_firmwarewcd9340_firmwareqru1032_firmwareqam8295p_firmwarewsa8845_firmwareqcn9011_firmwaresa9000p_firmwareqca6574a_firmwarefastconnect_6200_firmwareqca6574au_firmwarewcd9375_firmwareqca8081_firmwarewsa8845h_firmwarewcn3980_firmwaresnapdragon_680_4g_mobile_platform_firmwareqca6564au_firmwaresa8620p_firmwaresa6155p_firmwareqca9367_firmwaresnapdragon_auto_5g_modem-rf_firmwareqcm8550_firmwaresnapdragon_x35_5g_modem-rf_system_firmwareqcn6274_firmwaresmart_audio_400_platform_firmwaresa8775p_firmwareqrb5165m_firmwarewsa8840_firmwaresa4155p_firmwaresa8650p_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwaresrv1h_firmwareqcs8550_firmwarewcn3988_firmwareqru1062_firmwareqca6797aq_firmwaresa6145p_firmwaresa8155p_firmwaresa7775p_firmwareqdx1011_firmwarefastconnect_6700_firmwareqca6564a_firmwaresa7255p_firmwarewsa8810_firmwarewcd9341_firmwarefastconnect_7800_firmwarewcd9395_firmwaresa8255p_firmwareqdx1010_firmwaresw5100p_firmwareqdu1000_firmwareqcs610_firmwareqca6698aq_firmwareqamsrv1m_firmwaresrv1m_firmwareqca6174a_firmwareqam8650p_firmwaresa8770p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqam8775p_firmwareqca6696_firmwareqcs6490_firmwareqca6595_firmwareqca6391_firmwaresa4150p_firmwareqru1052_firmwarewcd9370_firmwaresm8550p_firmwarequalcomm_video_collaboration_vc5_platform_firmwareqcc710_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwarewsa8830_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresw5100_firmwareqam8620p_firmwareqcs410_firmwaresa8295p_firmwareqfw7124_firmwareqdu1210_firmwaresg4150p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqcm6125_firmware
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-14087
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.80%
||
7 Day CHG~0.00%
Published-02 Jun, 2020 | 15:05
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Failure in buffer management while accessing handle for HDR blit when color modes not supported by display in Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wearables in MSM8909W, QCS605

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcs605qcs605_firmwaremsm8909w_firmwaremsm8909wSnapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2019-14085
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.80%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible Integer underflow in WLAN function due to lack of check of data received from user side in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in QCN7605, QCS605, SDA845, SDM670, SDM710, SDM845, SDM850, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm850_firmwaresdm670_firmwaresm8150_firmwaresda845_firmwaresdm845qcn7605qcs605sdm710sm8150sdm850sdm710_firmwaresxr1130_firmwareqcn7605_firmwaresxr1130sdm670qcs605_firmwaresda845sdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CVE-2021-35112
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.08% / 25.51%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 10:11
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A user with user level permission can access graphics protected region due to improper access control in register configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwaremdm9150_firmwarewsa8830sa6150p_firmwaresa8145p_firmwareqcs610qcs2290_firmwareqca8337wcd9360_firmwarecsra6620qcs4290wcn3950_firmwaresa8150p_firmwaresd765g_firmwareqcs2290qca6595au_firmwareqca6390_firmwarewcd9370csra6620_firmwareqcs605_firmwarecsra6640_firmwareqcs6125_firmwareqca6426wcn3990_firmwareqrb5165n_firmwareqca9377wcn3998wcd9385_firmwareqam8295psdxr2_5g_firmwarewcn3950qsw8573_firmwaresd_8_gen1_5g_firmwaresm6375_firmwarewcn3660bsd662sd460_firmwareqam8295p_firmwaresm7315_firmwareqca6574au_firmwaresdx55_firmwareqca6595ausdx12_firmwarewcd9375_firmwarewcn3998_firmwaremsm8909wsm7250p_firmwareapq8009w_firmwarewcd9360qca6436_firmwarewcn3610_firmwareqrb5165nsd778gsa6155p_firmwarewcn3999sa515m_firmwareqcs6490qrb5165_firmwareqrb5165m_firmwaresd429sdxr2_5gqcs6125sd662_firmwareqcs405wcn3988_firmwaresa6145p_firmwaresd205sd429_firmwaresd778g_firmwarewcd9340sa8195pwsa8810_firmwarequalcomm215_firmwaresd765gsw5100sd765_firmwareqca6436wcn6851wcd9335sa6155pqcs603_firmwareqca6174a_firmwareqcs4290_firmwarewcd9385wcd9341qca6696_firmwareqcs6490_firmwaresd870_firmwarear8035qca6390wcd9375aqt1000sa8150pwcn3910_firmwarewsa8830_firmwaresda429wsd210sd855_firmwaresd865_5g_firmwarewcn3620_firmwareqcm6490sd888_5g_firmwarewcn3988wcn3620wcn6850_firmwarewsa8815_firmwaresa8195p_firmwarewsa8835_firmwaresm8475sa8295p_firmwarewcn6750_firmwarewcn3610qcm6125_firmwareqcm2290_firmwaresm6375wcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwarewcn3990sdm429wsd780gsw5100psd865_5gsdx24sdx55m_firmwarewcn6856_firmwaresd888qet4101_firmwaremsm8909w_firmwarewsa8835sdm429w_firmwarewcd9380sd888_5gwcn3999_firmwarequalcomm215qcs410qca6574awcn6855_firmwareqca6174asm7325psdx24_firmwarewcd9335_firmwarewcn3980wcn6750qsw8573sa515mqcs605wcd9340_firmwaresd855wsa8815sm7325p_firmwarewcn6850wcn3910sd765qca6426_firmwarewcn3660b_firmwareqca6574a_firmwaresd768g_firmwareqrb5165mwcn3980_firmwaresm7315sd460qca6391sdx55msa8295paqt1000_firmwarewcn6740_firmwarear8031_firmwareqcm4290qcm6490_firmwareqrb5165sd480_firmwareqcs603wcn6851_firmwareqca6574ausa8155p_firmwaresd205_firmwareapq8009wwcd9341_firmwareqcm6125qcm4290_firmwaresd480sd870wcn6855wsa8810sw5100p_firmwaresd210_firmwareqcs610_firmwaremdm9150wcn6856sa6145psd768gar8031qcs405_firmwaresa8145pwcn6740qca6696qca6391_firmwaresd780g_firmwarewcd9370_firmwaresa6150psd888_firmwaresdx55sa8155pcsra6640qet4101sm7250psdx12sw5100_firmwareqcs410_firmwarear8035_firmwareqcm2290Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-863
Incorrect Authorization
CVE-2021-35074
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.09% / 27.24%
||
7 Day CHG~0.00%
Published-11 Feb, 2022 | 10:40
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible integer overflow due to improper fragment datatype while calculating number of fragments in a request message in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwaresm6375wsa8830wcn3991sa6150p_firmwareqca8337_firmwaresa8145p_firmwarewcd9380_firmwareqca8337wcn6856_firmwaresdx65wsa8835wcd9380sa8150p_firmwaresd888_5gqca6595au_firmwarewcd9370wcn6855_firmwareqca6174awcd9335_firmwareqca9377wcn6750wcn3998wcd9385_firmwaresd_8_gen1_5g_firmwaresm6375_firmwarewsa8815wcn6850qca6574au_firmwareqca6595auqca8081_firmwaresdx12_firmwarewcd9375_firmwarewcn3998_firmwareqca6391sa6155p_firmwaresdx65_firmwareqcs6490qcm6490_firmwaresd480_firmwarewcn6851_firmwarewcn3988_firmwareqca6574ausa6145p_firmwaresa8155p_firmwaresa8195pwsa8810_firmwaresd480wsa8810wcn6855wcn6851wcd9335sa6155pqca8081wcn6856sa6145pqca6174a_firmwarewcd9385qca6696_firmwareqcs6490_firmwaresa8145pqca6696qca6391_firmwarear8035wcd9375wcd9370_firmwaresa8150psa6150psa8155pwsa8830_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresdx12sm8475wcn6750_firmwarear8035_firmwareSnapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-14034
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.69%
||
7 Day CHG~0.00%
Published-21 Jan, 2020 | 06:30
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free while processing eeprom query as there is a chance to not unlock mutex after error occurs in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, MSM8909W, MSM8917, MSM8953, Nicobar, QCS605, QM215, Rennell, SA6155P, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM670, SDM710, SDM845, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa6155p_firmwaremsm8953sdm450sdm429wsdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439sm8250_firmwaresdm429sm7150_firmwaresdm710msm8909w_firmwareqm215sm6150sdm429w_firmwaresdm710_firmwaresm7150apq8009_firmwaremsm8917msm8909wsa6155psdm670sxr2130qcs605_firmwaresdm670_firmwaresm8150_firmwaresdx24_firmwaresxr2130_firmwaresdm439_firmwaresda845_firmwarerennellrennell_firmwareqm215_firmwareqcs605sdx55msm8953_firmwareapq8053sm6150_firmwaresm8250msm8917_firmwaresdm429_firmwaresm8150sxr1130_firmwaresdx55_firmwarenicobar_firmwareapq8009sxr1130apq8053_firmwaresda845nicobarsdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2019-14055
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.69%
||
7 Day CHG~0.00%
Published-07 Feb, 2020 | 05:00
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possibility of use-after-free and double free because of not marking buffer as NULL after freeing can lead to dangling pointer access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8939, MSM8953, MSM8996AU, MSM8998, Nicobar, QCN7605, QCS605, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8909w_firmwaremsm8996ausdm429w_firmwareapq8009_firmwaresxr2130qcs605_firmwaresc8180xmdm9206sdx24_firmwaresdm636sda845_firmwareapq8098qcn7605mdm9206_firmwaremsm8939qcs605mdm9640sdm429_firmwaremdm9650_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009apq8053_firmwaresda845nicobarmsm8953sdm450sdm636_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660sdm630mdm9607_firmwaresm8250_firmwaresc8180x_firmwaremdm9607apq8017_firmwaremsm8939_firmwareqcn7605_firmwaremdm9207c_firmwaremsm8905mdm9207csm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwaresdm630_firmwaresda660_firmwaresdx55msm8953_firmwareapq8053apq8096au_firmwaresm8250msm8998sm8150sdx20_firmwareapq8017nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CWE ID-CWE-415
Double Free
CVE-2019-14088
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.91%
||
7 Day CHG~0.00%
Published-07 Feb, 2020 | 05:00
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible use after free issue while CRM is accessing the link pointer from device private data due to lack of resource protection in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, MDM9206, MDM9207C, MDM9607, QCS605, SDM429W, SDX24, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9206mdm9207csm8150_firmwaresdx24_firmwaresdm429wsdx24mdm9206_firmwareqcs605mdm9607_firmwaremdm9607sdm429w_firmwaresm8150sxr1130_firmwareapq8009_firmwaresxr1130apq8009qcs605_firmwaremdm9207c_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2019-14116
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 6.32%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Privilege escalation by using an altered debug policy image can occur as the XPU protecting the debug policy regions are disabled during the crash dump boot flow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ6018

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-ipq6018_firmwareipq6018Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-862
Missing Authorization
CVE-2019-14117
