Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-21631

Summary
Assigner-qualcomm
Assigner Org ID-2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At-04 Jul, 2023 | 04:46
Updated At-05 Dec, 2024 | 16:58
Rejected At-
Credits

Improper Input Validation in Modem

Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from network.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:qualcomm
Assigner Org ID:2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At:04 Jul, 2023 | 04:46
Updated At:05 Dec, 2024 | 16:58
Rejected At:
â–¼CVE Numbering Authority (CNA)
Improper Input Validation in Modem

Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from network.

Affected Products
Vendor
Qualcomm Technologies, Inc.Qualcomm, Inc.
Product
Snapdragon
Platforms
  • Snapdragon Auto
  • Snapdragon Compute
  • Snapdragon Connectivity
  • Snapdragon Consumer IOT
  • Snapdragon Industrial IOT
  • Snapdragon Mobile
  • Snapdragon Wearables
Default Status
unaffected
Versions
Affected
  • 315 5G IoT Modem
  • 9205 LTE Modem
  • APQ8017
  • APQ8037
  • AQT1000
  • AR8035
  • C-V2X 9150
  • CSRA6620
  • CSRA6640
  • CSRB31024
  • FastConnect 6200
  • FastConnect 6700
  • FastConnect 6800
  • FastConnect 6900
  • FastConnect 7800
  • MDM9628
  • MSM8108
  • MSM8209
  • MSM8608
  • MSM8909W
  • QCA4004
  • QCA6174A
  • QCA6391
  • QCA6420
  • QCA6421
  • QCA6426
  • QCA6430
  • QCA6431
  • QCA6436
  • QCA6564A
  • QCA6564AU
  • QCA6574A
  • QCA6574AU
  • QCA6595AU
  • QCA6696
  • QCA6698AQ
  • QCA8081
  • QCA8337
  • QCA9377
  • QCM2290
  • QCM4290
  • QCM4325
  • QCM4490
  • QCM6490
  • QCN6024
  • QCN9024
  • QCS2290
  • QCS4290
  • QCS4490
  • QCS6490
  • QCS8550
  • QTS110
  • Qualcomm 205 Mobile Platform
  • Qualcomm 215 Mobile Platform
  • Qualcomm Video Collaboration VC3 Platform
  • SC8180X+SDX55
  • SD 455
  • SD660
  • SD855
  • SD865 5G
  • SD888
  • SDX55
  • SDX57M
  • SG4150P
  • SM7250P
  • SM7315
  • SM7325P
  • Smart Audio 200 Platform
  • Smart Audio 400 Platform
  • Snapdragon 208 Processor
  • Snapdragon 210 Processor
  • Snapdragon 212 Mobile Platform
  • Snapdragon 4 Gen 1 Mobile Platform
  • Snapdragon 4 Gen 2 Mobile Platform
  • Snapdragon 425 Mobile Platform
  • Snapdragon 429 Mobile Platform
  • Snapdragon 430 Mobile Platform
  • Snapdragon 439 Mobile Platform
  • Snapdragon 460 Mobile Platform
  • Snapdragon 480 5G Mobile Platform
  • Snapdragon 480+ 5G Mobile Platform (SM4350-AC)
  • Snapdragon 630 Mobile Platform
  • Snapdragon 636 Mobile Platform
  • Snapdragon 660 Mobile Platform
  • Snapdragon 662 Mobile Platform
  • Snapdragon 665 Mobile Platform
  • Snapdragon 680 4G Mobile Platform
  • Snapdragon 685 4G Mobile Platform (SM6225-AD)
  • Snapdragon 690 5G Mobile Platform
  • Snapdragon 695 5G Mobile Platform
  • Snapdragon 750G 5G Mobile Platform
  • Snapdragon 765 5G Mobile Platform (SM7250-AA)
  • Snapdragon 765G 5G Mobile Platform (SM7250-AB)
  • Snapdragon 768G 5G Mobile Platform (SM7250-AC)
  • Snapdragon 778G 5G Mobile Platform
  • Snapdragon 778G+ 5G Mobile Platform (SM7325-AE)
  • Snapdragon 780G 5G Mobile Platform
  • Snapdragon 782G Mobile Platform (SM7325-AF)
  • Snapdragon 7c+ Gen 3 Compute
  • Snapdragon 8 Gen 1 Mobile Platform
  • Snapdragon 8+ Gen 1 Mobile Platform
  • Snapdragon 855 Mobile Platform
  • Snapdragon 855+/860 Mobile Platform (SM8150-AC)
  • Snapdragon 865 5G Mobile Platform
  • Snapdragon 865+ 5G Mobile Platform (SM8250-AB)
  • Snapdragon 870 5G Mobile Platform (SM8250-AC)
  • Snapdragon 888 5G Mobile Platform
  • Snapdragon 888+ 5G Mobile Platform (SM8350-AC)
  • Snapdragon 8c Compute Platform (SC8180X-AD) "Poipu Lite"
  • Snapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite"
  • Snapdragon 8cx Compute Platform (SC8180X-AA, AB)
  • Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) "Poipu Pro"
  • Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) "Poipu Pro"
  • Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB)
  • Snapdragon Auto 5G Modem-RF
  • Snapdragon W5+ Gen 1 Wearable Platform
  • Snapdragon Wear 1300 Platform
  • Snapdragon Wear 2100 Platform
  • Snapdragon Wear 2500 Platform
  • Snapdragon Wear 3100 Platform
  • Snapdragon X24 LTE Modem
  • Snapdragon X50 5G Modem-RF System
  • Snapdragon X55 5G Modem-RF System
  • Snapdragon X65 5G Modem-RF System
  • Snapdragon X70 Modem-RF System
  • Snapdragon XR2 5G Platform
  • Snapdragon Auto 4G Modem
  • SW5100
  • SW5100P
  • SXR2130
  • WCD9306
  • WCD9326
  • WCD9335
  • WCD9340
  • WCD9341
  • WCD9360
  • WCD9370
  • WCD9375
  • WCD9380
  • WCD9385
  • WCN3610
  • WCN3615
  • WCN3620
  • WCN3660B
  • WCN3680B
  • WCN3910
  • WCN3950
  • WCN3980
  • WCN3988
  • WCN3990
  • WCN6740
  • WSA8810
  • WSA8815
  • WSA8830
  • WSA8832
  • WSA8835
Problem Types
TypeCWE IDDescription
CWECWE-20CWE-20 Improper Input Validation
Type: CWE
CWE ID: CWE-20
Description: CWE-20 Improper Input Validation
Metrics
VersionBase scoreBase severityVector
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin
N/A
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin
Resource: N/A
â–¼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin
x_transferred
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:product-security@qualcomm.com
Published At:04 Jul, 2023 | 05:15
Updated At:11 Aug, 2025 | 15:06

Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from network.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Primary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Type: Primary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Qualcomm Technologies, Inc.
qualcomm
>>315_5g_firmware>>-
cpe:2.3:o:qualcomm:315_5g_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>315_5g>>-
cpe:2.3:h:qualcomm:315_5g:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>9205_firmware>>-
cpe:2.3:o:qualcomm:9205_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>9205>>-
cpe:2.3:h:qualcomm:9205:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8017_firmware>>-
cpe:2.3:o:qualcomm:apq8017_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8017>>-
cpe:2.3:h:qualcomm:apq8017:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8037_firmware>>-
cpe:2.3:o:qualcomm:apq8037_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>apq8037>>-
cpe:2.3:h:qualcomm:apq8037:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>aqt1000_firmware>>-
cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>aqt1000>>-
cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>ar8035_firmware>>-
cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>ar8035>>-
cpe:2.3:h:qualcomm:ar8035:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>c-v2x_9150_firmware>>-
cpe:2.3:o:qualcomm:c-v2x_9150_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>c-v2x_9150>>-
cpe:2.3:h:qualcomm:c-v2x_9150:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>csra6620_firmware>>-
cpe:2.3:o:qualcomm:csra6620_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>csra6620>>-
cpe:2.3:h:qualcomm:csra6620:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>csra6640_firmware>>-
cpe:2.3:o:qualcomm:csra6640_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>csra6640>>-
cpe:2.3:h:qualcomm:csra6640:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>csrb31024_firmware>>-
cpe:2.3:o:qualcomm:csrb31024_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>csrb31024>>-
cpe:2.3:h:qualcomm:csrb31024:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>fastconnect_6200_firmware>>-
cpe:2.3:o:qualcomm:fastconnect_6200_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>fastconnect_6200>>-
cpe:2.3:h:qualcomm:fastconnect_6200:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>fastconnect_6700_firmware>>-
cpe:2.3:o:qualcomm:fastconnect_6700_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>fastconnect_6700>>-
cpe:2.3:h:qualcomm:fastconnect_6700:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>fastconnect_6800_firmware>>-
cpe:2.3:o:qualcomm:fastconnect_6800_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>fastconnect_6800>>-
cpe:2.3:h:qualcomm:fastconnect_6800:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>fastconnect_6900_firmware>>-
cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>fastconnect_6900>>-
cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>fastconnect_7800_firmware>>-
cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>fastconnect_7800>>-
cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9628_firmware>>-
cpe:2.3:o:qualcomm:mdm9628_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>mdm9628>>-
cpe:2.3:h:qualcomm:mdm9628:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8108_firmware>>-
cpe:2.3:o:qualcomm:msm8108_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8108>>-
cpe:2.3:h:qualcomm:msm8108:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8209_firmware>>-
cpe:2.3:o:qualcomm:msm8209_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8209>>-
cpe:2.3:h:qualcomm:msm8209:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8608_firmware>>-
cpe:2.3:o:qualcomm:msm8608_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8608>>-
cpe:2.3:h:qualcomm:msm8608:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8909w_firmware>>-
cpe:2.3:o:qualcomm:msm8909w_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>msm8909w>>-
cpe:2.3:h:qualcomm:msm8909w:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca4004_firmware>>-
cpe:2.3:o:qualcomm:qca4004_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca4004>>-
cpe:2.3:h:qualcomm:qca4004:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6174a_firmware>>-
cpe:2.3:o:qualcomm:qca6174a_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6174a>>-
cpe:2.3:h:qualcomm:qca6174a:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6391_firmware>>-
cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6391>>-
cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6420_firmware>>-
cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6420>>-
cpe:2.3:h:qualcomm:qca6420:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6421_firmware>>-
cpe:2.3:o:qualcomm:qca6421_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6421>>-
cpe:2.3:h:qualcomm:qca6421:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Secondaryproduct-security@qualcomm.com
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE ID: CWE-20
Type: Secondary
Source: product-security@qualcomm.com
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletinproduct-security@qualcomm.com
Vendor Advisory
https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletinaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin
Source: product-security@qualcomm.com
Resource:
Vendor Advisory
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/july-2023-bulletin
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

