Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2021-35079

Summary
Assigner-qualcomm
Assigner Org ID-2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At-14 Jun, 2022 | 09:50
Updated At-04 Aug, 2024 | 00:33
Rejected At-
Credits

Improper validation of permissions for third party application accessing Telephony service API can lead to information disclosure in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:qualcomm
Assigner Org ID:2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At:14 Jun, 2022 | 09:50
Updated At:04 Aug, 2024 | 00:33
Rejected At:
â–¼CVE Numbering Authority (CNA)

Improper validation of permissions for third party application accessing Telephony service API can lead to information disclosure in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Affected Products
Vendor
Qualcomm Technologies, Inc.Qualcomm, Inc.
Product
Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
Versions
Affected
  • APQ8053, AQT1000, MSM8953, QCA6390, QCA6391, QCA6420, QCA6426, QCA6430, QCA6436, QCM4290, QCS4290, QCS603, QCS605, Qualcomm215, SD460, SD480, SD662, SD680, SD690 5G, SD695, SD750G, SD765, SD765G, SD768G, SD778G, SD780G, SD855, SD865 5G, SD870, SD888 5G, SDX55, SDX55M, SDXR2 5G, SM7250P, SM7325P, WCD9326, WCD9341, WCD9370, WCD9375, WCD9380, WCD9385, WCN3615, WCN3660B, WCN3680, WCN3680B, WCN3950, WCN3980, WCN3988, WCN3990, WCN3991, WCN3998, WCN6740, WCN6750, WCN6850, WCN6851, WCN6855, WCN6856, WSA8810, WSA8815, WSA8830, WSA8835
Problem Types
TypeCWE IDDescription
textN/APermissions, Privileges and Access Controls in Telephony
Type: text
CWE ID: N/A
Description: Permissions, Privileges and Access Controls in Telephony
Metrics
VersionBase scoreBase severityVector
3.16.2MEDIUM
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 6.2
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletin
x_refsource_CONFIRM
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletin
Resource:
x_refsource_CONFIRM
â–¼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletin
x_refsource_CONFIRM
x_transferred
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletin
Resource:
x_refsource_CONFIRM
x_transferred
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:product-security@qualcomm.com
Published At:14 Jun, 2022 | 10:15
Updated At:22 Jun, 2022 | 20:02

Improper validation of permissions for third party application accessing Telephony service API can lead to information disclosure in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.15.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Secondary3.16.2MEDIUM
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary2.02.1LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
Type: Primary
Version: 3.1
Base score: 5.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Type: Secondary
Version: 3.1
Base score: 6.2
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 2.1
Base severity: LOW
Vector:
AV:L/AC:L/Au:N/C:P/I:N/A:N
CPE Matches
Qualcomm Technologies, Inc.
qualcomm
>>apq8053_firmware>>-
cpe:2.3:o:qualcomm:apq8053_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8053>>-
cpe:2.3:h:qualcomm:apq8053:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>aqt1000_firmware>>-
cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>aqt1000>>-
cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8953_firmware>>-
cpe:2.3:o:qualcomm:msm8953_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8953>>-
cpe:2.3:h:qualcomm:msm8953:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6390_firmware>>-
cpe:2.3:o:qualcomm:qca6390_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6390>>-
cpe:2.3:h:qualcomm:qca6390:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6391_firmware>>-
cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6391>>-
cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6420_firmware>>-
cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6420>>-
cpe:2.3:h:qualcomm:qca6420:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6426_firmware>>-
cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6426>>-
cpe:2.3:h:qualcomm:qca6426:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6430_firmware>>-
cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6430>>-
cpe:2.3:h:qualcomm:qca6430:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6436_firmware>>-
cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6436>>-
cpe:2.3:h:qualcomm:qca6436:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcm4290_firmware>>-
cpe:2.3:o:qualcomm:qcm4290_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcm4290>>-
cpe:2.3:h:qualcomm:qcm4290:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcs4290_firmware>>-
cpe:2.3:o:qualcomm:qcs4290_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcs4290>>-
cpe:2.3:h:qualcomm:qcs4290:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcs603_firmware>>-
cpe:2.3:o:qualcomm:qcs603_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcs603>>-
cpe:2.3:h:qualcomm:qcs603:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcs605_firmware>>-
cpe:2.3:o:qualcomm:qcs605_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcs605>>-
cpe:2.3:h:qualcomm:qcs605:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qualcomm215_firmware>>-
cpe:2.3:o:qualcomm:qualcomm215_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qualcomm215>>-
cpe:2.3:h:qualcomm:qualcomm215:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd460_firmware>>-
cpe:2.3:o:qualcomm:sd460_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd460>>-
cpe:2.3:h:qualcomm:sd460:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd480_firmware>>-
cpe:2.3:o:qualcomm:sd480_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd480>>-
cpe:2.3:h:qualcomm:sd480:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd662_firmware>>-
cpe:2.3:o:qualcomm:sd662_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd662>>-
cpe:2.3:h:qualcomm:sd662:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd680_firmware>>-
cpe:2.3:o:qualcomm:sd680_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd680>>-
cpe:2.3:h:qualcomm:sd680:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd690_5g_firmware>>-
cpe:2.3:o:qualcomm:sd690_5g_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd690_5g>>-
cpe:2.3:h:qualcomm:sd690_5g:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd695_firmware>>-
cpe:2.3:o:qualcomm:sd695_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd695>>-
cpe:2.3:h:qualcomm:sd695:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd750g_firmware>>-
cpe:2.3:o:qualcomm:sd750g_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd750g>>-
cpe:2.3:h:qualcomm:sd750g:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd765_firmware>>-
cpe:2.3:o:qualcomm:sd765_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd765>>-
cpe:2.3:h:qualcomm:sd765:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd765g_firmware>>-
cpe:2.3:o:qualcomm:sd765g_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd765g>>-
cpe:2.3:h:qualcomm:sd765g:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd768g_firmware>>-
cpe:2.3:o:qualcomm:sd768g_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd768g>>-
cpe:2.3:h:qualcomm:sd768g:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd778g_firmware>>-
cpe:2.3:o:qualcomm:sd778g_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd778g>>-
cpe:2.3:h:qualcomm:sd778g:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-281Primarynvd@nist.gov
CWE ID: CWE-281
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletinproduct-security@qualcomm.com
Vendor Advisory
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/may-2022-bulletin
Source: product-security@qualcomm.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

142Records found
CVE-2019-2343
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 13.49%
||
7 Day CHG~0.00%
Published-25 Jul, 2019 | 16:33
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound read and information disclosure in firmware due to insufficient checking of an embedded structure that can be sent from a kernel driver in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_632sd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdm439sd_636snapdragon_high_med_2016_firmwaremsm8909w_firmwaremsm8996ausd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaresd_425_firmwaresd_665sd_625_firmwaresd_450sd_8cx_firmwaresd_845qcs605sd_632_firmwaresd_835_firmwaresd_835sda660sxr1130_firmwaresd_210_firmwaresxr1130msm8909wsd_665_firmwaresd_205_firmwaresd_212sd_427_firmwaresd_712sd_855sd_730_firmwarequalcomm_215sd_425sdm660sd_430_firmwaresd_710_firmwaresd_435sdm630sd_625sd_210sd_820_firmwaresd_636_firmwaresd_439_firmwarequalcomm_215_firmwaresd_429_firmwaresd_730snapdragon_high_med_2016sd_212_firmwaresd_850_firmwaresdm439_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_8cxsd_427sd_430sd_670sd_435_firmwaresd_710sd_205sdm660_firmwaresd_855_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-2243
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 14.37%
||
7 Day CHG~0.00%
Published-22 Jul, 2019 | 13:47
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow at the end of iterating loop while getting the version info and lead to information disclosure. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_632sd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdm439mdm9650sd_636sd_615_firmwaremsm8909w_firmwaremsm8996ausd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_425_firmwaresd_665sd_625_firmwaresd_450sd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sd_210_firmwaresd_415_firmwaremsm8909wsd_665_firmwaresd_616_firmwaresd_205_firmwaresd_415sd_212sd_427_firmwaresd_712sd_855sd_730_firmwaresd_616sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_615sd_710_firmwaresdm630sd_625sd_210mdm9607sd_636_firmwaresd_820_firmwaresd_439_firmwaresd_429_firmwaresd_730sd_212_firmwaresd_850_firmwaresdm439_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_427sd_430sd_670sd_435_firmwaresd_710sd_205sdm660_firmwaresd_855_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-9693
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 11.60%
||
7 Day CHG~0.00%
Published-30 Mar, 2018 | 21:00
Updated-17 Sep, 2024 | 00:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The length of attribute value for STA_EXT_CAPABILITY in __wlan_hdd_change_station in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-06 being less than the actual lenth of StaParams.extn_capability results in a read for extra bytes when a memcpy is done from params->ext_capab to StaParams.extn_capability using the sizeof(StaParams.extn_capability).

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2019-2295
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.10% / 26.45%
||
7 Day CHG~0.00%
Published-21 Nov, 2019 | 14:38
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Information disclosure due to lack of address range check done on the SysDBG buffers in SDI code. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, MDM9205, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8998, Nicobar, QCS404, QCS405, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, Snapdragon_High_Med_2016, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm632_firmwaresdm845sdm450_firmwaresdm632sdm439qcs404_firmwaresdm429msm8940_firmwaresnapdragon_high_med_2016_firmwareapq8009_firmwaremsm8917sdm670qcs605_firmwaresdm670_firmwareqcs404sdm636sda845_firmwaremdm9205qcs605msm8937_firmwaresdm429_firmwaremsm8905_firmwaresda660sxr1130_firmwaresxr1130apq8009msm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaremsm8998_firmwaresdm660msm8920_firmwaresdm630qcs405sdm710qm215apq8017_firmwaresdm710_firmwaremsm8937msm8905snapdragon_high_med_2016msm8909sdm439_firmwareqcs405_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwareqm215_firmwaremsm8940apq8053msm8953_firmwaremsm8917_firmwaremsm8998sdm850apq8017nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-22075
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.2||MEDIUM
EPSS-0.07% / 22.45%
||
7 Day CHG~0.00%
Published-07 Mar, 2023 | 04:43
Updated-03 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Information Exposure in Graphics

Information Disclosure in Graphics during GPU context switch.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresa6150p_firmwareqcs610qca8337sdx65wcn3950_firmwaresa8150p_firmwareqcs2290qca6595au_firmwaresa6155qca6335msm8917csra6620_firmwareqcs605_firmwareapq8076sd_675_firmwarecsra6640_firmwareqcs6125_firmwaresd632msm8108wcn3998msm8108_firmwareqam8295pwcn3950sm4125sd720gmdm9628mdm9206_firmwaresd_8_gen1_5g_firmwarewcn3660bsd710_firmwaresd460_firmwaresm7315_firmwarewcn7850qca6574au_firmwarewcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwaremsm8909wapq8009w_firmwareqca6420sdx20msd680_firmwareqca9367_firmwareqrb5165_firmwaresa4155p_firmwareqcs6125sa8155_firmwareapq8056_firmwaresd662_firmwareqcs405qca6430wcd9340sd626_firmwaresd765gqualcomm215_firmwaresw5100sd680qca6436wcn6851sa6155pwcn7851_firmwaremsm8209_firmwaremdm9250_firmwarewcd9341qca6696_firmwaresd870_firmwaresd750gwcn3910_firmwaresxr2150p_firmwaresa8150pwsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwaresnapdragon_4_gen_1wcn3988sd660_firmwarewcn7850_firmwaresa8195p_firmwaresm8475msm8208_firmwareqcn7606_firmwarewcn6750_firmwaresa8295p_firmwarewcn3610pq8052_firmwaremsm8608wcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwaresdm429wsw5100pmsm8996au_firmwarewcd9330sd625_firmwareqca6564ausdx55m_firmwarewcn6856_firmwaremsm8976_firmwareqca6574sd632_firmwaresd670_firmwarewcd9380qualcomm215qcs410sd690_5g_firmwaresdx50m_firmwaresdx24_firmwaresd626qca6430_firmwarewcd9335_firmwaresd439_firmwarewcn3980qca6335_firmwareqcs605wcd9340_firmwarewsa8815pq8052wcn6850wcn3910msm8956_firmwareqca6320mdm9650_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680sd695sd835wcn3980_firmwaresd730wcd9330_firmwaresdx55mqcc5100_firmwaresa8295pwcn6740_firmwaresd821_firmwaresd678_firmwareapq8064au_firmwarear8031_firmwarewcn3680_firmwareqrb5165wcn6851_firmwaresd670sd_636_firmwareqca6564a_firmwareapq8009wmsm8976sg_firmwareqcm4290_firmwaresd480sd870wcn6855sw5100p_firmwaresd210_firmwareqcs610_firmwareqsm8250sa6145psd695_firmwaresdxr1ar8031apq8096auqcs405_firmwaresa8145psdm630_firmwaresd820_firmwareqca6391_firmwaresa4150p_firmwarewcd9370_firmwaresd780g_firmwaresdx55sd888_firmwaresa8155pcsra6640sd675sd439qcs8155_firmwaresa4155psxr2150par8035_firmwareqsm8250_firmwareqcn7606qcm2290wcn3991_firmwaremdm9150_firmwarewsa8830sd678sa8145p_firmwareqcs2290_firmwaremdm9628_firmwaresnapdragon_4_gen_1_firmwaremdm9650sd_636csra6620qcs4290mdm9250sd765g_firmwareqca6420_firmwareqca6390_firmwareapq8009_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwaresd625qca6564qca6426qca6584au_firmwarewcn3990_firmwareqrb5165n_firmwareapq8076_firmwareqca9377sdw2500_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwaresd662qam8295p_firmwaresa8155qca6320_firmwarewcn3680b_firmwaresdx55_firmwarewcn3615qca6595ausm7250p_firmwarewcn3610_firmwareqca6436_firmwareqrb5165nqca6564au_firmwareqca6584ausd778gsa6155p_firmwaremsm8208qca6310qcs8155wcn7851sd429sa515m_firmwareqcs6490sdxr2_5gqca9367sdm630mdm9607_firmwaresd821msm8976sgwcn3988_firmwareqcn9074sd205sd429_firmwaresa6145p_firmwaresd778g_firmwaresm6250sa8195papq8017_firmwarewsa8810_firmwaresd765_firmwarewcd9326wcd9335qca8081qca6174a_firmwareqcs4290_firmwarewcd9385qcs6490_firmwareqca6390wcd9375sd750g_firmwareaqt1000msm8956msm8976sm6250_firmwarear8035apq8064aumsm8952apq8056msm8917_firmwaresda429wsd210wcn3620_firmwaresdx20_firmwarewsa8815_firmwaresd888_5g_firmwaresd820qcm6490wcn6850_firmwarewsa8835_firmwarewcn3620apq8017qcx315qca6564asa4150pqcm6125_firmwareqcm2290_firmwarewcn3990sd_675sd780gsd865_5gqcc5100sdx24sd888msm8952_firmwaremsm8909w_firmwareqcx315_firmwarewsa8835msm8996ausdm429w_firmwaresd665_firmwaresd888_5gqca6574amdm9206wcn6855_firmwareqca6174asm7325pqca6310_firmwarewcn6750sa515mqca6574_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665sd765qca6574a_firmwaresd768g_firmwaremsm8209sm7315apq8009sd460qca6391sdxr1_firmwareaqt1000_firmwaresdx65_firmwareqcm4290qcm6490_firmwaresdx50msdx20sd480_firmwareqca6574ausd710sa8155p_firmwaremdm9607sd205_firmwarewcd9341_firmwaresdx20m_firmwareqcm6125wsa8810mdm9150wcn6856wcn3680bsd835_firmwareqca6564_firmwaresd768gwcn6740qca6696sd845_firmwaremsm8608_firmwaresdw2500sa6150papq8096au_firmwaresd845sm7250psd720g_firmwaresw5100_firmwareqcn9074_firmwareqcs410_firmwareSnapdragon
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2019-2275
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 14.37%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 17:11
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While deserializing any key blob during key operations, buffer overflow could occur exposing partial key information if any key operations are invoked(Depends on CVE-2018-13907) in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS404, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632sd_820amsm8996au_firmwaresd_439sd_670_firmwaresd_429sdm439qcs404_firmwaremdm9650sd_636snapdragon_high_med_2016_firmwaremsm8909w_firmwaremsm8996ausd_820sd_650sd_450_firmwaresd_845_firmwaresd_410sd_820a_firmwareqcs605_firmwaremdm9206sd_652sd_425_firmwareqcs404sd_625_firmwaresd_450sd_8cx_firmwaremdm9205mdm9206_firmwaresd_845qcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sxr1130_firmwaresd_210_firmwaresd_652_firmwaresxr1130msm8909wsd_205_firmwaresd_212sd_650_firmwaresd_427_firmwaresd_712sd_855sd_412qualcomm_215sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_710_firmwaresdm630sd_625sd_820_firmwaresd_210mdm9607sd_636_firmwaresd_439_firmwarequalcomm_215_firmwaremdm9150sd_429_firmwaresnapdragon_high_med_2016sd_212_firmwaresd_850_firmwaresdm439_firmwaresd_412_firmwaresd_712_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwaresd_8cxsd_430sd_427sd_670sd_435_firmwaresd_710sd_410_firmwaresd_205sdm660_firmwaresd_855_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-18319
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 15.73%
||
7 Day CHG~0.00%
Published-03 Jan, 2019 | 15:00
Updated-05 Aug, 2024 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Information leak in UIM API debug messages in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_427_firmwaremdm9635m_firmwaresd_412sd_415sd_616sd_425sd_430_firmwaremdm9607_firmwaresd_435mdm9655_firmwaremdm9650sd_615sd_650_firmwaresd_625sd_615_firmwaresnapdragon_high_med_2016_firmwaremsm8909w_firmwaremdm9607sd_210mdm9645mdm9645_firmwaresd_650mdm9625_firmwaresd_820_firmwaresd_820sd_450_firmwaresd_800sd_410mdm9206sd_652sd_425_firmwaresnapdragon_high_med_2016sd_212_firmwaresd_800_firmwaresd_625_firmwaresd_450mdm9655sd_412_firmwaremdm9635mmdm9615mdm9625mdm9206_firmwaresd_427sd_430sd_810sd_435_firmwaremdm9615_firmwaremdm9650_firmwaresd_835_firmwaresd_410_firmwaresd_835sd_205sd_210_firmwaresd_415_firmwaresd_652_firmwaremsm8909wsd_810_firmwaresd_616_firmwaresd_205_firmwaresd_212Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-320
Not Available
CVE-2017-18323
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 15.73%
||
7 Day CHG~0.00%
Published-03 Jan, 2019 | 15:00
Updated-05 Aug, 2024 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cryptographic key material leaked in TDSCDMA RRC debug messages in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDX20, SXR1130.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9635m_firmwaremdm9640_firmwaresd_820amsm8996au_firmwaresd_670_firmwaremdm9650sd_615_firmwaremsm8909w_firmwaremsm8996aumdm9645sd_650sd_820sd_450_firmwaresd_845_firmwaresd_410sd_820a_firmwaremdm9206sd_652sd_425_firmwaresd_625_firmwaresd_450mdm9635mmdm9615sd_845mdm9206_firmwaremdm9640sd_835_firmwaremdm9650_firmwaresxr1130._firmwaresd_835sda660sd_210_firmwaresd_415_firmwaresd_652_firmwaremsm8909wsd_616_firmwaresd_205_firmwaresd_415sd_650_firmwaresd_212sd_712sd_412sdx20sd_616sd_425sd_430_firmwaremdm9607_firmwaresd_615mdm9655_firmwaresd_710_firmwaresd_625sd_210mdm9607sd_820_firmwaremdm9645_firmwaresd_212_firmwaresd_850_firmwaremdm9655sd_412_firmwaresd_712_firmwaresda660_firmwaresd_430sd_670mdm9615_firmwaresd_710sd_410_firmwaresdx20_firmwaresd_205sxr1130.Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-320
Not Available
CVE-2017-18307
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.07% / 22.08%
||
7 Day CHG+0.02%
Published-26 Nov, 2024 | 13:56
Updated-09 Jan, 2025 | 20:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Information Exposure in Kernel