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.69%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Whenever the page list is updated via privileged user, the previous list elements are freed but are not deleted from the list which results in a use after free causing an unhandled page fault exception in rmnet driver' in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Bitra, MDM9607, QCS405, Saipan, SC8180X, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm8150_firmwaresxr2130_firmwareqcs405_firmwarebitrasm8250_firmwaremdm9607_firmwaresc8180x_firmwaresdx55qcs405sm7150_firmwaresaipan_firmwaresm6150_firmwaresm6150sm8250mdm9607bitra_firmwaresm8150sdx55_firmwaresm7150saipansxr2130sc8180xSnapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2019-14100
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.98%
||
7 Day CHG~0.00%
Published-30 Jul, 2020 | 11:40
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Register write via debugfs is disabled by default to prevent register writing via debugfs. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9206, MDM9207C, MDM9607, Nicobar, QCS405, SA6155P, SC8180X, SDX55, SM8150

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9206mdm9207csa6155p_firmwaresm8150_firmwareqcs405_firmwaremdm9206_firmwaremdm9607_firmwaresdx55sc8180x_firmwareqcs405mdm9607sm8150sdx55_firmwarenicobar_firmwaresa6155psc8180xmdm9207c_firmwarenicobarSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2019-14054
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 5.19%
||
7 Day CHG~0.00%
Published-02 Jun, 2020 | 15:05
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper permissions in XBL_SEC region enable user to update XBL_SEC code and data and divert the RAM dump path to normal cold boot path in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, MSM8998, QCS404, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM8150, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm850_firmwarekamorta_firmwaresdm636_firmwaresdm845msm8998_firmwaresdm660sdm630qcs404_firmwaresdm710sdm710_firmwaresdm670sxr2130qcs605_firmwaresdm670_firmwareqcs404sm8150_firmwaresxr2130_firmwaresdm636sda845_firmwaresdm630_firmwaresda660_firmwareqcs605msm8998sm8150sdm850sda660kamortasxr1130_firmwaresxr1130sdm660_firmwaresda845sdm845_firmwareSnapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CVE-2019-14094
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.10%
||
7 Day CHG~0.00%
Published-22 Jun, 2020 | 07:10
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in diag command handler when user inputs a large value for number of tasks field in the request packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, APQ8096AU, APQ8098, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM9207C, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QM215, Rennell, SA415M, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9640_firmwaresdm450_firmwaresdm632qcs404_firmwaremdm9650mdm9645apq8009_firmwaremsm8917sdm670qcs605_firmwaresda845_firmwaresa415mapq8098qcn7605mdm9206_firmwaremsm8905_firmwaresda660qca8081_firmwaresxr1130msm8909wapq8053_firmwaresda845sdm450sdm636_firmwareapq8098_firmwaremsm8998_firmwaresdm630mdm9607_firmwaresm8250_firmwaremdm9655_firmwaresa415m_firmwareqcs405qm215sc7180_firmwaremdm9625_firmwaresdm710_firmwareqca8081msm8937msm8905sm8150_firmwaremsm8909sxr2130_firmwaremdm9655rennellsc7180mdm9625msm8953_firmwaresaipan_firmwaresm6150_firmwaremsm8917_firmwaremsm8998sm8150sdx20_firmwaresdm850kamortamsm8996saipanmdm9640kamorta_firmwaremdm9635m_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdx24sdm439sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150sxr2130sc8180xmdm9206sdm670_firmwareqcs404sdx24_firmwareipq8074sdm636mdm9635mipq6018_firmwaremdm9205qcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaresxr1130_firmwareapq8009msm8909_firmwarenicobarsdm850_firmwaremsm8920msm8953sdx20qcm2150msm8920_firmwaresdm660sc8180x_firmwareipq8074_firmwaresdm710mdm9607mdm9645_firmwareqcn7605_firmwaremdm9150mdm9207c_firmwaremsm8996_firmwareipq6018mdm9207capq8096ausdm439_firmwareqcs405_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwareqm215_firmwaremsm8940apq8053apq8096au_firmwaresm8250nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-35072
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.15% / 35.56%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 09:50
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow due to improper validation of array index while processing external DIAG command in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaremdm9150_firmwarewsa8830mdm9640_firmwareqcs2290_firmwaremdm9628_firmwaremdm9650qcs4290wcn3950_firmwaremdm9250qcs2290apq8009_firmwaremsm8917wcd9370sd632wcn3990_firmwaremsm8108qca9377wcn3998sdw2500_firmwaremsm8108_firmwarewcn3950sm4125mdm9628wcd9326_firmwaremdm9206_firmwarewcn3615_firmwarewcn3660bsd450_firmwaresd662sd460_firmwareapq8037qca6320_firmwareqca6584qca6574au_firmwarewcn3680b_firmwarewcd9375_firmwaresdx12_firmwarewcn3615wcn3998_firmwaremsm8909wapq8009w_firmwarewcn3610_firmwareapq8053_firmwareqca6564au_firmwaresd680_firmwareqca6310msm8208qca9367_firmwaresd429qca9367sd662_firmwaremdm9607_firmwaresd821wcn3988_firmwaresd429_firmwarewcd9340apq8017_firmwarewsa8810_firmwarequalcomm215_firmwaresw5100sd680wcd9326wcd9335msm8937msm8209_firmwareqca6174a_firmwaremdm9250_firmwareqcs4290_firmwarewcd9341wcn3660_firmwarewcn3910_firmwarewcd9375msm8953_firmwarewsa8830_firmwaremsm8917_firmwaresd210wcn3620_firmwaresd820wcn3988wsa8815_firmwarewsa8835_firmwarewcn3620apq8017msm8208_firmwareqca6564asd450wcn3610msm8608qcm2290_firmwaremdm9640wcn3990sdm429wmsm8996au_firmwaresw5100pwcd9330qca6564aumsm8940_firmwaremsm8909w_firmwareqca6574msm8996ausd632_firmwaresdm429w_firmwarewsa8835qualcomm215qca6574amdm9206qca9379_firmwareqca6174aqca6310_firmwarewcd9335_firmwarewcn3980sd439_firmwareqca6574_firmwarewcd9340_firmwaresm4125_firmwarewsa8815wcn3910qca6320qca6584_firmwaremsm8937_firmwaremdm9650_firmwarewcn3660b_firmwarewcn3680qca6574a_firmwaresd835msm8209wcn3980_firmwareapq8009sd460wcd9330_firmwaremsm8920msm8953sd821_firmwareqcm4290wcn3680_firmwaremsm8920_firmwareqca6574aumdm9607qca6564a_firmwareapq8009wwcd9341_firmwareqcm4290_firmwarewsa8810sw5100p_firmwaresd210_firmwaremdm9150wcn3680bsd835_firmwareapq8096ausd820_firmwaremsm8608_firmwarewcd9370_firmwaresdw2500msm8940apq8053apq8096au_firmwareapq8037_firmwaresd439sdx12sw5100_firmwarewcn3660qca9379qcm2290Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2021-35122
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.3||CRITICAL
EPSS-0.05% / 13.60%
||
7 Day CHG~0.00%
Published-02 Sep, 2022 | 11:30
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Non-secure region can try modifying RG permissions of IO space xPUs due to improper input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwaresd_8cx_gen3_firmwarewsa8830sd678sm6250p_firmwareqcs610qcs2290_firmwareqca8337qca6431_firmwaresd7c_firmwarewcd9360_firmwaresdx65qcs4290wcn3950_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqcs2290qca6390_firmwaresd690_5gsd730_firmwarewcd9370sd_675_firmwaresd675_firmwareqca6426wcn3990_firmwareqrb5165n_firmwarewcn3998sd_8cx_firmwarewcd9371_firmwaresdxr2_5g_firmwaresd_8cx_gen2_firmwaresm4125sd720gwcd9385_firmwarewcn3950wcn3660bqsm8350_firmwaresd662qsm8350sd460_firmwaresa9000p_firmwaresm7315_firmwarewcn7850qca6574au_firmwaresdx55_firmwareqca6595auqca8081_firmwarewcd9375_firmwarewcn3998_firmwaresm7250p_firmwareqca6420qca6436_firmwarewcd9360qrb5165nsd680_firmwaresd778gsd_8cx_gen2sa515m_firmwareqcs6490qrb5165_firmwareqrb5165m_firmwaresd429sdxr2_5gwcn7851sd662_firmwarewcn3988_firmwareqca6430sd429_firmwareqca6421sd778g_firmwaresm6250wcd9340wsa8810_firmwaresd765gsw5100sd765_firmwareqca6436sd680wcn6851qca8081wcn7851_firmwareqcs4290_firmwarewcd9385wcd9341qca6431qca6696_firmwareqcs6490_firmwarewcd9371sd750gsd870_firmwaresd_8cx_gen3qca6390ar8035sd_8cxaqt1000sd750g_firmwarewcd9375sm6250_firmwarewcn3910_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewcn3620_firmwareqcm6490sd888_5g_firmwarewcn3988wcn3620wcn6850_firmwarewcn7850_firmwarewsa8815_firmwarewsa8835_firmwarewcn6750_firmwareqcm2290_firmwarewcn3991qca8337_firmwarewcd9380_firmwarewcn3990sd_675sdm429wsd780gsw5100psd865_5gsdx55m_firmwarewcn6856_firmwaresd888wsa8835sdm429w_firmwaresa8540p_firmwarewcd9380sd888_5gsm6250pqcs410qca6574asd690_5g_firmwaresdx50m_firmwarewcn6855_firmwaresm7325pqca6430_firmwarewcn3980wcn6750sa515msa9000pwcd9340_firmwaresd855sm4125_firmwaresm7325p_firmwaresd7cwcn3910wcn6850wsa8815sd765qca6426_firmwarewcn3660b_firmwareqca6574a_firmwaresd695sd768g_firmwareqrb5165mwcn3980_firmwaresm7315sd460qca6391sd730sdx55mqca6421_firmwareaqt1000_firmwarewcn6740_firmwaresdx65_firmwaresd678_firmwareqcm4290qcm6490_firmwaresdx50mqrb5165sd480_firmwarewcn6851_firmwareqca6574auwcd9341_firmwareqcm4290_firmwaresd480sd870wcn6855wsa8810sa8540psw5100p_firmwareqcs610_firmwarewcn6856sd695_firmwaresd768gwcn6740qca6696qca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55sd888_firmwaresd675sm7250psd720g_firmwaresw5100_firmwareqcs410_firmwarear8035_firmwareqcm2290Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-20
Improper Input Validation
CVE-2019-14077
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.10%
||
7 Day CHG~0.00%
Published-02 Jun, 2020 | 15:05
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound memory access while processing ese transmit command due to passing Response buffer received from user in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8098, IPQ6018, Kamorta, MDM9150, MDM9205, MDM9607, MDM9650, MSM8909, MSM8998, Nicobar, QCS404, QCS405, QCS605, Rennell, SA415M, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-kamorta_firmwaremdm9150_firmwaresdm845sdx24qcs404_firmwaremdm9650sm7150_firmwaresm6150sm7150apq8009_firmwaresdm670sxr2130qcs605_firmwaresc8180xsdm670_firmwareqcs404sdx24_firmwaresdm636sda845_firmwaresa415mapq8098ipq6018_firmwaremdm9205qcs605mdm9650_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130apq8009msm8909_firmwaresda845nicobarsdm850_firmwaresa6155p_firmwaresdm636_firmwareapq8098_firmwaremsm8998_firmwaresdm660sdm630mdm9607_firmwaresm8250_firmwaresc8180x_firmwaresa415m_firmwareqcs405sdm710sc7180_firmwaremdm9607sdm710_firmwaresa6155pmdm9150ipq6018sm8150_firmwaremsm8909sxr2130_firmwareqcs405_firmwarerennellsc7180sdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwaresdx55sm6150_firmwaresm8250msm8998sm8150sdm850kamortanicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2021-35089
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.10% / 27.87%
||
7 Day CHG~0.00%
Published-01 Apr, 2022 | 04:40
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow due to lack of input IB amount validation while processing the user command in Snapdragon Auto

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6574ausa8155psa8155p_firmwareqca6696_firmwareqca6574au_firmwareqca6696Snapdragon Auto
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-14047