1074Records found
CVE-2022-33211
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.32% / 55.25%
||
7 Day CHG+0.16%
Published-04 Apr, 2023 | 04:46
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in MODEM

memory corruption in modem due to improper check while calculating size of serialized CoAP message

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9206wcd9306snapdragon_wear_1300mdm8207snapdragon_wear_1200wcd9330snapdragon_x5_lte_modemsnapdragon_x5_lte_modem_firmwaremdm8207_firmwaresnapdragon_wear_1100mdm9205_firmwaremdm9205qca4004_firmwaremdm9206_firmwaremdm9207_firmwareqca4004qts110wcd9306_firmwaresnapdragon_wear_1100_firmwaresnapdragon_wear_1300_firmwarewcd9330_firmwaresnapdragon_wear_1200_firmwaremdm9207qts110_firmwareSnapdragon9205_lte_modem_firmware9206_lte_modem_firmwaresnapdragon_wear_1300_platform_firmware9207_lte_modem_firmwarewcd9306_firmwaresnapdragon_x5_lte_modem_firmwaremdm8207_firmwarewcd9330_firmwareqca4004_firmwaresnapdragon_1200_wearable_platform_firmwaresnapdragon_1100_wearable_platform_firmwareqts110_firmware
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-131
Incorrect Calculation of Buffer Size
CVE-2022-25729
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.29% / 52.14%
||
7 Day CHG~0.00%
Published-09 Feb, 2023 | 06:58
Updated-03 Aug, 2024 | 04:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in MODEM

Memory corruption in modem due to improper length check while copying into memory

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9306wcd9380_firmwarewsa8830ssg2125psxr2230p_firmwarewcn3999wcn7851ar8031_firmwarewsa8832_firmwarewcn6856_firmwareqca4004_firmwarecsra6620qcs405qca4024_firmwareqts110wcd9306_firmwaresxr1230p_firmwarewsa8835wsa8810_firmwarewcd9380wsa8810wsa8832qca4020_firmwarewcn6855wcd9335csra6620_firmwaressg2125p_firmwarewcn6856ssg2115pwcn7851_firmwaremdm9206csra6640_firmwarewcn6855_firmwaresxr1230pwcd9385ar8031qcs405_firmwarewcd9335_firmwarewcn3980wcn3998mdm9205_firmwarewcd9385_firmwareqca4024mdm9205mdm9206_firmwarewsa8815qca4004csra6640sxr2230pwsa8830_firmwareqca4020wsa8815_firmwarewcn7850wcn7850_firmwarewsa8835_firmwaressg2115p_firmwarewcn3999_firmwarewcn3998_firmwarewcn3980_firmwareqts110_firmwareSnapdragonwcn6855_firmwarecsra6640_firmwarewcd9380_firmwaresxr2230p_firmwarecsra6620_firmwareqcs405_firmwarewcd9335_firmwarear8031_firmwarewsa8832_firmwaremdm9205_firmwarewcd9385_firmwarewcn6856_firmwareqca4004_firmwaremdm9206_firmwarewsa8830_firmwareqca4024_firmwarewcd9306_firmwaresxr1230p_firmwarewsa8815_firmwarewsa8835_firmwarewsa8810_firmwarewcn7851_firmwarewcn7850_firmwaressg2115p_firmwarewcn3999_firmwareqca4020_firmwarewcn3998_firmwarewcn3980_firmwaressg2125p_firmwareqts110_firmware
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-21055
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.19% / 41.38%
||
7 Day CHG~0.00%
Published-08 Apr, 2020 | 17:51
Updated-05 Aug, 2024 | 12:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung mobile devices with N(7.0) (Qualcomm models using MSM8996 chipsets) software. A device can be rooted with a custom image to execute arbitrary scripts in the INIT context. The Samsung ID is SVE-2018-11940 (September 2018).

Action-Not Available
Vendor-n/aQualcomm Technologies, Inc.Google LLC
Product-androidmsm8996n/a
CWE ID-CWE-20
Improper Input Validation
CVE-2019-10538
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.35% / 57.42%
||
7 Day CHG~0.00%
Published-30 Sep, 2019 | 15:40
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of check of address range received from firmware response allows modem to respond arbitrary pages into its address range which can compromise HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_712sd_850sd_632sd_855sd_730_firmwaresd_820aqualcomm_215sd_675msm8996au_firmwaresd_439sdx20sd_670_firmwaresd_429sd_425sdm660sdm439sd_710_firmwaresdx24sd_636qcs405sd_625msm8909w_firmwaremsm8996ausd_636_firmwaresd_450_firmwaresd_845_firmwaresd_439_firmwaresd_820a_firmwarequalcomm_215_firmwaresd_429_firmwareqcs605_firmwaresd_675_firmwaresd_425_firmwaresd_730sd_665sd_850_firmwaresdx24_firmwaresd_625_firmwaresd_450sdm439_firmwareqcs405_firmwaresd_712_firmwaresda660_firmwaresd_845qcs605sd_670sd_632_firmwaresd_710sdx20_firmwaresda660msm8909wsd_665_firmwaresdm660_firmwaresd_855_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-20
Improper Input Validation
CVE-2021-1965
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-27.45% / 96.43%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 05:31
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow due to lack of parameter length check during MBSSID scan IE parse in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn5024_firmwarewcn3991_firmwarewsa8830sd678qcn9070sa6150p_firmwaresa8145p_firmwareipq4028_firmwareqcn5550ar9380ipq8173_firmwareqcn5124qca4024_firmwareqcn9072qca9880_firmwareqca9992wcn3950_firmwareipq8078aipq5028_firmwaresa8150p_firmwareqca6420_firmwareqca6595au_firmwareqca6390_firmwareipq6000sd730_firmwarewcd9370sd_675_firmwaresd675_firmwareqcn5152_firmwareqca6426qcn9000_firmwareqca9984_firmwareipq5018wcn3998wcd9385_firmwaresdxr2_5g_firmwarewcn3950ipq8076aqcn6024_firmwaresd720gipq8074aqcn5124_firmwaresm7315_firmwareqca6574au_firmwareqcn5122_firmwareqcn5164_firmwaresdx55_firmwareqca6595auqca8081_firmwareqcn6023_firmwarewcd9375_firmwarewcn3998_firmwareqca6420qca6436_firmwareipq5010sd778gipq8070_firmwaresa6155p_firmwareipq8065ipq8078a_firmwareipq8174qca9990ipq5028qca7500ipq4029_firmwareqcn5052sdxr2_5gipq6010ipq8068wcn3988_firmwareqca6430qcn9074sa6145p_firmwaresm6250sd778g_firmwaresa8195pwsa8810_firmwareqca6436wcn6851sa6155pqca8081ipq8071aqcn6023ipq8071a_firmwarewcd9385qca9888_firmwareqcn6122ipq8068_firmwarewcd9341qca6696_firmwaresd870_firmwareqcn5154_firmwareqca6390csr8811qca9898_firmwareaqt1000ipq4019sa8150psm6250_firmwarewcd9375qcn9100_firmwarewcn3910_firmwarewsa8830_firmwareqca9992_firmwaresd855_firmwaresd865_5g_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwareqcn5121qca9898qcn5022_firmwarewcn6750_firmwareipq4028qca8072ipq5018_firmwareqca9985_firmwarewcn3991ipq4018_firmwarewcd9380_firmwareqcn9000ipq8072aqca7500_firmwareqca9980_firmwaresd_675sd780gipq8076a_firmwaresd865_5gar9380_firmwareipq8078sdx55m_firmwareipq8173wcn6856_firmwareqcn9012sd888qcn5164qcn6122_firmwareipq8065_firmwarewsa8835csr8811_firmwarewcd9380sd888_5gqcn5054_firmwareqcn5154qca8075_firmwareipq4019_firmwareipq4018ipq6005_firmwareqca6574aqcn5024sdx50m_firmwareqca9889wcn6855_firmwaresm7325pqca9888qca8072_firmwareqca9985qca6430_firmwareqca9994_firmwareqcn5052_firmwareqcn9012_firmwareipq8070a_firmwarewcn3980wcn6750ipq6018_firmwareipq8076_firmwareqca9886sd855wsa8815sm7325p_firmwarewcn6850pmp8074_firmwarewcn3910ipq8076qca6426_firmwareqca6574a_firmwareqca9984ipq6028ipq8064qcn5021pmp8074qcn5152qcn9024wcn3980_firmwaresm7315qcn5550_firmwareqca6391sd730sdx55mipq8064_firmwareipq6005aqt1000_firmwarewcn6740_firmwareqcn9100sd678_firmwaresdx50mipq8078_firmwareqcn5054qcn9070_firmwarewcn6851_firmwareipq8070ipq6028_firmwareipq8072a_firmwareqca9994qca6574auqca9889_firmwaresa8155p_firmwaresdx55qca9980qcn5122qcn9024_firmwareipq8174_firmwareqca9880wcd9341_firmwarewsa8810sd870qcn5121_firmwarewcn6855wcn6856ipq6018qcn5022sa6145pqca9886_firmwareipq6010_firmwaresa8145pwcn6740qca6696qca6391_firmwareqca4024sd780g_firmwarewcd9370_firmwaresa6150psd888_firmwareqca8075qcn5021_firmwareqcn9022_firmwareqcn6024qcn9022sa8155pqca9990_firmwareipq8070asd675qcn9072_firmwareipq6000_firmwaresd720g_firmwareqcn9074_firmwareipq4029Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-3698
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.29% / 52.80%
||
7 Day CHG-0.00%
Published-30 Jul, 2020 | 11:40
Updated-04 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound write while QoS DSCP mapping due to improper input validation for data received from association response frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, Nicobar, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCM2150, QCN7605, QCS405, QCS605, QM215, SA6155P, Saipan, SC8180X, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX55, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaremdm9150_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdm439mdm9650sdm429msm8940_firmwaremsm8909w_firmwaremsm8996ausdm429w_firmwareapq8009_firmwaremsm8917sxr2130qcs605_firmwaresc8180xmdm9206qca9379_firmwareqca6174asdm636sda845_firmwareqca9377apq8098qcn7605mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwareqca6574au_firmwaresdx55_firmwaremsm8909wapq8009apq8053_firmwaresda845nicobarsa6155p_firmwaremsm8920msm8953sdm450sdm636_firmwareapq8098_firmwaresdx20qcm2150msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwaresdm660sc8180x_firmwareqcs405qca6574auqm215mdm9607apq8017_firmwareqcn7605_firmwaresa6155pmdm9150msm8937mdm9207c_firmwaremsm8905mdm9207cqca6174a_firmwaresm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwaresdm630_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940saipan_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250sm8150sdx20_firmwareapq8017saipannicobar_firmwareqca9379sdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CVE-2020-3703
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.29% / 52.80%
||
7 Day CHG~0.00%
Published-02 Nov, 2020 | 06:21
Updated-04 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Buffer over-read issue in Bluetooth peripheral firmware due to lack of check for invalid opcode and length of opcode received from central device(This CVE is equivalent to Link Layer Length Overfow issue (CVE-2019-16336,CVE-2019-17519) and Silent Length Overflow issue(CVE-2019-17518) mentioned in sweyntooth paper)' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, APQ8076, AR9344, Bitra, Kamorta, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8917, MSM8937, MSM8940, MSM8953, Nicobar, QCA6174A, QCA9377, QCM2150, QCM6125, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SC8180X, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarekamorta_firmwareqcm2150_firmwareqcs610sdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439qcs404_firmwaresdm429msm8940_firmwaresm7150_firmwaresm6150ar9344sm7150msm8917sdm670qcs605_firmwareapq8076sc8180xmdm9206qca6174asdm670_firmwareqcs404sdx24_firmwareapq8076_firmwaresdm636qca9377bitramdm9206_firmwareqcs605bitra_firmwaremsm8937_firmwaresdm429_firmwaremsm8905_firmwaresxr1130_firmwaresxr1130apq8053_firmwarenicobarmsm8953sdm450sdm636_firmwaresdx20qcm2150sdm660sdm630mdm9607_firmwaresc8180x_firmwareqcs405sdm710qm215mdm9607sdm710_firmwareqcm6125qcs610_firmwaremsm8937mdm9207c_firmwaremsm8905mdm9207cqca6174a_firmwaresm8150_firmwaresdm439_firmwareqcs405_firmwarerennellsdm630_firmwarerennell_firmwareqm215_firmwaremsm8953_firmwaremsm8940sm6150_firmwareapq8053msm8917_firmwaresm8150ar9344_firmwaresdx20_firmwarekamortanicobar_firmwaresdm660_firmwareqcm6125_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
CVE-2024-33066
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.34% / 56.41%
||
7 Day CHG~0.00%
Published-07 Oct, 2024 | 12:58
Updated-16 Oct, 2024 | 19:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in WLAN Resource Manager