Information disclosure possible while audio playback.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_820asd_845sd_625_firmwaresd_820sd_625sd_850sd_820a_firmwaresd_835_firmwaresd_450_firmwaresd_820_firmwaresd_835sd_450sd_850_firmwaresd_845_firmwareSnapdragonsd_820a_firmwaresd_835_firmwaresd_850_firmwaresd_450_firmwaresd_845_firmwaresd_625_firmwaresd_820_firmware
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-18321
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 15.73%
||
7 Day CHG~0.00%
Published-03 Jan, 2019 | 15:00
Updated-05 Aug, 2024 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Security keys used by the terminal and NW for a session could be leaked in snapdragon mobile in versions MDM9650, MDM9655, SD 835, SDA660.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_835_firmwaremdm9655_firmwaremdm9650_firmwaremdm9655sd_835sda660sda660_firmwaremdm9650Snapdragon Mobile
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-18306
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.07% / 22.08%
||
7 Day CHG+0.02%
Published-26 Nov, 2024 | 13:56
Updated-09 Jan, 2025 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Information Exposure in Camera Driver

Information disclosure due to uninitialized variable.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_820asd_845sd_625_firmwaresd_820sd_625sd_850sd_820a_firmwaresd_835_firmwaresd_450_firmwaresd_820_firmwaresd_835sd_450sd_850_firmwaresd_845_firmwareSnapdragonsd_820a_firmwaresd_835_firmwaresd_850_firmwaresd_450_firmwaresd_845_firmwaresd_625_firmwaresd_820_firmware
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-908
Use of Uninitialized Resource
CVE-2017-18322
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 15.73%
||
7 Day CHG~0.00%
Published-03 Jan, 2019 | 15:00
Updated-05 Aug, 2024 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cryptographic key material leaked in WCDMA debug messages in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_427_firmwaremdm9635m_firmwaremdm9640_firmwaresd_412sd_415sd_616sd_425sd_430_firmwaremdm9607_firmwaresd_435mdm9655_firmwaremdm9650sd_615sd_650_firmwaresd_625sd_615_firmwaresnapdragon_high_med_2016_firmwaremsm8909w_firmwaremdm9607sd_210mdm9645mdm9645_firmwaresd_650mdm9625_firmwaresd_820_firmwaresd_820sd_450_firmwaresd_800sd_410mdm9206sd_652sd_425_firmwaresnapdragon_high_med_2016sd_212_firmwaresd_800_firmwaresd_625_firmwaresd_450mdm9655sd_412_firmwaremdm9635mmdm9615mdm9625mdm9206_firmwaresd_427sd_430sd_810sd_435_firmwaremdm9615_firmwaremdm9650_firmwaresd_835_firmwaresd_410_firmwaresd_835sd_205sd_210_firmwaresd_415_firmwaresd_652_firmwaremsm8909wsd_810_firmwaresd_616_firmwaresd_205_firmwaresd_212mdm9640Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2021-30331
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 14.37%
||
7 Day CHG~0.00%
Published-01 Apr, 2022 | 04:40
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow due to improper data validation of external commands sent via DIAG interface in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055qca9377_firmwaremdm9150_firmwarewcn3991_firmwaresd678wsa8830sm6250p_firmwareqcs610qcs2290_firmwarefsm10056qca8337mdm9650sdx65fsm10055_firmwareqcs4290wcn3950_firmwaresd765g_firmwareqcs2290qca6390_firmwaresd690_5gsd730_firmwarewcd9370sd_675_firmwaresd675_firmwareqcs6125_firmwareqca6426wcn3990_firmwareqca9377wcn3998wcd9385_firmwaresdxr2_5g_firmwarewcn3950sd720gsd_8_gen1_5g_firmwaresm6375_firmwaresd662sd460_firmwaresdx55_firmwarewcd9375_firmwareqca8081_firmwarewcn3998_firmwaresm7250p_firmwareqca6436_firmwaresd778gsm6225qcs6490sdxr2_5gqcs6125sd662_firmwarewcn3988_firmwaresm6250sd778g_firmwarewsa8810_firmwaresd765gsw5100sd765_firmwarefsm10056_firmwareqca6436wcn6851wcd9335qca8081qca6174a_firmwareqcs4290_firmwarewcd9385wcd9341qcs6490_firmwaresd750gsd870_firmwareqca6390ar8035sd750g_firmwarewcd9375wcn3910_firmwaresm6250_firmwarewsa8830_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwareqcx315sm8475wcn6750_firmwareqcm6125_firmwareqcm2290_firmwaresm6375wcn3991qca8337_firmwarewcd9380_firmwarewcn3990sd_675sw5100psd865_5gsdx55m_firmwarewcn6856_firmwarewsa8835qcx315_firmwaresd665_firmwarewcd9380sd888_5gsm6250pqcs410sd690_5g_firmwarewcn6855_firmwareqca6174asm7325pwcd9335_firmwarewcn3980wcn6750wsa8815sm7325p_firmwaresd665wcn3910wcn6850mdm9650_firmwaresd765qca6426_firmwaresd768g_firmwarewcn3980_firmwaresd460sd730qca6391sdx55msdx65_firmwaresd678_firmwareqcm4290qcm6490_firmwaresd480_firmwarewcn6851_firmwaresm6225_firmwarewcd9341_firmwareqcm6125qcm4290_firmwaresd480sd870wcn6855wsa8810sw5100p_firmwareqcs610_firmwaremdm9150wcn6856sd768gqca6391_firmwarewcd9370_firmwaresdx55sd675sm7250psd720g_firmwaresw5100_firmwareqcs410_firmwarear8035_firmwareqcm2290Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2017-18281
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 6.17%
||
7 Day CHG~0.00%
Published-29 Oct, 2018 | 18:00
Updated-05 Aug, 2024 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A bool variable in Video function, which gets typecasted to int before being read could result in an out of bound read access in all Android releases from CAF using the linux kernel

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-18324
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 15.73%
||
7 Day CHG~0.00%
Published-03 Jan, 2019 | 15:00
Updated-05 Aug, 2024 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cryptographic key material leaked in debug messages - GERAN in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, SD 855, SDX24, Snapdragon_High_Med_2016.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9635m_firmwaresdx24mdm9650sd_615_firmwaresnapdragon_high_med_2016_firmwaremsm8909w_firmwaresd_820mdm9645sd_650sd_450_firmwaresd_410mdm9206sd_652sd_425_firmwaresd_800_firmwaresdx24_firmwaresd_625_firmwaresd_450mdm9635mmdm9615mdm9206_firmwaresd_835_firmwaremdm9650_firmwaresd_835sd_210_firmwaresd_415_firmwaresd_652_firmwaremsm8909wsd_616_firmwaresd_205_firmwaresd_415sd_650_firmwaresd_212sd_427_firmwaresd_855sd_412sd_616sd_425sd_430_firmwaremdm9607_firmwaresd_435mdm9655_firmwaresd_615sd_625sd_210mdm9607sd_820_firmwaremdm9645_firmwaremdm9625_firmwaresd_800snapdragon_high_med_2016sd_212_firmwaremdm9655sd_412_firmwaremdm9625sd_427sd_430sd_810sd_435_firmwaremdm9615_firmwaresd_410_firmwaresd_205sd_810_firmwaresd_855_firmwareSnapdragon Mobile, Snapdragon Wear
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-18326
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 15.73%
||
7 Day CHG~0.00%
Published-03 Jan, 2019 | 15:00
Updated-05 Aug, 2024 | 21:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Cryptographic keys are printed in modem debug messages in snapdragon mobile and snapdragon wear in versions MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 800, SD 810, SD 820, SD 835, SDA660, SDM630, SDM660, Snapdragon_High_Med_2016.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9635m_firmwaremdm9640_firmwaremdm9650sd_636sd_615_firmwaresnapdragon_high_med_2016_firmwaremsm8909w_firmwaresd_820mdm9645sd_650sd_450_firmwaresd_410sd_652sd_425_firmwaresd_800_firmwaresd_625_firmwaresd_450mdm9635mmdm9615sd_835_firmwaremdm9650_firmwaresd_835sda660sd_210_firmwaresd_415_firmwaresd_652_firmwaremsm8909wsd_616_firmwaresd_205_firmwaresd_415sd_650_firmwaresd_212sd_427_firmwaresd_412sd_616sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435mdm9655_firmwaresd_615sdm630sd_625sd_210mdm9607sd_636_firmwaresd_820_firmwaremdm9645_firmwaremdm9625_firmwaresd_800snapdragon_high_med_2016sd_212_firmwaremdm9655sd_412_firmwaresdm630_firmwaresda660_firmwaremdm9625sd_427sd_430sd_810sd_435_firmwaremdm9615_firmwaresd_410_firmwaresd_205sd_810_firmwaresdm660_firmwaremdm9640Snapdragon Mobile, Snapdragon Wear
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2017-15844
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.02% / 4.89%
||
7 Day CHG~0.00%
Published-18 Sep, 2018 | 18:00
Updated-05 Aug, 2024 | 20:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing the function for writing device values into flash, uninitialized memory can be written to flash.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-15824
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 12.42%
||
7 Day CHG~0.00%
Published-06 Jul, 2018 | 17:00
Updated-17 Sep, 2024 | 02:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, the function UpdateDeviceStatus() writes a local stack buffer without initialization to flash memory using WriteToPartition() which may potentially leak memory.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2017-14893
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 12.42%
||
7 Day CHG~0.00%
Published-06 Jul, 2018 | 17:00
Updated-16 Sep, 2024 | 22:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While flashing meta image, a buffer over-read may potentially occur when the image size is smaller than the image header size or is smaller than the image header size + total image header entry in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-14872
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 12.42%
||
7 Day CHG~0.00%
Published-06 Jul, 2018 | 17:00
Updated-16 Sep, 2024 | 22:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While flashing a meta image, a buffer over-read can potentially occur when the number of images are out of the maximum range of 32 in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-27072
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.01% / 3.13%
||
7 Day CHG~0.00%
Published-06 Aug, 2025 | 07:26
Updated-18 Aug, 2025 | 18:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input in Automotive Vehicle Networks

Information disclosure while processing a packet at EAVB BE side with invalid header length.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qam8295p_firmwaresa8255p_firmwareqca6698aqsa8770p_firmwareqca6688aq_firmwaresa8770psrv1msa8155pqca6688aqqam8255psa6155_firmwaresa7775p_firmwareqam8620pqca6574asrv1h_firmwaresa8150psa8650pqamsrv1m_firmwaresa6150p_firmwaresa8620psa8155p_firmwaresa7775pqam8255p_firmwaresa9000pqca6696sa8145p_firmwaresa6145pqam8775psrv1hsa6150psa8195psa9000p_firmwareqamsrv1hqca6696_firmwaresrv1lqca6574au_firmwareqca6698aq_firmwaresa8540psa8540p_firmwaresa8650p_firmwaresrv1m_firmwareqam8650pqamsrv1h_firmwaresa6145p_firmwareqam8650p_firmwareqca6574ausa8155srv1l_firmwareqca6574a_firmwareqca6595_firmwaresa6155qam8775p_firmwareqca6595ausa8775psa8255psa6155p_firmwareqca6595au_firmwaresa8150p_firmwaresa8145pqam8295psa7255psa8295psa8295p_firmwareqam8620p_firmwaresa7255p_firmwareqca6595sa8195p_firmwaresa8155_firmwareqamsrv1msa8620p_firmwaresa6155psa8775p_firmwareSnapdragon
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-20775
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.01% / 0.64%
||
7 Day CHG~0.00%
Published-17 Apr, 2020 | 13:38
Updated-05 Aug, 2024 | 02:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on LG mobile devices with Android OS 9.0 (Qualcomm SDM450, SDM845, SM6150, and SM8150 chipsets) software. Weak encryption leads to local information disclosure. The LG ID is LVE-SMP-190010 (August 2019).