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.80%
||
7 Day CHG~0.00%
Published-22 Jun, 2020 | 07:10
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While IPA driver processes route add rule IOCTL, there is no input validation of the rule ID prior to adding the rule to the IPA HW commit list in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8053, APQ8096AU, MDM9607, MSM8909W, MSM8996, MSM8996AU, QCN7605, QCS605, SC8180X, SDA845, SDX20, SDX24, SDX55, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm8150_firmwaresdx24_firmwareapq8096aumsm8996au_firmwareqcs605_firmwaresda845_firmwaresdx20qcn7605sdx24mdm9607_firmwareqcs605sc8180x_firmwaresdx55apq8053apq8096au_firmwaremsm8909w_firmwaremdm9607msm8996ausm8150sdx20_firmwareapq8053_firmwaresxr1130_firmwaresdx55_firmwareqcn7605_firmwaremsm8996sxr1130sda845msm8909wsc8180xmsm8996_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-20
Improper Input Validation
CVE-2019-14060
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.80%
||
7 Day CHG~0.00%
Published-07 Feb, 2020 | 05:00
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uninitialized stack data gets used If memory is not allocated for blob or if the allocated blob is less than the struct size required due to lack of check of return value for read or write blob in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8098, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCS405, QCS605, QM215, Rennell, SA6155P, Saipan, SC8180X, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaresc8180xipq4019_firmwaremdm9206sdm670_firmwaresdx24_firmwareipq8074sdm636sda845_firmwareapq8098ipq6018_firmwaremdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwareipq8064sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009apq8053_firmwareipq8064_firmwaresda845nicobarsa6155p_firmwaremsm8920msm8953sdm450sdm636_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwaresc8180x_firmwareqcs405ipq8074_firmwaresdm710qm215mdm9607apq8017_firmwaresdm710_firmwaresa6155pmdm9150msm8937mdm9207c_firmwareipq6018mdm9207csm8150_firmwaresxr2130_firmwaresdm439_firmwareqcs405_firmwarerennellsdm630_firmwarerennell_firmwareqm215_firmwareipq4019sdx55msm8953_firmwaremsm8940saipan_firmwaresm6150_firmwareapq8053msm8917_firmwaresm8250msm8998sm8150sdx20_firmwareapq8017saipannicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-824
Access of Uninitialized Pointer
CVE-2021-35077
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.10% / 27.67%
||
7 Day CHG~0.00%
Published-11 Feb, 2022 | 10:40
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible use after free scenario in compute offloads to DSP while multiple calls spawn a dynamic process in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwarewsa8830sa6150p_firmwaresa8145p_firmwareqcs2290_firmwareqca8337sdx65qcs4290wcn3950_firmwaresa8150p_firmwaresd765g_firmwareqcs2290qca6595au_firmwareqca6390_firmwaresd690_5gwcd9370qrb5165n_firmwareqca9377wcn3998wcd9385_firmwarewcn3950sd_8_gen1_5g_firmwaresm6375_firmwaresd662sd460_firmwaresm7315_firmwareqca6574au_firmwareqca6595auqca8081_firmwaresdx12_firmwarewcd9375_firmwaresm7250p_firmwarewcn3998_firmwareqrb5165nsd778gsa6155p_firmwaresm6225qcs6490qrb5165_firmwareqrb5165m_firmwaresd662_firmwarewcn3988_firmwaresa6145p_firmwaresd778g_firmwaresa8195pwsa8810_firmwaresd765gsd765_firmwarewcn6851wcd9335sa6155pqca8081qca6174a_firmwareqcs4290_firmwarewcd9385qca6696_firmwareqcs6490_firmwaresd750gsd870_firmwareqca6390ar8035sd750g_firmwarewcd9375sa8150pwcn3910_firmwarewsa8830_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresm8475wcn6750_firmwareqcm2290_firmwaresm6375wcn3991qca8337_firmwarewcd9380_firmwaresd780gsd865_5gsdx55m_firmwarewcn6856_firmwaresd888wsa8835qca6574wcd9380sd888_5gqca6574asd690_5g_firmwarewcn6855_firmwareqca6174asm7325pwcd9335_firmwarewcn6750qca6574_firmwarewsa8815sm7325p_firmwarewcn6850wcn3910sd765qca6574a_firmwaresd768g_firmwareqrb5165msm7315sd460qca6391sdx55mwcn6740_firmwaresdx65_firmwareqcm4290qcm6490_firmwareqrb5165sd480_firmwarewcn6851_firmwaresm6225_firmwareqca6574ausa8155p_firmwareqcm4290_firmwaresd480sd870wcn6855wsa8810wcn6856sa6145psd768gsa8145pwcn6740qca6696qca6391_firmwaresd780g_firmwarewcd9370_firmwaresa6150psd888_firmwaresa8155psm7250psdx12ar8035_firmwareqcm2290Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-416
Use After Free
CVE-2019-14089
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.19%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Keymaster attestation key and device IDs provisioning which is a one time process is incorrectly allowed to be re-provisioned after a user data erase or a factory reset' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Kamorta, Nicobar, QCS404, QCS610, Rennell, SA515M, SA6155P, SC7180, SC8180X, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-kamorta_firmwaresa6155p_firmwareqcs404sm8150_firmwaresxr2130_firmwareqcs610sa515m_firmwarerennellsc7180rennell_firmwaresa515mqcs404_firmwaresm8250_firmwaresc8180x_firmwaresdx55sm7150_firmwaresm6150_firmwaresm8250sm6150sc7180_firmwaresm8150kamortasm7150sdx55_firmwarenicobar_firmwaresa6155pqcs610_firmwaresxr2130sc8180xnicobarSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2019-14068
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.80%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound access in msm routing due to lack of check of size before accessing in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, APQ8096AU, MDM9607, MSM8905, MSM8909W, Nicobar, QCS405, QCS605, Rennell, Saipan, SDM429W, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm429wsdm845sdx20sdx24mdm9607_firmwaresm8250_firmwareqcs405sm7150_firmwaresm6150msm8909w_firmwaremdm9607sdm429w_firmwareapq8009sm7150apq8009_firmwaresxr2130qcs605_firmwaremsm8905sm8150_firmwaresdx24_firmwaresxr2130_firmwareapq8096auqcs405_firmwarerennellrennell_firmwareqcs605apq8053apq8096au_firmwaresaipan_firmwaresm6150_firmwaresm8250sm8150sdx20_firmwaremsm8905_firmwaresxr1130_firmwarenicobar_firmwaremsm8909wsaipansxr1130apq8053_firmwarenicobarsdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-14078
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.10%
||
7 Day CHG~0.00%
Published-02 Jun, 2020 | 15:05
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound memory access while processing qpay due to not validating length of the response buffer provided by User. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8098, MSM8909, MSM8998, SDA660, SDA845, SDM630, SDM636, SDM660, SDM845

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-msm8909sdm636_firmwaresdm636sda845_firmwareapq8098_firmwaresdm630_firmwaresdm845apq8098sda660_firmwaremsm8998_firmwaresdm660sdm630msm8998sda660apq8009_firmwareapq8009msm8909_firmwaresdm660_firmwaresda845sdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-131
Incorrect Calculation of Buffer Size
CVE-2019-14027
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.51%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow due to lack of upper bound check on channel length which is used for a loop. in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in APQ8098, IPQ6018, IPQ8074, MSM8998, Nicobar, QCA8081, QCN7605, QCS404, QCS605, Rennell, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm850_firmwaresdm636_firmwareapq8098_firmwaresdm845msm8998_firmwaresdm660sdm630qcs404_firmwaresc8180x_firmwaresm7150_firmwareipq8074_firmwaresdm710sm6150sdm710_firmwaresm7150qcn7605_firmwaresdm670qca8081sxr2130qcs605_firmwaresc8180xipq6018sdm670_firmwareqcs404sm8150_firmwaresxr2130_firmwareipq8074sdm636sda845_firmwarerennellsdm630_firmwareapq8098qcn7605sda660_firmwarerennell_firmwareipq6018_firmwareqcs605sm6150_firmwaremsm8998sm8150sdm850sda660sxr1130_firmwareqca8081_firmwarenicobar_firmwaresxr1130sdm660_firmwaresda845nicobarsdm845_firmwareSnapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-13992
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.80%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Out of bound memory access if stack push and pop operation are performed without doing a bound check on stack top' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Bitra, IPQ6018, IPQ8074, MDM9205, Nicobar, QCA8081, QCN7605, QCS404, QCS405, QCS605, QCS610, Rennell, SA415M, SA6155P, Saipan, SC7180, SC8180X, SDA845, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm850_firmwaresa6155p_firmwareqcs610sdm845sdx20sdx24qcs404_firmwaresm8250_firmwaresc8180x_firmwaresa415m_firmwareqcs405sm7150_firmwareipq8074_firmwaresdm710sc7180_firmwaresm6150sdm710_firmwaresm7150qcn7605_firmwaresa6155psdm670qca8081qcs610_firmwareqcs605_firmwaresc8180xsxr2130ipq6018sdm670_firmwareqcs404sdx24_firmwaresm8150_firmwareipq8074sxr2130_firmwareqcs405_firmwarerennellsa415msc7180bitrasda845_firmwaremdm9205_firmwareqcn7605rennell_firmwareipq6018_firmwaremdm9205qcs605sdx55saipan_firmwaresm6150_firmwaresm8250bitra_firmwaresm8150sdx20_firmwaresdm850sxr1130_firmwaresdx55_firmwareqca8081_firmwarenicobar_firmwaresaipansxr1130sda845nicobarsdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-21465
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.10% / 27.89%
||
7 Day CHG~0.00%
Published-01 Jul, 2024 | 14:17
Updated-01 Aug, 2024 | 22:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in Trusted Execution Environment

