ByteOS

Snapdragon Auto, Snapdragon Mobile

Product

Versions

Affected

APQ8096AU, AR6003, MDM8215, MDM8215M, MDM8615M, MDM9215, MDM9310, MDM9615, MDM9615M, MSM8996AU, QCA6564A, QCA6564AU, QCA6574A, QCA6574AU, QCA6584AU, QCA6696, SA6145P, SA6150P, SA6155P, SA8145P, SA8150P, SA8155P, SA8195P, SA8540P, SA9000P, SDX55, SDX55M, WCD9341

Problem Types

Type	CWE ID	Description
text	N/A	Use After Free in Automotive Multimedia

Type: text

CWE ID: N/A

Description: Use After Free in Automotive Multimedia

Metrics

Version	Base score	Base severity	Vector
3.1	8.4	HIGH	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Version: 3.1

Base score: 8.4

Base severity: HIGH

Vector:

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References

Hyperlink	Resource
https://www.qualcomm.com/company/product-security/bulletins/march-2022-bulletin	x_refsource_CONFIRM

Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/march-2022-bulletin

Resource:

x_refsource_CONFIRM

▼Authorized Data Publishers (ADP)

CVE Program Container

References

Hyperlink	Resource
https://www.qualcomm.com/company/product-security/bulletins/march-2022-bulletin	x_refsource_CONFIRM x_transferred

Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/march-2022-bulletin

Resource:

x_refsource_CONFIRM

x_transferred

▼National Vulnerability Database (NVD)

nvd.nist.gov

Source:product-security@qualcomm.com

Published At:01 Apr, 2022 | 05:15

Updated At:09 Apr, 2022 | 00:30

Improper handling of multiple session supported by PVM backend can lead to use after free in Snapdragon Auto, Snapdragon Mobile

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	7.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary	3.1	8.4	HIGH	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary	2.0	4.6	MEDIUM	AV:L/AC:L/Au:N/C:P/I:P/A:P

Type: Primary

Version: 3.1

Base score: 7.8

Base severity: HIGH

Vector:

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Type: Secondary

Version: 3.1

Base score: 8.4

Base severity: HIGH

Vector:

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Type: Primary

Version: 2.0

Base score: 4.6

Base severity: MEDIUM

Vector:

AV:L/AC:L/Au:N/C:P/I:P/A:P

CPE Matches

cpe:2.3:o:qualcomm:apq8096au_firmware:-:*:*:*:*:*:*:*

>>apq8096au_firmware>>-

cpe:2.3:h:qualcomm:apq8096au:-:*:*:*:*:*:*:*

>>apq8096au>>-

cpe:2.3:o:qualcomm:ar6003_firmware:-:*:*:*:*:*:*:*

>>ar6003_firmware>>-

cpe:2.3:h:qualcomm:ar6003:-:*:*:*:*:*:*:*

>>ar6003>>-

cpe:2.3:o:qualcomm:mdm8215_firmware:-:*:*:*:*:*:*:*

>>mdm8215_firmware>>-

cpe:2.3:h:qualcomm:mdm8215:-:*:*:*:*:*:*:*

>>mdm8215>>-

cpe:2.3:o:qualcomm:mdm8215m_firmware:-:*:*:*:*:*:*:*

>>mdm8215m_firmware>>-

cpe:2.3:h:qualcomm:mdm8215m:-:*:*:*:*:*:*:*

>>mdm8215m>>-

cpe:2.3:o:qualcomm:mdm8615m_firmware:-:*:*:*:*:*:*:*

>>mdm8615m_firmware>>-

cpe:2.3:h:qualcomm:mdm8615m:-:*:*:*:*:*:*:*

>>mdm8615m>>-

cpe:2.3:o:qualcomm:mdm9215_firmware:-:*:*:*:*:*:*:*

>>mdm9215_firmware>>-

cpe:2.3:h:qualcomm:mdm9215:-:*:*:*:*:*:*:*

>>mdm9215>>-

cpe:2.3:o:qualcomm:mdm9310_firmware:-:*:*:*:*:*:*:*

>>mdm9310_firmware>>-

cpe:2.3:h:qualcomm:mdm9310:-:*:*:*:*:*:*:*

>>mdm9310>>-

cpe:2.3:o:qualcomm:mdm9615_firmware:-:*:*:*:*:*:*:*

>>mdm9615_firmware>>-

cpe:2.3:h:qualcomm:mdm9615:-:*:*:*:*:*:*:*

>>mdm9615>>-

cpe:2.3:o:qualcomm:mdm9615m_firmware:-:*:*:*:*:*:*:*

>>mdm9615m_firmware>>-

cpe:2.3:h:qualcomm:mdm9615m:-:*:*:*:*:*:*:*

>>mdm9615m>>-

cpe:2.3:o:qualcomm:msm8996au_firmware:-:*:*:*:*:*:*:*

>>msm8996au_firmware>>-

cpe:2.3:h:qualcomm:msm8996au:-:*:*:*:*:*:*:*

>>msm8996au>>-

cpe:2.3:o:qualcomm:qca6564a_firmware:-:*:*:*:*:*:*:*

>>qca6564a_firmware>>-

cpe:2.3:h:qualcomm:qca6564a:-:*:*:*:*:*:*:*

>>qca6564a>>-

cpe:2.3:o:qualcomm:qca6564au_firmware:-:*:*:*:*:*:*:*

>>qca6564au_firmware>>-

cpe:2.3:h:qualcomm:qca6564au:-:*:*:*:*:*:*:*

>>qca6564au>>-

cpe:2.3:o:qualcomm:qca6574a_firmware:-:*:*:*:*:*:*:*

>>qca6574a_firmware>>-

cpe:2.3:h:qualcomm:qca6574a:-:*:*:*:*:*:*:*

>>qca6574a>>-

cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*

>>qca6574au_firmware>>-

cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*

>>qca6574au>>-

cpe:2.3:o:qualcomm:qca6584au_firmware:-:*:*:*:*:*:*:*

>>qca6584au_firmware>>-

cpe:2.3:h:qualcomm:qca6584au:-:*:*:*:*:*:*:*

>>qca6584au>>-

cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*

>>qca6696_firmware>>-

cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*

>>qca6696>>-

cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*

>>sa6145p_firmware>>-

cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*

>>sa6145p>>-

cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*

>>sa6150p_firmware>>-

cpe:2.3:h:qualcomm:sa6150p:-:*:*:*:*:*:*:*

>>sa6150p>>-

cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*

>>sa6155p_firmware>>-

cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*

>>sa6155p>>-

cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*

>>sa8145p_firmware>>-

cpe:2.3:h:qualcomm:sa8145p:-:*:*:*:*:*:*:*

>>sa8145p>>-

cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*

>>sa8150p_firmware>>-

cpe:2.3:h:qualcomm:sa8150p:-:*:*:*:*:*:*:*

>>sa8150p>>-

cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*

>>sa8155p_firmware>>-

cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*

>>sa8155p>>-

cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*

>>sa8195p_firmware>>-

cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*

>>sa8195p>>-

cpe:2.3:o:qualcomm:sa8540p_firmware:-:*:*:*:*:*:*:*

>>sa8540p_firmware>>-

cpe:2.3:h:qualcomm:sa8540p:-:*:*:*:*:*:*:*

>>sa8540p>>-

cpe:2.3:o:qualcomm:sa9000p_firmware:-:*:*:*:*:*:*:*

>>sa9000p_firmware>>-

cpe:2.3:h:qualcomm:sa9000p:-:*:*:*:*:*:*:*

>>sa9000p>>-

Weaknesses

CWE ID	Type	Source
CWE-416	Primary	nvd@nist.gov

CWE ID: CWE-416

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
https://www.qualcomm.com/company/product-security/bulletins/march-2022-bulletin	product-security@qualcomm.com	Vendor Advisory

Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/march-2022-bulletin

Source: product-security@qualcomm.com

Resource:

Vendor Advisory

Similar CVEs

2166Records found

CVE-2019-14026

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 8.49%

7 Day CHG~0.00%

Published-05 Mar, 2020 | 08:56

Updated-05 Aug, 2024 | 00:05

Possible buffer overflow in WLAN WMI handler due to lack of ssid length check when copying data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, IPQ6018, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8996AU, MSM8998, Nicobar, QCA6174A, QCA6574, QCA6574AU, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9886, QCN7605, QCS404, QCS405, QCS605, Rennell, SA6155P, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Product-qca9377_firmware apq8096_firmware mdm9640_firmware msm8996au_firmware sdm845 apq8096 sdx24 qcs404_firmware mdm9650 sm7150_firmware sm6150 qca6574 msm8996au sm7150 apq8009_firmware sdm670 sxr2130 qcs605_firmware sc8180x mdm9206 qca9379_firmware qca6174a sdm670_firmware qcs404 sdx24_firmware qca6584au_firmware ipq8074 sdm636 sda845_firmware qca9377 apq8098 qcn7605 ipq6018_firmware mdm9206_firmware qca6574_firmware qca9886 qcs605 mdm9650_firmware qca6574au_firmware sda660 sxr1130_firmware qca8081_firmware sxr1130 apq8009 apq8053_firmware sda845 nicobar sdm850_firmware qca6584au sa6155p_firmware sdm636_firmware sdm845_firmware apq8098_firmware sdx20 msm8998_firmware sdm660 sdm630 mdm9607_firmware sm8250_firmware sc8180x_firmware qcs405 ipq8074_firmware qca6574au sdm710 mdm9607 apq8017_firmware sdm710_firmware qcn7605_firmware sa6155p qca8081 mdm9207c_firmware ipq6018 mdm9207c qca6174a_firmware qca9886_firmware sm8150_firmware sxr2130_firmware apq8096au qcs405_firmware rennell sdm630_firmware sda660_firmware rennell_firmware apq8053 sm6150_firmware apq8096au_firmware sm8250 msm8998 sm8150 sdx20_firmware sdm850 apq8017 nicobar_firmware qca9379 sdm660_firmware mdm9640 Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2019-14091