Action-Not Available
Vendor-n/aQualcomm Technologies, Inc.Google LLC
Product-sm6150sm8150androidsdm450sdm845n/a
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2025-21431
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 10.37%
||
7 Day CHG~0.00%
Published-07 Apr, 2025 | 10:15
Updated-19 Aug, 2025 | 16:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Time-of-check Time-of-use (TOCTOU) Race Condition in Automotive OS Platform

Information disclosure may be there when a guest VM is connected.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa7775psa8620psrv1h_firmwaresa7255pqca6595au_firmwaresa8540p_firmwareqamsrv1m_firmwaresa6145p_firmwaresa8255psa6155p_firmwaresa8195pqca6698aqsa8295psa8145p_firmwaresa8155_firmwaresa8295p_firmwaresa8150psa8775psa6150p_firmwareqam8295p_firmwareqam8620pqca6574au_firmwaresa8145pqamsrv1msa6155_firmwaresa8540psa8770psa6150psrv1m_firmwareqca6696qamsrv1h_firmwareqca6574ausa8775p_firmwareqca6595_firmwareqca6688aq_firmwareqam8295psa6155srv1l_firmwareqca6696_firmwaresa8770p_firmwaresa6155psa8155qca6595auqca6574a_firmwaresrv1hqca6688aqsa6145pqca6574aqamsrv1hqca6595qam8775pqam8255pqam8650p_firmwaresa8255p_firmwareqam8620p_firmwaresa9000psa7255p_firmwaresa8620p_firmwaresrv1lsa8650psa8155p_firmwaresa9000p_firmwaresa8155pqam8775p_firmwaresa8650p_firmwareqam8255p_firmwaresa7775p_firmwareqca6698aq_firmwaresa8150p_firmwaresrv1mqam8650psa8195p_firmwareSnapdragon
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2025-21433
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.2||MEDIUM
EPSS-0.02% / 6.44%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 12:48
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NULL Pointer Dereference in SPS-HLOS

Transient DOS when importing a PKCS#8-encoded RSA private key with a zero-sized modulus.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1010_firmwaresdm429w_firmwaresd865_5gsnapdragon_632_mobilesm8735qca6595qca8081_firmwaresnapdragon_670_mobileqam8620p_firmwarewcn7880_firmwarewcd9340_firmwaresa8530pwcd9395_firmwareqcn6024wcn7750qcc710_firmwareqca6426snapdragon_8\+_gen_1_mobilefastconnect_6700wcn3610sa4150psnapdragon_427_mobile_firmwaresnapdragon_782g_mobile_firmwarewsa8832_firmwareqca8337qca6426_firmwarewcd9395snapdragon_665_mobile_firmwareqca6574au_firmwareqcn7606_firmwaresnapdragon_x72_5g_modem-rfsm6370qam8295pwcd9341sd626_firmwaresnapdragon_888\+_5g_mobile_firmwarewsa8810_firmwaresd730_firmwarewsa8845h_firmwaresa9000p_firmwarewcn3660_firmwareqcs9100fastconnect_6800_firmwareqcs5430wcn7860qcm5430_firmwarevideo_collaboration_vc1_platform_firmwaresa4155psa8770psnapdragon_678_mobile_firmwaresnapdragon_425_mobilesnapdragon_632_mobile_firmwaresa8540pqsm8350_firmwarevideo_collaboration_vc1_platformqep8111sm8635sa7255psnapdragon_730_mobile_firmwarewcd9385_firmwareqca6421vision_intelligence_200snapdragon_680_4g_mobilesa6155psnapdragon_429_mobile_firmwareqam8650pvideo_collaboration_vc5_platform_firmwaresa9000psnapdragon_888_5g_mobile_firmwaresxr2250p_firmwaresnapdragon_662_mobile_firmwaresnapdragon_685_4g_mobile_firmwaresa6155p_firmwaresnapdragon_ar1_gen_1qca6698ausnapdragon_x55_5g_modem-rfsnapdragon_4_gen_2_mobile_firmwareqca6436_firmwaresnapdragon_695_5g_mobile_firmwaresnapdragon_x55_5g_modem-rf_firmwaresnapdragon_7c\+_gen_3_compute_firmwaresm4125_firmwaresnapdragon_x62_5g_modem-rf_firmwareqca6420wcn3910wcn3660bqca6574asm7635p_firmwaresnapdragon_x72_5g_modem-rf_firmwarewcn3620_firmwareqca6174awcd9340qcs8250_firmwareqcm2290qdu1210talynplussnapdragon_auto_5g_modem-rf_gen_2sm8550p_firmwaresxr2250pqcm8550wcn3988snapdragon_765_5g_mobile_firmwareqcn9024qca6574215_mobileqca6698au_firmwareqamsrv1hsm8650qqcm2290_firmwarevision_intelligence_100snapdragon_765g_5g_mobile_firmwarehome_hub_100sa8155pwsa8830smart_display_200_firmwaresm8550psa6145psnapdragon_625_mobile_firmwaresa8255p_firmwaresm7635_firmwaresnapdragon_4_gen_2_mobilewcn7750_firmwareqrb5165m_firmwaresa8650p_firmwaresm7635pwcn3620wcn6450_firmwaresrv1l_firmwareqcs9100_firmwaresnapdragon_865\+_5g_mobile_firmwaresnapdragon_429_mobilewcn3950_firmwareqrb5165nfastconnect_6200sm7325p_firmwarewcd9378snapdragon_480_5g_mobile_firmwaresm8635p_firmwaresm6650p_firmwareqdx1011snapdragon_710_mobile_firmwarevideo_collaboration_vc3_platform_firmwaresd670_firmwaresnapdragon_8_gen_3_mobilesnapdragon_855_mobileqcn6224_firmwarevision_intelligence_100_firmwareqca6431sdx61_firmwaresnapdragon_480_5g_mobilesnapdragon_750g_5g_mobile_firmwareqca9379_firmwaresrv1lsxr2130_firmwaresm7675psrv1msnapdragon_860_mobile_firmwarear8035_firmwaresnapdragon_778g\+_5g_mobileqrb5165msc8380xpsd888_firmwaresnapdragon_x62_5g_modem-rfqcs6125_firmwarewsa8815_firmwareqca8337_firmwaresnapdragon_665_mobilesm7250p_firmwaresm4635_firmwarewcn3680_firmwarewcn3950snapdragon_730g_mobile_firmwaresm8750qca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaretalynplus_firmwaresnapdragon_778g\+_5g_mobile_firmwareapq8037smart_audio_400_firmwaresa8295p_firmwaresa4155p_firmwaresnapdragon_720g_mobilesm7250psa8155sd888wcn6755_firmwareqru1062_firmwaresnapdragon_675_mobile_firmwaresnapdragon_768g_5g_mobilesc8380xp_firmwareqru1062sd626fastconnect_6800qcs7230pm8937snapdragon_865_5g_mobile_firmwarefastconnect_6900_firmwarerobotics_rb5_firmwareqmp1000_firmwarewcn7880sxr2330pwcn6755wcn7881video_collaboration_vc3_platformqcm2150_firmware215_mobile_firmwareqca6431_firmwareqca6698aq_firmwareqcs2290qcn7606qcs2290_firmwaresnapdragon_xr2\+_gen_1_firmwarewcn3615wcn3680sa8255pqcs7230_firmwarewcd9390_firmwareqep8111_firmwareqcs615_firmwareqca6430snapdragon_855\+_mobilesnapdragon_765_5g_mobilesnapdragon_860_mobileqdx1011_firmwaresm8750_firmwareflight_rb5_5g_firmwaressg2125pqru1052snapdragon_x65_5g_modem-rf_firmwarecsra6640_firmwareqamsrv1mwcn7861qam8650p_firmwarevideo_collaboration_vc5_platformqca6420_firmwareqcs6490_firmwaresm6650_firmwareqam8620pwcd9335_firmwareqrb5165n_firmwareqca6436sd855_firmwarewcn3980_firmwarewsa8835wsa8840_firmwareqca6391_firmwareqdu1010_firmwareqcs4290_firmwaresnapdragon_430_mobile_firmwareqcs8300csra6620qca8081wsa8815qam8775psnapdragon_ar2_gen_1_firmwareqcm4325_firmwaresnapdragon_439_mobile_firmwaresnapdragon_720g_mobile_firmwareqcm4290_firmwaresnapdragon_ar1_gen_1_firmwaresnapdragon_710_mobileqcn9274_firmwareqcs5430_firmwaresnapdragon_x32_5g_modem-rfsg4150p_firmwareqru1052_firmwarecsra6620_firmwareqcs8550snapdragon_626_mobilesa8650pqam8775p_firmwaresd865_5g_firmwaresm8750p_firmwaresnapdragon_xr1wcd9375snapdragon_ar2_gen_1sa8145psnapdragon_8\+_gen_1_mobile_firmwaresmart_display_200sm7675p_firmwareqdx1010wcn3680b_firmwaresnapdragon_8_gen_1_mobile_firmwareqcm8550_firmwareapq8017sw5100psxr1120sa6150p_firmwarewcn6650wcd9335wcd9370qca6696wcd9341_firmwaresxr2330p_firmwarewcn7881_firmwarewcn6450wcn6740_firmwaresnapdragon_780g_5g_mobilesnapdragon_750g_5g_mobilevision_intelligence_200_firmwaresnapdragon_685_4g_mobilesnapdragon_x50_5g_modem-rf_firmwareqdu1110snapdragon_690_5g_mobile_firmwareqca6574auwcd9390sa8620p_firmwarepm8937_firmwarecsra6640snapdragon_778g_5g_mobile_firmwaresrv1hsm8650q_firmwarewcn3660b_firmwaresd730snapdragon_690_5g_mobileqcn6024_firmwareqcm5430snapdragon_625_mobileqcm6125_firmwaressg2115pqcc710snapdragon_x32_5g_modem-rf_firmwaresnapdragon_xr2_5g_firmwaresnapdragon_xr1_firmwaresxr1120_firmwarefastconnect_6900robotics_rb2snapdragon_w5\+_gen_1_wearable_firmwareqru1032_firmwareqfw7114qam8255p_firmwaresa8155_firmwaresdx61snapdragon_x65_5g_modem-rfqcs4490snapdragon_730_mobilewsa8845snapdragon_626_mobile_firmwareqca6421_firmwareqcm6125wsa8810qdu1000_firmwaresrv1h_firmwareqca6595ausnapdragon_888_5g_mobilesm7315_firmwareqdu1010wcd9326_firmwarewsa8840srv1m_firmwareqcs8550_firmwaresnapdragon_730g_mobilesnapdragon_782g_mobilesnapdragon_x35_5g_modem-rf_firmwareqdu1210_firmwaresnapdragon_8_gen_2_mobile_firmwareqfw7124_firmwaresm8750pqcn9012qcs4490_firmwarewcn3910_firmwaresm8635psnapdragon_460_mobilesnapdragon_8_gen_2_mobileqmp1000wcd9370_firmwarerobotics_rb2_firmwareqdu1110_firmwareqdu1000sa7255p_firmwaresnapdragon_8\+_gen_2_mobilesa8195pqcm6490sa8540p_firmwaresm6370_firmwaresnapdragon_662_mobileqcn9274qca9379sa8775psxr2230p_firmwaresnapdragon_855_mobile_firmwareqca6430_firmwareqcn9011sa8775p_firmwaresmart_audio_400qcn9024_firmwarewsa8845hwcd9326sa6150psa8155p_firmwaresnapdragon_768g_5g_mobile_firmwaresm7675_firmwarear8035qamsrv1m_firmwaresa6155qcm4325qcn6224qcs615snapdragon_435_mobile_firmwareqca6698aqssg2125p_firmwaresm6250sm7635sa7775p_firmwaresa8530p_firmwaresnapdragon_480\+_5g_mobilesd670wcn3680bsa8145p_firmwaresa8150p_firmwarefastconnect_6700_firmwarewcn3990snapdragon_x75_5g_modem-rf_firmwareqcs6490snapdragon_695_5g_mobileqcs8250snapdragon_778g_5g_mobilefastconnect_6200_firmwarehome_hub_100_firmwaresnapdragon_460_mobile_firmwarewsa8830_firmwareqca6678aq_firmwarewsa8845_firmwarewsa8832wcd9378_firmwareqca6678aqsnapdragon_x35_5g_modem-rfwcn7860_firmwaresa4150p_firmwaresm4635snapdragon_425_mobile_firmwaresc8280xp-abbbsa8195p_firmwareqcm4290snapdragon_xr2\+_gen_1sg8275p_firmwareqcm6490_firmwaresm4125qcm4490_firmwareqru1032qcs6125flight_rb5_5gsnapdragon_870_5g_mobile_firmwaresnapdragon_7c\+_gen_3_computesnapdragon_732g_mobilesnapdragon_870_5g_mobilesnapdragon_678_mobilesm6250_firmwareqca6584auqcn6274_firmwaresnapdragon_435_mobileqcn9011_firmwaresw5100_firmwarewcn6740wcn6650_firmwaresnapdragon_780g_5g_mobile_firmwaresnapdragon_8_gen_3_mobile_firmwareqfw7114_firmwareqca6595_firmwarefastconnect_7800_firmwaresnapdragon_675_mobilesm8635_firmwareapq8017_firmwarewcd9380sa6145p_firmwareqam8255psxr2230psa6155_firmwaresnapdragon_450_mobile_firmwaresnapdragon_xr2_5gsa8150psxr1230pwcn3660sm6650sw5100aqt1000snapdragon_4_gen_1_mobile_firmwaresm6650pqca6688aqqam8295p_firmwaresd855wcn3990_firmwaresm7315wcd9385snapdragon_888\+_5g_mobileqsm8350snapdragon_8_gen_1_mobilesnapdragon_680_4g_mobile_firmwarewcn3610_firmwareqcs4290sxr1230p_firmwaresnapdragon_865\+_5g_mobilesg8275pwcn3615_firmwaresxr2130qcm4490snapdragon_480\+_5g_mobile_firmwarerobotics_rb5sm7325pqca6174a_firmwarewcn7861_firmwaresnapdragon_732g_mobile_firmwaresnapdragon_x50_5g_modem-rfapq8037_firmwaresnapdragon_670_mobile_firmwareaqt1000_firmwaresdm429wqca6584au_firmwareqcn6274qfw7124qca6595au_firmwareqcs8300_firmwaresw5100p_firmwareqca6696_firmwarewcd9380_firmwareqca6574_firmwaresg4150psd_8_gen1_5gqca6797aqsnapdragon_x75_5g_modem-rfsnapdragon_427_mobilesa8620psnapdragon_4_gen_1_mobileqca6574a_firmwaresnapdragon_450_mobilesnapdragon_865_5g_mobilesnapdragon_855\+_mobile_firmwarewcd9375_firmwaresd_8_gen1_5g_firmwaresa7775pqca6391qcn9012_firmwaresnapdragon_439_mobilesa8770p_firmwaresa8295psm8735_firmwaresc8280xp-abbb_firmwarefastconnect_7800snapdragon_8\+_gen_2_mobile_firmwareqca6688aq_firmwaresnapdragon_765g_5g_mobilewcn3988_firmwaresnapdragon_430_mobilesm7675qamsrv1h_firmwarewsa8835_firmwaressg2115p_firmwarewcn3980qcm2150snapdragon_w5\+_gen_1_wearableSnapdragon
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2025-21472
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.01% / 3.13%
||
7 Day CHG~0.00%
Published-06 Aug, 2025 | 07:25
Updated-18 Aug, 2025 | 18:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Leftover Debug Code in Secure Element