Memory corruption while processing key blob passed by the user.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresnapdragon_850_mobile_compute_platform_firmwaresm7325-ae_firmwaresm6250p_firmwareqca8337qfw7124sg8275p_firmwareqam8775pqamsrv1mqru1052snapdragon_888_5g_mobile_platformwcn3950_firmwareqca6595au_firmwaresa6155video_collaboration_vc3_platformsnapdragon_480_5g_mobile_platformqcm5430_firmwareqcs6125_firmwaresnapdragon_460_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwaresc8180xp-adwcd9371_firmwarewcn3950qcn6024_firmwaresm4125qsm8350_firmwaresnapdragon_460_mobile_platformqsm8350sd460_firmwaresm7315_firmwaresnapdragon_695_5g_mobile_platform_firmwaresdx71m_firmwareqca8081_firmwareqca6420sc8180xp-aa_firmwaresa8155_firmwarerobotics_rb3_platform_firmwareqca4004_firmwareqca6430wcd9306_firmwaresa7775p_firmwarewcd9340qca6698aq_firmwaresnapdragon_690_5g_mobile_platformqca6696_firmwarewcd9371sc8180x-abqru1052_firmwaresd_8cxsa8150pqca4004sd865_5g_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwareqcn7606_firmwaresa8770psnapdragon_750g_5g_mobile_platform_firmwaresnapdragon_675_mobile_platform_firmwaresnapdragon_778g_5g_mobile_platform_firmwaressg2125pqcm85509205_lte_modemsnapdragon_670_mobile_platform_firmwaresd670_firmwareqca6574qdu1110_firmwaresnapdragon_7c\+_gen_3_computewcd9380snapdragon_x72_5g_modem-rf_system_firmwareqcs410sxr1230pvideo_collaboration_vc3_platform_firmwaresc8180xp-ad_firmwareqcn9012_firmwarewsa8845qcm4325_firmwarewcd9340_firmwarewsa8815sm6150-ac_firmwareqcs8250sc8380xpsnapdragon_x62_5g_modem-rf_system_firmwarewcn3980_firmwaresd730sc7180-ac_firmwaresa8295p9205_lte_modem_firmwarewcn6740_firmwareqcs4490_firmwareqca6678aqsnapdragon_x65_5g_modem-rf_systemsa8650p_firmwarefastconnect_6900snapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwaresrv1lsd670qdx1011_firmwareqcn9024_firmwaresdx57msnapdragon_8\+_gen_2_mobile_platformqcm4290_firmwareqdx1010_firmwaresw5100p_firmwareqcs610_firmwareqamsrv1m_firmwareqcm5430sa6145par8031sc8280xp-bbqcs5430_firmwaresnapdragon_750g_5g_mobile_platformqca6391_firmwaresa4150p_firmwarewcd9370_firmwaresm8550p_firmwareqdx1010sdx55csra6640snapdragon_695_5g_mobile_platformvideo_collaboration_vc1_platformsrv1mssg2115p_firmwareqam8620p_firmwareqfw7124_firmwareqam8255psa4155pqdu1210_firmwareqcn7606talynplus_firmwarewsa8830sxr2230p_firmwaresnapdragon_850_mobile_compute_platformsnapdragon_x24_lte_modem_firmwareqam8650pflight_rb5_5g_platformsnapdragon_865_5g_mobile_platformflight_rb5_5g_platform_firmwareqcn6224_firmwareqcs4290srv1l_firmwareqca6420_firmwaresc7180-acsd675_firmwareqca6564qca6426sc8280xp-abwcn3990_firmwareqrb5165n_firmwaresnapdragon_8_gen_2_mobile_platformqca9984_firmwareqca9377wcd9385_firmwarewcd9326_firmwarefastconnect_6200qamsrv1h_firmwaresm7325-afqcn9011_firmwaresa8155snapdragon_x55_5g_modem-rf_systemsdx55_firmwaresa7255psnapdragon_4_gen_2_mobile_platformwsa8845h_firmwaresnapdragon_8_gen_3_mobile_platformqfw7114sm7250p_firmwareqrb5165nwcd9306qca6584ausnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwaresnapdragon_x72_5g_modem-rf_systemsm8250-acwcn3988_firmwaresrv1hqca6421sm7250-aafastconnect_6700_firmwaresa8195psxr1120qcn6224wcd9326snapdragon_x75_5g_modem-rf_systemwcd9335wcd9395_firmwaresdx71msnapdragon_auto_5g_modem-rf_gen_2qcm4490qcs4290_firmwaresa8770p_firmwaresxr2130_firmwareqcs6490_firmwaresm7150-abwcd9375aqt1000sm6250_firmwaresnapdragon_662_mobile_platformwsa8815_firmwarevideo_collaboration_vc5_platform_firmwaresxr1120_firmwaresxr2250p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqcm6125_firmwarerobotics_rb5_platform_firmwaresd865_5gqca6595qdu1010_firmwaresa8530p_firmwaresxr1230p_firmwaresa8540p_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwareqcn6274sc8180xp-acsnapdragon_4_gen_2_mobile_platform_firmwaresxr2130smart_audio_400_platformqca6310_firmwareqru1062sa8650psa9000pqca6574_firmwaresm7325p_firmwaresxr2230psnapdragon_xr2_5g_platform_firmwareqca6574a_firmwaresa8775psnapdragon_665_mobile_platformqrb5165msm7315snapdragon_x55_5g_modem-rf_system_firmwaresc8280xp-ab_firmwaresnapdragon_x35_5g_modem-rf_system_firmwaresnapdragon_690_5g_mobile_platform_firmwareqcn6274_firmwareqcm6490_firmwarewsa8832_firmwaresnapdragon_xr1_platformsc8180xp-af_firmwareqcs8250_firmwaresm7250-aa_firmwaresc8180x-aa_firmwaresm8550psnapdragon_8_gen_1_mobile_platform_firmwaresm8150-ac_firmwaresc8180x-aasm8350-acqca6564_firmwaresc8180x-af_firmwarewcn6740qcs8550sm6150-acsnapdragon_x50_5g_modem-rf_systemsnapdragon_8_gen_3_mobile_platform_firmwareqcn6024qdu1210qcs410_firmwaresnapdragon_wear_1300_platformqam8255p_firmwaresnapdragon_8_gen_1_mobile_platformsa6150p_firmwareqcs610sc8180x-ab_firmwareqca6431_firmwarewsa8840sa8150p_firmwareqcs2290snapdragon_x70_modem-rf_systemqca6335csra6620_firmwaresd_675_firmwarecsra6640_firmwareqep8111_firmwareqam8295psd_8_gen1_5g_firmwaresm7150-acqca6688aqsm7325-aeqca6574au_firmwarewcd9375_firmwaresa6155_firmwaresm6225-adsnapdragon_xr2\+_gen_1_platformsc8180xp-afqca6678aq_firmwaresmart_audio_400_platform_firmwarewcn3999sm6225-ad_firmwareqrb5165m_firmwarewsa8840_firmwareqca6698aqqcs6125sa4155p_firmwaresd662_firmwaresc8380xp_firmwaresm7250-ab_firmwareqru1062_firmwarerobotics_rb3_platformsnapdragon_8\+_gen_1_mobile_platformsnapdragon_720g_mobile_platformsnapdragon_780g_5g_mobile_platformsw5100fsm10056_firmwareqca6436sa6155pqdu1000_firmwaresxr2250psnapdragon_auto_5g_modem-rf_gen_2_firmwarewcd9341qam8775p_firmwaresa8255pqca6431sc8180xp-ab_firmwareqca6797aqwcn3910_firmwaresnapdragon_855_mobile_platform_firmwareqcc710_firmwarerobotics_rb5_platformsm8250-ac_firmwarewsa8830_firmwaresd855_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewcn3988snapdragon_780g_5g_mobile_platform_firmwaresa8195p_firmwaresa8295p_firmwareqca8337_firmwarewcd9380_firmwaresw5100psnapdragon_w5\+_gen_1_wearable_platformqca6564ausc8180xp-aafastconnect_6700sm7150-aa_firmwaresg8275psc8180x-ac_firmwareqca6430_firmwaresm6370_firmwareqfw7114_firmwarewcd9335_firmwarewcn3980qca6335_firmwarewcn3910snapdragon_4_gen_1_mobile_platformqca6426_firmwareqca9984snapdragon_670_mobile_platformsc8180x-adqcn9024snapdragon_xr2\+_gen_1_platform_firmwaresnapdragon_x50_5g_modem-rf_system_firmwaresm7150-aaqca6421_firmwaresnapdragon_xr2_5g_platformar8031_firmwaresm7150-ab_firmwareqca6797aq_firmwareqdu1010qca6564a_firmwaresa7255p_firmwaresa8620psnapdragon_x24_lte_modemsc8180xp-ac_firmwarewsa8832sa8540pqcc710qcs4490qca6595_firmwaresa8145pwcd9395snapdragon_710_mobile_platform_firmwaresm4350-ac_firmwaresd888_firmwaresa8155psd675qcs8155_firmwareqep8111snapdragon_720g_mobile_platform_firmwarear8035_firmwareqcm2290snapdragon_855_mobile_platformsnapdragon_662_mobile_platform_firmwaresa8145p_firmwareqcs2290_firmwarefsm10056csra6620sc8280xp-bb_firmwaresm7250-ac_firmwaresnapdragon_888_5g_mobile_platform_firmwaresd730_firmwarewcd9370ssg2115pqca6584au_firmwareqdu1110sm8250-abqamsrv1hsa8530psd_8cx_firmwaretalynplussd662qam8295p_firmwaresa9000p_firmwaresnapdragon_778g_5g_mobile_platformqca6595ausm7325-af_firmwarewcn3999_firmwareqca6436_firmwaresm4350-acsnapdragon_680_4g_mobile_platform_firmwaresnapdragon_w5\+_gen_1_wearable_platform_firmwareqca6564au_firmwaresa8620p_firmwaresa6155p_firmwareqca6310qcs8155snapdragon_x70_modem-rf_system_firmwaresa8775p_firmwareqcs6490video_collaboration_vc5_platformqcs8550_firmwarevision_intelligence_300_platform_firmwaresa6145p_firmwaresm6250wsa8810_firmwarevision_intelligence_400_platformsc7180-adsnapdragon_x62_5g_modem-rf_systemsnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwaresg4150pqcs7230wsa8845hqca8081snapdragon_x35_5g_modem-rf_systemsa7775pqam8620pqca6174a_firmwareqcs5430snapdragon_wear_1300_platform_firmwarewcd9385snapdragon_665_mobile_platform_firmwaresc8180x-acar8035wcd9390vision_intelligence_400_platform_firmwareqcm6490wsa8835_firmwareqca6564asa4150psg4150p_firmwareqca6688aq_firmwareqcm4325qcm2290_firmwaresnapdragon_845_mobile_platformwcn3990sd_675fastconnect_6800qru1032sm8350-ac_firmwareqcs7230_firmwaresm8150-acqcn9012sd888qdx1011qdu1000wsa8835sc7180-ad_firmwaresd_8_gen1_5gsm6250psnapdragon_4_gen_1_mobile_platform_firmwaressg2125p_firmwareqca6574asc8180x-afqca6174asm7325psm7150-ac_firmwaresm7250-absd855sm4125_firmwaresdx57m_firmwareqru1032_firmwarewsa8845_firmwarefastconnect_6200_firmwarevision_intelligence_300_platformsd460qca6391sm8250-ab_firmwaresnapdragon_710_mobile_platformfastconnect_7800aqt1000_firmwareqcm4490_firmwaresnapdragon_845_mobile_platform_firmwareqcm4290srv1h_firmwareqcn9011video_collaboration_vc1_platform_firmwareqca6574ausa8155p_firmwarewcd9341_firmwarefastconnect_7800_firmwareqcm6125wsa8810sm7250-acsnapdragon_680_4g_mobile_platformsm6370srv1m_firmwaresnapdragon_ar2_gen_1_platformqam8650p_firmwaresnapdragon_675_mobile_platformqca6696sc8180xp-absa6150pwcd9390_firmwaresc8180x-ad_firmwaresm7250psnapdragon_8\+_gen_1_mobile_platform_firmwaresw5100_firmwaresnapdragon_xr1_platform_firmwareSnapdragonqam8255p_firmwareqca9377_firmwaresnapdragon_850_mobile_compute_platform_firmwaresnapdragon_662_mobile_platform_firmwaretalynplus_firmwaresa6150p_firmwaresm6250p_firmwaresa8145p_firmwaresxr2230p_firmwareqcs2290_firmwaresnapdragon_x24_lte_modem_firmwaresg8275p_firmwareqca6431_firmwareflight_rb5_5g_platform_firmwareqcn6224_firmwarewcn3950_firmwaresrv1l_firmwaresnapdragon_888_5g_mobile_platform_firmwaresa8150p_firmwareqca6420_firmwareqca6595au_firmwaresd730_firmwarecsra6620_firmwaresd_675_firmwaresd675_firmwarecsra6640_firmwareqcm5430_firmwareqcs6125_firmwaresnapdragon_460_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwareqca6584au_firmwareqep8111_firmwareqrb5165n_firmwarewcn3990_firmwareqca9984_firmwarequalcomm_video_collaboration_vc3_platform_firmwaresd_8cx_firmwarewcd9371_firmwarewcd9385_firmwareqcn6024_firmwarewcd9326_firmwareqamsrv1h_firmwaresd_8_gen1_5g_firmwareqsm8350_firmwaresd460_firmwareqam8295p_firmwareqcn9011_firmwaresa9000p_firmwaresm7315_firmwaresnapdragon_695_5g_mobile_platform_firmwareqca6574au_firmwaresdx55_firmwaresdx71m_firmwarewcd9375_firmwareqca8081_firmwaresa6155_firmwarewcn3999_firmwaresm7250p_firmwarewsa8845h_firmwareqca6436_firmwaresnapdragon_680_4g_mobile_platform_firmwareqca6564au_firmwaresa8620p_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareqca6678aq_firmwaresmart_audio_400_platform_firmwaresa8775p_firmwaresnapdragon_x70_modem-rf_system_firmwareqrb5165m_firmwarewsa8840_firmwaresa4155p_firmwaresa8155_firmwarerobotics_rb3_platform_firmwareqca4004_firmwareqcs8550_firmwaresc8380xp_firmwaresd662_firmwarevision_intelligence_300_platform_firmwarewcn3988_firmwareqru1062_firmwaresa6145p_firmwarewcd9306_firmwaresa7775p_firmwarefastconnect_6700_firmwarewsa8810_firmwarefsm10056_firmwaresnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwarewcd9395_firmwareqdu1000_firmwareqca6698aq_firmwareqca6174a_firmwareqcs4290_firmwaresa8770p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqam8775p_firmwaresnapdragon_wear_1300_platform_firmwaresxr2130_firmwareqca6696_firmwareqcs6490_firmwaresnapdragon_665_mobile_platform_firmwareqru1052_firmwarewcn3910_firmwaresnapdragon_855_mobile_platform_firmwaresm6250_firmwareqcc710_firmwarevision_intelligence_400_platform_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewsa8815_firmwarewsa8835_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwaresxr1120_firmwareqcn7606_firmwaresa8295p_firmwaresxr2250p_firmwaresg4150p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqca6688aq_firmwareqcm6125_firmwaresnapdragon_675_mobile_platform_firmwareqcm2290_firmwaresnapdragon_750g_5g_mobile_platform_firmwarequalcomm_video_collaboration_vc1_platform_firmwarerobotics_rb5_platform_firmwareqca8337_firmwarewcd9380_firmwaresnapdragon_778g_5g_mobile_platform_firmwareqcs7230_firmwareqdu1010_firmwaresnapdragon_670_mobile_platform_firmwaresa8530p_firmwaresd670_firmwaresxr1230p_firmwareqdu1110_firmwaresa8540p_firmwaresnapdragon_x72_5g_modem-rf_system_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaressg2125p_firmwareqca6310_firmwareqca6430_firmwareqcn9012_firmwareqfw7114_firmwaresm6370_firmwarewcd9335_firmwareqca6335_firmwareqcm4325_firmwareqca6574_firmwarewcd9340_firmwaresm4125_firmwaresm7325p_firmwaresdx57m_firmwareqru1032_firmwaresnapdragon_xr2_5g_platform_firmwarewsa8845_firmwareqca6426_firmwareqca6574a_firmwarefastconnect_6200_firmwaresnapdragon_x62_5g_modem-rf_system_firmwarewcn3980_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresnapdragon_x50_5g_modem-rf_system_firmwareqca6421_firmware9205_lte_modem_firmwareaqt1000_firmwarewcn6740_firmwareqcm4490_firmwaresnapdragon_690_5g_mobile_platform_firmwaresnapdragon_845_mobile_platform_firmwareqcn6274_firmwareqcs4490_firmwaresnapdragon_x35_5g_modem-rf_system_firmwarear8031_firmwareqcm6490_firmwaresa8650p_firmwarewsa8832_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwaresrv1h_firmwareqca6797aq_firmwaresa8155p_firmwareqdx1011_firmwareqca6564a_firmwareqcn9024_firmwaresa7255p_firmwareqcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwareqcm4290_firmwareqdx1010_firmwaresw5100p_firmwareqcs610_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqamsrv1m_firmwaresrv1m_firmwareqam8650p_firmwareqca6564_firmwareqca6595_firmwaresnapdragon_720g_mobile_platform_firmwareqcs5430_firmwareqca6391_firmwaresnapdragon_710_mobile_platform_firmwaresa4150p_firmwarewcd9370_firmwaresm8550p_firmwarequalcomm_video_collaboration_vc5_platform_firmwaresd888_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwaressg2115p_firmwareqcs8155_firmwaresw5100_firmwareqam8620p_firmwareqcs410_firmwareqfw7124_firmwareqdu1210_firmwarear8035_firmwaresnapdragon_xr1_platform_firmware