Memory corruption while redirecting log file to any file location with any file name.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn5024_firmwareqcn9070ipq8173_firmwareqcf8001qcn5124qca4024_firmwareqcn9072qca8082qca8386immersive_home_318_platform_firmwareqxm8083ipq8078aipq5028_firmwareipq6000qcn5152_firmwareqcn9000_firmwareqcn9160ipq9554qcn6024_firmwareqca8386_firmwareipq8076aimmersive_home_316_platform_firmwareimmersive_home_316_platformimmersive_home_216_platformqca8084_firmwareipq8074aimmersive_home_318_platformqcn6412qcn5124_firmwareqca8082_firmwareqcn5164_firmwaresdx55_firmwareqcn5122_firmwareqcn6422_firmwareqcn6023_firmwareqca8081_firmwareipq5010snapdragon_x65_5g_modem-rf_system_firmwareqcn9274ipq8078a_firmwareipq8174ipq5028qcn5052qcf8001_firmwareipq6010qcn6112_firmwareqcn9074qca8085sdx65mqcn6132qcf8000qca8081qcn6023sdx65m_firmwareipq8071aipq5312ipq8071a_firmwareimmersive_home_3210_platformqcn6122qca9888_firmwareqca8085_firmwareipq5300ipq9008_firmwareqcn5154_firmwarecsr8811qcn9100_firmwareipq5010_firmwareipq8074a_firmwareqcn5022_firmwareimmersive_home_216_platform_firmwareqcn9000ipq8072aqcf8000_firmwareipq8076a_firmwareqca8084ipq8078ipq8173ipq9008qcn5164immersive_home_326_platform_firmwareqcn6122_firmwareqcn6402_firmwarecsr8811_firmwareqcn6422ipq9554_firmwareqcn5154qca8075_firmwareqcn5024qca9889qcn6132_firmwareqca9888qcn5052_firmwareqcn9274_firmwareipq8070a_firmwareipq8076_firmwareipq6018_firmwareqcn6112ipq8076qcn9160_firmwareqxm8083_firmwareqcn5152ipq6028qcn9024ipq9574_firmwareimmersive_home_3210_platform_firmwareipq5302qcn9100snapdragon_x65_5g_modem-rf_systemipq5300_firmwareipq8078_firmwareqcn9070_firmwareipq8072a_firmwareipq6028_firmwareqcn6432_firmwareipq5312_firmwareqca9889_firmwareqcn5122ipq9574qcn9024_firmwareipq8174_firmwareqcn6412_firmwareipq5332_firmwareipq5332ipq5302_firmwareimmersive_home_326_platformqcn5022ipq6018ipq6010_firmwareimmersive_home_214_platformimmersive_home_214_platform_firmwareqca4024sdx55qcn9022_firmwareqcn6402qca8075qcn9022qcn6024ipq8070aqcn9072_firmwareipq6000_firmwareqcn9074_firmwareqcn6432Snapdragonqcn5024_firmwareqcf8000_firmwareipq8076a_firmwareipq8173_firmwareimmersive_home_326_platform_firmwareqca4024_firmwareqcn6122_firmwareqcn6402_firmwareimmersive_home_318_platform_firmwarecsr8811_firmwareipq5028_firmwareipq9554_firmwareqca8075_firmwareqcn5152_firmwareqcn6132_firmwareqcn9000_firmwareqcn5052_firmwareqcn9274_firmwareipq8070a_firmwareqcn6024_firmwareipq6018_firmwareipq8076_firmwareimmersive_home_316_platform_firmwareqca8386_firmwareqca8084_firmwareqcn5124_firmwareqcn9160_firmwareqxm8083_firmwareqca8082_firmwareqcn5164_firmwareqcn5122_firmwaresdx55_firmwareqcn6422_firmwareipq9574_firmwareqca8081_firmwareqcn6023_firmwareimmersive_home_3210_platform_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareipq8078a_firmwareipq5300_firmwareipq8078_firmwareqcn9070_firmwareqcf8001_firmwareipq6028_firmwareipq8072a_firmwareqcn6112_firmwareqcn6432_firmwareipq5312_firmwareqca9889_firmwareqcn9024_firmwareipq8174_firmwareqcn6412_firmwareipq5332_firmwareipq5302_firmwaresdx65m_firmwareipq8071a_firmwareqca8085_firmwareqca9888_firmwareipq6010_firmwareipq9008_firmwareqcn5154_firmwareimmersive_home_214_platform_firmwareqcn9022_firmwareqcn9100_firmwareipq5010_firmwareipq8074a_firmwareqcn9072_firmwareipq6000_firmwareqcn9074_firmwareqcn5022_firmwareimmersive_home_216_platform_firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2024-21473
Matching Score-10
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-10
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.14% / 34.71%
||
7 Day CHG~0.00%
Published-01 Apr, 2024 | 15:06
Updated-13 Jan, 2025 | 21:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in WIN SON