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 7.83%

7 Day CHG~0.00%

Published-22 Jun, 2020 | 07:10

Updated-05 Aug, 2024 | 00:12

Double free issue in NPU due to lack of resource locking mechanism to avoid race condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607, QCS405, Rennell, Saipan, SC8180X, SDX55, SM8150, SM8250, SXR2130

CWE ID-CWE-415

Double Free

CWE ID-CWE-667

Improper Locking

CVE-2019-14056

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 7.76%

7 Day CHG~0.00%

Published-08 Sep, 2020 | 09:31

Updated-05 Aug, 2024 | 00:05

u'Possible integer overflow in API due to lack of check on large oid range count in cert extension field' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Kamorta, MDM9150, MDM9205, MDM9607, MDM9650, Nicobar, QCS404, QCS405, QCS605, QCS610, Rennell, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX55, SM6150, SM7150, SM8150, SXR1130, SXR2130

CWE ID-CWE-190

Integer Overflow or Wraparound

CVE-2019-14135

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 8.49%

7 Day CHG~0.00%

Published-16 Apr, 2020 | 10:46

Updated-05 Aug, 2024 | 00:12

Possible integer overflow to buffer overflow in WLAN while parsing nonstandard NAN IE messages. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA4010, QCA6174A, QCA6574AU, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9886, QCN7605, QCS405, QCS605, SA6155P, Saipan, SDA845, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130

Product-qca9377_firmware mdm9640_firmware msm8996au_firmware sdm845 sdx24 mdm9650 sm7150_firmware sm6150 msm8996au sm7150 qca4010_firmware apq8009_firmware sdm670 qcs605_firmware mdm9206 qca9379_firmware qca6174a sdm670_firmware sdx24_firmware qca6584au_firmware ipq8074 sda845_firmware qca9377 qcn7605 mdm9206_firmware qcs605 qca9886 mdm9640 mdm9650_firmware qca6574au_firmware sxr1130_firmware qca8081_firmware sxr1130 apq8009 apq8053_firmware sda845 sdm850_firmware qca6584au sa6155p_firmware sdx20 sdm660 mdm9607_firmware qcs405 ipq8074_firmware qca6574au sdm710 mdm9607 apq8017_firmware sdm710_firmware qcn7605_firmware qca4010 sa6155p qca8081 mdm9207c_firmware mdm9207c qca6174a_firmware qca9886_firmware sm8150_firmware apq8096au qcs405_firmware apq8053 apq8096au_firmware saipan_firmware sm6150_firmware sm8150 sdx20_firmware sdm850 apq8017 saipan qca9379 sdm660_firmware sdm845_firmware Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

CWE ID-CWE-190

Integer Overflow or Wraparound

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2019-14079

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.95% / 75.42%

7 Day CHG~0.00%

Published-05 Mar, 2020 | 08:56

Updated-05 Aug, 2024 | 00:12

Access to the uninitialized variable when the driver tries to unmap the dma buffer of a request which was never mapped in the first place leading to kernel failure in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8009, APQ8053, MDM9607, MDM9640, MSM8909W, MSM8953, QCA6574AU, QCS605, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM670, SDM710, SDM845, SDX24, SM8150, SXR1130

CWE ID-CWE-908

Use of Uninitialized Resource

CVE-2020-11260

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.04% / 8.87%

7 Day CHG~0.00%

Published-09 Jun, 2021 | 05:00

Updated-04 Aug, 2024 | 11:28

An improper free of uninitialized memory can occur in DIAG services in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile

Product-qfs2580 qfe2550 qpm5679_firmware qpm5620_firmware qdm5579 qdm2307 qfs2608_firmware qfs2530 qpm8870_firmware qpa8802 qpm6585_firmware pm6125 qat3519 qbt2000_firmware qat5522_firmware wcn3950_firmware pm8150a qtc800h qdm5670 qpa5581_firmware msm8917 pm7150l qpa8821 sd_675_firmware qdm5671 qpm4650_firmware qat3518 sd632 pm456_firmware qpa5580_firmware sdr425_firmware wcn3998 smr526_firmware wcn3950 sm4125 sd720g wcn3660b wgr7640_firmware qfe4320 qpm5670_firmware sd710_firmware sd460_firmware pm8953_firmware qdm5652 qpa4360_firmware qpm8870 wcd9375_firmware wcn3998_firmware qpm5679 qbt2000 pm855p qca6420 apq8053_firmware pm6150a qpm6670_firmware pmx50_firmware sdr735g pm660_firmware pm8150b qdm3301_firmware qsm7250 sd662_firmware qfe2101 qca6430 qat3522 pmr735a sd765g qualcomm215_firmware rsw8577_firmware qdm2308_firmware sdr660 pm439_firmware wcn6851 qpa6560 qfs2630_firmware sdr675_firmware sdr865 qdm5620_firmware smb1358 wcd9341 pmi8952 qdm4643_firmware pm8937_firmware sm7350_firmware qln5020 qet4100_firmware sd750g qfe4320_firmware qdm3302 wcn3910_firmware sm4350_firmware qpm5657 pm6350 qdm5621 qtc800s qpm5875_firmware qat3514_firmware wsa8830_firmware sd855_firmware sd660 sd865_5g_firmware qdm5650 wcn3988 wtr3925 sd660_firmware sdr052 smb1390 qat5516_firmware pm6150l pm855l_firmware qet4100 qpa8686_firmware qpm6585 qtc410s wcn3991 wcd9380_firmware smb1355 qln4650 qpa8801 sdr735g_firmware pm8350bhs_firmware wgr7640 qat5568 qet5100 qdm5671_firmware qpa8801_firmware pm8150l_firmware qat5533_firmware sdx55m_firmware wcn6856_firmware qpa8673_firmware pm6150 qet4101_firmware smb1354_firmware sd670_firmware sd632_firmware pm7250b qln4642_firmware qfs2630 qpa8842 sdr052_firmware wcd9380 smb1355_firmware pm7250b_firmware smb1351_firmware qualcomm215 qfe4309_firmware pmk8350_firmware smb1381 pm855p_firmware sd690_5g_firmware sdx50m_firmware sdr735 pm7250 smb1395 pm660l qpa8803 smr526 qca6430_firmware pmk8003 qtc801s_firmware sd439_firmware wcd9335_firmware qat3522_firmware wcn3980 pm7350c_firmware wsa8815 wcn6850 qfe2101_firmware wcn3910 qdm5621_firmware smb1394 pm8350_firmware wcn3660b_firmware qfe4309 pm8009 wcn3980_firmware sd730 sdr051_firmware pm660l_firmware sdx55m pm6250_firmware wcn6740_firmware qfe4373fc pm8008 pm8350b_firmware qtm525_firmware msm8953 qat3518_firmware qpm5621_firmware pm855l wcn6851_firmware rsw8577 qdm5670_firmware qpa6560_firmware qpa8802_firmware pm7150a_firmware pm8150b_firmware qfe4308_firmware qfe4302 qpm5621 sd670 pm8009_firmware qdm2310_firmware qfe4303 qfs2580_firmware pm8150l qdm5677 pm855_firmware pm660a_firmware pm215 pm855b_firmware wtr2965 qca6391_firmware pmi8937_firmware wcd9370_firmware qat3516_firmware qln4650_firmware sdx55 qpm5875 qet5100m apq8053 sd675 pm8350bhs sd439 qet4101 qat3555_firmware qat3516 qpa8803_firmware qpm5658 pm855b qpm5658_firmware qpm5870 wcn3991_firmware qdm5652_firmware wsa8830 sdr051 pm660 qet6110_firmware qdm5579_firmware qln5030 pm6125_firmware pm4125 qbt1500 qpa5581 pmi632 qpa2625_firmware pm456 pm8350bh_firmware pmr735b_firmware qbt1500_firmware qet5100_firmware qpm5870_firmware qpm4621 qet6100_firmware qet6100 sd765g_firmware qpa8686 qca6420_firmware smb1358_firmware smb1394_firmware qca6390_firmware sd690_5g smb1396 pm7150a sd730_firmware wcd9370 sd675_firmware pm8350 qpa5461_firmware sdr425 pm8350c_firmware pmr525_firmware wcn3990_firmware qpm5641 pmi632_firmware wcd9385_firmware qdm5650_firmware qpa4340_firmware wcd9326_firmware qat5516 wcn3615_firmware wtr2955 pm7250_firmware qdm5620 sd662 qpa8821_firmware qfe4308 pm8350bh pmk8002_firmware pm3003a qdm4650_firmware sdx55_firmware wcn3680b_firmware qat5533 wcn3615 sm7250p_firmware sm7350 qsm7250_firmware qpm6670 smb1354 pm7150l_firmware qpm8820 qpm4641 pm8937 qat5515_firmware qln5020_firmware pm855 sd429 pm8250 smb1398 qdm4643 qfs2530_firmware wcn3988_firmware pmx55 qpm4641_firmware sd429_firmware sdr675 pm8150c_firmware qpa8842_firmware qdm3301 sdr735_firmware qat3519_firmware sm6250 apq8017_firmware wsa8810_firmware pm8953 qat5515 qpm5677 sd765_firmware qat3514 wcd9326 wcd9335 qdm5677_firmware pm6350_firmware pm8004_firmware sdr8150_firmware wcd9385 pm439 qtc800h_firmware pmk7350_firmware qpm5620 qat3550_firmware qln5040_firmware qpm4630 pm4125_firmware qca6390 wcd9375 sd750g_firmware aqt1000 qpa8673 sm6250_firmware qdm2310 qfe2550_firmware msm8953_firmware qln4642 qln5030_firmware msm8917_firmware qpm5677_firmware qfe4302_firmware wsa8815_firmware sd888_5g_firmware pmi8937 smr525_firmware pmk7350 wtr3925_firmware qpm8820_firmware smb1396_firmware wcn6850_firmware qfe4301_firmware apq8017 wsa8835_firmware qpm6621_firmware qet6110 pmi8952_firmware qln5040 qpm8895 qpm5670 wcn3990 sd_675 pmx55_firmware wtr2955_firmware qfe4373fc_firmware sd865_5g pmk8350 smb1398_firmware qdm3302_firmware pm8350b qat5522 qdm2307_firmware wsa8835 pm8150c pmr735b sd665_firmware qpm5657_firmware sd888_5g qpa4360 pmk8003_firmware sdr660_firmware qpm4640_firmware smb1390_firmware qdm5679_firmware pm8350c smr525 qfe4305_firmware qfe4303_firmware qpm4640 pm6150l_firmware pmr525 pm7350c pm8150a_firmware qet5100m_firmware qpm4650 qtm525 sd855 sm4125_firmware sd665 qfe4305 pm6150a_firmware pm6150_firmware sd765 qpm4630_firmware sd768g_firmware sdr865_firmware qat3555 pm8250_firmware sd460 qca6391 smb1351 qpa5461 aqt1000_firmware pm215_firmware qpm8895_firmware wtr2965_firmware pm660a qpa4340 sdx50m sdr8150 qfs2608 qtc801s smb1395_firmware qdm4650 qpm5641_firmware sd710 pm8008_firmware wcd9341_firmware qpm6621 wsa8810 qtc410s_firmware pmr735a_firmware qat5568_firmware qdm2308 pmx50 qat3550 wcn6856 qdm5679 wcn3680b sd768g pm3003a_firmware wcn6740 qfe4301 qtc800s_firmware sm4350 smb1381_firmware pm8004 pmk8002 qpa2625 sm7250p sd720g_firmware qpm4621_firmware pm6250 qpa5580 Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile