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-14024
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.80%
||
7 Day CHG~0.00%
Published-21 Jan, 2020 | 06:30
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible stack-use-after-scope issue in NFC usecase for card emulation in Snapdragon Auto, Snapdragon Industrial IOT, Snapdragon Mobile in MSM8917, MSM8953, Nicobar, QM215, Rennell, SDM429, SDM439, SDM450, SDM632, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-msm8953sdm450sdm632_firmwaresdm845sdm450_firmwaresdm632sdm439sm8250_firmwaresdm429sm7150_firmwaresdm710qm215sm6150sdm710_firmwaresm7150msm8917sdm670sxr2130sdm670_firmwaresm8150_firmwaresxr2130_firmwaresdm439_firmwarerennellrennell_firmwareqm215_firmwaremsm8953_firmwaresm6150_firmwaresm8250msm8917_firmwaresdm429_firmwaresm8150nicobar_firmwarenicobarsdm845_firmwareSnapdragon Auto, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-416
Use After Free
CVE-2019-14046
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.80%
||
7 Day CHG~0.00%
Published-07 Feb, 2020 | 05:00
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound access while allocating memory for an array in camera due to improper validation of elements parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in QCS605, SDM439, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdx24_firmwaresdm439_firmwaresdx24sdm439qcs605qcs605_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2019-14091
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.87%
||
7 Day CHG~0.00%
Published-22 Jun, 2020 | 07:10
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Double free issue in NPU due to lack of resource locking mechanism to avoid race condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607, QCS405, Rennell, Saipan, SC8180X, SDX55, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm8150_firmwaresxr2130_firmwareqcs405_firmwarerennellrennell_firmwaresm8250_firmwaremdm9607_firmwaresdx55sc8180x_firmwareqcs405saipan_firmwaresm8250mdm9607sm8150sdx55_firmwaresaipansxr2130sc8180xSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-415
Double Free
CWE ID-CWE-667
Improper Locking
CVE-2023-22667
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.05% / 15.45%
||
7 Day CHG~0.00%
Published-04 Jul, 2023 | 04:46
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Integer Overflow or Wraparound in Audio

Memory Corruption in Audio while allocating the ion buffer during the music playback.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm429w_firmwarerobotics_rb3apq8017sd865_5gqcs410_firmwaresa6150p_firmwaresxr1120qca6595qcs610_firmwaresnapdragon_8\+_gen_1wcd9335wcd9370snapdragon_730gsnapdragon_429_firmwareqca6696wcd9340_firmwarewcd9341_firmwareqca6426snapdragon_auto_4gwcn6740_firmwaresnapdragon_720g_firmwarefastconnect_6700wcn3610snapdragon_208_firmwarevision_intelligence_200_firmwaresnapdragon_695_5gsa4150psnapdragon_888_5gsnapdragon_wear_4100\+_firmwarewsa8832_firmwareqca8337qca6426_firmwaresnapdragon_4_gen_2_firmwareqca6574au_firmwareqca6564_firmwareqam8295pwcd9341sd626_firmwareqca6574au315_5g_iot_firmwaresd730_firmwarewsa8810_firmwaresnapdragon_429csra6640msm8209_firmwaresnapdragon_690_5gsnapdragon_778g\+_5g_firmwaresnapdragon_865\+_5gwcn3660_firmwaresnapdragon_765_5gwcn3660b_firmwaresd730snapdragon_626fastconnect_6800_firmwaresnapdragon_x24_firmwaresnapdragon_865\+_5g_firmwaresnapdragon_855\+\/860sd835_firmwaresnapdragon_636_firmwarevideo_collaboration_vc1_platform_firmwaresa4155psnapdragon_888\+_5g_firmwareqcm6125_firmwaresnapdragon_x50_5gsd821snapdragon_xr2_5g_firmwaresnapdragon_xr1_firmwaremsm8108sxr1120_firmwaresnapdragon_710qsm8250_firmwaresnapdragon_730snapdragon_wear_4100\+snapdragon_765g_5g_firmwaresnapdragon_660_firmwaresnapdragon_4_gen_2fastconnect_6900video_collaboration_vc1_platformwcd9385_firmwareqca6421vision_intelligence_200qca6310qam8255p_firmwaresnapdragon_778g_5gsnapdragon_670snapdragon_821_firmwaresnapdragon_678_firmwaresa8155_firmwarewcd9360qca6335snapdragon_732g_firmwaresnapdragon_662_firmwaresd821_firmwaresnapdragon_x50_5g_firmwaresnapdragon_x24sa6155pqca6421_firmwareqcm6125qca6564au_firmwaresd820wsa8810205video_collaboration_vc5_platform_firmwaresnapdragon_855_firmwaresnapdragon_670_firmwareqsm8250snapdragon_678qca6595ausm7315_firmwaresnapdragon_865_5g_firmwarewcd9326_firmwaresa6155p_firmwaresnapdragon_730g_firmwaresd835snapdragon_835qca6436_firmwareqcn9012wcd9371_firmwarewcn3910_firmwaresnapdragon_675_firmwaresm4125_firmwaresnapdragon_680_4gqca6420wcn3910snapdragon_212_firmwarewcd9370_firmwarecsrb31024snapdragon_480\+_5g_firmwaresnapdragon_765_5g_firmwarewcn3660bqca6574awcn3620_firmwareqca6174asnapdragon_695_5g_firmwaresa8195psnapdragon_750g_5g_firmwarewcd9340qcs8250_firmwareqcm2290qca6335_firmwareqcm6490215snapdragon_x55_5g_firmwarewcn3988qca9379qca6574sd675_firmwareqca6430_firmwareqcn9011snapdragon_439_firmwaresmart_audio_400snapdragon_820_firmwaresa6150pwcd9326qcs410qcm2290_firmwarevision_intelligence_100sa8155p_firmwareqca6564asa8155phome_hub_100wsa8830snapdragon_870_5g_firmwaresmart_display_200_firmwaresa6145pqcn9074_firmwaresa8255p_firmwaresnapdragon_888\+_5gsnapdragon_720gar8035msm8996ausnapdragon_208qca6564qrb5165m_firmwaresa6155wcn3620snapdragon_782gqca6698aqwcn3950_firmwaresm6250qrb5165nfastconnect_6200sd670wcn3680bsm7325p_firmwaresa8145p_firmwarewcd9360_firmwaresnapdragon_210_firmwaresnapdragon_630sa8150p_firmwaresnapdragon_835_firmwarefastconnect_6700_firmwaresnapdragon_768g_5gvideo_collaboration_vc3_platform_firmwarewcn3990robotics_rb3_firmwaresnapdragon_778g_5g_firmwaresnapdragon_780g_5gsd670_firmwareqcs6490qcs8250snapdragon_210snapdragon_778g\+_5gfastconnect_6200_firmwarear8031_firmwarehome_hub_100_firmwarewsa8830_firmwarevision_intelligence_100_firmwareqca6431sd660_firmwaresnapdragon_7c\+_gen_3wsa8832qca9379_firmwaresxr2130_firmwarear8035_firmwareqrb5165msnapdragon_680_4g_firmwareqca6320sa4150p_firmwaremsm8608_firmwaresd888_firmwaresnapdragon_845_firmwaresnapdragon_630_firmwaremsm8209snapdragon_439qca6564auqcs6125_firmwaresnapdragon_460snapdragon_636sm6250p_firmwareqcn9074snapdragon_x12wsa8815_firmwaresnapdragon_865_5gsa8195p_firmwareqca8337_firmwaresnapdragon_665_firmwaresnapdragon_auto_4g_firmwareqcm4290snapdragon_480_5g_firmwaresnapdragon_4_gen_1_firmwaresnapdragon_821msm8608ar8031snapdragon_685_4gqca9377_firmwareqcm6490_firmwaresnapdragon_xr2\+_gen_1snapdragon_626_firmwaresnapdragon_665sm7250p_firmwarewcn3680_firmwaresm4125205_firmwarevision_intelligence_400_firmwarewcn3950qcs6125flight_rb5_5gsnapdragon_690_5g_firmwareqca6797aq_firmwaresa8295p_firmwaresmart_audio_400_firmwaresd_675_firmwaresnapdragon_460_firmwaresmart_audio_200_firmwaresa4155p_firmwaresnapdragon_auto_5g_firmwaresm7250pcsrb31024_firmwaresa8155sm6250_firmwaresnapdragon_768g_5g_firmwaresnapdragon_710_firmwareqca6584ausd888qca6320_firmwareqcn9011_firmwarewcn6740snapdragon_732gqca6310_firmwaresd626fastconnect_6800snapdragon_662qca6595_firmwarewcd9371snapdragon_855\+\/860_firmwarefastconnect_6900_firmwarerobotics_rb5_firmwareapq8017_firmwarewcd9380sa6145p_firmwareqam8255psa6155_firmwaresmart_audio_200snapdragon_xr2_5gsa8150p215_firmwaresnapdragon_888_5g_firmwaresnapdragon_450snapdragon_765g_5gmsm8996au_firmwarewcn3660video_collaboration_vc3_platformaqt1000qam8295p_firmwaresd855qca6431_firmwaresnapdragon_8_gen_1_firmwaresnapdragon_632_firmwarewcn3990_firmwaresm7315snapdragon_750g_5gqca6698aq_firmwareqcs2290qca6564a_firmwarewcd9385qcs2290_firmwaresnapdragon_xr2\+_gen_1_firmwarewcn3615wcn3610_firmwarewcn3680snapdragon_8_gen_1sa8255pqcs4290sd820_firmwareqca6430sm6250psnapdragon_782g_firmwaresnapdragon_855sdx55_firmwaresnapdragon_x55_5gsnapdragon_625_firmwarewcn3615_firmwareflight_rb5_5g_firmwaresxr2130msm8108_firmwaresnapdragon_4_gen_1snapdragon_870_5gcsra6640_firmwarerobotics_rb5snapdragon_480\+_5gqca6174a_firmwaresnapdragon_685_4g_firmwaresm7325psnapdragon_845video_collaboration_vc5_platformqca6420_firmwaresnapdragon_625aqt1000_firmwareqcs6490_firmwaresnapdragon_480_5gsdm429wsd855_firmwarewcd9335_firmwareqrb5165n_firmwareqca6436wcn3980_firmwareqca6584au_firmwarewsa8835qca6595au_firmwareqca6391_firmwaresnapdragon_x12_firmwareqca6696_firmwareqcs4290_firmwarewcd9380_firmwareqca6574_firmwarecsra6620sd660wsa8815mdm9628sd_8_gen1_5gsnapdragon_450_firmwareqca9377snapdragon_auto_5gqca6797aqmdm9628_firmwaresnapdragon_730_firmwaresnapdragon_632snapdragon_660qca6574a_firmwaresdx55qcm4290_firmwaresnapdragon_820snapdragon_8\+_gen_1_firmwaresd675sd_8_gen1_5g_firmwarewcd9375_firmwaresnapdragon_7c\+_gen_3_firmwareqca6391qcn9012_firmwaresnapdragon_780g_5g_firmwarecsra6620_firmwaresa8295psnapdragon_675sd865_5g_firmwaresnapdragon_425_firmwaresnapdragon_xr1wcd9375wcn3988_firmware315_5g_iotsa8145psd_675snapdragon_212vision_intelligence_400wsa8835_firmwaresmart_display_200wcn3980snapdragon_425wcn3680b_firmwareqcs610Snapdragonsnapdragon
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-35130
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.04% / 12.33%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 10:11