Memory corruption while redirecting log file to any file location with any file name.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn9012_firmwareqfw7124_firmwareqca9986ipq6028_firmwareqcn5021_firmwareqca8072ipq5010ipq8070a_firmwareipq9570_firmwarecsr8811_firmwareipq9570qcn6274qcn6412_firmwareqca7500qcn5502_firmwareqca6428_firmwareqca9880_firmwareqcn5550_firmwareqcn5164pmp8074qca9888_firmwareqcn9000_firmwareipq4028ipq8072aipq4018qca9558qfw7114qcn6024qca9531ar9380_firmwareqcn9100qcc710_firmwareipq8078aipq8173pmp8074_firmwareqca8072_firmwareqfw7114_firmwareqca8075_firmwareqcn5122ar8035wcd9340ipq5302qfe1952immersive_home_326qca9531_firmwareipq8072ipq8064qcn5052_firmwareqca8337ipq8076a_firmwareqcn5124_firmwareqca9558_firmwareipq6018_firmwareqca9994_firmwareqcn6100_firmwareqcn6422_firmwareqcn9003qcn9022ipq6010_firmwareqca9886_firmwareqcn6402ipq5332_firmwareqca9889_firmwareipq8068sdx55snapdragon_x75_5g_modem-rfqca8082_firmwareipq5028_firmwareqcn9070_firmwareqca9992qcn9001qcn9074_firmwareqca8084qcn6100ipq8076qca8084_firmwareipq4019_firmwareqcn6102_firmwaresdx55_firmwareipq8174ipq9554_firmwareqcn9002_firmwareqca9988_firmwareqcn6132qcn5152_firmwareqca8075ipq8070_firmwareipq9574_firmwareipq6028qcn6102qcn9074ipq5312_firmwareqcn6432_firmwareqcn5022qcn9000qca8082qca6428immersive_home_214ipq9008qca9990_firmwareipq5302_firmwareqcn5024qcn6402_firmwareqca9898_firmwareqca0000_firmwareqcn9072_firmwareqcn6023_firmwarewcd9380_firmwareimmersive_home_214_firmwareipq9554ipq8078a_firmwareqcn6112snapdragon_x65_5g_modem-rfqca8081qcn9022_firmwareqcn6412ipq4019ipq8072_firmwareqca9984_firmwareipq9574qcf8001qca7500_firmwareqcn9024qcn5124ar8035_firmwareqca8337_firmwareipq4029immersive_home_318_firmwareimmersive_home_316_firmwareimmersive_home_326_firmwareqcn9274qcc710sdx65m_firmwareqcn5022_firmwareqca9898fastconnect_7800_firmwareqca9888qfw7124ipq5332ar9380ipq9008_firmwareqcn5064_firmwareqcn6023qca9980qcn9274_firmwareipq8173_firmwareqca9980_firmwareipq5010_firmwareqcn5154ipq8071a_firmwareqcn6224immersive_home_216ipq8174_firmwareqcf8001_firmwareimmersive_home_316qca8386_firmwareqca9985_firmwareqcn6422qcn6432ipq8074a_firmwareqcn5021ipq8078fastconnect_7800qcn6274_firmwareqcn9003_firmwareipq6000ipq8072a_firmwareqca4024_firmwareqca9563csr8811ipq4029_firmwareipq8065_firmwareipq8076aqca9988qca9992_firmwareqcf8000ipq6010fastconnect_6900qcn6132_firmwareipq8071_firmwareqca9984qca9985qcn5054qca0000qcn5164_firmwareipq8076_firmwareqcn9002qcn5054_firmwareqcn5550qcn9100_firmwareipq5028ipq8070qca9889qca9880qcn6224_firmwareqca8085_firmwareqfe1922_firmwaresnapdragon_x65_5g_modem-rf_firmwareipq8071aqcn6112_firmwareqcn6122_firmwareqcn6024_firmwareqca8386qcf8000_firmwareqcn9070qcn5122_firmwarefastconnect_6900_firmwareqcn5154_firmwarewcd9380qca9986_firmwareqcn5152qfe1952_firmwarewcd9340_firmwareipq8074immersive_home_3210qca9990ipq8064_firmwareqcn5052qcn5064immersive_home_3210_firmwareipq8074aipq5300_firmwareqcn6122ipq6018snapdragon_x75_5g_modem-rf_firmwareqca8085qca9563_firmwareipq5300qca8081_firmwareqca9886ipq6000_firmwareqcn9001_firmwareqcn9024_firmwareqcn5024_firmwareipq8078_firmwareipq4018_firmwareqca4024qca6438_firmwareqfe1922immersive_home_216_firmwareipq8065immersive_home_318qca9994qcn9012ipq4028_firmwareipq8068_firmwareqcn9072ipq8071qca6438qcn5502ipq8070aipq5312ipq8074_firmwaresdx65mSnapdragonqcn5024_firmwareqca6428_firmwareqca9985_firmwareipq4018_firmwareqca8337_firmwareipq4028_firmwareqca7500_firmwareqca9980_firmwareqcf8000_firmwareipq8076a_firmwareipq8173_firmwarear9380_firmwareqcn9001_firmwareqca9563_firmwareqca9558_firmwareqcn6224_firmwareqca4024_firmwareqcn6122_firmwareipq8065_firmwareqca9880_firmwareqcn6402_firmwareimmersive_home_318_platform_firmwarecsr8811_firmwareipq5028_firmwareipq9554_firmwareqcn5054_firmwareqca8075_firmwareipq4019_firmwareqcn5152_firmwareqca0000_firmwareqcn6132_firmwareqcn9003_firmwareqca8072_firmwareqcn9000_firmwareqca9984_firmwareqca9994_firmwareqcn5052_firmwareqcn9012_firmwareqcn9274_firmwareipq8070a_firmwareqfw7114_firmwareqcn6024_firmwareqca8386_firmwareipq6018_firmwareimmersive_home_316_platform_firmwareipq8076_firmwareqcn5502_firmwareqca8084_firmwarepmp8074_firmwareqcn5124_firmwareqfe1952_firmwareqfe1922_firmwareqca9986_firmwareqcn6100_firmwareqcn6102_firmwareqca8082_firmwareqcn5164_firmwareqcn5122_firmwareqcn6422_firmwareqca8081_firmwareqcn6023_firmwareipq9574_firmwareqcn5550_firmwareimmersive_home_3210_platform_firmwareipq8064_firmwareqca6438_firmwareipq8070_firmwareipq8078a_firmwareqcn6274_firmwareqcn5064_firmwareipq8078_firmwareipq4029_firmwareipq8072_firmwareipq9570_firmwareqcn9070_firmwareqcf8001_firmwarefastconnect_6900_firmwareipq6028_firmwareipq8072a_firmwareqcn6112_firmwareqcn6432_firmwareipq5312_firmwareipq8074_firmwareqca9889_firmwareqcn9024_firmwareipq8174_firmwarefastconnect_7800_firmwareqcn6412_firmwareipq5332_firmwareipq5302_firmwareqca9886_firmwareipq8071a_firmwareqca8085_firmwareqca9888_firmwareipq8068_firmwareipq6010_firmwareipq9008_firmwareqca9988_firmwareqcn5154_firmwareimmersive_home_214_platform_firmwareqca9898_firmwareqcc710_firmwareqcn9100_firmwareqcn9022_firmwareqcn5021_firmwareqca9992_firmwareqca9990_firmwareqcn9002_firmwareipq5010_firmwareipq8074a_firmwareqcn9072_firmwareqca9531_firmwareipq6000_firmwareipq8071_firmwareqcn9074_firmwareqcn5022_firmwareqfw7124_firmwareimmersive_home_216_platform_firmwarear8035_firmware
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-2325
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 56.03%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 17:11
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of boundary access due to token received from ADSP and is used without validation as an index into the array in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632mdm9640_firmwaresd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdx24sdm439mdm9650sd_636sd_615_firmwaremsm8909w_firmwaremsm8996ausd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_425_firmwaresd_665sdx24_firmwaresd_625_firmwaresd_450sd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sd_210_firmwaresd_415_firmwaremsm8909wsd_665_firmwaresd_616_firmwaresd_205_firmwaresd_415sd_212sd_427_firmwaresd_712sd_855sd_730_firmwarequalcomm_215sdx20sd_616sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_615sd_710_firmwaresdm630qcs405sd_625sd_820_firmwaresd_210mdm9607sd_636_firmwaresd_439_firmwarequalcomm_215_firmwaremdm9150sd_429_firmwaresd_730sd_212_firmwaresd_850_firmwaresd_855_firmwaresdm439_firmwareqcs405_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_430sd_427sd_670sd_435_firmwaresdx20_firmwaresd_710sd_205sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2019-2317
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.24% / 47.85%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The secret key used to make the Initial Sequence Number in the TCP SYN packet could be brute forced and therefore can be predicted in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, Nicobar, QCM2150, QM215, SC8180X, SDM429, SDM439, SDM450, SDM632, SDX24, SDX55, SM6150, SM7150, SM8150