Information disclosure while capturing logs as eSE debug messages are logged.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_6900_firmwareqcs8550sa8530p_firmwarewsa8835_firmwarefastconnect_6900fastconnect_7800_firmwareqca9367wsa8830fastconnect_7800qca9377_firmwaresnapdragon_8_gen_1_mobile_platform_firmwaresa9000p_firmwaresa8530pwcd9380wcd9380_firmwarewsa8830_firmwareqcs8550_firmwareqca9367_firmwarewsa8835sa8540psa8540p_firmwaresa9000pqca9377snapdragon_8_gen_1_mobile_platformSnapdragon
CWE ID-CWE-489
Active Debug Code
CVE-2021-1929
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.2||MEDIUM
EPSS-0.04% / 13.49%
||
7 Day CHG~0.00%
Published-08 Sep, 2021 | 11:25
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of strict validation of bootmode can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830sd678sa6150p_firmwaresm7250sa8145p_firmwareqcs610qcs2290_firmwaresm7250_firmwareqca6431_firmwareqcs4290wcn3950_firmwaresa8150p_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqcs2290qca6390_firmwaresd730_firmwarewcd9370qcs605_firmwaresd_675_firmwaresd675_firmwareqcs6125_firmwareqca6426wcn3990_firmwarewcn3998wcd9385_firmwaresdxr2_5g_firmwarewcn3950wcd9326_firmwaresd720gwcn3615_firmwarewcn3660bsd662sd460_firmwaresa8155qca6574au_firmwaresdx55_firmwareqca6595auwcd9375_firmwarewcn3615wcn3998_firmwarewcn3610_firmwareqca6420qca6436_firmwareqca6564au_firmwaresd778gsa6155p_firmwaresdxr2_5gqcs6125sa8155_firmwaresd662_firmwarewcn3988_firmwareqca6430sa6145p_firmwaresd205qca6421sd778g_firmwaresm6250wcd9340sa8195psdm830_firmwarewsa8810_firmwarequalcomm215_firmwaresd765gsd765_firmwareqca6436wcd9326wcn6851sa6155pqcs603_firmwareqcs4290_firmwarewcd9385wcd9341qca6431qca6696_firmwaresd870_firmwareqca6390wcd9375wcn3910_firmwareaqt1000sa8150psm6250_firmwarewsa8830_firmwaresda429wsd210sd855_firmwaresd865_5g_firmwarewcn3620_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwarewcn3620wsa8815_firmwarewsa8835_firmwaresa8195p_firmwareqca6564awcn6750_firmwarewcn3610qcm6125_firmwareqcm2290_firmwarewcn3991sda429w_firmwarewcd9380_firmwarewcn3990sd_675msm8996au_firmwaresd780gsd865_5gqca6595qca6564ausdx55m_firmwarewcn6856_firmwarewsa8835msm8996ausd665_firmwarewcd9380sd888_5gqualcomm215qca6574asdx50m_firmwaresm7325qca6430_firmwarewcn3980wcn6750qcs605wcd9340_firmwaresd855wsa8815wcn6850sd665wcn3910sd765qca6426_firmwarewcn3660b_firmwarewcn3680qca6574a_firmwaresd768g_firmwarewcn3980_firmwaresd460qca6391sd730sdx55mqca6421_firmwareaqt1000_firmwarewcn6740_firmwaresd678_firmwareqcm4290sdx50mwcn3680_firmwaresd480_firmwareqcs603wcn6851_firmwareqca6574ausa8155p_firmwaresd205_firmwareqca6564a_firmwarewcd9341_firmwareqcm6125qcm4290_firmwaresd480sd870wsa8810sd210_firmwareqcs610_firmwarewcn6856sa6145psd768gapq8096auqca6595_firmwaresa8145pwcn6740qca6696qca6391_firmwaresd780g_firmwarewcd9370_firmwaresa6150psdx55apq8096au_firmwaresa8155psd675sdm830sd720g_firmwareqcm2290sm7325_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CVE-2020-11123
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 13.49%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 10:00
Updated-04 Aug, 2024 | 11:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'information disclosure in gatekeeper trustzone implementation as the throttling mechanism to prevent brute force attempts at getting user`s lock-screen password can be bypassed by performing the standard gatekeeper operations.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM8207, MDM9150, MDM9205, MDM9206, MDM9207, MDM9250, MDM9607, MDM9628, MDM9640, MDM9650, MDM9655, MSM8108, MSM8208, MSM8209, MSM8608, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QM215, QSM8250, QSM8350, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC8180X, SC8180XP, SDA429W, SDA640, SDA660, SDA670, SDA845, SDA855, SDM1000, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM712, SDM830, SDM845, SDM850, SDW2500, SDX24, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaresm7250mdm9640_firmwaresa6150p_firmwaresm6250p_firmwareqcs610sm6125sdm712_firmwaresdm640sdm450_firmwaresdm632sm7250_firmwaremdm9628_firmwaremdm9650qcs4290mdm9250sa8150p_firmwaresa6155apq8009_firmwaresdm712msm8917sdm670sm8350qcs605_firmwaresm6115apq8096sgsm7150psda845_firmwaremsm8108sa415msdw2500_firmwareapq8098msm8108_firmwaresm4250sc8180xpmdm9628sm4125mdm9206_firmwaresda855qsm8350_firmwareqsm8350apq8037sa8155msm8905_firmwaresda660sdx55_firmwaresa6155_firmwaresdm1000msm8909wsm7250p_firmwareapq8009w_firmwaresxr1130apq8053_firmwaresxr2130psda845mdm9207sa6155p_firmwaremsm8208sxr2130p_firmwaresda640mdm8207sdm450sdm636_firmwaresa515m_firmwareapq8098_firmwaremsm8998_firmwaresa8155_firmwaresdm630mdm9607_firmwaresm8250_firmwaremdm9655_firmwaresa415m_firmwareqcs405msm8996sg_firmwaresa6145p_firmwareqm215sc7180_firmwaresm4250_firmwaresm6250sa8195papq8017_firmwaresdm710_firmwaresdm830_firmwaresxr1120sa6155pqcs603_firmwaremsm8937msm8209_firmwaremsm8905sm8350p_firmwaremdm9250_firmwareqcs4290_firmwaresm8150_firmwaremsm8909sm7150p_firmwaresxr2130_firmwaremdm9655sc7180apq8064ausa8150psc8180xp_firmwaresm6250_firmwaremdm9207_firmwaremsm8953_firmwaresm6150_firmwaresda429wmsm8917_firmwaremsm8998sm7225_firmwaresm8150sdm850sa8195p_firmwaresdm640_firmwareapq8017msm8208_firmwaremsm8996sxr1120_firmwaresm6125_firmwaresm8150pmsm8608mdm9640sm6115_firmwaresda429w_firmwareapq8096_firmwaresdm429wmsm8996au_firmwaresdm632_firmwarewcd9330sdm845apq8096sdx24sdx55m_firmwaresdm439sm6150psm6115p_firmwaresdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwareapq8096sg_firmwaresm7150sm6250pqcs410sda640_firmwaresc8180xsxr2130sdx50m_firmwaremdm9206sm8350psdm670_firmwaresdx24_firmwaresdm636sda670sm7225mdm9205sa515mqcs605sm6115psm4125_firmwaresdm455_firmwaremsm8937_firmwaremdm9650_firmwaresdm429_firmwaresxr1130_firmwaremsm8209sda855_firmwareapq8009wcd9330_firmwaremsm8909_firmwaresdx55msm6150p_firmwaresdm455sm6350sm7125sdm850_firmwaresm4250p_firmwaremsm8920msm8953apq8064au_firmwareqcm4290msm8996sgsdx50msm8350_firmwareqcs603sdm660msm8920_firmwaresc8180x_firmwaresm6350_firmwaresa8155p_firmwaresdm710mdm9607apq8009wsda670_firmwareqcm4290_firmwareqcs610_firmwaremdm9150msm8996_firmwareqsm8250sa6145psm4250papq8096ausdm439_firmwareqcs405_firmwaremdm8207_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwaremsm8608_firmwareqm215_firmwaresm7125_firmwaresa6150psdw2500msm8940apq8053apq8096au_firmwaresa8155psdx55sm8150p_firmwaresm8250apq8037_firmwaresdm1000_firmwaresm7250psdm830qcs410_firmwaresdm660_firmwareqsm8250_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CVE-2019-14115
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 13.49%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Information disclosure issue occurs as in current logic as secure touch is released without clearing the display session which can result in user reading the secure input while touch is in non-secure domain as secure display is active' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8076, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SA415M, SA515M, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwarekamorta_firmwareqcm2150_firmwareqcs610sdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439qcs404_firmwaremdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8996ausdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwareapq8076sc8180xmdm9206sdm670_firmwareqcs404sdx24_firmwareapq8076_firmwaresdm636sda845_firmwaresa415mapq8098mdm9205mdm9206_firmwaresa515mqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130apq8009msm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaresa6155p_firmwaremsm8920msm8953sdm450sdm636_firmwaresa515m_firmwareapq8098_firmwaremsm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwaresdm660sc8180x_firmwaresa415m_firmwareqcs405sdm710qm215sc7180_firmwaremdm9607apq8017_firmwaresdm710_firmwaresa6155pqcs610_firmwaremdm9150msm8937msm8996_firmwaremsm8905sm8150_firmwaremsm8909sxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwarerennellsc7180sdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250msm8998sm8150sdm850kamortaapq8017msm8996nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-459
Incomplete Cleanup
CVE-2019-14092
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 13.49%
||
7 Day CHG~0.00%
Published-22 Jun, 2020 | 07:10
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

System Services exports services without permission protect and can lead to information exposure in Snapdragon Industrial IOT, Snapdragon Mobile in MDM9206, MDM9207C, MDM9607, Rennell, Saipan, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9206mdm9207csm8150_firmwaresxr2130_firmwarerennellrennell_firmwaremdm9206_firmwaremdm9607_firmwaresm8250_firmwaresaipan_firmwaresm8250mdm9607sm8150saipansxr2130mdm9207c_firmwareSnapdragon Industrial IOT, Snapdragon Mobile
CVE-2020-11265
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 13.49%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 05:00
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Information disclosure issue due to lack of validation of pointer arguments passed to TZ BSP in Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-ar9580_firmwareipq4018_firmwareqfe1952ipq4028_firmwareqca7500_firmwareqca7520qca7500ipq4029_firmwareqca7550_firmwareqca9994qca4024_firmwareqca9889_firmwareqca9880_firmwareqca10901qca9992wcd9340csr8811_firmwareqca7520_firmwareqca9880wsa8810_firmwareqca7550wsa8810qcn3018_firmwareqca8075_firmwareipq4019_firmwareipq4018qcn3018qca9886_firmwareqca9889qca9888_firmwareqca9888qca9984_firmwareqca9994_firmwarear9580qca9898_firmwareqca4024csr8811ipq4019ar7420qca9886wcd9340_firmwarear7420_firmwareqca8075qfe1922qfe1922_firmwareqca9992_firmwareqfe1952_firmwareqca9984qca9898ipq4029ipq4028qca10901_firmwareSnapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-14007
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 13.49%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Due to the use of non-time-constant comparison functions there is issue in timing side channels which can be used as a potential side channel for SUI corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCS404, QCS405, QCS605, QM215, Rennell, SA6155P, SC7180, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwareapq8096_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632apq8096sdx24sdm439qcs404_firmwaremdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8996ausm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaremdm9206sdm670_firmwareqcs404sdx24_firmwaresdm636sda845_firmwareapq8098mdm9205mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130apq8009msm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaresa6155p_firmwaremsm8920msm8953sdm450sdm636_firmwareapq8098_firmwaremsm8998_firmwaresdm660msm8920_firmwaresdm630mdm9607_firmwareqcs405sdm710qm215sc7180_firmwaremdm9607apq8017_firmwaresdm710_firmwaresa6155pmdm9150msm8937msm8996_firmwaremsm8905sm8150_firmwaremsm8909sxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwarerennellsc7180sdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaremsm8998sm8150sdm850apq8017msm8996nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-203
Observable Discrepancy
CVE-2019-14067
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 13.49%
||
7 Day CHG~0.00%
Published-02 Jun, 2020 | 15:05
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Using non-time-constant functions like memcmp to compare sensitive data can lead to information leakage through timing side channel issue. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS404, QCS405, QCS605, QM215, Rennell, SA415M, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwarekamorta_firmwareapq8096_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632apq8096sdx24sdm439qcs404_firmwaremdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaresc8180xmdm9206sdm670_firmwareqcs404sdx24_firmwaresdm636sda845_firmwaresa415mapq8098mdm9205mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaresa6155p_firmwaremsm8920msm8953sdm450sdm636_firmwareapq8098_firmwaremsm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresdm660sc8180x_firmwaresa415m_firmwareqcs405sdm710qm215sc7180_firmwaremdm9607apq8017_firmwaresdm710_firmwaresa6155pmdm9150msm8937msm8996_firmwaresm8150_firmwaremsm8909sxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwarerennellsc7180sdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaremsm8998sm8150sdm850kamortaapq8017msm8996nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-203
Observable Discrepancy
CVE-2023-43527
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.06% / 19.82%
||
7 Day CHG~0.00%
Published-06 May, 2024 | 14:32
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in Video