CWE ID-CWE-908

Use of Uninitialized Resource

CVE-2019-14130

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.13% / 33.13%

7 Day CHG~0.00%

Published-30 Jul, 2020 | 11:40

Updated-05 Aug, 2024 | 00:12

Memory corruption can occurs in trusted application if offset size from HLOS is more than actual mapped buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130

CWE ID-CWE-787

Out-of-bounds Write

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2019-13992

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 7.76%

7 Day CHG~0.00%

Published-08 Sep, 2020 | 09:31

Updated-05 Aug, 2024 | 00:05

u'Out of bound memory access if stack push and pop operation are performed without doing a bound check on stack top' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Bitra, IPQ6018, IPQ8074, MDM9205, Nicobar, QCA8081, QCN7605, QCS404, QCS405, QCS605, QCS610, Rennell, SA415M, SA6155P, Saipan, SC7180, SC8180X, SDA845, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Product-sdm850_firmware sa6155p_firmware qcs610 sdm845 sdx20 sdx24 qcs404_firmware sm8250_firmware sc8180x_firmware sa415m_firmware qcs405 sm7150_firmware ipq8074_firmware sdm710 sc7180_firmware sm6150 sdm710_firmware sm7150 qcn7605_firmware sa6155p sdm670 qca8081 qcs610_firmware qcs605_firmware sc8180x sxr2130 ipq6018 sdm670_firmware qcs404 sdx24_firmware sm8150_firmware ipq8074 sxr2130_firmware qcs405_firmware rennell sa415m sc7180 bitra sda845_firmware mdm9205_firmware qcn7605 rennell_firmware ipq6018_firmware mdm9205 qcs605 sdx55 saipan_firmware sm6150_firmware sm8250 bitra_firmware sm8150 sdx20_firmware sdm850 sxr1130_firmware sdx55_firmware qca8081_firmware nicobar_firmware saipan sxr1130 sda845 nicobar sdm845_firmware Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2019-14009

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 7.76%

7 Day CHG~0.00%

Published-16 Apr, 2020 | 10:46

Updated-05 Aug, 2024 | 00:05

Out of bound memory access while processing TZ command handler due to improper input validation on response length received from user in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8098, MDM9150, MDM9607, MDM9650, MSM8905, MSM8909, MSM8998, SDA660, SDA845, SDM630, SDM636, SDM660, SDM845, SDM850, SXR2130

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2019-14036

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 8.49%

7 Day CHG~0.00%

Published-21 Jan, 2020 | 06:30

Updated-05 Aug, 2024 | 00:05

Possible buffer overflow issue in error processing due to improper validation of array index value in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8064, APQ8096AU, IPQ4019, IPQ8064, IPQ8074, MDM9607, MDM9615, MDM9640, MSM8996AU, QCN7605

CWE ID-CWE-129

Improper Validation of Array Index

CVE-2019-14124

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.11% / 29.94%

7 Day CHG~0.00%

Published-30 Jul, 2020 | 11:40

Updated-05 Aug, 2024 | 00:12

Memory failure in content protection module due to not having pointer within the scope in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130

CWE ID-CWE-824

Access of Uninitialized Pointer

CVE-2020-11207

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.54% / 66.52%

7 Day CHG~0.00%

Published-12 Nov, 2020 | 10:00

Updated-04 Aug, 2024 | 11:28

Buffer overflow in LibFastCV library due to improper size checks with respect to buffer length' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8052, APQ8056, APQ8076, APQ8096, APQ8096SG, APQ8098, MDM9655, MSM8952, MSM8956, MSM8976, MSM8976SG, MSM8996, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS410, QCS4290, QCS610, QCS6125, QSM8250, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SDA640, SDA660, SDA845, SDA855, SDM640, SDM660, SDM830, SDM845, SDM850, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR2130, SXR2130P

Product-sm6115_firmware sm7250 sa6150p_firmware sm6250p_firmware apq8096_firmware qcs610 sm6125 sdm640 sdm845 sm7250_firmware apq8096 sdx55m_firmware sm6115p_firmware sm7150_firmware msm8952_firmware sm6150 msm8976_firmware qcs4290 sa8150p_firmware sm7150 sm6250p sa6155 qcs410 sda640_firmware sxr2130 apq8076 sdx50m_firmware qcs6125_firmware sm6115 sm7150p apq8076_firmware sdm660_firmware sda845_firmware apq8052_firmware apq8098 sm4250 sm7225 sda855 sm6115p msm8956_firmware sa8155 sda660 sdx55_firmware sa6155_firmware sda855_firmware sm7250p_firmware sxr2130p sdx55m sm6150p_firmware sda845 sm6350 sm7125 sdm850_firmware sm4250p_firmware sa6155p_firmware sxr2130p_firmware qsm8250_firmware sda640 qcm4290 apq8098_firmware sdx50m msm8996sg qcs6125 msm8998_firmware apq8056_firmware sa8155_firmware sdm660 sm8250_firmware mdm9655_firmware msm8976sg sm6350_firmware msm8996sg_firmware sa6145p_firmware sc7180_firmware sm4250_firmware sm6250 sa8155p_firmware sa8195p sdm830_firmware msm8976sg_firmware qcm6125 qcm4290_firmware sa6155p qcs610_firmware apq8052 msm8996_firmware qsm8250 sa6145p qcs4290_firmware sm8150_firmware sxr2130_firmware sm7150p_firmware sm4250p mdm9655 sc7180 sda660_firmware msm8976 msm8956 sa8150p sm6250_firmware sm7125_firmware sa6150p sm6150_firmware msm8952 apq8056 sdx55 sa8155p msm8998 sm7225_firmware sm8150 sdm850 sm8250 sm8150p_firmware sm7250p sdm830 sa8195p_firmware sdm640_firmware msm8996 qcs410_firmware sm6125_firmware sm8150p sm6150p qcm6125_firmware sdm845_firmware Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2019-14041

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-1.23% / 78.34%

7 Day CHG~0.00%

Published-07 Feb, 2020 | 05:00

Updated-05 Aug, 2024 | 00:05

During listener modified response processing, a buffer overrun occurs due to lack of buffer size verification when updating message buffer with physical address information in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8953, MSM8996AU, Nicobar, QCM2150, QCS405, QCS605, QM215, Rennell, SA6155P, Saipan, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Product-qcm2150_firmware mdm9640_firmware sdm429w msm8996au_firmware sdm632_firmware sdm845 sdm450_firmware sdm632 sdx24 sdm439 mdm9650 sdm429 sm7150_firmware sm6150 msm8909w_firmware md9607 msm8996au sdm429w_firmware sm7150 apq8009_firmware msm8917 sdm670 sxr2130 qcs605_firmware sc8180x mdm9206 sdm670_firmware sdx24_firmware sda845_firmware apq8098 md9607_firmware mdm9206_firmware qcs605 sdm429_firmware mdm9650_firmware msm8905_firmware sda660 sdx55_firmware sxr1130_firmware sxr1130 msm8909w apq8009 apq8053_firmware sda845 nicobar sa6155p_firmware msm8953 sdm450 sdm845_firmware apq8098_firmware sdx20 qcm2150 sm8250_firmware sc8180x_firmware qcs405 sdm710 qm215 apq8017_firmware sdm710_firmware sa6155p mdm9207c_firmware msm8905 mdm9207c sm8150_firmware sxr2130_firmware apq8096au sdm439_firmware qcs405_firmware rennell sda660_firmware rennell_firmware qm215_firmware sdx55 msm8953_firmware apq8053 saipan_firmware sm6150_firmware apq8096au_firmware msm8917_firmware sm8250 sm8150 sdx20_firmware apq8017 saipan nicobar_firmware mdm9640 Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2019-14116

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 6.28%

7 Day CHG~0.00%

Published-16 Apr, 2020 | 10:46

Updated-05 Aug, 2024 | 00:12

Privilege escalation by using an altered debug policy image can occur as the XPU protecting the debug policy regions are disabled during the crash dump boot flow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ6018

Product-ipq6018_firmware ipq6018 Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

CWE ID-CWE-862

Missing Authorization

CVE-2024-21464

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.03% / 5.89%

7 Day CHG~0.00%

Published-06 Jan, 2025 | 10:33

Updated-10 Jan, 2025 | 17:22

Buffer Copy Without Checking Size of Input in Data Network Stack & Connectivity

Memory corruption while processing IPA statistics, when there are no active clients registered.