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-msm8920qcm2150_firmwaremsm8953sdm450sdm632_firmwaresdm450_firmwaresdm632qcm2150msm8920_firmwaresdm439sdx24sc8180x_firmwaresdm429msm8940_firmwaresm7150_firmwaresm6150qm215sm7150msm8917msm8937sc8180xmsm8905sm8150_firmwaremsm8909sdx24_firmwaresdm439_firmwareqm215_firmwaresdx55msm8940msm8953_firmwaresm6150_firmwaremsm8917_firmwaremsm8937_firmwaresdm429_firmwaresm8150msm8905_firmwaresdx55_firmwarenicobar_firmwaremsm8909_firmwarenicobarSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-330
Use of Insufficiently Random Values
CVE-2019-2268
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.34% / 56.55%
||
7 Day CHG~0.00%
Published-21 Nov, 2019 | 14:38
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible OOB read issue in P2P action frames while handling WLAN management frame in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8996AU, MSM8998, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS405, QCS605, SDA660, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresdm636_firmwaremsm8996au_firmwareapq8098_firmwaresdm845sdx20msm8998_firmwaresdm660sdm630mdm9607_firmwaremdm9650qcs405qca6574ausdm710sm6150mdm9607msm8996auapq8017_firmwaresdm710_firmwareapq8009_firmwaresdm670qcs605_firmwaremdm9207c_firmwaremdm9206mdm9207cqca6174a_firmwareqca6174aqca9379_firmwaresdm670_firmwareapq8096ausdm636qcs405_firmwareqca9377sdm630_firmwareapq8098sda660_firmwaremdm9206_firmwareqcs605apq8053apq8096au_firmwaresm6150_firmwaremdm9650_firmwaremsm8998sdx20_firmwareqca6574au_firmwaresda660apq8017apq8009qca9379apq8053_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-2323
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 56.03%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 17:11
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of check to ensure crypto engine data passed by user is initialized can result in bus error in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632mdm9640_firmwaresd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdx24sdm439mdm9650sd_636msm8909w_firmwaremsm8996ausd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_425_firmwaresd_665sdx24_firmwaresd_625_firmwaresd_450sd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sd_210_firmwaremsm8909wsd_665_firmwaresd_205_firmwaresd_212sd_427_firmwaresd_712sd_855sd_730_firmwarequalcomm_215sdx20sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_710_firmwaresdm630qcs405sd_625sd_820_firmwaresd_210mdm9607sd_636_firmwaresd_439_firmwarequalcomm_215_firmwaremdm9150sd_429_firmwaresd_730sd_212_firmwaresd_850_firmwaresd_855_firmwaresdm439_firmwareqcs405_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_430sd_427sd_670sd_435_firmwaresdx20_firmwaresd_710sd_205sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-1187
DEPRECATED: Use of Uninitialized Resource
CVE-2019-2285
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 56.03%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 17:11
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound write issue is observed while giving information about properties that have been set so far for playing video in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_632sd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdm439sd_636snapdragon_high_med_2016_firmwaremsm8909w_firmwaremsm8996ausd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaresd_425_firmwaresd_665sd_625_firmwaresd_450sd_8cx_firmwaresd_845qcs605sd_632_firmwaresd_835_firmwaresd_835sda660sxr1130_firmwaresd_210_firmwaresxr1130msm8909wsd_665_firmwaresd_205_firmwaresd_212sd_427_firmwaresd_712sd_855sd_730_firmwarequalcomm_215sd_425sdm660sd_430_firmwaresd_710_firmwaresd_435sdm630sd_625sd_210sd_820_firmwaresd_636_firmwaresd_439_firmwarequalcomm_215_firmwaresd_429_firmwaresd_730snapdragon_high_med_2016sd_212_firmwaresd_850_firmwaresdm439_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_8cxsd_427sd_430sd_670sd_435_firmwaresd_710sd_205sdm660_firmwaresd_855_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-2303
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.29% / 52.80%
||
7 Day CHG~0.00%
Published-21 Nov, 2019 | 14:38
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SNDCP module may access array out side its boundary when it receives malformed XID message. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9635m_firmwareqcm2150_firmwaremdm9640_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresnapdragon_high_med_2016_firmwaresm6150msm8909w_firmwaremsm8976_firmwaremsm8996ausm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaresc8180xmdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwaremdm9635mapq8098mdm9615mdm9205mdm9206_firmwaremsm8939qcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwaremdm9655_firmwaresdm660sc8180x_firmwaresdm710qm215mdm9607apq8017_firmwaremdm9625_firmwaresdm710_firmwaremsm8939_firmwaremdm9150msm8937msm8905snapdragon_high_med_2016sm8150_firmwaremsm8909sxr2130_firmwaremdm9655apq8096ausdm439_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwaremdm9625qm215_firmwaremsm8976sdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250msm8998sm8150sdx20_firmwaresdm850mdm9615_firmwareapq8017nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-2294
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 56.03%
||
7 Day CHG~0.00%
Published-30 Sep, 2019 | 15:40
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Usage of hard-coded magic number for calculating heap guard bytes can allow users to corrupt heap blocks without heap algorithm knowledge in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9655, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_632mdm9635m_firmwaresd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdm439sd_636snapdragon_high_med_2016_firmwaremsm8909w_firmwaremsm8996ausd_820sd_650sd_450_firmwaresd_845_firmwaresd_410sd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_652sd_425_firmwaresd_665sd_625_firmwaresd_450mdm9635msd_8cx_firmwaremdm9615mdm9205mdm9206_firmwaresd_845qcs605sd_632_firmwaresd_835_firmwaresd_835sda660sxr1130_firmwaresd_210_firmwaresd_652_firmwaresxr1130msm8909wsd_665_firmwaresd_205_firmwaresd_212sd_650_firmwaresd_427_firmwaresd_712sd_855sd_730_firmwaresd_412qualcomm_215sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435mdm9655_firmwaresd_710_firmwaresdm630sd_625sd_820_firmwaresd_210mdm9607sd_636_firmwaremdm9625_firmwaresd_439_firmwarequalcomm_215_firmwaresd_429_firmwaresd_730snapdragon_high_med_2016sd_212_firmwaresd_850_firmwaremdm9655sdm439_firmwaresd_412_firmwaresd_712_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwaremdm9625sd_8cxsd_430sd_427sd_670sd_435_firmwaremdm9615_firmwaresd_710sd_410_firmwaresd_205sdm660_firmwaresd_855_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-330
Use of Insufficiently Random Values
CVE-2019-2302
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.40% / 60.87%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 17:11
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While processing vendor command which contains corrupted channel count, an integer overflow occurs and finally will lead to heap overflow. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8976, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS405, QCS605, SDA845, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM8150