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption in graphics support layer due to use after free condition in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwaresm6375wsa8830wcn3991sa6150p_firmwareqca8337_firmwaresa8145p_firmwareqcs610wcd9380_firmwaresw5100psd780gqca8337wcn6856_firmwaresd888sdx65wsa8835wcn3950_firmwarewcd9380sa8150p_firmwaresd888_5gqca6595au_firmwareqcs410wcd9370wcn6855_firmwareqca6174asm7325pwcd9335_firmwareqca9377wcn3980wcn3998wcn6750wcd9385_firmwareqam8295pwcn3950sm6375_firmwarewsa8815sm7325p_firmwarewcn6850qam8295p_firmwaresm7315_firmwareqca6574au_firmwareqca6595auqca8081_firmwaresdx12_firmwarewcd9375_firmwarewcn3998_firmwarewcn3980_firmwaresm7315qca6391sa8295pwcn6740_firmwaresd778gsa6155p_firmwaresdx65_firmwareqcs6490qcm6490_firmwaresa4155p_firmwaresd480_firmwarewcn6851_firmwarewcn3988_firmwareqca6574ausa6145p_firmwaresa8155p_firmwaresd778g_firmwaresa8195pwsa8810_firmwarewcd9341_firmwaresw5100sd480wsa8810wcn6855wcn6851wcd9335sa6155psw5100p_firmwareqca8081qcs610_firmwarewcn6856sa6145pqca6174a_firmwarewcd9385wcd9341qca6696_firmwareqcs6490_firmwaresa8145pwcn6740qca6696qca6391_firmwaresa4150p_firmwarear8035wcd9375sd780g_firmwarewcn6750_firmwaresa8150pwcd9370_firmwaresa6150psd888_firmwaresa8155pwsa8830_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresw5100_firmwaresdx12qcs410_firmwaresa8295p_firmwaresa4155psa4150par8035_firmwareSnapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2021-35091
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.09% / 27.24%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 10:11
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bounds read due to improper typecasting while handling page fault for global memory in Snapdragon Connectivity, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn6855_firmwarewsa8830_firmwarewcd9380_firmwarewsa8830wsa8835wcn6856wsa8835_firmwarewcd9380wcn6855sm8475wcn6856_firmwaresd_8_gen1_5g_firmwareSnapdragon Connectivity, Snapdragon Mobile
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2021-35126
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.11% / 30.17%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 10:11
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption in DSP service due to improper validation of input parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn6740_firmwaresd_8cx_gen3_firmwaresd778gwcd9380_firmwarewsa8830sd780gqcs6490qcm6490_firmwarewcn6851_firmwarewcn6856_firmwaresd888wsa8835sd778g_firmwarewcd9380sd888_5gwcn6855wcn6851wcd9370wcn6856wcn6855_firmwaresm7325pwcd9385qca6696_firmwareqcs6490_firmwarewcn6750wcn6740qca6696sd_8cx_gen3qca6391_firmwareqam8295pwcd9385_firmwarewcd9375sd780g_firmwarewcd9370_firmwaresd_8_gen1_5g_firmwarewcn6750_firmwaresd888_firmwaresm7325p_firmwarewcn6850wsa8830_firmwareqam8295p_firmwareqcm6490sd888_5g_firmwaresm7315_firmwarewcn6850_firmwarewsa8835_firmwarewcd9375_firmwaresm8475sm7315sa8295p_firmwareqca6391sa8295pSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2021-35110
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.1||HIGH
EPSS-0.10% / 27.87%
||
7 Day CHG~0.00%
Published-01 Apr, 2022 | 04:40
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow to improper validation of hash segment of file while allocating memory in Snapdragon Connectivity, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn6855_firmwarewsa8830_firmwarewcd9380_firmwarewsa8830wsa8835wcn6856wsa8835_firmwarewcd9380wcn6855sm8475wcn6856_firmwaresd_8_gen1_5g_firmwareSnapdragon Connectivity, Snapdragon Mobile
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2021-35069
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.12% / 31.51%
||
7 Day CHG~0.00%
Published-11 Feb, 2022 | 10:40
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper validation of data length received from DMA buffer can lead to memory corruption. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055sa6150p_firmwaresm6250p_firmwareqcs610ipq4028_firmwareqcn5550qca8337ar9380ipq8173_firmwarewcd9360_firmwaresdx65qcn5124qca4024_firmwarewcn3950_firmwareipq8078aipq5028_firmwaresa8150p_firmwareqcs2290qca6595au_firmwaresa6155qcn5064csra6620_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaresa415mwcn3998qca6554a_firmwarewcn3950qcn6024_firmwaresd720gipq8076asd_8_gen1_5g_firmwaresm6375_firmwaresd460_firmwaresm7315_firmwareqca6428qca6574au_firmwareqcn5164_firmwareipq8071wcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwarewcd9360qca6438_firmwareipq8070_firmwareipq8065ipq8078a_firmwarewcn3999qrb5165_firmwareipq5028qca7500ipq8072_firmwareipq4029_firmwareqcs6125qrb5165m_firmwaresa8155_firmwareipq6010sd662_firmwareipq8068qcs405qcn6132sd765gfsm10056_firmwareqca6436wcn6851sa6155pqca9888_firmwareqcn6122wcd9341ipq8068_firmwareqca6696_firmwaresd870_firmwaresd750gqcn5154_firmwarewcn3910_firmwaresa8150pwsa8830_firmwareqca9992_firmwaresd660sd865_5g_firmwaresd855_firmwarewcn3988qca6438sd660_firmwaresa8195p_firmwaresm8475qcn5022_firmwarewcn6750_firmwareqca9898ipq4028qca6428_firmwareipq5018_firmwaresm6375qca9985_firmwarewcn3991ipq4018_firmwareqca8337_firmwarewcd9380_firmwareipq8072aqca7500_firmwareqca9980_firmwaremsm8996au_firmwareipq8076a_firmwareipq8078qca6564ausdx55m_firmwareipq8173wcn6856_firmwareqcn5164qca6574csr8811_firmwarewcd9380qcn5054_firmwareqcs410qcn5024sd690_5g_firmwareipq4019_firmwareqca8072_firmwareqca9985qcn9012_firmwarewcd9335_firmwareqcn5052_firmwarewcn3980ipq6018_firmwarewsa8815wcn6850pmp8074_firmwareqcn6112wcn3910qca6426_firmwareqca9984ipq6028ipq8064qcn9024pmp8074wcn3980_firmwaresd730qcn5550_firmwaresdx55mipq8064_firmwarewcn6740_firmwareqcn5064_firmwaresd678_firmwarear8031_firmwareipq8078_firmwareqcn5054qrb5165wcn6851_firmwareipq8070qca9994qca9980qcn9024_firmwareipq8174_firmwareqca6564a_firmwareqca9880qcm4290_firmwaresd480sd870wcn6855qcs610_firmwaresa6145pipq6018qca9886_firmwaresdxr1ar8031apq8096auqca6595_firmwareqcs405_firmwaresa8145pqca6391_firmwareqca4024wcd9370_firmwaresd780g_firmwaresdx55sd888_firmwareqcn5021_firmwaresd675csra6640sa8155par8035_firmwareqcm2290qcn5024_firmwarewcn3991_firmwarewsa8830sd678qcn9070sa8145p_firmwareqcs2290_firmwarefsm10056csrb31024csra6620fsm10055_firmwareqcn9072qca9880_firmwareqca9992qcs4290sd765g_firmwareqca6390_firmwaresd690_5gipq6000sd730_firmwarewcd9370sd675_firmwareipq8072qcn5152_firmwareqca6564qca6426qca6584au_firmwarewcn3990_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwareipq5018wcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwareipq8074asd662qcn5124_firmwareqcn6102_firmwareqcn9011_firmwareqcn6100_firmwaresa8155qcn5122_firmwaresdx55_firmwareqca6595auqcn6023_firmwarewcn3999_firmwaresm7250p_firmwareqca6436_firmwareqrb5165nipq5010qca6564au_firmwareqca6584ausd778gsa6155p_firmwaresm6225ipq8174sa515m_firmwareqca9990qcs6490sdxr2_5gqcn5052qcn6112_firmwaresa415m_firmwarewcn3988_firmwareqcn9074sa6145p_firmwaresm6250sd778g_firmwaresa8195pwsa8810_firmwaresd765_firmwarewcd9326wcd9335qca8081qcn6023ipq8071aipq8071a_firmwareqcs4290_firmwarewcd9385qcs6490_firmwareqca6390qca9898_firmwaresd750g_firmwareaqt1000wcd9375ar8035sm6250_firmwarecsr8811ipq4019qcn9100_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwarewsa8815_firmwareqcm6490wcn6850_firmwarewsa8835_firmwareqcx315qca6564aqcm6125_firmwareqca8072qcm2290_firmwarewcn3990qcn9000sd_675sd780gqca6554asd865_5gqca6595ar9380_firmwareqcn9012sd888qcn6122_firmwareipq8065_firmwareqcx315_firmwarewsa8835msm8996ausd665_firmwaresd888_5gsm6250pqcn5154qca8075_firmwareipq4018qca6574awcn6855_firmwareqca9889sm7325pqcn6132_firmwareqca9888ipq8074qca9994_firmwarewcn6750ipq8070a_firmwareipq8076_firmwaresa515mqca6574_firmwareqca9886sd855sm7325p_firmwaresd665ipq8076qca6175asd765qca6574a_firmwareqcn5021qcn5152sd768g_firmwareqrb5165msm7315sd460qca6391sdxr1_firmwareaqt1000_firmwareqcn6102qcn9100sdx65_firmwareqcm4290csrb31024_firmwareqcm6490_firmwareqcn9070_firmwaresd480_firmwareipq6028_firmwareipq8072a_firmwareqcn9011sm6225_firmwareipq8074_firmwareqca6574auqca9889_firmwaresa8155p_firmwareqcn5122wcd9341_firmwareqcm6125wsa8810wcn6856qcn5022qca6564_firmwaresd768gipq6010_firmwarewcn6740qca6696sa6150pqca8075qcn9022_firmwareapq8096au_firmwareqcn6024qcn9022qca9990_firmwareipq8070aqcn6100qcn9072_firmwaresm7250pipq6000_firmwaresd720g_firmwareipq8071_firmwareqcn9074_firmwareqcs410_firmwareipq4029qca6175a_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-10584
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.10%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 05:25
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possibility of out of bound access in debug queue, if packet size field is corrupted in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCN7605, QCS405, QCS605, QM215, SA6155P, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaremdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwareapq8098qcn7605mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009apq8053_firmwaresda845nicobarsa6155p_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwareqcs405sdm710qm215mdm9607apq8017_firmwaresdm710_firmwareqcn7605_firmwaresa6155pmsm8937mdm9207c_firmwaremdm9207csm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwaresdm630_firmwaresda660_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250msm8998sm8150sdx20_firmwareapq8017nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-10606
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.80%
||
7 Day CHG~0.00%
Published-21 Jan, 2020 | 06:30
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bound access will occur in USB driver due to lack of check to validate the frame size passed by user in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9607, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, QCS605, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-msm8920sdx24_firmwaremsm8937sdx24msm8920_firmwareqcs605mdm9607_firmwaremsm8940msm8940_firmwaremsm8909w_firmwaremdm9607msm8917_firmwaremsm8937_firmwaremsm8917msm8909wqcs605_firmwareSnapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-10592
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.10%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 08:30
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible integer overflow while multiplying two integers of 32 bit in QDCM API of get display modes as there is no check on the maximum mode count in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCS405, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632sdm439sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausm7150msm8917sdm670sxr2130qcs605_firmwaremdm9206sdm670_firmwaresdm636sda845_firmwareapq8098mdm9206_firmwareqcs605msm8937_firmwaresdm429_firmwaresda660sxr1130_firmwaresxr1130msm8909wmsm8909_firmwareapq8053_firmwaresda845nicobarmsm8920msm8953sdm450sdm636_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwareqcs405sdm710qm215mdm9607apq8017_firmwaresdm710_firmwaremsm8937mdm9207c_firmwaremdm9207csm8150_firmwaremsm8909sxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwaresdm630_firmwaresda660_firmwareqm215_firmwaremsm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250msm8998sm8150sdx20_firmwareapq8017nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-10506
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.90%
||
7 Day CHG~0.00%
Published-30 Sep, 2019 | 15:40