Information disclosure while parsing dts header atom in Video.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm429w_firmwareqcs410_firmwaresa6150p_firmwaresd660_firmwaresd865_5gsw5100psa6155p_firmwareqam8295p_firmwareqcs610_firmwarewcd9335sxr2130_firmwarewcd9370wcn3990_firmwaresnapdragon_660_mobileqca6696snapdragon_x55_5g_modem-rfwsa8830_firmwareqca6436_firmwarewcd9341_firmwaresnapdragon_8_gen_1_mobilesnapdragon_x55_5g_modem-rf_firmwarewcn3610_firmwareqca6426wcn3610snapdragon_865\+_5g_mobileqcn9074wsa8815_firmwaresnapdragon_wear_4100\+_firmwaresa8195p_firmwarewcd9370_firmwareqca6426_firmwarewcn3660bsxr2130qca6574au_firmwarewcn3620_firmwaresa8195pqam8295pwcd9341qca6574auwcn3950wsa8810_firmwarewcn3988snapdragon_870_5g_mobile_firmwaresdm429wwcd9335_firmwarewcn3980_firmwarewcn3660b_firmwareqca6436wsa8835qca6391_firmwaresw5100p_firmwarefastconnect_6800_firmwaresa8295p_firmwaresnapdragon_870_5g_mobileqca6696_firmwarewcd9380_firmwaresa6150pqcs410sa8155p_firmwarewsa8815sd660video_collaboration_vc1_platform_firmwaresa8155pwcn3680b_firmwarewsa8830sa6145pqcn9074_firmwaresnapdragon_xr2_5g_firmwaresw5100_firmwaresnapdragon_865_5g_mobilewcn3620fastconnect_6800snapdragon_wear_4100\+fastconnect_6900fastconnect_7800_firmwareqca6391snapdragon_w5\+_gen_1_wearable_firmwarevideo_collaboration_vc1_platformsnapdragon_865\+_5g_mobile_firmwaresnapdragon_865_5g_mobile_firmwaresnapdragon_429_mobilewcn3950_firmwarefastconnect_6900_firmwaresa8295pwcd9380sa6145p_firmwarefastconnect_7800sa8145p_firmwarewcn3680bsnapdragon_xr2_5gsd865_5g_firmwaresnapdragon_8_gen_1_mobile_firmwaresa8150psnapdragon_660_mobile_firmwaresa8150p_firmwarewcn3988_firmwaresa6155pvideo_collaboration_vc3_platform_firmwaresa8145pwcn3990wsa8835_firmwaresnapdragon_429_mobile_firmwarewsa8810wcn3980sw5100video_collaboration_vc3_platformsnapdragon_w5\+_gen_1_wearableqcs610Snapdragonqualcomm_video_collaboration_vc1_platform_firmwaresa6155p_firmwarewcd9380_firmwaresa6150p_firmwaresa8145p_firmwarewsa8835_firmwarefastconnect_6900_firmwarewcn3988_firmwaresa6145p_firmwaresa8155p_firmwaresdm429w_firmwarewcn3950_firmwarewsa8815_firmwarewsa8810_firmwaresa8150p_firmwarefastconnect_7800_firmwarewcd9341_firmwaresw5100p_firmwareqcs610_firmwaresnapdragon_8_gen_1_mobile_platform_firmwaresxr2130_firmwarewcn3990_firmwareqca6696_firmwarewcd9335_firmwarequalcomm_video_collaboration_vc3_platform_firmwareqca6391_firmwarewcd9370_firmwarewsa8830_firmwaresnapdragon_660_mobile_platform_firmwareqam8295p_firmwaresd865_5g_firmwaresnapdragon_xr2_5g_platform_firmwareqca6426_firmwarewcn3620_firmwarewcn3660b_firmwaresd660_firmwaresnapdragon_429_mobile_platform_firmwareqca6574au_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarewcn3680b_firmwaresw5100_firmwareqcn9074_firmwarefastconnect_6800_firmwareqcs410_firmwaresa8295p_firmwaresnapdragon_x55_5g_modem-rf_system_firmwarewcn3610_firmwarewcn3980_firmwareqca6436_firmware
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2020-3679
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.25% / 48.43%
||
7 Day CHG~0.00%
Published-09 Sep, 2020 | 06:25
Updated-04 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'During execution after Address Space Layout Randomization is turned on for QTEE, part of code is still mapped at known address including code segments' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Bitra, Kamorta, Nicobar, QCS404, QCS610, Rennell, SA6155P, SA8155P, Saipan, SC7180, SC8180X, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-kamorta_firmwaresa6155p_firmwareqcs610qcs404_firmwaresm8250_firmwaresc8180x_firmwaresm7150_firmwaresa8155p_firmwaresc7180_firmwaresm6150sm7150sa6155pqcs610_firmwaresxr2130sc8180xqcs404sm8150_firmwaresxr2130_firmwarerennellsc7180bitrarennell_firmwaresdx55sa8155psaipan_firmwaresm6150_firmwaresm8250bitra_firmwaresm8150kamortasdx55_firmwarenicobar_firmwaresaipannicobarSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CVE-2019-10626
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 13.11%
||
7 Day CHG~0.00%
Published-22 Jun, 2020 | 07:10
Updated-04 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Payload size is not validated before reading memory that may cause issue of accessing invalid pointer or some garbage data in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Rennell, Saipan, SC8180X, SDA660, SDA845, SDM429W, SDM439, SDM670, SDM710, SDX20, SDX24, SDX55, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaresdm429wmsm8996au_firmwaresdx24sdm439mdm9650msm8909w_firmwaremsm8996ausdm429w_firmwareapq8009_firmwaresdm670sxr2130qcs605_firmwareipq4019_firmwaresc8180xmdm9206sdm670_firmwaresdx24_firmwareipq8074sda845_firmwareapq8098ipq6018_firmwaremdm9206_firmwareqcs605mdm9650_firmwareipq8064sda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009apq8053_firmwareipq8064_firmwaresda845apq8098_firmwaresdx20mdm9607_firmwaresm8250_firmwaresc8180x_firmwareqcs405ipq8074_firmwaresdm710mdm9607apq8017_firmwaresdm710_firmwaremdm9207c_firmwareipq6018mdm9207csm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwarerennellsda660_firmwarerennell_firmwareipq4019sdx55apq8053apq8096au_firmwaresaipan_firmwaresm8250sm8150sdx20_firmwareapq8017saipanmdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-20
Improper Input Validation
CVE-2019-10483
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 13.49%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Side channel issue in QTEE due to usage of non-time-constant comparison function such as memcmp or strcmp in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8016, APQ8017, APQ8053, APQ8076, APQ8096, APQ8096AU, APQ8098, IPQ8074, MDM9150, MDM9205, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, QCA8081, QCS404, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX55, SM6150, SM7150, SM8150, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwareapq8096_firmwaremdm9640_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632apq8096sdm439qcs404_firmwaremdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwareapq8076mdm9206sdm670_firmwareqcs404apq8076_firmwareipq8074sdm636sda845_firmwareapq8098mdm9205mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwareqca8081_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845sdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660apq8016_firmwaresdm630mdm9607_firmwaremsm8920_firmwaremdm9655_firmwareipq8074_firmwaresdm710qm215mdm9607apq8017_firmwaresdm710_firmwareqca8081mdm9150msm8937mdm9207c_firmwaremsm8996_firmwaremsm8905mdm9207csm8150_firmwaremsm8909sxr2130_firmwaremdm9655apq8096ausdm439_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwareapq8016qm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaremsm8998sm8150sdx20_firmwaresdm850apq8017msm8996sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-203
Observable Discrepancy
CVE-2020-3643
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.10% / 26.45%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-04 Aug, 2024 | 07:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Information disclosure issue can occur due to partial secure display-touch session tear-down' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8076, APQ8096AU, APQ8098, IPQ6018, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SA415M, SA515M, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwarekamorta_firmwareqcm2150_firmwareqcs610sdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439qcs404_firmwaremdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8996ausdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwareapq8076sc8180xmdm9206sdm670_firmwareqcs404sdx24_firmwareapq8076_firmwaresdm636sda845_firmwaresa415mapq8098ipq6018_firmwaremdm9205mdm9206_firmwaresa515mqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130apq8009msm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaresa6155p_firmwaremsm8920msm8953sdm450sdm636_firmwaresa515m_firmwareapq8098_firmwaremsm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwaresdm660sc8180x_firmwaresa415m_firmwareqcs405sdm710qm215sc7180_firmwaremdm9607apq8017_firmwaresdm710_firmwaresa6155pqcs610_firmwaremdm9150msm8937msm8996_firmwaremsm8905ipq6018sm8150_firmwaremsm8909sxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwarerennellsc7180sdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250msm8998sm8150sdm850kamortaapq8017msm8996nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CWE ID-CWE-404
Improper Resource Shutdown or Release
CVE-2023-33111
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 16.91%
||
7 Day CHG~0.00%
Published-01 Apr, 2024 | 15:05
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Validation of Array Index in Audio

Information disclosure when VI calibration state set by ADSP is greater than MAX_FBSP_STATE in the response payload to AFE calibration command.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcs410_firmwaresa6150p_firmwaresd865_5gqcs610_firmwaresxr2130_firmwaresrv1mqca8081_firmwarewcd9370ar8035_firmwareqca6696snapdragon_778g\+_5g_mobilewcd9340_firmwarewcd9341_firmwaresd888_firmwareqcc710_firmwareqca6426wcn6740_firmwarefastconnect_6700wcn3610snapdragon_780g_5g_mobileqcn9074snapdragon_782g_mobile_firmwarewsa8815_firmwaresnapdragon_wear_4100\+_firmwaresa8195p_firmwareqca8337_firmwareqca8337qca6426_firmwareqca9377_firmwareqca6574au_firmwareqam8295pwcd9341qca6574ausa8620p_firmwaresnapdragon_888\+_5g_mobile_firmwarewcn3950wsa8810_firmwaresnapdragon_870_5g_mobile_firmwaresnapdragon_778g_5g_mobile_firmwaresa9000p_firmwaresrv1hsnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_7c\+_gen_3_computewcn3660b_firmwarefastconnect_6800_firmwaresnapdragon_778g\+_5g_mobile_firmwaresa8295p_firmwaresnapdragon_870_5g_mobilevideo_collaboration_vc1_platform_firmwaresa8770pc-v2x_9150qca6584auqcn6274_firmwaresd888qcc710snapdragon_xr2_5g_firmwarewcn6740snapdragon_780g_5g_mobile_firmwarefastconnect_6800qfw7114_firmwaresnapdragon_wear_4100\+fastconnect_7800_firmwarefastconnect_6900video_collaboration_vc1_platformsnapdragon_865_5g_mobile_firmwaresa7255pqfw7114wcd9385_firmwarefastconnect_6900_firmwareqam8255p_firmwarewcd9380sa6145p_firmwareqam8255psnapdragon_xr2_5gsa8150psa6155pwsa8810qam8650psa9000psrv1h_firmwaresnapdragon_888_5g_mobile_firmwarevideo_collaboration_vc3_platformsnapdragon_888_5g_mobilesm7315_firmwarec-v2x_9150_firmwaresa6155p_firmwareqam8295p_firmwaresrv1m_firmwaresnapdragon_782g_mobilesm7315snapdragon_x55_5g_modem-rfqfw7124_firmwareqca6698aq_firmwareqca6436_firmwaresnapdragon_888\+_5g_mobilewcd9385qca9367_firmwaresnapdragon_x55_5g_modem-rf_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewcn3610_firmwaresa8255psnapdragon_865\+_5g_mobilewcd9370_firmwareqca9367sa7255p_firmwarewcn3660bsxr2130sa8195pwcd9340qamsrv1msnapdragon_auto_5g_modem-rf_gen_2sm7325pqam8650p_firmwareqca6584au_firmwarewcn3980_firmwareqcn6274qca6436qfw7124sa8775pwsa8835qca6391_firmwaresa8775p_firmwareqamsrv1hqca6696_firmwarewcd9380_firmwaresa6150pqcs410sa8155p_firmwareqca8081wsa8815sa8155pwsa8830qam8775pqca9377sa6145psnapdragon_x75_5g_modem-rfqcn9074_firmwaresa8620psa8255p_firmwarear8035qamsrv1m_firmwaresa8650p_firmwaresnapdragon_865_5g_mobilewcd9375_firmwareqca6391qcn6224snapdragon_865\+_5g_mobile_firmwareqca6698aqwcn3950_firmwaresa8770p_firmwaresa8295pfastconnect_7800sa8145p_firmwaresa8650pqam8775p_firmwaresd865_5g_firmwaresm7325p_firmwarewcn3680bwcd9375sa8150p_firmwarefastconnect_6700_firmwareqamsrv1h_firmwarevideo_collaboration_vc3_platform_firmwaresa8145psnapdragon_x75_5g_modem-rf_firmwarewsa8835_firmwarewcn3980snapdragon_778g_5g_mobilewsa8830_firmwarewcn3680b_firmwareqcn6224_firmwareqcs610Snapdragon
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2023-33037
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.1||HIGH
EPSS-0.03% / 9.34%
||
7 Day CHG~0.00%
Published-02 Jan, 2024 | 05:38
Updated-17 Jun, 2025 | 20:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cryptographic Issues in Automotive

Cryptographic issue in Automotive while unwrapping the key secs2d and verifying with RPMB data.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qam8255p_firmwaresnapdragon_8_gen_1_mobile_platformwsa8830sa6150p_firmwaresa8145p_firmwaresxr2230p_firmwareqca8337qam8650pqca6431_firmwareqam8775psnapdragon_870_5g_mobile_platform_firmwaresnapdragon_865_5g_mobile_platformsnapdragon_888_5g_mobile_platformwcn3950_firmwaresnapdragon_888_5g_mobile_platform_firmwaresa8150p_firmwaresm4450_firmwareqca6595au_firmwarewcd9370ssg2115pqca6426wcd9385_firmwareqam8295pwcn3950qcn6024_firmwarefastconnect_6200sd_8_gen1_5g_firmwareqsm8350_firmwareqsm8350qam8295p_firmwaresa9000p_firmwaresnapdragon_x55_5g_modem-rf_systemqca6574au_firmwareqca6595auqca8081_firmwarewcd9375_firmwaresm7250p_firmwareqca6436_firmwaresnapdragon_680_4g_mobile_platform_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwaresnapdragon_870_5g_mobile_platformqca6698aqsa4155p_firmwareqcs8550_firmwaresnapdragon_765g_5g_mobile_platformwcn3988_firmwaresa6145p_firmwareqca6421snapdragon_8\+_gen_1_mobile_platformfastconnect_6700_firmwaresa8195pwsa8810_firmwareqca6436snapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwaresa6155psg4150pqca8081snapdragon_765_5g_mobile_platform_firmwareqca6698aq_firmwareqcm4490snapdragon_888\+_5g_mobile_platformwcd9385sxr2130_firmwareqam8775p_firmwaresa8255pqca6431qca6696_firmwareqca6797aqar8035wcd9375sa8150psnapdragon_685_4g_mobile_platformsnapdragon_768g_5g_mobile_platform_firmwarewsa8830_firmwaresd865_5g_firmwarewcn3988wsa8815_firmwarewsa8835_firmwaresnapdragon_685_4g_mobile_platform_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwaresa8295p_firmwaresa4150psg4150p_firmwareqcm4325qca8337_firmwarewcd9380_firmwaressg2125psd865_5gfastconnect_6800qca6595wsa8835qca6574sxr1230p_firmwaresa8540p_firmwaresd_8_gen1_5gwcd9380fastconnect_6700ssg2125p_firmwaresxr2130qca6574asxr1230pqcm4325_firmwaresa9000pqca6574_firmwarewsa8815sxr2230psnapdragon_865\+_5g_mobile_platformsnapdragon_xr2_5g_platform_firmwareqca6426_firmwaresm4450qca6574a_firmwarefastconnect_6200_firmwareqcn9024snapdragon_x55_5g_modem-rf_system_firmwareqca6391snapdragon_8cx_gen_3_compute_platform_firmwaresa8295pqca6421_firmwarefastconnect_7800snapdragon_865\+_5g_mobile_platform_firmwareqcm4490_firmwareqcs4490_firmwaresnapdragon_xr2_5g_platformsnapdragon_x65_5g_modem-rf_systemwsa8832_firmwarefastconnect_6900fastconnect_6900_firmwareqca6797aq_firmwareqca6574ausa8155p_firmwareqcn9024_firmwarefastconnect_7800_firmwarewsa8810snapdragon_765g_5g_mobile_platform_firmwarewsa8832sa8540psnapdragon_8cx_gen_3_compute_platformsnapdragon_680_4g_mobile_platformsnapdragon_8_gen_1_mobile_platform_firmwaresnapdragon_ar2_gen_1_platformsa6145pqam8650p_firmwareqcs4490qca6595_firmwaresa8145pqca6696snapdragon_888\+_5g_mobile_platform_firmwareqca6391_firmwareqcs8550sa4150p_firmwarewcd9370_firmwaresa6150psnapdragon_768g_5g_mobile_platformsa8155pqcn6024snapdragon_765_5g_mobile_platformsm7250psnapdragon_8\+_gen_1_mobile_platform_firmwaressg2115p_firmwareqam8255psa4155par8035_firmwareSnapdragon
CWE ID-CWE-310
Not Available
CWE ID-CWE-311
Missing Encryption of Sensitive Data
CVE-2023-28554
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.1||MEDIUM
EPSS-0.06% / 17.50%
||
7 Day CHG~0.00%
Published-07 Nov, 2023 | 05:26
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in Qualcomm IPC