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2019-13995

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.04% / 10.49%

7 Day CHG~0.00%

Published-08 Sep, 2020 | 09:31

Updated-05 Aug, 2024 | 00:05

u'Lack of integer overflow check for addition of fragment size and remaining size that are read from shared memory can lead to memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Bitra, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SA415M, SA6155P, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Product-mdm9150_firmware mdm9640_firmware qcs610 sdm450_firmware sdm632 qcs404_firmware mdm9650 mdm9645 apq8009_firmware msm8917 sdm670 qcs605_firmware sda845_firmware sa415m bitra apq8098 qcn7605 mdm9206_firmware bitra_firmware msm8905_firmware sda660 sdx55_firmware qca8081_firmware sxr1130 apq8053_firmware sda845 sa6155p_firmware sdm450 sdm636_firmware apq8098_firmware msm8998_firmware sdm630 mdm9607_firmware sm8250_firmware mdm9655_firmware sa415m_firmware qcs405 qm215 sc7180_firmware apq8017_firmware sdm710_firmware sa6155p qca8081 msm8937 msm8905 sm8150_firmware msm8909 sxr2130_firmware mdm9655 rennell sc7180 msm8953_firmware saipan_firmware sm6150_firmware msm8917_firmware msm8998 sm8150 sdx20_firmware sdm850 kamorta apq8017 msm8996 saipan mdm9640 kamorta_firmware qcm2150_firmware sdm429w msm8996au_firmware sdm632_firmware sdm845 sdx24 sdm439 sdm429 msm8940_firmware sm7150_firmware sm6150 msm8996au sdm429w_firmware sm7150 sxr2130 sc8180x mdm9206 sdm670_firmware qcs404 sdx24_firmware ipq8074 sdm636 ipq6018_firmware mdm9205 qcs605 msm8937_firmware mdm9650_firmware sdm429_firmware sxr1130_firmware apq8009 msm8909_firmware nicobar sdm850_firmware msm8920 msm8953 sdx20 qcm2150 msm8920_firmware sdm660 sc8180x_firmware ipq8074_firmware sdm710 mdm9607 mdm9645_firmware qcn7605_firmware qcs610_firmware mdm9150 msm8996_firmware ipq6018 apq8096au sdm439_firmware qcs405_firmware sdm630_firmware mdm9205_firmware sda660_firmware rennell_firmware qm215_firmware sdx55 msm8940 apq8053 apq8096au_firmware sm8250 nicobar_firmware sdm660_firmware sdm845_firmware Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

CWE ID-CWE-787

Out-of-bounds Write

CWE ID-CWE-190

Integer Overflow or Wraparound

CVE-2019-14000

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.04% / 10.49%

7 Day CHG~0.00%

Published-05 Mar, 2020 | 08:56

Updated-05 Aug, 2024 | 00:05

Lack of check that the RX FIFO write index that is read from shared RAM is less than the FIFO size results into memory corruption and potential information leakage in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, IPQ6018, IPQ8074, MDM9150, MDM9205, MDM9206, MDM9607, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCS404, QCS405, QCS605, QM215, Rennell, SA6155P, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Product-mdm9150_firmware apq8096_firmware mdm9640_firmware qcm2150_firmware sdm429w msm8996au_firmware sdm632_firmware sdm845 sdm450_firmware sdm632 apq8096 sdx24 sdm439 qcs404_firmware mdm9650 sdm429 msm8940_firmware sm7150_firmware sm6150 msm8996au mdm9645 sdm429w_firmware sm7150 apq8009_firmware msm8917 sdm670 sxr2130 qcs605_firmware sc8180x mdm9206 sdm670_firmware qcs404 sdx24_firmware ipq8074 sdm636 sda845_firmware apq8098 ipq6018_firmware mdm9205 mdm9206_firmware qcs605 msm8937_firmware mdm9650_firmware sdm429_firmware msm8905_firmware sda660 sdx55_firmware sxr1130_firmware qca8081_firmware sxr1130 apq8009 apq8053_firmware sda845 nicobar sdm850_firmware sa6155p_firmware msm8920 msm8953 sdm450 sdm636_firmware sdm845_firmware apq8098_firmware sdx20 msm8998_firmware qcm2150 msm8920_firmware sdm630 mdm9607_firmware sm8250_firmware mdm9655_firmware sdm660 sc8180x_firmware qcs405 ipq8074_firmware sdm710 qm215 mdm9607 mdm9645_firmware apq8017_firmware sdm710_firmware sa6155p qca8081 mdm9150 msm8937 msm8996_firmware msm8905 ipq6018 sm8150_firmware sxr2130_firmware mdm9655 apq8096au sdm439_firmware rennell qcs405_firmware sdm630_firmware mdm9205_firmware sda660_firmware rennell_firmware qm215_firmware sdx55 msm8953_firmware msm8940 sm6150_firmware apq8053 apq8096au_firmware msm8917_firmware sm8250 msm8998 sm8150 sdx20_firmware sdm850 apq8017 msm8996 nicobar_firmware sdm660_firmware mdm9640 Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

CWE ID-CWE-787

Out-of-bounds Write

CVE-2019-14065

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 7.76%

7 Day CHG~0.00%

Published-08 Sep, 2020 | 09:31

Updated-05 Aug, 2024 | 00:05

u'Pointer double free in HavenSvc due to not setting the pointer to NULL after freeing it' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8909, MSM8998, Nicobar, QCS404, QCS405, QCS605, QCS610, Rennell, SA515M, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Product-kamorta_firmware mdm9150_firmware qcs610 sdm845 qcs404_firmware mdm9650 sm7150_firmware sm6150 sm7150 apq8009_firmware sdm670 sxr2130 qcs605_firmware sc8180x mdm9206 sdm670_firmware qcs404 sdm636 sda845_firmware apq8098 mdm9205 mdm9206_firmware qcs605 sa515m mdm9650_firmware msm8905_firmware sda660 sdx55_firmware sxr1130_firmware sxr1130 apq8009 msm8909_firmware sda845 nicobar sdm850_firmware sa6155p_firmware sdm636_firmware sa515m_firmware apq8098_firmware msm8998_firmware sdm660 sdm630 mdm9607_firmware sm8250_firmware sc8180x_firmware qcs405 sdm710 sc7180_firmware mdm9607 sdm710_firmware sa6155p qcs610_firmware mdm9150 msm8905 sm8150_firmware msm8909 sxr2130_firmware qcs405_firmware rennell sc7180 sdm630_firmware mdm9205_firmware sda660_firmware rennell_firmware sdx55 sm6150_firmware sm8250 msm8998 sm8150 sdm850 kamorta nicobar_firmware sdm660_firmware sdm845_firmware Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

CWE ID-CWE-415

Double Free

CVE-2019-14054

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 5.20%

7 Day CHG~0.00%

Published-02 Jun, 2020 | 15:05

Updated-05 Aug, 2024 | 00:05

Improper permissions in XBL_SEC region enable user to update XBL_SEC code and data and divert the RAM dump path to normal cold boot path in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, MSM8998, QCS404, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM8150, SXR1130, SXR2130

CVE-2019-14028

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 7.76%

7 Day CHG~0.00%

Published-05 Mar, 2020 | 08:56

Updated-05 Aug, 2024 | 00:05

Buffer overwrite during memcpy due to lack of check on SSID length validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096, APQ8096AU, APQ8098, IPQ6018, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8996AU, MSM8998, Nicobar, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9886, QCN7605, QCS404, QCS405, QCS605, Rennell, SA6155P, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Product-qca9377_firmware apq8096_firmware mdm9640_firmware qca4531_firmware msm8996au_firmware sdm845 apq8096 sdx24 qcs404_firmware mdm9650 sm7150_firmware sm6150 qca6574 msm8996au sm7150 apq8009_firmware sdm670 sxr2130 qcs605_firmware sc8180x mdm9206 qca6564 qca9379_firmware qca6174a sdm670_firmware qcs404 sdx24_firmware qca6584au_firmware ipq8074 sdm636 sda845_firmware qca9377 qca4531 apq8098 qcn7605 ipq6018_firmware mdm9206_firmware qca6574_firmware qca9886 qcs605 qca6584_firmware mdm9650_firmware qca6584 qca6574au_firmware sda660 sxr1130_firmware apq8064_firmware qca8081_firmware sxr1130 apq8009 apq8053_firmware sda845 nicobar sdm850_firmware qca6584au sa6155p_firmware sdm636_firmware apq8064 sdm845_firmware apq8098_firmware sdx20 msm8998_firmware sdm660 sdm630 mdm9607_firmware sm8250_firmware sc8180x_firmware qcs405 ipq8074_firmware qca6574au sdm710 mdm9607 apq8017_firmware sdm710_firmware qcn7605_firmware sa6155p qca8081 mdm9207c_firmware ipq6018 mdm9207c qca6174a_firmware qca9886_firmware qca6564_firmware sm8150_firmware sxr2130_firmware apq8096au qcs405_firmware rennell sdm630_firmware sda660_firmware rennell_firmware apq8053 sm6150_firmware apq8096au_firmware sm8250 msm8998 sm8150 sdx20_firmware sdm850 apq8017 nicobar_firmware qca9379 sdm660_firmware mdm9640 Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

CWE ID-CWE-787

Out-of-bounds Write

CVE-2019-14023

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 7.76%

7 Day CHG~0.00%

Published-21 Jan, 2020 | 06:30

Updated-05 Aug, 2024 | 00:05

String format issue will occur while processing HLOS data as there is no user input validation to ensure inputs are properly NULL terminated before string copy in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607, Nicobar, Rennell, SA6155P, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