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While processing QCA_NL80211_VENDOR_SUBCMD_AVOID_FREQUENCY vendor command, driver does not validate the data obtained from the user space which could be invalid and thus leads to an undesired behaviour in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9206, MDM9607, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS605, SD 600, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDM630, SDM660, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_712qca9377_firmwaresd_850sd_855sd_730_firmwaresd_820asd_675msm8996au_firmwaresd_670_firmwaresdm660sdx24sdm630mdm9607_firmwaresd_710_firmwaresd_636sd_625qca6574ausd_820_firmwaremdm9607msm8996ausd_636_firmwaresd_820sd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206qca6174a_firmwareqca6174aqca9379_firmwaresd_665sd_730sd_850_firmwaresd_625_firmwaresdx24_firmwareqca9377sd_712_firmwaresdm630_firmwaresd_845mdm9206_firmwareqcs605sd_670sd_835_firmwaresd_710sd_600_firmwaresd_835qca6574au_firmwaresd_600qca9379sd_665_firmwaresdm660_firmwaresd_855_firmwareSnapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-20
Improper Input Validation
CVE-2019-10507
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.90%
||
7 Day CHG~0.00%
Published-30 Sep, 2019 | 15:40
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of check of extscan change results received from firmware can lead to an out of buffer read in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS605, SD 210/SD 212/SD 205, SD 425, SD 430, SD 600, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresd_850mdm9150_firmwaremdm9640_firmwaresd_820asd_675msm8996au_firmwaresd_670_firmwaresdx24mdm9650sd_636msm8996ausd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206qca9379_firmwareqca6174asd_425_firmwaresd_665sdx24_firmwaresd_625_firmwareqca9377sd_845mdm9206_firmwareqcs605mdm9640sd_835_firmwaremdm9650_firmwaresd_835qca6574au_firmwaresda660sd_210_firmwaresd_600sd_665_firmwaresd_205_firmwaresd_212sd_712sd_855sd_730_firmwaresdx20sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_710_firmwaresdm630sd_625qca6574ausd_210mdm9607sd_636_firmwaremdm9150qca6174a_firmwaresd_730sd_212_firmwaresd_850_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_430sd_670sd_710sdx20_firmwaresd_600_firmwaresd_205qca9379sdm660_firmwaresd_855_firmwareSnapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-10530
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.92%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 08:30
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of check of data truncation on user supplied data in kernel leads to buffer overflow in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632mdm9640_firmwaresd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdx24sdm439mdm9650sd_636msm8909w_firmwaremsm8996ausd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_425_firmwaresd_665sdx24_firmwaresd_625_firmwaresd_450sd_845mdm9206_firmwareqcs605mdm9640sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sd_210_firmwaremsm8909wsd_665_firmwaresd_205_firmwaresd_212sd_712sd_855sd_730_firmwaresdx20sd_425sdm660sdm630mdm9607_firmwaresd_710_firmwareqcs405sd_625sd_210mdm9607sd_636_firmwaresd_439_firmwaremdm9150sd_429_firmwaresd_730sd_212_firmwaresd_850_firmwaresdm439_firmwareqcs405_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_670sd_710sdx20_firmwaresd_205sdm660_firmwaresd_855_firmwareSnapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-22387
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.45%
||
7 Day CHG~0.00%
Published-04 Jul, 2023 | 04:46
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use of Out-of-range Pointer Offset in Qualcomm IPC

Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm429w_firmwareimmersive_home_214sd865_5gqcs8155_firmwareqca6595ipq6028_firmwareqca8081_firmwarewcd9340_firmwareipq5028_firmwareqcn6024ar9380qca6426snapdragon_auto_4gfastconnect_6700wcn3610sa4150pqcn5124_firmwaresnapdragon_wear_4100\+_firmwarewsa8832_firmwareqca8337qca6426_firmwareqca6574au_firmwareipq8078a_firmwareqca6564_firmwareqam8295pwcd9341sd626_firmware315_5g_iot_firmwaresd730_firmwarewsa8810_firmwaresnapdragon_429snapdragon_690_5gsnapdragon_778g\+_5g_firmwaresnapdragon_865\+_5gsnapdragon_626fastconnect_6800_firmwaresnapdragon_855\+\/860video_collaboration_vc1_platform_firmwaresa4155pqca9880snapdragon_888\+_5g_firmwareqcn9000snapdragon_x50_5gsnapdragon_710qsm8250_firmwaresnapdragon_730snapdragon_765g_5g_firmwaresnapdragon_660_firmwaresnapdragon_4_gen_2video_collaboration_vc1_platformwcd9385_firmwareqca6421vision_intelligence_200qca6310snapdragon_778g_5gipq8074a_firmwareipq8076awcd9360snapdragon_732g_firmwaresnapdragon_x50_5g_firmwaresnapdragon_x24sa6155pqca6564au_firmwareqca8075qam8650p205video_collaboration_vc5_platform_firmwaresnapdragon_855_firmwaresnapdragon_678sa6155p_firmwareqca6436_firmwareipq8070a_firmwareqcn5021_firmwareqcn9070snapdragon_675_firmwaresm4125_firmwareqca6420wcn3910snapdragon_212_firmwarecsrb31024snapdragon_480\+_5g_firmwarewcn3660bqca6574awcn3620_firmwareqca6174asnapdragon_695_5g_firmwareqca9898_firmwaresnapdragon_750g_5g_firmwareqcs8250_firmwareqcm2290wcd9340qcn6122_firmwareqcn5154_firmwareqca7500snapdragon_x55_5g_firmwarewcn3988ipq4019qcn5122_firmwarepmp8074qcn9024qca6574qcs410qcm2290_firmwarevision_intelligence_100sa8155phome_hub_100qca8072_firmwaresnapdragon_870_5g_firmwaresmart_display_200_firmwarewsa8830sa6145psnapdragon_x65_5g_firmwareimmersive_home_318_firmwareqcn6122sa8255p_firmwaresnapdragon_888\+_5gsnapdragon_720gqrb5165m_firmwareimmersive_home_216_firmwarewcn3620qca9985immersive_home_316ipq8071asnapdragon_782gwcn3950_firmwareqrb5165nfastconnect_6200sm7325p_firmwarewcd9360_firmwaresnapdragon_210_firmwarevideo_collaboration_vc3_platform_firmwarerobotics_rb3_firmwareqcn6023_firmwareqcn5164_firmwaresnapdragon_778g_5g_firmwaresd670_firmwaresnapdragon_780g_5gsnapdragon_210qcn9072ipq4028_firmwarevision_intelligence_100_firmwareqca6431sd660_firmwareqca9379_firmwareimmersive_home_216sxr2130_firmwarear8035_firmwareqrb5165mqca4024_firmwaresd888_firmwaresnapdragon_845_firmwareqcs6125_firmwareqca9992_firmwareqca9990ipq8070qcn9074snapdragon_x12wsa8815_firmwaresnapdragon_865_5gqca8337_firmwaresnapdragon_665_firmwaresnapdragon_auto_4g_firmwaresnapdragon_480_5g_firmwaresnapdragon_4_gen_1_firmwareipq8173snapdragon_626_firmwaresnapdragon_665sm7250p_firmwarewcn3680_firmwareipq6010_firmwarewcn3950snapdragon_690_5g_firmwareqca6797aq_firmwareipq5028qca9986qcn9070_firmwaresa8295p_firmwaresmart_audio_400_firmwaresd_675_firmwaresnapdragon_460_firmwaresa4155p_firmwareqca9984ipq5010_firmwareqcn9022_firmwaresm7250pcsrb31024_firmwareipq6018sa8155snapdragon_710_firmwaresd888ipq8065snapdragon_732gqca6310_firmwaresd626fastconnect_6800snapdragon_662wcd9371fastconnect_6900_firmwarerobotics_rb5_firmwaresmart_audio_200qca7500_firmwareqca8075_firmwaresnapdragon_888_5g_firmwaresnapdragon_765g_5gvideo_collaboration_vc3_platformqca9980_firmwareqca9985_firmwareqca6431_firmwareqca6698aq_firmwareqcs2290qcs2290_firmwaresnapdragon_xr2\+_gen_1_firmwarewcn3615wcn3680sa8255pqcn5024qca6430snapdragon_625_firmwareflight_rb5_5g_firmwareipq4019_firmwaressg2125psnapdragon_870_5gcsra6640_firmwaresnapdragon_685_4g_firmwareqam8650p_firmwarevideo_collaboration_vc5_platformqca6420_firmwaresnapdragon_625qcs6490_firmwaresnapdragon_480_5gipq8076_firmwaresd855_firmwarewcd9335_firmwareqrb5165n_firmwareqca6436wcn3980_firmwarewsa8835qca6391_firmwaresnapdragon_x12_firmwareipq8068qcs4290_firmwarecsra6620qca8081sd660wsa8815qam8775pqca9377snapdragon_ar2_gen_1_firmwaresnapdragon_auto_5gsnapdragon_730_firmwareqcm4325_firmwareqcm4290_firmwareqca9888_firmwareqca9889snapdragon_8\+_gen_1_firmwareqcn5024_firmwareimmersive_home_318ipq5010sg4150p_firmwarecsra6620_firmwareipq8068_firmwareqam8775p_firmwaresd865_5g_firmwarepmp8074_firmwaresnapdragon_425_firmwaresnapdragon_xr1wcd9375qca9889_firmwaresnapdragon_ar2_gen_1sa8145psd_675csr8811smart_display_200snapdragon_425wcn3680b_firmwarerobotics_rb3apq8017qcs410_firmwaresa6150p_firmwaresw5100pqcn9000_firmwaresxr1120qcn9022qcs610_firmwaresnapdragon_8\+_gen_1wcd9335wcd9370snapdragon_730gqca8072snapdragon_429_firmwareqca6696wcd9341_firmwareipq8076wcn6740_firmwaresnapdragon_720g_firmwareipq6018_firmwarevision_intelligence_200_firmwareqca9984_firmwareqcn6023snapdragon_695_5gsnapdragon_888_5gqca9994_firmwaresnapdragon_4_gen_2_firmwareipq8078aqca6574aucsra6640qcn9100_firmwaresnapdragon_765_5gqcn5122wcn3660b_firmwaresd730snapdragon_x24_firmwaresnapdragon_865\+_5g_firmwareqcn6024_firmwareqca9886_firmwaresnapdragon_x65_5gqcm6125_firmwarec-v2x_9150ssg2115pqcn6132_firmwaresnapdragon_xr2_5g_firmwaresnapdragon_xr1_firmwaresxr1120_firmwareqcn5054snapdragon_wear_4100\+fastconnect_6900qcn5052qca9980qam8255p_firmwaresnapdragon_670snapdragon_678_firmwareipq8064sa8155_firmwareqcn5164qca6335qcs4490snapdragon_662_firmwareqca6421_firmwareqcm6125csr8811_firmwarewsa8810qcn5021snapdragon_670_firmwareqsm8250qca6595ausm7315_firmwaresnapdragon_865_5g_firmwarewcd9326_firmwaresnapdragon_730g_firmwareqca9986_firmwareqcn9012wcd9371_firmwareqcs4490_firmwarewcn3910_firmwaresnapdragon_680_4gwcd9370_firmwaresnapdragon_765_5g_firmwaresa8195pqca6335_firmwareqcm6490215qca9379ipq8076a_firmwaresxr2230p_firmwarear9380_firmwaresd675_firmwareqca6430_firmwareipq4029_firmwareqcn9011snapdragon_439_firmwaresmart_audio_400qcn9024_firmwaresa6150pwcd9326sa8155p_firmwareqcn9074_firmwareipq8174ipq8174_firmwarear8035ipq8072aqca6564sa6155qcm4325qca6698aqssg2125p_firmwaresm6250sd670wcn3680bsa8145p_firmwareqcs8155sa8150p_firmwarefastconnect_6700_firmwaresnapdragon_768g_5gwcn3990ipq8078qcs6490qcs8250fastconnect_6200_firmwarear8031_firmwarehome_hub_100_firmwaresnapdragon_778g\+_5gwsa8830_firmwaresnapdragon_7c\+_gen_3wsa8832qca9880_firmwareqcn5022_firmwareqca9992snapdragon_680_4g_firmwaresa4150p_firmwareqca9898snapdragon_439qca6564ausnapdragon_460sm6250p_firmwaresa8195p_firmwareqcm4290qcn5054_firmwareqca9888ar8031snapdragon_685_4gqca9377_firmwareqcm6490_firmwareipq8072a_firmwaresnapdragon_w5\+_gen_1snapdragon_xr2\+_gen_1sm4125205_firmwareqcm4490_firmwarevision_intelligence_400_firmwareqcs6125flight_rb5_5gsmart_audio_200_firmwareqca9886qcn6132snapdragon_auto_5g_firmwaresm6250_firmwaresnapdragon_768g_5g_firmwareqcn9011_firmwaresw5100_firmwarewcn6740qca4024qca6595_firmwarefastconnect_7800_firmwareimmersive_home_214_firmwaresnapdragon_855\+\/860_firmwareipq8070aapq8017_firmwarewcd9380ipq4028qam8255psa6145p_firmwaresa6155_firmwaresxr2230pqca9990_firmwaresnapdragon_xr2_5gsa8150p215_firmwareqcn5052_firmwaresxr1230pipq6010sw5100aqt1000c-v2x_9150_firmwareqam8295p_firmwaresd855snapdragon_8_gen_1_firmwaresnapdragon_632_firmwarewcn3990_firmwaresm7315snapdragon_750g_5gwcd9385qca9994wcn3610_firmwaresnapdragon_8_gen_1qcs4290sxr1230p_firmwareipq4018sm6250psnapdragon_782g_firmwaresnapdragon_855sdx55_firmwaresnapdragon_x55_5gipq8071a_firmwarewcn3615_firmwaresxr2130ipq6028qcm4490snapdragon_4_gen_1qcn9100robotics_rb5snapdragon_480\+_5gipq4029qca6174a_firmwaresm7325psnapdragon_845aqt1000_firmwareipq4018_firmwaresdm429wqcn5152_firmwareqca6595au_firmwaresw5100p_firmwareqca6696_firmwarewcd9380_firmwareqca6574_firmwaresg4150psd_8_gen1_5gqcn5124ipq8064_firmwareqca6797aqqcn5152ipq8065_firmwaresnapdragon_632snapdragon_660qca6574a_firmwaresdx55qcn9072_firmwareipq8074asd675sd_8_gen1_5g_firmwarewcd9375_firmwaresnapdragon_7c\+_gen_3_firmwareqca6391snapdragon_w5\+_gen_1_firmwareipq8173_firmwareqcn9012_firmwaresnapdragon_780g_5g_firmwaresa8295psnapdragon_675fastconnect_7800ipq8078_firmwarewcn3988_firmware315_5g_iotimmersive_home_316_firmwareipq8070_firmwareqcn5154snapdragon_212vision_intelligence_400wsa8835_firmwaressg2115p_firmwareqcn5022wcn3980qcs610Snapdragon