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaremdm9640_firmwaresdm636_firmwaresdm845_firmwaremsm8996au_firmwaresdm845sdx20sdm660sdx24mdm9607_firmwaremdm9650qcs405qca6574ausdm710msm8909w_firmwaremdm9607msm8976_firmwaremsm8996ausm6150apq8017_firmwaresdm710_firmwareqcn7605_firmwaresdm670qcs605_firmwaremdm9207c_firmwaremdm9206msm8905mdm9207cqca6174a_firmwareqca6174aqca9379_firmwaresdm670_firmwaresm8150_firmwaremsm8909sdx24_firmwareapq8096ausdm636qcs405_firmwareqca9377sda845_firmwareqcn7605mdm9206_firmwareqcs605msm8976apq8053apq8096au_firmwaresm6150_firmwaremdm9650_firmwaresm8150sdx20_firmwaremsm8905_firmwareqca6574au_firmwareapq8017msm8909wqca9379msm8909_firmwareapq8053_firmwaresdm660_firmwaresda845mdm9640Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-2311
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.36% / 57.93%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow in WLAN handler due to lack of validation of destination buffer size before copying it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8996, MSM8996AU, MSM8998, QCA6174A, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9886, QCS605, SA6155P, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwareapq8096_firmwaremdm9640_firmwaremsm8996au_firmwaresdm845apq8096sdx24mdm9650sm7150_firmwaresm6150qca6574msm8996ausm7150apq8009_firmwaresdm670qcs605_firmwaremdm9206qca9379_firmwareqca6174asdm670_firmwaresdx24_firmwareqca6584au_firmwareipq8074sdm636sda845_firmwareqca9377apq8098mdm9206_firmwareqca6574_firmwareqca9886qcs605qca6584_firmwaremdm9650_firmwareqca6584qca6574au_firmwaresda660sxr1130_firmwareqca8081_firmwaresxr1130apq8009apq8053_firmwaresda845sdm850_firmwareqca6584ausa6155p_firmwaresdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660sdm630mdm9607_firmwareipq8074_firmwareqca6574ausdm710mdm9607apq8017_firmwaresdm710_firmwaresa6155pqca8081mdm9207c_firmwaremsm8996_firmwaremdm9207cqca6174a_firmwareqca9886_firmwaresm8150_firmwareapq8096ausdm630_firmwaresda660_firmwareapq8053sm6150_firmwareapq8096au_firmwaremsm8998sm8150sdx20_firmwaresdm850apq8017msm8996qca9379sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-2332
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 56.03%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 17:11
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption while accessing the memory as payload size is not validated before access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9615, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632mdm9640_firmwaresd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdx24sdm439mdm9650sd_636sd_615_firmwaremsm8909w_firmwaremsm8996ausd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_425_firmwaresd_665sdx24_firmwaresd_625_firmwaresd_450mdm9615sd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sd_210_firmwaresd_600sd_415_firmwaremsm8909wsd_665_firmwaresd_616_firmwaresd_205_firmwaresd_415sd_212sd_427_firmwaresd_712sd_855sd_730_firmwarequalcomm_215sdx20sd_616sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_615sd_710_firmwaresdm630qcs405sd_625sd_820_firmwaresd_210mdm9607sd_636_firmwaresd_439_firmwarequalcomm_215_firmwaremdm9150sd_429_firmwaresd_730sd_212_firmwaresd_850_firmwaresd_855_firmwaresdm439_firmwareqcs405_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_430sd_427sd_670sd_435_firmwaremdm9615_firmwaresdx20_firmwaresd_710sd_600_firmwaresd_205sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-2289
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.05% / 16.66%
||
7 Day CHG~0.00%
Published-21 Nov, 2019 | 14:38
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of integrity check allows MODEM to accept any NAS messages which can result into authentication bypass of NAS in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9635m_firmwareqcm2150_firmwaremdm9640_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresnapdragon_high_med_2016_firmwaresm6150msm8909w_firmwaremsm8976_firmwaremsm8996aumdm915_firmwaresm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaresc8180xmdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwaremdm9635mapq8098mdm9615mdm9205mdm9206_firmwaremsm8939qcs605mdm915msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwaremdm9655_firmwaresdm660sc8180x_firmwaresdm710qm215mdm9607apq8017_firmwaremdm9625_firmwaresdm710_firmwaremsm8939_firmwaremsm8937msm8905snapdragon_high_med_2016sm8150_firmwaremsm8909sxr2130_firmwaremdm9655apq8096ausdm439_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwaremdm9625qm215_firmwaremsm8976sdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250msm8998sm8150sdx20_firmwaresdm850mdm9615_firmwareapq8017nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
CVE-2019-2324
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.25% / 48.51%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 17:11
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When ADSP is compromised, the audio port index that`s returned from ADSP might be out of the valid range and leads to out of boundary access in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9615, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 845 / SD 850, SD 855, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaremdm9640_firmwaresd_820asd_675sd_670_firmwaresdx24mdm9650sd_615_firmwaremsm8909w_firmwaresd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwaresd_675_firmwaremdm9206sd_425_firmwaresd_665sdx24_firmwaresd_625_firmwaresd_450mdm9615sd_845mdm9206_firmwaremdm9640mdm9650_firmwaresd_210_firmwaresd_600sd_415_firmwaremsm8909wsd_665_firmwaresd_616_firmwaresd_205_firmwaresd_415sd_212sd_427_firmwaresd_712sd_855sd_730_firmwaresdx20sd_616sd_425sd_430_firmwaremdm9607_firmwaresd_435sd_615sd_710_firmwaresd_625sd_210mdm9607sd_820_firmwaremdm9150sd_730sd_212_firmwaresd_850_firmwaresd_712_firmwaresd_427sd_430sd_670sd_435_firmwaremdm9615_firmwaresd_710sdx20_firmwaresd_600_firmwaresd_205sd_855_firmwareSnapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2019-2252
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-1.20% / 78.96%
||
7 Day CHG~0.00%
Published-30 Sep, 2019 | 15:40
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Classic buffer overflow vulnerability while playing the specific video whose Decode picture buffer size is more than 16 in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_632sd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdm439mdm9650sd_636snapdragon_high_med_2016_firmwaremsm8909w_firmwaremsm8996ausd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaresd_425_firmwaresd_665sd_625_firmwaresd_450sd_8cx_firmwaresd_845qcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sxr1130_firmwaresd_210_firmwaresxr1130msm8909wsd_665_firmwaresd_205_firmwaresd_212sd_427_firmwaresd_712sd_855qualcomm_215sd_425sdm660sd_430_firmwaresd_710_firmwaresd_435sdm630sd_625sd_210sd_820_firmwaresd_636_firmwaresd_439_firmwarequalcomm_215_firmwaresd_429_firmwaresnapdragon_high_med_2016sd_212_firmwaresd_850_firmwaresdm439_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_8cxsd_427sd_430sd_670sd_435_firmwaresd_710sd_205sdm660_firmwaresd_855_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-30341
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.22% / 44.46%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 10:10
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer size validation of DSM packet received can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwarewsa8830sd678mdm9640_firmwaresm6250p_firmwarewcn3998_firmwareqcs610qcs2290_firmwareqca8337sd7c_firmwarecsrb31024mdm9628_firmwarewcd9360_firmwaresdx65qcs4290wcn3950_firmwaremdm9250sd765g_firmwareqca6420_firmwareqca6595au_firmwareqcs2290qca6390_firmwaresd690_5gsd730_firmwarewcd9370sd_675_firmwaresd675_firmwareqcs6125_firmwareqca6426qca9377sa415mwcn3998sdw2500_firmwarewcd9385_firmwaresdxr2_5g_firmwaresd_8cx_gen2_firmwarewcn3950mdm9628sd720gmdm9206_firmwareqsw8573_firmwaresd_8_gen1_5g_firmwaresm6375_firmwaresd662sd460_firmwaresm7315_firmwareqca6574au_firmwaresdx55_firmwareqca6595auqca8081_firmwaresdx12_firmwarewcd9375_firmwaremsm8909wsm7250p_firmwareapq8009w_firmwareqca6420qca6436_firmwarewcd9360wcn3610_firmwaremdm9207qca6564au_firmwaresd680_firmwaresd778gqca9367_firmwarewcd9306mdm8207sd_8cx_gen2sa515m_firmwareqcs6490sd429sdxr2_5gqca9367qcs6125qca4004_firmwaremdm9607_firmwaresd662_firmwaresa415m_firmwarewcn3988_firmwareqca6430sd205sd429_firmwaresm6250sd778g_firmwarewcd9306_firmwaresd765gsw5100sd765_firmwareqca6436sd680wcn6851qca8081qca6174a_firmwaremdm9250_firmwareqcs4290_firmwarewcd9385qca6696_firmwareqcs6490_firmwaresd750gsd870_firmwarear8035qca6390sd750g_firmwareaqt1000wcd9375wcn3910_firmwaresm6250_firmwaremdm9207_firmwareqca4004wsa8830_firmwaresda429wsd210sd855_firmwaresd660sd865_5g_firmwaresdx20_firmwareqcm6490sd888_5g_firmwarewcn3620_firmwaresd660_firmwarewcn3620wcn3988wcn6850_firmwarewsa8835_firmwareqcx315sm8475qca6564awcn6750_firmwarewcn3610qcm6125_firmwaremdm9640qcm2290_firmwaresm6375wcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwaresd_675sdm429wmsm8996au_firmwaresd780gsw5100pwcd9330sd865_5gqca6564ausdx24sdx55m_firmwarewcn6856_firmwaresd888msm8909w_firmwareqca6574msm8996auqcx315_firmwaresdm429w_firmwaresd665_firmwarewsa8835wcd9380sd888_5gsd850sm6250pqcs410qca6574asd690_5g_firmwaremdm9206wcn6855_firmwareqca9379_firmwareqca6174asm7325psdx24_firmwareqca6430_firmwarewcn6750qsw8573mdm9205sa515mqca6574_firmwaresd855sm7325p_firmwaresd665sd7cwcn3910wcn6850sd765qca6426_firmwareqca6574a_firmwaresd768g_firmwaresd850_firmwaresm7315sd460qca6391sd730sdx55msdxr1_firmwarewcd9330_firmwareaqt1000_firmwarewcn6740_firmwaresdx65_firmwaresd678_firmwareqcm4290csrb31024_firmwareqcm6490_firmwaresdx20sd480_firmwarewcn6851_firmwareqca6574aumdm9607sd205_firmwareqca6564a_firmwareapq8009wqcm6125qcm4290_firmwaresd480sd870wcn6855sw5100p_firmwaresd210_firmwareqcs610_firmwarewcn6856sdxr1sd768gapq8096aumdm8207_firmwareqca6696wcn6740mdm9205_firmwareqca6391_firmwaresd780g_firmwarewcd9370_firmwaresdw2500sd888_firmwaresdx55apq8096au_firmwaresd675sm7250psd720g_firmwaresdx12sw5100_firmwareqcs410_firmwareqca9379ar8035_firmwareqcm2290Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-2300
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.36% / 57.93%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow in WLAN handler due to lack of validation of destination buffer size before copying into it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8098, IPQ8074, MDM9206, MDM9207C, MDM9607, MSM8996, MSM8996AU, MSM8998, QCA6174A, QCA6574AU, QCA8081, QCA9377, QCA9379, QCA9886, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwareapq8096_firmwaremsm8996au_firmwaresdm845apq8096sm7150_firmwaresm6150msm8996ausm7150apq8009_firmwaresdm670qcs605_firmwaremdm9206qca9379_firmwareqca6174asdm670_firmwareipq8074sdm636sda845_firmwareqca9377apq8098mdm9206_firmwareqcs605qca9886qca6574au_firmwaresda660sxr1130_firmwareqca8081_firmwaresxr1130apq8009apq8053_firmwaresda845sdm850_firmwaresdm636_firmwareapq8098_firmwaremsm8998_firmwaresdm660sdm630mdm9607_firmwareipq8074_firmwareqca6574ausdm710mdm9607apq8017_firmwaresdm710_firmwareqca8081mdm9207c_firmwaremsm8996_firmwaremdm9207cqca6174a_firmwareqca9886_firmwaresm8150_firmwaresdm630_firmwaresda660_firmwareapq8053sm6150_firmwaremsm8998sm8150sdm850apq8017msm8996qca9379sdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2017-18696
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.15% / 35.15%
||
7 Day CHG~0.00%
Published-07 Apr, 2020 | 13:52
Updated-05 Aug, 2024 | 21:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung mobile devices with M(6.0) and N(7.0) (Exynos7420, Exynos8890, or MSM8996 chipsets) software. RKP allows memory corruption. The Samsung ID is SVE-2016-7897 (January 2017).