CVE-2019-14089

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.02% / 2.19%

7 Day CHG~0.00%

Published-08 Sep, 2020 | 09:31

Updated-05 Aug, 2024 | 00:12

u'Keymaster attestation key and device IDs provisioning which is a one time process is incorrectly allowed to be re-provisioned after a user data erase or a factory reset' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Kamorta, Nicobar, QCS404, QCS610, Rennell, SA515M, SA6155P, SC7180, SC8180X, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

CWE ID-CWE-327

Use of a Broken or Risky Cryptographic Algorithm

CVE-2019-14074

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 8.49%

7 Day CHG~0.00%

Published-08 Sep, 2020 | 09:31

Updated-05 Aug, 2024 | 00:12

u'Heap overflow in diag command handler due to lack of check of packet length received from user' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8076, APQ8096AU, APQ8098, Bitra, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM9207C, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SA415M, SA6155P, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Product-mdm9150_firmware mdm9640_firmware qcs610 sdm450_firmware sdm632 qcs404_firmware mdm9650 mdm9645 apq8009_firmware msm8917 sdm670 qcs605_firmware apq8076 apq8076_firmware sda845_firmware sa415m bitra apq8098 qcn7605 mdm9206_firmware bitra_firmware msm8905_firmware sda660 sdx55_firmware qca8081_firmware sxr1130 msm8909w apq8053_firmware sda845 sa6155p_firmware sdm450 sdm636_firmware apq8098_firmware msm8998_firmware sdm630 mdm9607_firmware sm8250_firmware mdm9655_firmware sa415m_firmware qcs405 qm215 sc7180_firmware apq8017_firmware mdm9625_firmware sdm710_firmware sa6155p qca8081 msm8937 msm8905 sm8150_firmware msm8909 sxr2130_firmware mdm9655 rennell sc7180 mdm9625 msm8953_firmware saipan_firmware sm6150_firmware msm8917_firmware msm8998 sm8150 sdx20_firmware sdm850 kamorta apq8017 msm8996 saipan mdm9640 kamorta_firmware mdm9635m_firmware qcm2150_firmware sdm429w msm8996au_firmware sdm632_firmware sdm845 sdx24 sdm439 sdm429 msm8940_firmware sm7150_firmware sm6150 msm8909w_firmware msm8996au sdm429w_firmware sm7150 sxr2130 sc8180x mdm9206 sdm670_firmware qcs404 sdx24_firmware ipq8074 sdm636 mdm9635m ipq6018_firmware mdm9205 qcs605 msm8937_firmware mdm9650_firmware sdm429_firmware sxr1130_firmware apq8009 msm8909_firmware nicobar sdm850_firmware msm8920 msm8953 sdx20 qcm2150 msm8920_firmware sdm660 sc8180x_firmware ipq8074_firmware sdm710 mdm9607 mdm9645_firmware qcn7605_firmware qcs610_firmware mdm9150 mdm9207c_firmware msm8996_firmware ipq6018 mdm9207c apq8096au sdm439_firmware qcs405_firmware sdm630_firmware mdm9205_firmware sda660_firmware rennell_firmware qm215_firmware sdx55 msm8940 apq8053 apq8096au_firmware sm8250 nicobar_firmware sdm660_firmware sdm845_firmware Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

CWE ID-CWE-787

Out-of-bounds Write

CWE ID-CWE-20

Improper Input Validation

CWE ID-CWE-190

Integer Overflow or Wraparound

CVE-2020-11174

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.04% / 12.08%

7 Day CHG~0.00%

Published-02 Nov, 2020 | 06:21

Updated-04 Aug, 2024 | 11:28

u'Array index underflow issue in adsp driver due to improper check of channel id before used as array index.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in Agatti, APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Bitra, IPQ4019, IPQ5018, IPQ6018, IPQ8064, IPQ8074, Kamorta, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8953, MSM8996AU, QCA6390, QCA9531, QCM2150, QCS404, QCS405, QCS605, SA415M, SA515M, SA6155P, SA8155P, Saipan, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM8150, SM8250, SXR1130, SXR2130

Product-ipq5018_firmware kamorta_firmware qcm2150_firmware mdm9640_firmware sdm429w msm8996au_firmware sdm632_firmware sdm845 sdm632 sdx24 qcs404_firmware mdm9650 sdm429 sm6150 msm8909w_firmware agatti_firmware msm8996au sdm429w_firmware qca6390_firmware apq8009_firmware sdm670 sxr2130 qcs605_firmware sc8180x ipq4019_firmware sdm670_firmware qcs404 sdx24_firmware ipq8074 sdm636 sda845_firmware ipq5018 sa415m bitra apq8098 ipq6018_firmware sa515m qcs605 bitra_firmware sdm429_firmware mdm9650_firmware msm8905_firmware sda660 sdx55_firmware ipq8064 sxr1130_firmware sxr1130 msm8909w apq8009 apq8053_firmware ipq8064_firmware sda845 agatti sa6155p_firmware msm8953 sdm636_firmware sdm845_firmware sa515m_firmware apq8098_firmware sdx20 qcm2150 sdm660 sdm630 mdm9607_firmware sm8250_firmware sc8180x_firmware sa415m_firmware qcs405 qca9531 ipq8074_firmware sa8155p_firmware sdm710 mdm9607 apq8017_firmware sdm710_firmware sa6155p msm8905 ipq6018 sm8150_firmware sxr2130_firmware apq8096au qcs405_firmware sdm630_firmware sda660_firmware qca6390 ipq4019 sdx55 msm8953_firmware apq8053 saipan_firmware sm6150_firmware apq8096au_firmware sa8155p sm8250 sm8150 sdx20_firmware qca9531_firmware kamorta apq8017 saipan sdm660_firmware mdm9640 Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

CWE ID-CWE-129

Improper Validation of Array Index

CVE-2019-14046

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 7.76%

7 Day CHG~0.00%

Published-07 Feb, 2020 | 05:00

Updated-05 Aug, 2024 | 00:05

Out of bound access while allocating memory for an array in camera due to improper validation of elements parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in QCS605, SDM439, SDX24

Product-sdx24_firmware sdm439_firmware sdx24 sdm439 qcs605 qcs605_firmware Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

CWE ID-CWE-129

Improper Validation of Array Index

CVE-2019-14044

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 8.22%

7 Day CHG~0.00%

Published-07 Feb, 2020 | 05:00

Updated-05 Aug, 2024 | 00:05

Out of bound access due to access of uninitialized memory segment in an array of pointers while normal camera open close in Snapdragon Consumer IOT, Snapdragon Mobile in QCS605, SDM439, SDM630, SDM636, SDM660, SDX24

Product-sdx24_firmware sdm636_firmware sdm439_firmware sdm636 sdm660_firmware sdm630_firmware sdx24 sdm630 sdm660 sdm439 qcs605 qcs605_firmware Snapdragon Consumer IOT, Snapdragon Mobile

CWE ID-CWE-129

Improper Validation of Array Index

CWE ID-CWE-908

Use of Uninitialized Resource

CVE-2019-14071

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 7.76%

7 Day CHG~0.00%

Published-05 Mar, 2020 | 08:56

Updated-05 Aug, 2024 | 00:12

Compromised reset handler may bypass access control due to AC config is being reset if debug path is enabled to collect secure or non-secure ram dumps in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8017, APQ8053, APQ8096, APQ8096AU, IPQ6018, MDM9205, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS404, QCS405, QCS605, QM215, Rennell, SA6155P, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130, SXR2130

Product-apq8096_firmware qcm2150_firmware sdm632_firmware msm8996au_firmware sdm845 sdm450_firmware sdm632 apq8096 sdx24 sdm439 qcs404_firmware sdm429 msm8940_firmware sm7150_firmware sm6150 msm8996au sm7150 msm8917 sdm670 sxr2130 qcs605_firmware sc8180x sdm670_firmware qcs404 sdx24_firmware sdm636 sda845_firmware ipq6018_firmware mdm9205 qcs605 msm8937_firmware sdm429_firmware sda660 sdx55_firmware sxr1130_firmware sxr1130 apq8053_firmware sda845 nicobar sdm850_firmware sa6155p_firmware msm8920 msm8953 sdm450 sdm636_firmware msm8998_firmware qcm2150 msm8920_firmware sdm630 sdm660 sc8180x_firmware qcs405 sdm710 qm215 apq8017_firmware sdm710_firmware sa6155p msm8937 msm8996_firmware ipq6018 sm8150_firmware sxr2130_firmware apq8096au sdm439_firmware qcs405_firmware rennell sdm630_firmware mdm9205_firmware sda660_firmware rennell_firmware qm215_firmware sdx55 msm8953_firmware msm8940 sm6150_firmware apq8053 apq8096au_firmware msm8917_firmware msm8998 sm8150 sdm850 apq8017 msm8996 nicobar_firmware sdm660_firmware sdm845_firmware Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

CVE-2020-11201

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.05% / 15.71%

7 Day CHG~0.00%

Published-12 Nov, 2020 | 10:00

Updated-04 Aug, 2024 | 11:28

Arbitrary access to DSP memory due to improper check in loaded library for data received from CPU side' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in QCM6125, QCS410, QCS603, QCS605, QCS610, QCS6125, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SDA640, SDA845, SDM640, SDM830, SDM845, SDX50M, SDX55, SDX55M, SM6125, SM6150, SM6250, SM6250P, SM7125, SM7150, SM7150P, SM8150, SM8150P

CWE ID-CWE-20

Improper Input Validation

CVE-2020-11127

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 8.49%

7 Day CHG~0.00%

Published-12 Nov, 2020 | 10:00

Updated-04 Aug, 2024 | 11:21

u'Integer overflow can cause a buffer overflow due to lack of table length check in the extensible boot Loader during the validation of security metadata while processing objects to be loaded' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in MDM9205, QCM4290, QCS405, QCS410, QCS4290, QCS610, QSM8250, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC8180X, SC8180X+SDX55, SC8180XP, SDA640, SDA845, SDA855, SDM1000, SDM640, SDM830, SDM845, SDM850, SDX24, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR2130, SXR2130P