Information Disclosure in Qualcomm IPC while reading values from shared memory in VM.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sw5100pqcs410_firmwaresa6150p_firmwaresd865_5gqcn9000_firmwareqcs8155_firmwareqca6595qcn9022qcs610_firmwarewcd9335ipq6028_firmwareimmersive_home_214_platformqca8081_firmwarewcd9370qca8072qca6696wcd9340_firmwarewcd9341_firmwareipq5028_firmwareqcn6024ar9380ipq8076qca6426wcn3610ipq6018_firmwareqca9984_firmwareqcn6023qcn5124_firmwareimmersive_home_216_platformqca8337qca9994_firmwareqca6426_firmwareipq8078aqca6574au_firmwareipq8078a_firmwareqam8295pwcd9341qca6574auwsa8810_firmwareqcn9100_firmwaresnapdragon_835_mobile_pc_platform_firmwarewcn3660b_firmwareqcn5122qca6554afastconnect_6800_firmwaresd835_firmwareqcn6024_firmwareqca9886_firmwarevideo_collaboration_vc1_platform_firmwareqca9880snapdragon_210_processor_firmwarec-v2x_9150qcn9000qcn6132_firmwareqsm8250_firmwareqcn5054fastconnect_6900video_collaboration_vc1_platformqcn5052qca9980wcd9385_firmwaresnapdragon_x55_5g_modem-rf_systemqca6310qam8255p_firmwareipq8064ipq8074a_firmwareipq8076aqcn5164snapdragon_888_5g_mobile_platform_firmwaresnapdragon_8_gen_1_mobile_platform_firmwaresa6155pqca6564au_firmwarecsr8811_firmwarewsa8810qca8075qcn5021qsm8250qca6595ausa6155p_firmwaresd835snapdragon_870_5g_mobile_platform_firmwareqca6436_firmwaresnapdragon_wear_4100\+_platform_firmwareipq8070a_firmwareqcn5021_firmwareqcn9070qualcomm_205_mobile_platformsnapdragon_855\+\/860_mobile_platform_firmwaresnapdragon_212_mobile_platform_firmwareqca6420wcd9370_firmwaresnapdragon_x55_5g_modem-rf_system_firmwarewcn3660bqca6574asa8195pqca9898_firmwarewcd9340immersive_home_316_platform_firmwareqcn6122_firmwareqcn5154_firmwareqca7500wcn3988ipq4019qcn5122_firmwarepmp8074qcn9024ipq8076a_firmwareqca6574ar9380_firmwareqca6430_firmwaresnapdragon_870_5g_mobile_platformipq4029_firmwareqcn9024_firmwaresa6150pqcs410sa8155p_firmwaresa8155pqca8072_firmwarewsa8830sa6145pqcn9074_firmwareipq8174qcn6122ipq8174_firmwaresa8255p_firmwareipq8072aqca9985ipq8071aqca6698aqwcn3950_firmwaresnapdragon_8_gen_1_mobile_platformfastconnect_6200wcn3680bsa8145p_firmwareqcs8155snapdragon_888\+_5g_mobile_platformsa8150p_firmwaresnapdragon_855\+\/860_mobile_platformsnapdragon_w5\+_gen_1_wearable_platformwcn3990video_collaboration_vc3_platform_firmwareqcn6023_firmwareqcn5164_firmwareipq8078fastconnect_6200_firmwarewsa8830_firmwareqcn9072ipq4028_firmwareqca9880_firmwaresxr2130_firmwareqcn5022_firmwareqca9992snapdragon_888_5g_mobile_platformsnapdragon_w5\+_gen_1_wearable_platform_firmwareqca6320qca4024_firmwareqca9898qca6564auqca9992_firmwareqca9990immersive_home_214_platform_firmwareqcn9074wsa8815_firmwaresa8195p_firmwareqca8337_firmwareqcn5054_firmwareqca9888ipq8173ipq8072a_firmwareipq6010_firmwaresnapdragon_855_mobile_platformwcn3950snapdragon_xr2_5g_platformqca6797aq_firmwareipq5028qcn9070_firmwaresa8295p_firmwareqca9984ipq5010_firmwareqca9886qcn6132qcn9022_firmwareipq6018qca6584auqca6320_firmwaresw5100_firmwareipq8065qca6310_firmwarefastconnect_6800qca4024qca6595_firmwarefastconnect_7800_firmwareimmersive_home_216_platform_firmwareipq8070afastconnect_6900_firmwarewcd9380ipq4028qam8255psa6145p_firmwareqca9990_firmwaresnapdragon_xr2_5g_platform_firmwareqca7500_firmwaresa8150pqca8075_firmwareqcn5052_firmwaresnapdragon_835_mobile_pc_platformsnapdragon_865\+_5g_mobile_platformipq6010sw5100video_collaboration_vc3_platformaqt1000snapdragon_865_5g_mobile_platform_firmwarec-v2x_9150_firmwareqca9980_firmwareqca9985_firmwareqam8295p_firmwaresd855snapdragon_212_mobile_platformwcn3990_firmwareqca6698aq_firmwarewcd9385qca9994wcn3610_firmwaresa8255pimmersive_home_318_platform_firmwareqcn5024snapdragon_865\+_5g_mobile_platform_firmwareqca6430sdx55_firmwareipq8071a_firmwareipq4019_firmwareqca6554a_firmwaresnapdragon_210_processorsxr2130ipq6028qcn9100ipq4029snapdragon_855_mobile_platform_firmwareqca6420_firmwareaqt1000_firmwareipq8076_firmwareqca6584au_firmwareqcn5152_firmwarewcd9335_firmwareqca6436wcn3980_firmwaresd855_firmwarewsa8835qca6595au_firmwareqca6391_firmwaresw5100p_firmwareipq8068qca6696_firmwaresnapdragon_865_5g_mobile_platformwcd9380_firmwarequalcomm_205_mobile_platform_firmwareqca6574_firmwareqca8081wsa8815qcn5124ipq8064_firmwareqca6797aqqcn5152ipq8065_firmwareqca6574a_firmwaresdx55qcn9072_firmwareqca9888_firmwareipq8074aimmersive_home_318_platformqca9889qcn5024_firmwareqca6391ipq5010qualcomm_215_mobile_platformipq8173_firmwaresa8295pipq8068_firmwarefastconnect_7800sd865_5g_firmwarepmp8074_firmwarequalcomm_215_mobile_platform_firmwareipq8078_firmwareqca9889_firmwarewcn3988_firmwareqcn5154sa8145pimmersive_home_316_platformsnapdragon_888\+_5g_mobile_platform_firmwaresnapdragon_wear_4100\+_platformwsa8835_firmwarecsr8811qcn5022wcn3980wcn3680b_firmwareqcs610Snapdragon
CWE ID-CWE-126
Buffer Over-read
CVE-2023-28571
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.1||MEDIUM
EPSS-0.03% / 7.59%
||
7 Day CHG~0.00%
Published-03 Oct, 2023 | 05:00
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN HOST

Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming scan.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6431qca6678aq_firmwareqcs410_firmwaresa6150p_firmwaresd865_5gsw5100pwsa8845_firmwaresnapdragon_auto_4g_modem_firmwareqcc2076_firmwareqca6595qcs610_firmwarewcd9335sxr2130_firmwarewcd9370qca6678aqqca6696wcd9340_firmwarewcd9341_firmwaresm8250-ab_firmwareqca63208998snapdragon_w5\+_gen_1_wearable_platform_firmwarewcd9395_firmwareqca6390qcc2073_firmwareqca6426qca6564auqcn9074wsa8815_firmwaresa8195p_firmwaresm8250-abqca6426_firmwarewcd9395snapdragon_auto_4g_modemqca6574au_firmwarewcn785x-5qam8295pwcd9341qca6574auwcd9390wcn785x-5_firmwarewcn3950wsa8810_firmwaresnapdragon_xr2_5g_platformwsa8845h_firmwareqca6797aq_firmwareqca6554asa8295p_firmwaresd835_firmwarecsrb31024_firmwarevideo_collaboration_vc1_platform_firmwareqca6584auqca6320_firmwaresw5100_firmwarewcn685x-5qca6310_firmwareqca6595_firmwaresm8250-acs820avideo_collaboration_vc1_platformsm8250_firmwarewcd9385_firmwareqca6421snapdragon_x55_5g_modem-rf_systemqca6310qam8255p_firmwarewcd9380sa6145p_firmwareqam8255psnapdragon_xr2_5g_platform_firmwaresa8150psnapdragon_8\+_gen_2_mobile_platform_firmwarewsa8845msm8996au_firmwaresa6155pqca6421_firmwaresnapdragon_auto_5g_modem-rf_firmwareqca6564au_firmwarewsa8810snapdragon_8\+_gen_2_mobile_platformsw5100qca6595auvideo_collaboration_vc3_platformsa6155p_firmwarewsa8840qam8295p_firmwareqca6390_firmwareqca6431_firmwaresd835wcn3990_firmwareqca6175a_firmwareqca6564a_firmwareqca6436_firmwareqca6698aq_firmware8998_firmwarewcd9385mdm9650_firmwaresnapdragon_8_gen_2_mobile_platformsa8255pwcd9390_firmwaresm8250-ac_firmwareapq8064au_firmwarewcd9370_firmwarecsrb31024mdm9650snapdragon_auto_5g_modem-rfsnapdragon_x55_5g_modem-rf_system_firmwareqcc2076qca6554a_firmwareqca6574asxr2130sa8195p8098_firmwarewcd9340sm8550p_firmwarewcn3988qca6584au_firmwarewcd9335_firmwarewcn3980_firmwareqca6436qca6574wsa8835qca6595au_firmwareqca6391_firmwarewsa8840_firmwaresw5100p_firmwaresm8250qca6696_firmwarewsa8845hwcd9380_firmwaresa6150pqca6574_firmwareqcs410sa8155p_firmwarewsa8815qca6564asa8155pwsa8830qca6797aqsm8550psa6145pqcn9074_firmwaresa8255p_firmwarewcn785x-1_firmwareqca6574a_firmwareqcc2073msm8996auqca6175aqca6391wcn785x-1apq8064auqca6698aqwcn3950_firmwaresnapdragon_8_gen_2_mobile_platform_firmwaresa8295p8098wcn685x-1sa8145p_firmwaresd865_5g_firmwarewcn685x-5_firmwaresa8150p_firmwares820a_firmwaresnapdragon_w5\+_gen_1_wearable_platformwcn3988_firmwarevideo_collaboration_vc3_platform_firmwaresa8145pwcn3990wsa8835_firmwarewcn3980wsa8830_firmwarewcn685x-1_firmwareqcs610Snapdragon
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2023-28566
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.1||MEDIUM
EPSS-0.06% / 17.50%
||
7 Day CHG~0.00%
Published-07 Nov, 2023 | 05:26
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN HAL