Action-Not Available
Vendor-n/aGoogle LLCQualcomm Technologies, Inc.Samsung
Product-exynos_7420androidmsm8996exynos_8890n/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-17772
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.8||HIGH
EPSS-0.21% / 43.13%
||
7 Day CHG+0.05%
Published-26 Nov, 2024 | 08:55
Updated-09 Jan, 2025 | 21:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Multiple buffer overread vulnerabilities in WLAN

In multiple functions that process 802.11 frames, out-of-bounds reads can occur due to insufficient validation.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_820asd_845sd_625_firmwaresd_820sd_625sd_850sd_820a_firmwaresd_835_firmwaresd_450_firmwaresd_820_firmwaresd_835sd_450sd_850_firmwaresd_845_firmwareSnapdragon
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-2320
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 56.03%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 08:30
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bounds write in a MT SMS/SS scenario due to improper validation of array index in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9635m_firmwareqcm2150_firmwaremdm9640_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresnapdragon_high_med_2016_firmwaresm6150msm8909w_firmwaremsm8976_firmwaremsm8996ausm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaremdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwaremdm9635mapq8098mdm9615mdm9205mdm9206_firmwaremsm8939qcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwaremdm9655_firmwaresdm660sdm710qm215mdm9607apq8017_firmwaremdm9625_firmwaresdm710_firmwaremsm8939_firmwaremdm9150msm8937msm8905snapdragon_high_med_2016sm8150_firmwaremsm8909sxr2130_firmwaremdm9655apq8096ausdm439_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwaremdm9625qm215_firmwaremsm8976sdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250msm8998sm8150sdx20_firmwaresdm850mdm9615_firmwareapq8017nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-129
Improper Validation of Array Index
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-2258
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.25% / 48.51%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 17:11
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper validation of array index causes OOB write and then leads to memory corruption in MMCP in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632mdm9635m_firmwaremdm9640_firmwaresd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdm439mdm9650sd_636sd_615_firmwaresnapdragon_high_med_2016_firmwaremsm8909w_firmwaremsm8996ausd_820sd_650sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaresd_652sd_425_firmwaresd_665sd_625_firmwaresd_450mdm9635msd_8cx_firmwaremdm9615sd_845qcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sxr1130_firmwaresd_210_firmwaresd_415_firmwaresd_652_firmwaresxr1130msm8909wsd_665_firmwaresd_616_firmwaresd_205_firmwaresd_415sd_212sd_650_firmwaresd_427_firmwaresd_712sd_855sd_730_firmwarequalcomm_215sdx20sd_616sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435mdm9655_firmwaresd_615sd_710_firmwaresdm630sd_625sd_820_firmwaresd_210mdm9607sd_636_firmwaremdm9625_firmwaresd_439_firmwarequalcomm_215_firmwaremdm9150sd_429_firmwaresd_730snapdragon_high_med_2016sd_212_firmwaresd_850_firmwaremdm9655sdm439_firmwaresd_855_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaremdm9625sd_8cxsd_430sd_427sd_670sd_435_firmwaremdm9615_firmwaresdx20_firmwaresd_710sd_205sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-129
Improper Validation of Array Index
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-20556
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.15% / 35.15%
||
7 Day CHG~0.00%
Published-24 Mar, 2020 | 18:23
Updated-05 Aug, 2024 | 02:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung mobile devices with P(9.0) (SM6150, SM8150, SM8150_FUSION, exynos7885, exynos9610, and exynos9820 chipsets) software. RKP memory corruption allows attackers to control the effective address in EL2. The Samsung ID is SVE-2019-15221 (October 2019).

Action-Not Available
Vendor-n/aGoogle LLCQualcomm Technologies, Inc.Samsung
Product-exynos_9610sm6150sm8150androidexynos_7885sm8150_fusionexynos_9820n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-2331
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 56.03%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 17:11
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible Integer overflow because of subtracting two integers without checking if the result would overflow or not in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9615, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632mdm9640_firmwaresd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdx24sdm439mdm9650sd_636sd_615_firmwaremsm8909w_firmwaremsm8996ausd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_425_firmwaresd_665sdx24_firmwaresd_625_firmwaresd_450mdm9615sd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sd_210_firmwaresd_600sd_415_firmwaremsm8909wsd_665_firmwaresd_616_firmwaresd_205_firmwaresd_415sd_212sd_427_firmwaresd_712sd_855sd_730_firmwarequalcomm_215sdx20sd_616sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_615sd_710_firmwaresdm630qcs405sd_625sd_820_firmwaresd_210mdm9607sd_636_firmwaresd_439_firmwarequalcomm_215_firmwaremdm9150sd_429_firmwaresd_730sd_212_firmwaresd_850_firmwaresd_855_firmwaresdm439_firmwareqcs405_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_430sd_427sd_670sd_435_firmwaremdm9615_firmwaresdx20_firmwaresd_710sd_600_firmwaresd_205sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-2242
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.36% / 57.93%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 05:25
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Device memory may get corrupted because of buffer overflow/underflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8016, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SM6150, SM7150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9635m_firmwareapq8096_firmwaremdm9640_firmwareqcm2150_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632apq8096sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996aumdm9645sm7150apq8009_firmwaremsm8917sdm670qcs605_firmwaresdm670_firmwaresdm636sda845_firmwaremdm9635mapq8098mdm9615msm8939qcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150apq8016_firmwaresdm630mdm9607_firmwaremsm8920_firmwaremdm9655_firmwaresdm660sdm710qm215mdm9607mdm9645_firmwareapq8017_firmwaremdm9625_firmwaresdm710_firmwaremsm8939_firmwaremdm9150msm8937msm8905msm8909mdm9655apq8096ausdm439_firmwaresdm630_firmwaresda660_firmwaremdm9625apq8016qm215_firmwaremsm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaremdm9615_firmwaremsm8998sdx20_firmwaresdm850apq8017nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-2249
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.48% / 65.26%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 17:11
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Kernel can do a memory read from arbitrary address passed by user during execution of a syscall in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9205, MDM9650, QCA8081, QCS605, SD 427, SD 435, SD 450, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_427_firmwaresd_712sd_850sd_855sd_730_firmwaresd_675sdx20sd_670_firmwaresdm660sdm630sd_710_firmwaresd_435mdm9650sd_636sd_625ipq8074_firmwaresnapdragon_high_med_2016_firmwaresd_636_firmwaresd_450_firmwaresd_845_firmwareqca8081qcs605_firmwaresd_675_firmwaresd_730snapdragon_high_med_2016sd_665sd_850_firmwaresd_625_firmwareipq8074sd_450sd_712_firmwaresdm630_firmwaremdm9205_firmwaresd_8cx_firmwaresda660_firmwaremdm9205sd_845sd_427qcs605sd_8cxsd_670sd_435_firmwaresd_835_firmwaremdm9650_firmwaresd_710sdx20_firmwaresd_835sda660sxr1130_firmwareqca8081_firmwaresxr1130sd_665_firmwaresdm660_firmwaresd_855_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-2283
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.31% / 54.43%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 17:11
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper validation of read and write index of tx and rx fifo`s before calculating pointer can lead to out-of-bound access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632mdm9640_firmwaresd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdx24sdm439mdm9650sd_636msm8909w_firmwaremsm8996ausd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_425_firmwaresdx24_firmwaresd_625_firmwaresd_450sd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sd_210_firmwaremsm8909wsd_205_firmwaresd_212sd_427_firmwaresd_712sd_855sd_730_firmwarequalcomm_215sdx20sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_710_firmwaresdm630sd_625sd_820_firmwaresd_210mdm9607sd_636_firmwaresd_439_firmwarequalcomm_215_firmwaremdm9150sd_429_firmwaresd_730sd_212_firmwaresd_850_firmwaresd_855_firmwaresdm439_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_430sd_427sd_670sd_435_firmwaresdx20_firmwaresd_710sd_205sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-27071
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.3||HIGH
EPSS-0.05% / 16.81%
||
7 Day CHG~0.00%
Published-06 Aug, 2025 | 07:26
Updated-19 Aug, 2025 | 13:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input in Powerline Communication Firmware

Memory corruption while processing specific files in Powerline Communication Firmware.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_8_gen_1_mobile_platformsdx55_firmwaresxr2250psw5100psw5100_firmwarewcn3660b_firmwaresnapdragon_w5\+_gen_1_wearable_platform_firmwarewsa8832wsa8835wcn3988qca6426sdx55snapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)sxr2230p_firmwareqca6391snapdragon_x55_5g_modem-rf_systemsxr2250p_firmwaresnapdragon_x55_5g_modem-rf_system_firmwarefastconnect_7800_firmwarewcn3980wcn3988_firmwaresw5100p_firmwarewsa8830qsm8250wcn3620wsa8815_firmwaresnapdragon_870_5g_mobile_platform_\(sm8250-ac\)_firmwarewsa8810fastconnect_6800qca6426_firmwaresnapdragon_xr2_5g_platform_firmwaresnapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)_firmwaresw5100snapdragon_870_5g_mobile_platform_\(sm8250-ac\)sd865_5gsxr2130wsa8810_firmwarewcd9380_firmwarewsa8835_firmwaresnapdragon_429_mobile_platform_firmwaresnapdragon_429_mobile_platformsnapdragon_xr2_5g_platformqca6436snapdragon_8_gen_1_mobile_platform_firmwarewcn3660bwcd9385wsa8832_firmwarefastconnect_6800_firmwarewcn3620_firmwarewcd9385_firmwarewsa8815qsm8250_firmwarefastconnect_7800snapdragon_865_5g_mobile_platformfastconnect_6900_firmwaresxr2130_firmwaresnapdragon_865_5g_mobile_platform_firmwareqca6436_firmwarewcn3980_firmwaresxr2230pfastconnect_6900sd865_5g_firmwaresnapdragon_w5\+_gen_1_wearable_platformsdm429wqca6391_firmwaresdm429w_firmwarewcd9380wsa8830_firmwareSnapdragon
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-27034
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.05% / 14.64%
||
7 Day CHG~0.00%
Published-24 Sep, 2025 | 15:33
Updated-26 Feb, 2026 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Validation of Array Index in Multi-Mode Call Processor