Product-sm6115_firmware sm7250 sa6150p_firmware sm6250p_firmware qcs610 sdm640 sdm845 sm7250_firmware sdx24 sdx55m_firmware sm6115p_firmware sm7150_firmware sm6150 qcs4290 sa8150p_firmware sm7150 sm6250p sa6155 qcs410 sda640_firmware sc8180x sxr2130 sdx50m_firmware sm6115 sm7150p sdx24_firmware sda845_firmware sa415m sm4250 sc8180xp sm4125 sm7225 sa515m sda855 mdm9205 sm6115p sm4125_firmware sa8155 sdx55_firmware sa6155_firmware sdm1000 sm7250p_firmware sxr2130p sda855_firmware sdx55m sm6150p_firmware sda845 sm6350 sm7125 sdm850_firmware sm4250p_firmware sa6155p_firmware sxr2130p_firmware sda640 sa515m_firmware qcm4290 sdx50m sa8155_firmware sm8250_firmware sc8180x_firmware sa415m_firmware qcs405 sm6350_firmware sa6145p_firmware sc7180_firmware sm4250_firmware sm6250 sa8155p_firmware sa8195p sdm830_firmware qcm4290_firmware sa6155p qcs610_firmware qsm8250 sa6145p qcs4290_firmware sm8150_firmware sxr2130_firmware sm7150p_firmware sm4250p qcs405_firmware sc7180 mdm9205_firmware sc8180xp_firmware sa8150p sm7125_firmware sm6250_firmware sa6150p sdx55 sm6150_firmware sa8155p sm8250 sm8150p_firmware sm7225_firmware sm8150 sdm850 sdm1000_firmware sm7250p sdm830 sa8195p_firmware sdm640_firmware qcs410_firmware sm8150p sm6150p qsm8250_firmware sdm845_firmware Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

CWE ID-CWE-190

Integer Overflow or Wraparound

CVE-2019-14015

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 8.49%

7 Day CHG~0.00%

Published-05 Mar, 2020 | 08:56

Updated-05 Aug, 2024 | 00:05

A stack-based buffer overflow exists in the initialization of the identification stage due to lack of check on the number of templates provided. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8096, APQ8096AU, MDM9205, MSM8996, MSM8996AU, Nicobar, QCS404, QCS405, QCS605, Rennell, SA6155P, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130, SXR2130

CWE ID-CWE-787

Out-of-bounds Write

CVE-2019-14122

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 7.76%

7 Day CHG~0.00%

Published-16 Apr, 2020 | 10:46

Updated-05 Aug, 2024 | 00:12

Memory failure in SKB if it fails to to add the requested padding to the skb in low memory targets or targets with major memory fragmentation in Snapdragon Auto, Snapdragon Mobile in Saipan, SM8150, SM8250, SXR2130

Product-sxr2130 saipan_firmware sm8250 sm8150_firmware sm8150 sxr2130_firmware saipan sm8250_firmware Snapdragon Auto, Snapdragon Mobile

CWE ID-CWE-755

Improper Handling of Exceptional Conditions

CVE-2019-14049

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 7.76%

7 Day CHG~0.00%

Published-07 Feb, 2020 | 05:00

Updated-05 Aug, 2024 | 00:05

Stage-2 fault will occur while writing to an ION system allocation which has been assigned to non-HLOS memory which is non-standard in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9640, MSM8953, QCN7605, QCS605, SC8180X, SDA845, SDM429, SDM439, SDM450, SDM632, SDX20, SDX24, SDX55, SM8150, SXR1130

CWE ID-CWE-617

Reachable Assertion

CVE-2019-14001

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.02% / 3.60%

7 Day CHG~0.00%

Published-16 Apr, 2020 | 10:46

Updated-05 Aug, 2024 | 00:05

Wrong public key usage from existing oem_keystore for hash generation in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8953, MSM8996AU, QM215, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDX20

CWE ID-CWE-327

Use of a Broken or Risky Cryptographic Algorithm

CVE-2019-14094

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.04% / 12.08%

7 Day CHG~0.00%

Published-22 Jun, 2020 | 07:10

Updated-05 Aug, 2024 | 00:12

Integer overflow in diag command handler when user inputs a large value for number of tasks field in the request packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, APQ8096AU, APQ8098, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM9207C, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QM215, Rennell, SA415M, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Product-mdm9150_firmware mdm9640_firmware sdm450_firmware sdm632 qcs404_firmware mdm9650 mdm9645 apq8009_firmware msm8917 sdm670 qcs605_firmware sda845_firmware sa415m apq8098 qcn7605 mdm9206_firmware msm8905_firmware sda660 qca8081_firmware sxr1130 msm8909w apq8053_firmware sda845 sdm450 sdm636_firmware apq8098_firmware msm8998_firmware sdm630 mdm9607_firmware sm8250_firmware mdm9655_firmware sa415m_firmware qcs405 qm215 sc7180_firmware mdm9625_firmware sdm710_firmware qca8081 msm8937 msm8905 sm8150_firmware msm8909 sxr2130_firmware mdm9655 rennell sc7180 mdm9625 msm8953_firmware saipan_firmware sm6150_firmware msm8917_firmware msm8998 sm8150 sdx20_firmware sdm850 kamorta msm8996 saipan mdm9640 kamorta_firmware mdm9635m_firmware qcm2150_firmware sdm429w msm8996au_firmware sdm632_firmware sdm845 sdx24 sdm439 sdm429 msm8940_firmware sm7150_firmware sm6150 msm8909w_firmware msm8996au sdm429w_firmware sm7150 sxr2130 sc8180x mdm9206 sdm670_firmware qcs404 sdx24_firmware ipq8074 sdm636 mdm9635m ipq6018_firmware mdm9205 qcs605 msm8937_firmware mdm9650_firmware sdm429_firmware sxr1130_firmware apq8009 msm8909_firmware nicobar sdm850_firmware msm8920 msm8953 sdx20 qcm2150 msm8920_firmware sdm660 sc8180x_firmware ipq8074_firmware sdm710 mdm9607 mdm9645_firmware qcn7605_firmware mdm9150 mdm9207c_firmware msm8996_firmware ipq6018 mdm9207c apq8096au sdm439_firmware qcs405_firmware sdm630_firmware mdm9205_firmware sda660_firmware rennell_firmware qm215_firmware msm8940 apq8053 apq8096au_firmware sm8250 nicobar_firmware sdm660_firmware sdm845_firmware Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

CWE ID-CWE-190

Integer Overflow or Wraparound

CVE-2020-11164

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.04% / 12.08%

7 Day CHG~0.00%

Published-02 Nov, 2020 | 06:21

Updated-04 Aug, 2024 | 11:28

u'Third-party app may also call the broadcasts in Perfdump and cause privilege escalation issue due to improper access control' in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in Agatti, APQ8096AU, APQ8098, Bitra, Kamorta, MSM8909W, MSM8917, MSM8940, Nicobar, QCA6390, QCM2150, QCS605, Rennell, SA6155P, SA8155P, Saipan, SDA660, SDM429W, SDM450, SDM630, SDM636, SDM660, SDM670, SDM710, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

CVE-2019-14051

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 8.49%

7 Day CHG~0.00%

Published-07 Feb, 2020 | 05:00

Updated-05 Aug, 2024 | 00:05

Subsequent additions performed during Module loading while allocating the memory would lead to integer overflow and then to buffer overflow in Snapdragon Industrial IOT in MDM9206, MDM9607

Product-mdm9206 mdm9206_firmware mdm9607_firmware mdm9607 Snapdragon Industrial IOT

CWE ID-CWE-190

Integer Overflow or Wraparound

CVE-2020-11286

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-6.8||MEDIUM

EPSS-0.04% / 13.14%

7 Day CHG~0.00%

Published-22 Feb, 2021 | 06:26

Updated-04 Aug, 2024 | 11:28

An Untrusted Pointer Dereference can occur while doing USB control transfers, if multiple requests of different standard request categories like device, interface & endpoint are made together. in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Product-qfe3100 pm8909 qfe1040 qfe2550 pm660 pmi8996 qbt1500 qfe1045 qln1030 mdm9650 sd_636 pmk8001 qfe2340 mdm9250 qtc800h apq8076 wtr3905 qca9377 mdm9628 qpa5460 wtr2955 wcn3660b qln1021aq smb1380 qca6584 mdm9630 wcn3615 msm8909w qtc800t sdx20m wcd9306 qca6584au qca6310 pm8937 pm8996 qca9367 sd821 sdm630 smb1360 qat3522 sd205 wcd9340 pm8953 smb231 qat3514 sdr660 wcd9326 wcd9335 qet4200aq msm8937 qfe3345 smb1358 wcd9341 pmi8952 mdm9655 smb1350 apq8064au wtr3950 qtc800s sd210 sd660 sd820 wtr3925 pmi8937 pm8998 sdw3100 wcn3620 apq8017 qca6564a qet4100 wcn3610 mdm9640 wcn3990 wcd9330 wgr7640 csr6030 qca6564au qca6574 msm8996au qfe1035 pmm8996au rgr7640au mdm9230 qpa4360 qca6574a mdm9206 smb358s qca6174a pm660l wtr4905 ar8151 wtr5975 qca6174 wcn3980 pmd9645 qsw8573 qfe3335 wsa8815 qbt1000 qca6320 pmx20 pmd9607 sd835 apq8009 smb1351 mdm9626 pm660a pmi8998 qpa4340 sdx20 pm8916 qln1036aq rsw8577 pmd9635 pmd9655 qca6574au qfe3320 mdm9607 apq8009w wsa8810 qat3550 pm8005 wcn3680b apq8096au wtr2965 pm8004 sdw2500 apq8053 qet4101 pm8952 pmi8994 smb1357 mdm9330 pm8956 qln1031 Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2019-14060