Information disclosure in WLAN HAL while handling the WMI state info command.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sw5100pqcs410_firmwaresa6150p_firmwaresd660_firmwaresnapdragon_850_mobile_compute_platform_firmwaresxr1120snapdragon_auto_4g_modem_firmwarevision_intelligence_300_platformwsa8832qca6595snapdragon_xr1_platformqcs610_firmwarewcd9335wcd9370snapdragon_675_mobile_platform_firmwaresnapdragon_730_mobile_platform_firmwareqca6696snapdragon_x50_5g_modem-rf_systemwcd9340_firmwarewcd9341_firmwaresnapdragon_w5\+_gen_1_wearable_platform_firmwareqca6320snapdragon_730_mobile_platformsnapdragon_712_mobile_platformsnapdragon_662_mobile_platform_firmwarefastconnect_6700qca6564auqcs6125_firmwaresm6250p_firmwaresnapdragon_768g_5g_mobile_platform_firmwarewsa8815_firmwarewsa8832_firmwaresa8195p_firmwaresnapdragon_680_4g_mobile_platformqcn7605snapdragon_460_mobile_platformsnapdragon_auto_4g_modemqca6574au_firmwaresnapdragon_8c_compute_platformqcn7606_firmwaresm7250p_firmwaresm4125wcd9341qcm4490_firmwareqca6574aurobotics_rb3_platform_firmwaresnapdragon_855_mobile_platformwcn3950wsa8810_firmwaresd730_firmwareqcs6125snapdragon_8cx_gen_2_5g_compute_platformsnapdragon_835_mobile_pc_platform_firmwaresnapdragon_765g_5g_mobile_platform_firmwaresd730snapdragon_670_mobile_platform_firmwaresnapdragon_730g_mobile_platform_firmwareqca6554afastconnect_6800_firmwaresnapdragon_710_mobile_platform_firmwaresd_675_firmwaresd835_firmwaresnapdragon_720g_mobile_platformsnapdragon_4_gen_2_mobile_platform_firmwaresm6250_firmwarecsrb31024_firmwaresa8155sd_8cx_firmwarevideo_collaboration_vc1_platform_firmwaresm7250psnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_695_5g_mobile_platformqcm6125_firmwaresnapdragon_845_mobile_platform_firmwareqca6584auqca6320_firmwaresnapdragon_850_mobile_compute_platformsd460_firmwaresnapdragon_4_gen_2_mobile_platformsnapdragon_8cx_compute_platform_firmwaresw5100_firmwaresnapdragon_765_5g_mobile_platform_firmwaresnapdragon_480\+_5g_mobile_platform_firmwaresxr1120_firmwareqca6310_firmwaresnapdragon_695_5g_mobile_platform_firmwarefastconnect_6800robotics_rb3_platformqca6595_firmwaresnapdragon_685_4g_mobile_platform_firmwarefastconnect_6900snapdragon_765g_5g_mobile_platformvideo_collaboration_vc1_platformwcd9371wcd9385_firmwaresnapdragon_x55_5g_modem-rf_systemfastconnect_6900_firmwareqca6310wcd9380sa6145p_firmwaresa6155_firmwaresa8155_firmwaresnapdragon_732g_mobile_platform_firmwarewcd9360snapdragon_4_gen_1_mobile_platformqca6335sa8150pqcs4490snapdragon_7c_compute_platformvision_intelligence_300_platform_firmwaresnapdragon_665_mobile_platform_firmwaresnapdragon_685_4g_mobile_platformsa6155pqcm6125snapdragon_835_mobile_pc_platformsnapdragon_auto_5g_modem-rf_firmwareqca6564au_firmwaresnapdragon_768g_5g_mobile_platformwsa8810sd662_firmwaresw5100video_collaboration_vc3_platformqca6595auaqt1000wcd9326_firmwaresa6155p_firmwaresd855sd835wcn3990_firmwarewcd9385qcn7606wcd9371_firmwareqcs4490_firmwaresnapdragon_7c_compute_platform_firmwaresd662qcn7605_firmwarewcn3910_firmwaresnapdragon_678_mobile_platformsm4125_firmwaresnapdragon_720g_mobile_platform_firmwaresnapdragon_855\+\/860_mobile_platform_firmwareqca6420snapdragon_7c_gen_2_compute_platform_firmwaresnapdragon_690_5g_mobile_platformwcn3910qca6430sm6250pwcd9370_firmwarecsrb31024sdx55_firmwaresnapdragon_auto_5g_modem-rfsnapdragon_845_mobile_platformsnapdragon_750g_5g_mobile_platform_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareqca6554a_firmwaresnapdragon_660_mobile_platformqca6574aqcm4490sa8195pwcd9340qca6335_firmwaresnapdragon_855_mobile_platform_firmwareqca6420_firmwareaqt1000_firmwarewcn3988qca6584au_firmwaresd855_firmwaresnapdragon_460_mobile_platform_firmwareqca6574snapdragon_480_5g_mobile_platform_firmwarewcd9335_firmwarewcn3980_firmwareqca6595au_firmwareqca6391_firmwaresd675_firmwaresnapdragon_8cx_compute_platformwsa8835qca6430_firmwaresw5100p_firmwaresnapdragon_732g_mobile_platformqca6696_firmwarewcd9380_firmwaresa6150pqca6574_firmwarewcd9326qcs410sa8155p_firmwarewsa8815sd660sg4150psa8155psnapdragon_675_mobile_platformwsa8830snapdragon_662_mobile_platformsa6145pqcm4325_firmwaresnapdragon_765_5g_mobile_platformsc8180x\+sdx55_firmwarevision_intelligence_400_platform_firmwarevision_intelligence_400_platformsnapdragon_665_mobile_platformqca6574a_firmwaresdx55snapdragon_750g_5g_mobile_platformsnapdragon_480\+_5g_mobile_platformsa6155snapdragon_678_mobile_platform_firmwareqcm4325sd675wcd9375_firmwareqca6391snapdragon_712_mobile_platform_firmwaresc8180x\+sdx55snapdragon_7c_gen_2_compute_platformsg4150p_firmwaresm6250snapdragon_480_5g_mobile_platformsnapdragon_670_mobile_platformsnapdragon_xr1_platform_firmwaresnapdragon_8c_compute_platform_firmwarewcn3950_firmwaresnapdragon_x50_5g_modem-rf_system_firmwarefastconnect_6200sd670snapdragon_710_mobile_platformsa8145p_firmwaresd460snapdragon_730g_mobile_platformsnapdragon_8cx_gen_2_5g_compute_platform_firmwarewcd9360_firmwarewcd9375sa8150p_firmwaresnapdragon_855\+\/860_mobile_platformsnapdragon_w5\+_gen_1_wearable_platformwcn3988_firmwarefastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwaresa8145psd_675wcn3990sd_8cxwsa8835_firmwaresd670_firmwaresnapdragon_680_4g_mobile_platform_firmwaresnapdragon_660_mobile_platform_firmwarewcn3980snapdragon_690_5g_mobile_platform_firmwarefastconnect_6200_firmwarewsa8830_firmwareqcs610Snapdragon
CWE ID-CWE-126
Buffer Over-read
CVE-2022-40518
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.11% / 29.26%
||
7 Day CHG~0.00%
Published-06 Jan, 2023 | 05:02
Updated-09 Apr, 2025 | 14:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer overread in Core

Information disclosure due to buffer overread in Core

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresd_8cx_gen3_firmwaresa6150p_firmwaresm6250p_firmwareqcs610qca8337qca6431_firmwarewcd9360_firmwaresdx65wcn3950_firmwaresa8150p_firmwareqcs2290qca6595au_firmwaresa6155qca6335csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaresa415msm4375wcn3998wcd9371_firmwareqam8295pwcn3950qcn6024_firmwaresd720gsm4125sd_8cx_gen2_firmwaresd_8_gen1_5g_firmwareqsm8350_firmwaresd710_firmwareqsm8350sd460_firmwaresm7315_firmwarewcn7850qca6574au_firmwarewcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwareqca6420wcd9360sd680_firmwarewcn3999sd_8cx_gen2qrb5165_firmwareqrb5165m_firmwaresa4155p_firmwareqcs6125sa8155_firmwareqca4004_firmwaresd662_firmwareqcs405qca6430wcd9306_firmwarewcd9340sd765gfsm10056_firmwaresd680qca6436wcn6851sa6155pqcs603_firmwarewcn7851_firmwarewcd9341qca6431qca6696_firmwarewcd9371sd870_firmwaresd750gwcn3910_firmwaresxr2150p_firmwaresd_8cxsa8150pqca4004wsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwaresd712wcn3988sd660_firmwarewcn7850_firmwaresa8195p_firmwaresm8475qcn7606_firmwarewcn6750_firmwaresa8295p_firmwarewcn3991qca8337_firmwarewcd9380_firmwareqca6564ausdx55m_firmwarewcn6856_firmwaresd670_firmwareqca6574wcd9380qcs410sd690_5g_firmwaresdx50m_firmwaresdx24_firmwareqcn9012_firmwareqca6430_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqcs605wcd9340_firmwarewsa8815wcn6850sd7cwcn3910qca6320qca6426_firmwaresd695qca9984sd835qcn9024wcn3980_firmwaresd730sdx55msa8295pqca6421_firmwarewcn6740_firmwaresd678_firmwarear8031_firmwareqrb5165wcn6851_firmwareqcs603sd670qcn9024_firmwareqca6564a_firmwareqcm4290_firmwaresd480sd870wcn6855sa8540pqcs610_firmwareqsm8250sa6145psd695_firmwaresdxr1ar8031qca6595_firmwareqcs405_firmwaresa8145pmdm9205_firmwareqca6391_firmwaresa4150p_firmwarewcd9370_firmwaresd780g_firmwaresdx55sd888_firmwaresa8155pcsra6640sd675qcs8155_firmwaresa4155psxr2150par8035_firmwareqsm8250_firmwareqcn7606qcm2290wcn3991_firmwaremdm9150_firmwarewsa8830sd678sa8145p_firmwareqcs2290_firmwarefsm10056sd7c_firmwarecsrb31024csra6620qcs4290sd765g_firmwareqca6420_firmwareqca6390_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwareqca6564qca6426wcn3990_firmwareqrb5165n_firmwareqca9984_firmwareqca9377sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwaresd662qam8295p_firmwareqcn9011_firmwaresa8155sa9000p_firmwareqca6320_firmwaresdx55_firmwareqca6595auwcn3999_firmwaresm7250p_firmwareqca6436_firmwareqrb5165nwcd9306sd778gqca6564au_firmwaresa6155p_firmwareqca6310qcs8155wcn7851sa515m_firmwareqcs6490sdxr2_5gsa415m_firmwarewcn3988_firmwareqcn9074sa6145p_firmwareqca6421sd778g_firmwaresm6250sd712_firmwaresa8195pwsa8810_firmwaresm4375_firmwaresd765_firmwarewcd9326wcd9335qca8081qca6174a_firmwareqcs4290_firmwarewcd9385qcs6490_firmwaresd_8cx_gen3qca6390wcd9375sd750g_firmwareaqt1000ar8035sm6250_firmwarewsa8815_firmwaresd888_5g_firmwareqcm6490wcn6850_firmwarewsa8835_firmwareqcx315qca6564asa4150pqcm6125_firmwareqcm2290_firmwarewcn3990sd_675sd780gsd865_5gqca6595sdx24qcn9012sd888wsa8835qcx315_firmwaresd665_firmwaresa8540p_firmwaresd888_5gsm6250psc8180xqca6574awcn6855_firmwareqca6174asm7325pqca6310_firmwarewcn6750mdm9205sa9000pqca6574_firmwaresa515msd855sm4125_firmwaresm7325p_firmwaresd665sd765qca6574a_firmwaresd768g_firmwareqrb5165msd850_firmwaresm7315sd460qca6391sdxr1_firmwareaqt1000_firmwaresdx65_firmwareqcm4290csrb31024_firmwareqcm6490_firmwaresdx50msd480_firmwareqcn9011sc8180x_firmwareqca6574ausd710sa8155p_firmwarewcd9341_firmwareqcm6125wsa8810mdm9150wcn6856sd835_firmwareqca6564_firmwaresd768gwcn6740qca6696sd845_firmwaresa6150pqcn6024sd845sm7250psd720g_firmwareqcn9074_firmwareqcs410_firmwaresd850Snapdragon
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-40533
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.2||MEDIUM
EPSS-0.05% / 16.32%
||
7 Day CHG~0.00%
Published-06 Jun, 2023 | 07:39
Updated-03 Aug, 2024 | 12:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Untrusted Pointer Dereference in Core

Transient DOS due to untrusted Pointer Dereference in core while sending USB QMI request.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwareqam8255p_firmwaresnapdragon_662_mobile_platform_firmwaresm7325-ae_firmwarewsa8830sm6250p_firmwaresxr2230p_firmwareqcs2290_firmwareqam8650pwcn785x-5qca6431_firmwareqam8775pflight_rb5_5g_platformcsra6620flight_rb5_5g_platform_firmwaresc8280xp-bb_firmwaresm7250-ac_firmwareqcs4290wcn3950_firmwaresm4450_firmwareqcs2290qca6595au_firmwareqca6390_firmwaresm8350wcd9370csra6620_firmwaressg2115pcsra6640_firmwareqca6426sc8280xp-abwcn685x-1qrb5165n_firmwaresm7350-ab_firmwaresm8450sm8250-abwcn3998wcd9385_firmwareqam8295pwcn3950sm4125sd_8_gen1_5g_firmwareqsm8350_firmwaresd662qsm8350sd460_firmwareqam8295p_firmwaresm7325-afqcn9011_firmwaresa9000p_firmwaresm7315_firmwaresm7325-aeqca6574au_firmwaresdx55_firmwaresm4250-aasnapdragon_x55_5g_modem-rf_systemqca6595auwcn3998_firmwaresm6225-adsm7325-af_firmwaresm7250p_firmwarewcd9375_firmwareqca6436_firmwaresnapdragon_xr2\+_gen_1_platformqrb5165nsm6225smart_audio_400_platform_firmwaresm6225-ad_firmwareqcs6490qrb5165m_firmwareqrb5165_firmwareqca6698aqqcs8550_firmwaresd662_firmwaresm8250_firmwaresm7250-ab_firmwaresm8250-acwcn3988_firmwareqca6421sm6250sm7250-aawsa8810_firmwaresm8450_firmwareqca6436snapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwaresg4150pwcd9335qca6698aq_firmwareqcm4490wcn685x-1_firmwareqcs4290_firmwaresxr2130_firmwareqam8775p_firmwaresa8255pwcd9385qca6431qca6696_firmwareqcs6490_firmwareqca6797aqqca6390wcd9375wcn3910_firmwaresm6250_firmwaresnapdragon_662_mobile_platformsm8250-ac_firmwarewsa8830_firmwaresd865_5g_firmwaresm7225_firmwaresnapdragon_7c\+_gen_3_compute_firmwareqcm6490wcn3988wsa8815_firmwarewsa8835_firmwaresm4250-aa_firmwaresm7350-absm8475wcn6750_firmwaresa8295p_firmwaresg4150p_firmwarewcn785x-1qcm4325qcm2290_firmwarewcn3991wcd9380_firmwaressg2125psd865_5gqca6595sm8350-ac_firmwareqcn9012sd888wsa8835sxr1230p_firmwaresa8540p_firmwaresnapdragon_7c\+_gen_3_computesd_8_gen1_5gwcd9380sm6250pssg2125p_firmwaresxr2130smart_audio_400_platformwcn685x-5_firmwaresm7325psxr1230psm7325wcn6750qcn9012_firmwarewcd9335_firmwaresm7225qcm4325_firmwaresa9000psm7250-absm4125_firmwarewsa8815sm7325p_firmwaresxr2230pwcn3910snapdragon_xr2_5g_platform_firmwareqca6426_firmwareqcs8250sm4450qrb5165mwcn785x-5_firmwaresm7315sd460qca6391sm8250-ab_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresnapdragon_xr2\+_gen_1_platform_firmwaresa8295pqca6421_firmwaresm6350sm7125sm8475_firmwaresc8280xp-ab_firmwarewcn6740_firmwareqcm4490_firmwareqcs4490_firmwaresnapdragon_xr2_5g_platformqcm4290qcm6490_firmwarewsa8832_firmwaresm8350_firmwareqrb5165wcn685x-5qcn9011sm6225_firmwareqca6797aq_firmwaresm6350_firmwarewcn785x-1_firmwareqca6574auqcs8250_firmwareqcm4290_firmwaresm7250-aa_firmwarewsa8810wsa8832sa8540psm7250-acqsm8250snapdragon_ar2_gen_1_platformsm8350-acqam8650p_firmwareqcs4490qca6595_firmwaresc8280xp-bbqca6696wcn6740qca6391_firmwareqcs8550wcd9370_firmwaresm7125_firmwaresdx55sd888_firmwaresm8250csra6640sm7250pssg2115p_firmwareqam8255pqcm2290qsm8250_firmwaresm7325_firmwareSnapdragonqcm2290_firmwareqam8255p_firmwarerobotics_rb5_platform_firmwaresnapdragon_662_mobile_platform_firmwarewcd9380_firmwaresnapdragon_778g_5g_mobile_platform_firmwaresm6250p_firmwaresxr2230p_firmwareqcs2290_firmwareqca6431_firmwareflight_rb5_5g_platform_firmwaresxr1230p_firmwarewcn3950_firmwaresa8540p_firmwaresnapdragon_888_5g_mobile_platform_firmwaresm4450_firmwareqca6595au_firmwarecsra6620_firmwaressg2125p_firmwarecsra6640_firmwaresnapdragon_460_mobile_platform_firmwareqrb5165n_firmwareqcn9012_firmwarewcd9335_firmwarewcd9385_firmwareqcm4325_firmwaresd_8_gen1_5g_firmwaresm4125_firmwaresm7325p_firmwareqsm8350_firmwaresd460_firmwareqam8295p_firmwaresnapdragon_xr2_5g_platform_firmwareqcn9011_firmwareqca6426_firmwaresa9000p_firmwaresm7315_firmwarefastconnect_6200_firmwareqca6574au_firmwaresdx55_firmwarewcd9375_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresm7250p_firmwareqca6436_firmwaresnapdragon_680_4g_mobile_platform_firmwareqca6421_firmwarewcn6740_firmwareqcm4490_firmwaresnapdragon_690_5g_mobile_platform_firmwareqcs4490_firmwaresmart_audio_400_platform_firmwareqrb5165m_firmwareqcm6490_firmwarewsa8832_firmwarefastconnect_6900_firmwareqcs8550_firmwaresd662_firmwarewcn3988_firmwareqca6797aq_firmwarefastconnect_6700_firmwarewsa8810_firmwareqcs8250_firmwarefastconnect_7800_firmwareqcm4290_firmwaresnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqca6698aq_firmwareqcs4290_firmwareqam8650p_firmwaresxr2130_firmwareqam8775p_firmwareqca6696_firmwareqcs6490_firmwareqca6595_firmwareqca6391_firmwarewcn3910_firmwarewcd9370_firmwaresm6250_firmwaresd888_firmwarewsa8830_firmwaresd865_5g_firmwarewsa8815_firmwarewsa8835_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresnapdragon_865_5g_mobile_platform_firmwaressg2115p_firmwarefastconnect_6800_firmwaresa8295p_firmwaresnapdragon_720g_mobile_platform_firmwaresg4150p_firmwaresnapdragon_750g_5g_mobile_platform_firmwareqsm8250_firmware
CWE ID-CWE-822
Untrusted Pointer Dereference
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2022-40519
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.10% / 27.99%
||
7 Day CHG~0.00%
Published-06 Jan, 2023 | 05:02
Updated-09 Apr, 2025 | 14:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer over-read in Core