CWE ID-CWE-823
Use of Out-of-range Pointer Offset
CVE-2021-35106
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 27.24%
||
7 Day CHG~0.00%
Published-01 Apr, 2022 | 04:40
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound read due to improper length calculation of WMI message. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055wcn3991_firmwarewsa8830sd678sa6150p_firmwaresa8145p_firmwareqcs610qcs2290_firmwarefsm10056qca8337csrb31024wcd9360_firmwaresdx65csra6620fsm10055_firmwareqcs4290wcn3950_firmwaresa8150p_firmwaresd765g_firmwareqcs2290qca6595au_firmwareqca6390_firmwaresa6155sd690_5gsd730_firmwarewcd9370csra6620_firmwaresd_675_firmwaresd675_firmwarecsra6640_firmwareqcs6125_firmwareqca6426qca6584au_firmwarewcn3990_firmwareqrb5165n_firmwaresa415mwcn3998qca6554a_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcn3950wcd9326_firmwaresd720gsd_8_gen1_5g_firmwaresm6375_firmwaresd662sd460_firmwaresa8155sm7315_firmwareqca6574au_firmwaresdx55_firmwareqca6595auqca8081_firmwaresa6155_firmwarewcd9375_firmwaresm7250p_firmwarewcn3998_firmwarewcn3999_firmwarewcd9360qca6436_firmwareqrb5165nqca6564au_firmwareqca6584ausa6155p_firmwaresd778gsm6225wcn3999sa515m_firmwareqcs6490qrb5165m_firmwareqrb5165_firmwaresdxr2_5gsa4155p_firmwareqcs6125sa8155_firmwaresd662_firmwaresa415m_firmwareqcs405wcn3988_firmwaresa6145p_firmwaresm6250sd778g_firmwaresa8195pwsa8810_firmwaresd765gsw5100sd765_firmwarefsm10056_firmwareqca6436wcd9326wcd9335sa6155pwcn6851qca8081qcs4290_firmwarewcd9385wcd9341qca6696_firmwareqcs6490_firmwaresd750gsd870_firmwarear8035qca6390sd750g_firmwareaqt1000sa8150pwcd9375sm6250_firmwarewcn3910_firmwarewsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988sd660_firmwarewcn6850_firmwarewsa8815_firmwaresa8195p_firmwarewsa8835_firmwaresm8475qca6564awcn6750_firmwaresa4150pqcm6125_firmwareqcm2290_firmwaresm6375wcn3991qca8337_firmwarewcd9380_firmwarewcn3990sd_675sw5100psd780gqca6554asd865_5gqca6595qca6564ausdx55m_firmwarewcn6856_firmwaresd888wsa8835qca6574wcd9380sd888_5gqca6574asd690_5g_firmwarewcn6855_firmwaresm7325pwcd9335_firmwarewcn3980wcn6750sa515mqca6574_firmwaresd855wsa8815sm7325p_firmwarewcn6850wcn3910qca6175asd765qca6426_firmwareqca6574a_firmwaresd768g_firmwareqrb5165mwcn3980_firmwaresm7315sd460qca6391sd730sdx55msdxr1_firmwareaqt1000_firmwarewcn6740_firmwaresdx65_firmwaresd678_firmwarear8031_firmwarecsrb31024_firmwareqcm4290qcm6490_firmwareqrb5165sd480_firmwarewcn6851_firmwaresm6225_firmwareqca6574ausa8155p_firmwareqca6564a_firmwarewcd9341_firmwareqcm6125qcm4290_firmwaresd480sd870wcn6855wsa8810sw5100p_firmwareqcs610_firmwarewcn6856sa6145psdxr1sd768gar8031qca6595_firmwareqcs405_firmwaresa8145pwcn6740qca6696qca6391_firmwaresa4150p_firmwaresd780g_firmwarewcd9370_firmwaresa6150psd888_firmwaresdx55sa8155pcsra6640sd675sm7250psd720g_firmwaresw5100_firmwaresa4155pqca6175a_firmwarear8035_firmwareqcm2290Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-10558
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.80%
||
7 Day CHG~0.00%
Published-21 Jan, 2020 | 06:30
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While transferring data from APPS to DSP, Out of bound in FastRPC HLOS Driver due to the data buffer which can be controlled by DSP in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCN7605, QCS605, QM215, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM6150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwareapq8009_firmwaremsm8917sxr2130qcs605_firmwaremdm9206sdx24_firmwaresdm636sda845_firmwareapq8098qcn7605mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009apq8053_firmwaresda845nicobarmsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwareqm215mdm9607apq8017_firmwareqcn7605_firmwaremsm8937mdm9207c_firmwaremdm9207csm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwaresdm630_firmwaresda660_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250msm8998sm8150sdx20_firmwareapq8017nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2019-10496
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.92%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 17:11
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of checking a variable received from driver and populating in Firmware data structure leads to buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_632sd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdm439sd_636snapdragon_high_med_2016_firmwaremsm8909w_firmwaremsm8996ausd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaresd_425_firmwaresd_665sd_625_firmwaresd_450sd_8cx_firmwaresd_845qcs605sd_632_firmwaresd_835_firmwaresd_835sda660sxr1130_firmwaresd_210_firmwaresxr1130msm8909wsd_665_firmwaresd_205_firmwaresd_212sd_427_firmwaresd_712sd_855sd_730_firmwarequalcomm_215sd_425sdm660sd_430_firmwaresd_710_firmwaresd_435sdm630sd_625sd_210sd_820_firmwaresd_636_firmwaresd_439_firmwarequalcomm_215_firmwaresd_429_firmwaresd_730snapdragon_high_med_2016sd_212_firmwaresd_850_firmwaresdm439_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_8cxsd_427sd_430sd_670sd_435_firmwaresd_710sd_205sdm660_firmwaresd_855_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-10566
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.83%
||
7 Day CHG~0.00%
Published-21 Nov, 2019 | 14:38
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow can occur in wlan module if supported rates or extended rates element length is greater than max rate set length in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8905, MSM8996AU, Nicobar, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS405, QCS605, SDA845, SDM670, SDM710, SDM845, SDX20, SM6150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaremsm8996au_firmwaresdm845sdx20mdm9607_firmwaresm8250_firmwaremdm9650qcs405qca6574ausdm710sm6150mdm9607msm8996auapq8017_firmwaresdm710_firmwareqcn7605_firmwaresdm670sxr2130qcs605_firmwaremdm9207c_firmwaremdm9206msm8905mdm9207cqca6174a_firmwareqca6174aqca9379_firmwaresdm670_firmwaresm8150_firmwaresxr2130_firmwareapq8096auqcs405_firmwareqca9377sda845_firmwareqcn7605mdm9206_firmwareqcs605apq8053apq8096au_firmwaresm6150_firmwaresm8250mdm9650_firmwaresm8150sdx20_firmwaremsm8905_firmwareqca6574au_firmwareapq8017nicobar_firmwareqca9379apq8053_firmwaresda845nicobarsdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-10596
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.80%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Improper access control can lead signed process to guess pid of other processes and access their address space' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Bitra, Nicobar, QCS605, QCS610, Rennell, SA6155P, Saipan, SC7180, SC8180X, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm850_firmwaresa6155p_firmwareqcs610sdm845sm8250_firmwaresc8180x_firmwaresm7150_firmwaresdm710sc7180_firmwaresm6150sdm710_firmwaresm7150sa6155psdm670qcs610_firmwaresxr2130sc8180xqcs605_firmwaresdm670_firmwaresm8150_firmwaresxr2130_firmwarerennellsc7180bitrarennell_firmwareqcs605saipan_firmwaresm6150_firmwaresm8250bitra_firmwaresm8150sdm850sxr1130_firmwarenicobar_firmwaresaipansxr1130nicobarsdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CVE-2019-10497
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.88%
||
7 Day CHG~0.00%
Published-30 Sep, 2019 | 15:40
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free issue occurs If another instance of open for voice_svc node has been called from application without closing the previous one. in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632mdm9640_firmwaresd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdx24sdm439mdm9650sd_636sd_615_firmwaremsm8909w_firmwaremsm8996ausd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_425_firmwaresd_665sdx24_firmwaresd_625_firmwaresd_450sd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sd_210_firmwaresd_415_firmwaremsm8909wsd_665_firmwaresd_616_firmwaresd_205_firmwaresd_415sd_212sd_427_firmwaresd_712sd_855sd_730_firmwarequalcomm_215sdx20sd_616sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_615sd_710_firmwaresdm630sd_625sd_820_firmwaresd_210mdm9607sd_636_firmwaresd_439_firmwarequalcomm_215_firmwaremdm9150sd_429_firmwaresd_730sd_212_firmwaresd_850_firmwaresd_855_firmwaresdm439_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_430sd_427sd_670sd_435_firmwaresdx20_firmwaresd_710sd_205sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2019-10518
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.67%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 05:25
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free of a pointer in iWLAN scenario during netmgr state transition to CONNECT in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, IPQ4019, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, QCA6574AU, QCS405, QCS605, SDA660, SDA845, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9640_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwareipq4019_firmwaremdm9206sdm670_firmwaresdx24_firmwareipq8074sdm636sda845_firmwareapq8098mdm9206_firmwaremsm8939qcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwareqca6574au_firmwaresda660sdx55_firmwareipq8064sxr1130_firmwareapq8064_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwareipq8064_firmwaresda845msm8920msm8953sdm636_firmwareapq8064sdm845_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwareqcs405ipq8074_firmwareqca6574ausdm710mdm9607apq8017_firmwaresdm710_firmwaremsm8939_firmwaremdm9150msm8937mdm9207c_firmwaremsm8905mdm9207csm8150_firmwaremsm8909sxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwaresdm630_firmwaresda660_firmwareipq4019sdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250msm8998sm8150sdx20_firmwareapq8017sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-416
Use After Free
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • ...
  • 43
  • 44
  • Next
Details not found