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 7.76%

7 Day CHG~0.00%

Published-07 Feb, 2020 | 05:00

Updated-05 Aug, 2024 | 00:05

Uninitialized stack data gets used If memory is not allocated for blob or if the allocated blob is less than the struct size required due to lack of check of return value for read or write blob in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8098, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCS405, QCS605, QM215, Rennell, SA6155P, Saipan, SC8180X, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Product-mdm9150_firmware sdm429w msm8996au_firmware sdm632_firmware sdm845 sdm450_firmware sdm632 sdx24 sdm439 mdm9650 sdm429 msm8940_firmware sm7150_firmware sm6150 msm8909w_firmware msm8996au sdm429w_firmware sm7150 apq8009_firmware msm8917 sdm670 sxr2130 qcs605_firmware sc8180x ipq4019_firmware mdm9206 sdm670_firmware sdx24_firmware ipq8074 sdm636 sda845_firmware apq8098 ipq6018_firmware mdm9206_firmware qcs605 msm8937_firmware mdm9650_firmware sdm429_firmware ipq8064 sdx55_firmware sxr1130_firmware sxr1130 msm8909w apq8009 apq8053_firmware ipq8064_firmware sda845 nicobar sa6155p_firmware msm8920 msm8953 sdm450 sdm636_firmware apq8098_firmware sdx20 msm8998_firmware sdm660 msm8920_firmware sdm630 mdm9607_firmware sm8250_firmware sc8180x_firmware qcs405 ipq8074_firmware sdm710 qm215 mdm9607 apq8017_firmware sdm710_firmware sa6155p mdm9150 msm8937 mdm9207c_firmware ipq6018 mdm9207c sm8150_firmware sxr2130_firmware sdm439_firmware qcs405_firmware rennell sdm630_firmware rennell_firmware qm215_firmware ipq4019 sdx55 msm8953_firmware msm8940 saipan_firmware sm6150_firmware apq8053 msm8917_firmware sm8250 msm8998 sm8150 sdx20_firmware apq8017 saipan nicobar_firmware sdm660_firmware sdm845_firmware Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

CWE ID-CWE-824

Access of Uninitialized Pointer

CVE-2019-14078

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.04% / 12.08%

7 Day CHG~0.00%

Published-02 Jun, 2020 | 15:05

Updated-05 Aug, 2024 | 00:12

Out of bound memory access while processing qpay due to not validating length of the response buffer provided by User. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8098, MSM8909, MSM8998, SDA660, SDA845, SDM630, SDM636, SDM660, SDM845

CWE ID-CWE-131

Incorrect Calculation of Buffer Size

CVE-2024-21481

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.03% / 8.23%

7 Day CHG~0.00%

Published-05 Aug, 2024 | 14:21

Updated-11 Aug, 2025 | 15:06

Improper Restriction of Operations within the Bounds of a Memory Buffer in Hypervisor

Memory corruption when preparing a shared memory notification for a memparcel in Resource Manager.

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-787

Out-of-bounds Write

CVE-2019-14048

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.04% / 12.08%

7 Day CHG~0.00%

Published-05 Mar, 2020 | 08:56

Updated-05 Aug, 2024 | 00:05

Possible out of bound memory access while playing a crafted clip in media player in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in SM8150

Product-sm8150 sm8150_firmware Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

CWE ID-CWE-125

Out-of-bounds Read

CVE-2019-14050

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 8.49%

7 Day CHG~0.00%

Published-05 Mar, 2020 | 08:56

Updated-05 Aug, 2024 | 00:05

Out-of-bound writes occurs due to lack of check of buffer size will cause buffer overflow only in 32bit architecture. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, MDM9150, MDM9205, MDM9607, MDM9650, MSM8905, Nicobar, QCS405, QCS605, Rennell, SA6155P, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SM6150, SM7150, SM8150, SXR1130

CWE ID-CWE-787

Out-of-bounds Write

CVE-2019-14027

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 8.49%

7 Day CHG~0.00%

Published-05 Mar, 2020 | 08:56

Updated-05 Aug, 2024 | 00:05

Buffer overflow due to lack of upper bound check on channel length which is used for a loop. in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in APQ8098, IPQ6018, IPQ8074, MSM8998, Nicobar, QCA8081, QCN7605, QCS404, QCS605, Rennell, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SXR1130, SXR2130

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2020-11187

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.04% / 10.49%

7 Day CHG~0.00%

Published-22 Feb, 2021 | 06:25

Updated-04 Aug, 2024 | 11:28

Possible memory corruption in BSI module due to improper validation of parameter count in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Mobile

Product-wcn3991_firmware qdm5652_firmware qpm5679_firmware sdr051 qet6110_firmware qln5030 qca8337 qpa2625_firmware csrb31024 qpa8802 qpm6585_firmware qat3519 pmx24_firmware qbt2000_firmware qet5100_firmware qat5522_firmware sd765g_firmware qdm5670 qpa8686 qca6595au_firmware pm7150l qpa8821 pm7150a qdm5671 qat3518 qca6584au_firmware qpa5580_firmware sa415m wcn3998 smr526_firmware wcd9385_firmware qdm5650_firmware pm7250_firmware qdm2305_firmware qdm5620 qln1021aq qpa8821_firmware qpm5670_firmware pmk8002_firmware qdm5652 qca6574au_firmware qln1031_firmware sdx55_firmware qat5533 qca6595au qpm5679 qbt2000 wcn3998_firmware sm7250p_firmware pm855p pm7150l_firmware pmx50_firmware qca6564au_firmware qca6584au qdm2305 qat5515_firmware qln5020_firmware pm855 qdm3301_firmware qpm8830_firmware sa415m_firmware pmx55 qpa8842_firmware qdm3301 qat3519_firmware wsa8810_firmware qpm5677 qat5515 sd765g sd765_firmware qdm5677_firmware qpa6560 pm8004_firmware sdr865 sdr8150_firmware qdm5620_firmware wcd9385 wcd9341 qca6696_firmware qln5020 qln5040_firmware aqt1000 qpa8673 qdm5621 qln5030_firmware qln4642 qpm5677_firmware qdm5650 wsa8815_firmware smr525_firmware sdr052 smb1390 pmx24 pm855l_firmware qet6110 qln5040 qpa8686_firmware qpm8895 qpm6585 wcn3991 qca8337_firmware qpm5670 wcd9380_firmware smb1355 qln4650 qpa8801 pmx55_firmware qtm527 qet5100 qdm5671_firmware qpa8801_firmware qca6564au qat5533_firmware qtm527_firmware qpm8830 qpa8673_firmware qat5522 qet4101_firmware pm7250b qln4642_firmware qpa8842 sdr052_firmware wcd9380 smb1355_firmware pm7250b_firmware qca6574a pm855p_firmware sdx50m_firmware smb1390_firmware pm7250 qdm5679_firmware smr525 qpa8803 smr526 qtc801s_firmware qdm2301 qtm525 qln1036aq_firmware wsa8815 qdm5621_firmware qdm2301_firmware sd765 qca6574a_firmware sd768g_firmware sdr865_firmware qat3555 sdr051_firmware qca6391 aqt1000_firmware pm8008 qpm8895_firmware qat3518_firmware qtm525_firmware csrb31024_firmware sdx50m sdr8150 qpm5621_firmware pm855l qln1021aq_firmware qdm5670_firmware qln1036aq qtc801s qpa6560_firmware qpa8802_firmware pm7150a_firmware qca6574au qpm5621 qpm6582 pm8008_firmware wcd9341_firmware wsa8810 pmx50 qdm5677 qdm5679 pm855_firmware pm855b_firmware sd768g qpm6582_firmware qca6696 qca6391_firmware qln4650_firmware qat3516_firmware pm8004 pmk8002 qpa2625 sdx55 qet4101 qat3555_firmware qat3516 sm7250p qpa8803_firmware qpm5658 pm855b qln1031 qpm5658_firmware qpa5580 Snapdragon Auto, Snapdragon Connectivity, Snapdragon Mobile

CWE ID-CWE-129

Improper Validation of Array Index

CVE-2019-14085

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 7.76%

7 Day CHG~0.00%

Published-05 Mar, 2020 | 08:56

Updated-05 Aug, 2024 | 00:12

Possible Integer underflow in WLAN function due to lack of check of data received from user side in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in QCN7605, QCS605, SDA845, SDM670, SDM710, SDM845, SDM850, SM8150, SXR1130

CWE ID-CWE-191

Integer Underflow (Wrap or Wraparound)