Information disclosure due to buffer overread in Core

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresd_8cx_gen3_firmwaresa6150p_firmwaresm6250p_firmwareqcs610qca8337qca6431_firmwarewcd9360_firmwaresdx65qca4024_firmwarewcn3950_firmwaresa8150p_firmwareqcs2290qca6595au_firmwaresa6155qca6335sd_455_firmwarecsra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaresa415msm4375wcn3998wcd9371_firmwareqam8295pwcn3950qcn6024_firmwaresd720gsm4125sd_8cx_gen2_firmwareqca8386_firmwaresd_8_gen1_5g_firmwareqca8084_firmwareqsm8350_firmwaresd710_firmwareqsm8350sd460_firmwaresm7315_firmwarewcn7850qca6574au_firmwarewcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwareqca6420wcd9360sd680_firmwarewcn3999sd_8cx_gen2qrb5165_firmwareqrb5165m_firmwaresa4155p_firmwareqcs6125sa8155_firmwareqca4004_firmwareipq6010sd662_firmwareqcs405qca6430wcd9306_firmwarewcd9340sd765gsw5100fsm10056_firmwaresd680qca6436wcn6851sa6155pqcs603_firmwarewcn7851_firmwarewcd9341qca6431qca6696_firmwarewcd9371sd870_firmwaresd750gipq9008_firmwarewcn3910_firmwaresxr2150p_firmwaresd_8cxsa8150pqca4004wsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwaresd712wcn3988sd660_firmwarewcn7850_firmwaresa8195p_firmwareqcn5121sm8475qcn5022_firmwareqcn7606_firmwarewcn6750_firmwaresa8295p_firmwarewcn3991qca8337_firmwarewcd9380_firmwaresw5100pqca8084qca6564ausdx55m_firmwarewcn6856_firmwareipq9008sd670_firmwareqca6574csr8811_firmwarewcd9380qcs410sd690_5g_firmwaresdx50m_firmwaresdx24_firmwareqca8072_firmwareqcn9012_firmwareqca6430_firmwareqcn9274_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980qca6335_firmwareipq6018_firmwareqcs605wcd9340_firmwarewsa8815wcn6850sd7cwcn3910qca6320qca6426_firmwaresd695ipq6028sd835qca9984qcn9024ipq9574_firmwarewcn3980_firmwaresd730sdx55mqcc5100_firmwaresa8295pqca6421_firmwarewcn6740_firmwaresd678_firmwarear8031_firmwareqrb5165wcn6851_firmwareqcs603sd670sd_636_firmwareqcn9024_firmwareqca6564a_firmwareqcm4290_firmwaresd480sd870wcn6855qcn5121_firmwaresw5100p_firmwaresa8540pqcs610_firmwareqsm8250sa6145pipq6018sd695_firmwaresdxr1ar8031qca6595_firmwareqcs405_firmwaresa8145psdm630_firmwaremdm9205_firmwareqca6391_firmwaresa4150p_firmwareqca4024wcd9370_firmwaresd780g_firmwaresdx55sd888_firmwareqcn5021_firmwaresa8155pcsra6640sd675qcs8155_firmwaresa4155psxr2150par8035_firmwareqsm8250_firmwareqcn7606qcm2290wcn3991_firmwaremdm9150_firmwarewsa8830sd678qcn9070sa8145p_firmwareqcs2290_firmwarefsm10056sd7c_firmwarecsrb31024sd_636csra6620qca8082qcn9072qca8386qcs4290sd765g_firmwareqca6420_firmwareqca6390_firmwaresd690_5gipq6000sd730_firmwarewcd9370sd675_firmwareqcn5152_firmwareqca6564qca6426wcn3990_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwareqca9377sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwaresd662qam8295p_firmwareqcn9011_firmwaresa8155qca8082_firmwareqca6320_firmwaresa9000p_firmwareqcn5122_firmwaresdx55_firmwareqca6595auqcn6023_firmwarewcn3999_firmwaresm7250p_firmwareqca6436_firmwareqrb5165nwcd9306sd778gqca6564au_firmwaresa6155p_firmwareqca6310qcn9274qcs8155wcn7851sa515m_firmwareqcs6490sdxr2_5gqcn5052sdm630sa415m_firmwarewcn3988_firmwareqcn9074sa6145p_firmwareqca6421qca8085sd778g_firmwaresm6250sa8195psd712_firmwarewsa8810_firmwaresm4375_firmwaresd765_firmwarewcd9326wcd9335qca8081qcn6023qca6174a_firmwareqcs4290_firmwarewcd9385qca8085_firmwareqcs6490_firmwaresd_8cx_gen3qca6390wcd9375sd750g_firmwareaqt1000ar8035csr8811sm6250_firmwarewsa8815_firmwaresd888_5g_firmwareqcm6490wcn6850_firmwarewsa8835_firmwareqcx315qca6564asa4150pqcm6125_firmwareqca8072qcm2290_firmwarewcn3990qcn9000sd_675sd780gsd865_5gqca6595qcc5100sdx24qcn9012sd888wsa8835qcx315_firmwaresd665_firmwaresa8540p_firmwaresd888_5gsm6250pqca8075_firmwaresc8180xqca6574aipq6005_firmwarewcn6855_firmwareqca6174asm7325pqca6310_firmwarewcn6750mdm9205sa9000pqca6574_firmwaresa515msd855sm4125_firmwaresm7325p_firmwaresd665sd765qca6574a_firmwareqcn5021qcn5152sd768g_firmwareqrb5165msd850_firmwaresm7315sd460qca6391sdxr1_firmwareipq6005aqt1000_firmwaresdx65_firmwareqcm4290csrb31024_firmwareqcm6490_firmwaresdx50mqcn9070_firmwaresd480_firmwareipq6028_firmwareqcn9011sc8180x_firmwaresd_455qca6574ausd710sa8155p_firmwareqcn5122ipq9574wcd9341_firmwareqcm6125wsa8810mdm9150wcn6856qcn5022sd835_firmwareqca6564_firmwaresd768gipq6010_firmwarewcn6740qca6696sd845_firmwaresa6150pqca8075qcn9022_firmwareqcn6024qcn9022sd845qcn9072_firmwaresm7250pipq6000_firmwaresd720g_firmwaresw5100_firmwareqcn9074_firmwareqcs410_firmwaresd850Snapdragon
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-5895
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.04% / 12.42%
||
7 Day CHG~0.00%
Published-06 Jul, 2018 | 17:00
Updated-16 Sep, 2024 | 17:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer over-read may happen in wma_process_utf_event() due to improper buffer length validation before writing into param_buf->num_wow_packet_buffer in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-5836
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 20.93%
||
7 Day CHG~0.00%
Published-06 Jul, 2018 | 17:00
Updated-16 Sep, 2024 | 16:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wma_nan_rsp_event_handler() in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, the data_len value is received from firmware and not properly validated which could potentially lead to an out-of-bounds access.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-33220
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.1||MEDIUM
EPSS-0.02% / 4.78%
||
7 Day CHG~0.00%
Published-05 Sep, 2023 | 06:23
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer over-read in Automotive multimedia

Information disclosure in Automotive multimedia due to buffer over-read.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wsa8830wcd9380_firmwaresa6150p_firmwaresa8145p_firmwaresw5100psd865_5gqcc5100sdx55m_firmwarewcn6856_firmwarewsa8835sd_8_gen1_5gwcd9380sa8150p_firmwaresd888_5gqca6420_firmwareqca6595au_firmwareqca6390_firmwarewcn6855_firmwareqca6426qca6430_firmwarewcn3980wcn3998wcd9385_firmwareqam8295psdxr2_5g_firmwaresd_8_gen1_5g_firmwaresd855wsa8815wcn6850qam8295p_firmwareqca6426_firmwarewcn7850qca6574au_firmwareqca6595auwcn3998_firmwarewcn3980_firmwareqca6391sdx55mqca6420qca6436_firmwaresa8295pqcc5100_firmwareaqt1000_firmwaresa6155p_firmwarewcn7851sdxr2_5gwcn6851_firmwarewcn3988_firmwareqca6430qca6574ausa6145p_firmwaresa8155p_firmwaresa8195pwsa8810_firmwarewcd9341_firmwaresw5100wsa8810sd870qca6436wcn6851wcn6855sa6155psw5100p_firmwarewcn7851_firmwarewcn6856sa6145pwcd9385wcd9341qca6696_firmwaresa8145psd870_firmwareqca6696qca6391_firmwareqca6390aqt1000sa8150psa6150psa8155pwsa8830_firmwaresd855_firmwaresd865_5g_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwarewcn7850_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresw5100_firmwaresa8295p_firmwareSnapdragon
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-33273
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.3||HIGH
EPSS-0.04% / 11.15%
||
7 Day CHG~0.00%
Published-02 May, 2023 | 07:30
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer over-read in Trusted Execution Environment

Information disclosure due to buffer over-read in Trusted Execution Environment while QRKS report generation.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewsa8830sxr2230p_firmwaresnapdragon_x24_lte_modem_firmwareqca8337wcn785x-5qca6431_firmwaresm7250-ac_firmwarewcn3950_firmwaresa8150p_firmwareqca6420_firmwareqca6595au_firmwareqca6390_firmwaresa6155qca6335sm8350sdm670wcd9370qcs605_firmwaresd_675_firmwaresd675_firmwaressg2115pqca6426wcn685x-1wcn3990_firmwaresm8450qca9377sm8250-abwcn3998sd_8cx_firmwarewcd9385_firmwareqam8295pwcn3950wcd9326_firmwaresd_8_gen1_5g_firmwareqsm8350_firmwareqsm8350qam8295p_firmwaresa8155sa9000p_firmwaresnapdragon_x55_5g_modem-rf_systemqca6574au_firmwaresdx55_firmwaresda\/sdm845_firmwareqca6595auwcn3998_firmwareqca8081_firmwaresa6155_firmwaresm7250p_firmwarewcd9375_firmwareqca6420qca6436_firmwareqca6564au_firmwaresa6155p_firmwareqca6310snapdragon_x65_5g_modem-rf_system_firmwaresa8155_firmwaresm8250_firmwaresm7250-ab_firmwaresm8250-acqca6430sa6145p_firmwareqca6421sm7250-aawcd9340snapdragon_8cx_compute_platformwsa8810_firmwaresm8450_firmwareqca6436snapdragon_ar2_gen_1_platform_firmwarewcd9326sa6155pqca8081qcs603_firmwareqca6174a_firmwarewcn685x-1_firmwarewcd9385sm8150_firmwaresxr2130_firmwarewcd9341qca6431qca6696_firmwareqca6390ar8035sda\/sdm845aqt1000sa8150psd_8cxwcd9375sm6150_firmwaresm8250-ac_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwaresm8150sdm850wsa8815_firmwarewsa8835_firmwaresa8295p_firmwareqca6564awcn785x-1qca8337_firmwarewcd9380_firmwaressg2125pwcn3990sd_675snapdragon_8cx_gen_2_5g_compute_platformsdm845sd865_5gqca6595qca6564ausm8350-ac_firmwaresm8150-acsnapdragon_8c_compute_platformsm6150sd670_firmwareqca6574sxr1230p_firmwarewsa8835sa8540p_firmwaresd_8_gen1_5gwcd9380ssg2125p_firmwaresxr2130qca6574awcn685x-5_firmwareqca6174asdm670_firmwaresxr1230pqca6310_firmwareqca6430_firmwarewcn3980qca6335_firmwaresa9000pqca6574_firmwaresm7250-abqcs605sd855sm6150-ac_firmwarewcd9340_firmwarewsa8815sxr2230psdx57m_firmwaresnapdragon_xr2_5g_platform_firmwareqca6426_firmwareqca6574a_firmwarewcn785x-5_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresm8250-ab_firmwareqca6391wcn3980_firmwaresnapdragon_8cx_gen_3_compute_platform_firmwaresnapdragon_x50_5g_modem-rf_system_firmwaresa8295pqca6421_firmwareaqt1000_firmwaresdm850_firmwaresnapdragon_8cx_compute_platform_firmwaresnapdragon_xr2_5g_platformsnapdragon_x65_5g_modem-rf_systemwsa8832_firmwaresm8350_firmwareqcs603wcn685x-5wcn785x-1_firmwareqca6574ausa8155p_firmwaresd670qca6564a_firmwaresdx57mwcd9341_firmwarewsa8810sm7250-aa_firmwaresnapdragon_x24_lte_modemwsa8832sa8540psm7250-acsnapdragon_8cx_gen_3_compute_platformsm8150-ac_firmwaresnapdragon_ar2_gen_1_platformsa6145psnapdragon_8c_compute_platform_firmwaresm8350-acqca6595_firmwareqca6696qca6391_firmwarewcd9370_firmwaresm6150-acsdx55snapdragon_x50_5g_modem-rf_systemsa8155psd675sm8250sm7250pssg2115p_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_firmwarear8035_firmwaresdm845_firmwareSnapdragon
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-5864
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.07% / 20.93%
||
7 Day CHG~0.00%
Published-06 Jul, 2018 | 19:00
Updated-16 Sep, 2024 | 20:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While processing a WMI_APFIND event in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, a buffer over-read and information leak can potentially occur.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.Google LLC
Product-androidAndroid for MSM, Firefox OS for MSM, QRD Android
CWE ID-CWE-125
Out-of-bounds Read
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found