CVE-2020-11217

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.04% / 12.08%

7 Day CHG~0.00%

Published-21 Jan, 2021 | 09:41

Updated-04 Aug, 2024 | 11:28

A possible double free or invalid memory access in audio driver while reading Speaker Protection parameters in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Product-qfs2580 qpm5870 wsa8830 pm660 qln5030 pm4125 qdm5579 pmi632 qpa5581 qdm2307 qfs2530 qpa8802 pm6125 qat3519 qpm4621 qcs4290 qet6100 pm8150a qtc800h qdm5670 qcs2290 qpa8686 pm7150l qpa8821 pm7150a smb1396 wcd9370 pm8350 qdm5671 sdr425 qca6426 qat3518 qpm5641 wcn3998 wcn3950 qat5516 sm4125 qdm5620 sd662 pm8350bh pm3003a qdm5652 sd6905g qat5533 qpm8870 qpm5679 qbt2000 sm7350 pm6150a qpm6670 smb1354 qdm2305 qpm8820 sdr735g qpm4641 pm8150b qsm7250 pm8250 smb1398 qdm4643 pmx55 qat3522 pmr735a qca6421 qdm3301 qpm5677 qat5515 sd765g qat3514 qca6436 sdr660 wcd9335 wcn6851 qpa6560 sdr865 wcd9385 wcd9341 smr545 qca6431 qln5020 sd750g qpm5620 qdm3302 qpm4630 qca6390 wcd9375 qpa8673 qpm5657 pm6350 qdm2310 qdm5621 qtc800s qln4642 sd660 qdm5650 wcn3988 wtr3925 pmk7350 smb1390 smr546 pm6150l sd8885g qet4100 qet6110 qln5040 qpm8895 qpm6585 wcn3991 qpm5670 wcn3990 smb1355 qln4650 qpa8801 wgr7640 qat5568 qet5100 pmk8350 qpm8830 sdxr25g pm8350b qat5522 wsa8835 pm7250b pm8150c pmr735b qfs2630 qpa8842 wcd9380 qpa4360 sdr735 pm7250 smb1395 pm660l pm8350c qpa8803 smr525 smr526 qpm4640 pmk8003 wcn3980 wcn6750 pmr525 qdm2301 pm7350c qpm4650 qtm525 wsa8815 wcn6850 wcn3910 sd765 smb1394 qat3555 pm8009 sd460 qca6391 sdx55m smb1351 qpa5461 pm8008 pm660a qpa4340 qcm4290 qfs2608 rsw8577 qtc801s qdm4650 sd8655g qpm5621 qpm6582 qpm6621 wsa8810 pm8150l qdm2308 qat3550 qdm5677 wcn6856 qdm5679 sdr8250 sd768g wcn6740 wtr2965 sm4350 qpm5875 qet5100m pmk8002 qpa2625 pm8350bhs qet4101 qat3516 sm7250p qpm5658 qcm2290 qpa5580 Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

CWE ID-CWE-415

Double Free

CVE-2017-14879

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-8.8||HIGH

EPSS-0.08% / 25.35%

7 Day CHG~0.00%

Published-10 Jan, 2018 | 22:00

Updated-16 Sep, 2024 | 22:08

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, by calling an IPA ioctl and searching for routing/filer/hdr rule handle from ipa_idr pointer using ipa_idr_find() function, the wrong structure pointer can be returned resulting in a slab out of bound access in the IPA driver.

Vendor-Qualcomm Technologies, Inc.Google LLC

Product-android Android for MSM, Firefox OS for MSM, QRD Android

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2017-14880

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.01% / 1.37%

7 Day CHG~0.00%

Published-03 Apr, 2018 | 17:00

Updated-16 Sep, 2024 | 16:54

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, while IPA WAN-driver is processing multiple requests from modem/user-space module, the global variable "num_q6_rule" does not have a mutex lock and thus can be accessed and modified by multiple threads.

Vendor-Qualcomm Technologies, Inc.Google LLC

Product-android Android for MSM, Firefox OS for MSM, QRD Android

CWE ID-CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CVE-2021-35069

Matching Score-8

Assigner-Qualcomm, Inc.

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.12% / 31.48%

7 Day CHG~0.00%

Published-11 Feb, 2022 | 10:40

Updated-04 Aug, 2024 | 00:33

Improper validation of data length received from DMA buffer can lead to memory corruption. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Product-fsm10055 sa6150p_firmware sm6250p_firmware qcs610 ipq4028_firmware qcn5550 qca8337 ar9380 ipq8173_firmware wcd9360_firmware sdx65 qcn5124 qca4024_firmware wcn3950_firmware ipq8078a ipq5028_firmware sa8150p_firmware qcs2290 qca6595au_firmware sa6155 qcn5064 csra6620_firmware sd_675_firmware csra6640_firmware qcs6125_firmware sa415m wcn3998 qca6554a_firmware wcn3950 qcn6024_firmware sd720g ipq8076a sd_8_gen1_5g_firmware sm6375_firmware sd460_firmware sm7315_firmware qca6428 qca6574au_firmware qcn5164_firmware ipq8071 wcd9375_firmware qca8081_firmware wcn3998_firmware sa6155_firmware wcd9360 qca6438_firmware ipq8070_firmware ipq8065 ipq8078a_firmware wcn3999 qrb5165_firmware ipq5028 qca7500 ipq8072_firmware ipq4029_firmware qcs6125 qrb5165m_firmware sa8155_firmware ipq6010 sd662_firmware ipq8068 qcs405 qcn6132 sd765g fsm10056_firmware qca6436 wcn6851 sa6155p qca9888_firmware qcn6122 wcd9341 ipq8068_firmware qca6696_firmware sd870_firmware sd750g qcn5154_firmware wcn3910_firmware sa8150p wsa8830_firmware qca9992_firmware sd660 sd865_5g_firmware sd855_firmware wcn3988 qca6438 sd660_firmware sa8195p_firmware sm8475 qcn5022_firmware wcn6750_firmware qca9898 ipq4028 qca6428_firmware ipq5018_firmware sm6375 qca9985_firmware wcn3991 ipq4018_firmware qca8337_firmware wcd9380_firmware ipq8072a qca7500_firmware qca9980_firmware msm8996au_firmware ipq8076a_firmware ipq8078 qca6564au sdx55m_firmware ipq8173 wcn6856_firmware qcn5164 qca6574 csr8811_firmware wcd9380 qcn5054_firmware qcs410 qcn5024 sd690_5g_firmware ipq4019_firmware qca8072_firmware qca9985 qcn9012_firmware wcd9335_firmware qcn5052_firmware wcn3980 ipq6018_firmware wsa8815 wcn6850 pmp8074_firmware qcn6112 wcn3910 qca6426_firmware qca9984 ipq6028 ipq8064 qcn9024 pmp8074 wcn3980_firmware sd730 qcn5550_firmware sdx55m ipq8064_firmware wcn6740_firmware qcn5064_firmware sd678_firmware ar8031_firmware ipq8078_firmware qcn5054 qrb5165 wcn6851_firmware ipq8070 qca9994 qca9980 qcn9024_firmware ipq8174_firmware qca6564a_firmware qca9880 qcm4290_firmware sd480 sd870 wcn6855 qcs610_firmware sa6145p ipq6018 qca9886_firmware sdxr1 ar8031 apq8096au qca6595_firmware qcs405_firmware sa8145p qca6391_firmware qca4024 wcd9370_firmware sd780g_firmware sdx55 sd888_firmware qcn5021_firmware sd675 csra6640 sa8155p ar8035_firmware qcm2290 qcn5024_firmware wcn3991_firmware wsa8830 sd678 qcn9070 sa8145p_firmware qcs2290_firmware fsm10056 csrb31024 csra6620 fsm10055_firmware qcn9072 qca9880_firmware qca9992 qcs4290 sd765g_firmware qca6390_firmware sd690_5g ipq6000 sd730_firmware wcd9370 sd675_firmware ipq8072 qcn5152_firmware qca6564 qca6426 qca6584au_firmware wcn3990_firmware qrb5165n_firmware qcn9000_firmware qca9984_firmware ipq5018 wcd9385_firmware sdxr2_5g_firmware wcd9326_firmware ipq8074a sd662 qcn5124_firmware qcn6102_firmware qcn9011_firmware qcn6100_firmware sa8155 qcn5122_firmware sdx55_firmware qca6595au qcn6023_firmware wcn3999_firmware sm7250p_firmware qca6436_firmware qrb5165n ipq5010 qca6564au_firmware qca6584au sd778g sa6155p_firmware sm6225 ipq8174 sa515m_firmware qca9990 qcs6490 sdxr2_5g qcn5052 qcn6112_firmware sa415m_firmware wcn3988_firmware qcn9074 sa6145p_firmware sm6250 sd778g_firmware sa8195p wsa8810_firmware sd765_firmware wcd9326 wcd9335 qca8081 qcn6023 ipq8071a ipq8071a_firmware qcs4290_firmware wcd9385 qcs6490_firmware qca6390 qca9898_firmware sd750g_firmware aqt1000 wcd9375 ar8035 sm6250_firmware csr8811 ipq4019 qcn9100_firmware ipq5010_firmware ipq8074a_firmware sd888_5g_firmware wsa8815_firmware qcm6490 wcn6850_firmware wsa8835_firmware qcx315 qca6564a qcm6125_firmware qca8072 qcm2290_firmware wcn3990 qcn9000 sd_675 sd780g qca6554a sd865_5g qca6595 ar9380_firmware qcn9012 sd888 qcn6122_firmware ipq8065_firmware qcx315_firmware wsa8835 msm8996au sd665_firmware sd888_5g sm6250p qcn5154 qca8075_firmware ipq4018 qca6574a wcn6855_firmware qca9889 sm7325p qcn6132_firmware qca9888 ipq8074 qca9994_firmware wcn6750 ipq8070a_firmware ipq8076_firmware sa515m qca6574_firmware qca9886 sd855 sm7325p_firmware sd665 ipq8076 qca6175a sd765 qca6574a_firmware qcn5021 qcn5152 sd768g_firmware qrb5165m sm7315 sd460 qca6391 sdxr1_firmware aqt1000_firmware qcn6102 qcn9100 sdx65_firmware qcm4290 csrb31024_firmware qcm6490_firmware qcn9070_firmware sd480_firmware ipq6028_firmware ipq8072a_firmware qcn9011 sm6225_firmware ipq8074_firmware qca6574au qca9889_firmware sa8155p_firmware qcn5122 wcd9341_firmware qcm6125 wsa8810 wcn6856 qcn5022 qca6564_firmware sd768g ipq6010_firmware wcn6740 qca6696 sa6150p qca8075 qcn9022_firmware apq8096au_firmware qcn6024 qcn9022 qca9990_firmware ipq8070a qcn6100 qcn9072_firmware sm7250p ipq6000_firmware sd720g_firmware ipq8071_firmware qcn9074_firmware qcs410_firmware ipq4029 qca6175a_firmware Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

CWE ID-CWE-190

Integer Overflow or Wraparound

CVE-2017-14892

Matching Score-8

Assigner-Qualcomm, Inc.