Memory corruption while selecting the PLMN from SOR failed list.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9360wcd9380315_5g_iot_modem_firmwareqcs6490_firmwarewsa8840sdx80msdx55snapdragon_778g_5g_mobile_platformsnapdragon_888_5g_mobile_platform_firmwarewcd9340_firmwarewcn7861_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_x72_5g_modem-rf_systemwsa8840_firmwarefastconnect_6700_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwaresnapdragon_870_5g_mobile_platform_\(sm8250-ac\)snapdragon_782g_mobile_platform_\(sm7325-af\)_firmwaresnapdragon_7c\+_gen_3_compute_firmwarefastconnect_6700snapdragon_8\+_gen_2_mobile_platformqca6696sm7250p_firmwarewcn3950_firmwareqcm5430_firmwareqcs8550qfw7124_firmwareqcs8550_firmwaresdx61wsa8845hqep8111_firmwaresnapdragon_8_gen_2_mobile_platform_firmwaresm7325p_firmwaresnapdragon_auto_5g_modem-rf_firmwaresdx61_firmwareqcm8550_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresm4635_firmwaresdx57mwcd9341_firmwaresnapdragon_8\+_gen_1_mobile_platformsnapdragon_auto_5g_modem-rf_gen_2sd_8_gen1_5gwcd9360_firmwaresnapdragon_765g_5g_mobile_platform_\(sm7250-ab\)_firmwaresnapdragon_865_5g_mobile_platformsm7675wcd9385_firmwareqcm6490_firmwaresm7635_firmwareqep8111snapdragon_x62_5g_modem-rf_systemqca6391sm7325pqca6584au_firmwareqcn6024_firmwareqfw7114qcs6490snapdragon_480_5g_mobile_platformsnapdragon_690_5g_mobile_platformsnapdragon_x62_5g_modem-rf_system_firmwaresnapdragon_x55_5g_modem-rf_systemsnapdragon_x72_5g_modem-rf_system_firmwaresm8635p_firmwaresm8650q_firmwaresnapdragon_888\+_5g_mobile_platform_\(sm8350-ac\)_firmwareqcm8550wcd9370_firmwareqcn9024wsa8810wsa8815qcm4490_firmwaresnapdragon_870_5g_mobile_platform_\(sm8250-ac\)_firmwaresnapdragon_8_gen_1_mobile_platformar8035_firmwaresnapdragon_778g_5g_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwarewsa8845sdx80m_firmwaresnapdragon_865_5g_mobile_platform_firmwaresnapdragon_695_5g_mobile_platform_firmwaresm8550p_firmwarewcn7860_firmwarevideo_collaboration_vc3_platform_firmwaresd_8_gen1_5g_firmwarewcd9378sdx71m_firmwaresm8750snapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)_firmwarewcn6740_firmwareqca6595au_firmwaresm8750p_firmwaresnapdragon_8_gen_2_mobile_platformsnapdragon_480\+_5g_mobile_platform_\(sm4350-ac\)_firmwaresnapdragon_782g_mobile_platform_\(sm7325-af\)snapdragon_4_gen_1_mobile_platform_firmwaresg8275pqca6584ausdx71msnapdragon_8\+_gen_1_mobile_platform_firmwarewcn7880_firmwareqcn6274snapdragon_778g\+_5g_mobile_platform_\(sm7325-ae\)fastconnect_7800_firmwaresnapdragon_765_5g_mobile_platform_\(sm7250-aa\)snapdragon_x70_modem-rf_system_firmwareqcn6224_firmwaresm8750_firmwaresnapdragon_768g_5g_mobile_platform_\(sm7250-ac\)_firmwarewsa8810_firmwaresnapdragon_695_5g_mobile_platformsnapdragon_888\+_5g_mobile_platform_\(sm8350-ac\)wcd9385wcd9380_firmwarewcd9375qcn6024snapdragon_8_gen_1_mobile_platform_firmwaresm8750pwcn6450qcs4490wcn6450_firmwareqca6574asnapdragon_768g_5g_mobile_platform_\(sm7250-ac\)snapdragon_auto_5g_modem-rfwcd9340snapdragon_x75_5g_modem-rf_system_firmwarewcn7880wsa8845_firmwarewcd9341qca6391_firmwarewcn6755fastconnect_6200snapdragon_x65_5g_modem-rf_systemsg8275p_firmwareqca8337_firmwaresnapdragon_x35_5g_modem-rf_systemwcn6740wcn3988_firmwareqca8081sm7635snapdragon_8_gen_3_mobile_platformsnapdragon_765_5g_mobile_platform_\(sm7250-aa\)_firmwareqca6698aqsm8635wsa8832snapdragon_x70_modem-rf_systemqcn6224snapdragon_480\+_5g_mobile_platform_\(sm4350-ac\)snapdragon_7c\+_gen_3_computesnapdragon_x75_5g_modem-rf_systemwcn7861sdx57m_firmwarewcd9370wsa8815_firmwarewcn6650_firmwaresnapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)wcd9390_firmwaresm7675pqca8081_firmwarefastconnect_6900qcc710_firmwaresnapdragon_765g_5g_mobile_platform_\(sm7250-ab\)qca6698aq_firmwarevideo_collaboration_vc3_platformqcn6274_firmwarefastconnect_6200_firmwarefastconnect_6800wsa8835qca6574a_firmwarefastconnect_6800_firmwarewcd9375_firmwarewsa8832_firmwareqca6595ausnapdragon_690_5g_mobile_platform_firmwarewcn7860sm7250psm8550pqcc710snapdragon_778g\+_5g_mobile_platform_\(sm7325-ae\)_firmwarewcd9378_firmwareqcn9024_firmwarewcn7881_firmwaresm6650qcs5430wcn3950sm6650_firmwarefastconnect_7800qfw7124wsa8845h_firmwarewcd9395_firmwaresnapdragon_x35_5g_modem-rf_system_firmwarefastconnect_6900_firmwarewsa8835_firmwareqcm5430qfw7114_firmwaresnapdragon_4_gen_1_mobile_platformsnapdragon_888_5g_mobile_platformwcd9390ar8035sm8635psm8650qsdx55_firmwaresm4635qca6174a_firmwaresm7675p_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcn3988qca6174aqca8337qca6696_firmware315_5g_iot_modemwsa8830snapdragon_x55_5g_modem-rf_system_firmwarewsa8830_firmwareqcs5430_firmwareqcs4490_firmwaresm7675_firmwarewcn7881qcm6490snapdragon_780g_5g_mobile_platformwcd9395qcm4490wcn6755_firmwaresnapdragon_x65_5g_modem-rf_system_firmwarewcn6650sm8635_firmwareSnapdragon
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2019-20590
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.15% / 35.15%
||
7 Day CHG~0.00%
Published-24 Mar, 2020 | 19:01
Updated-05 Aug, 2024 | 02:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung mobile devices with O(8.x) (Qualcomm chipsets) software. There is an integer underflow in the Secure Storage Trustlet. The Samsung ID is SVE-2019-13952 (July 2019).

Action-Not Available
Vendor-n/aQualcomm Technologies, Inc.Google LLC
Product-sdm660androidn/a
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CVE-2025-21483
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.05% / 14.64%
||
7 Day CHG~0.00%
Published-24 Sep, 2025 | 15:33
Updated-26 Feb, 2026 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Restriction of Operations within the Bounds of a Memory Buffer in Data Network Stack & Connectivity

Memory corruption when the UE receives an RTP packet from the network, during the reassembly of NALUs.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380snapdragon_xr1_platformqca6564qcs6490_firmwaresnapdragon_888_5g_mobile_platform_firmwaresdx55sm4125wcn7750_firmwareqca6310_firmwareqca6688aqqam8650pqca6420_firmwarewcd9340_firmwaresd670_firmwaresa6155psnapdragon_870_5g_mobile_platform_\(sm8250-ac\)wcn3680bqamsrv1m_firmwarequalcomm_215_mobile_platform_firmwaresnapdragon_720g_mobile_platformsnapdragon_7c\+_gen_3_compute_firmwaresnapdragon_730g_mobile_platform_\(sm7150-ab\)snapdragon_8\+_gen_2_mobile_platformqcs8550sxr1120snapdragon_820_automotive_platform_firmwareqcm2150_firmwareaqt1000wcn3620snapdragon_8_gen_2_mobile_platform_firmwaresm7325p_firmwareqam8255p_firmwaresrv1l_firmwaresnapdragon_x50_5g_modem-rf_systemsa8150p_firmwaresnapdragon_625_mobile_platformqcm8550_firmwareqamsrv1h_firmwaresnapdragon_w5\+_gen_1_wearable_platformsm4635_firmwarewcd9341_firmwaresd855sd_8_gen1_5gsnapdragon_xr2\+_gen_1_platform_firmwaresnapdragon_845_mobile_platformsnapdragon_765g_5g_mobile_platform_\(sm7250-ab\)_firmwareqam8295pvision_intelligence_200_platform_\(apq8053-ac\)_firmwaresm7675wcd9385_firmwareqcm6490_firmwaresa7255p_firmwareqca6391qcs4290sa8295p_firmwareqca6335_firmwareqcs4290_firmwaresnapdragon_210_processorsnapdragon_480_5g_mobile_platformqcs6490sd_675_firmwarewsa8810sm8635p_firmwaresm8650q_firmwaresnapdragon_888\+_5g_mobile_platform_\(sm8350-ac\)_firmwareqcm8550qcs8300wsa8815sm7315qcs610smart_display_200_platform_\(apq5053-aa\)srv1hsd626_firmwareqcm4490_firmwaresnapdragon_855_mobile_platformsnapdragon_835_mobile_pc_platformsnapdragon_xr2\+_gen_1_platformwcd9326_firmwaresnapdragon_778g_5g_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwarevision_intelligence_100_platform_\(apq8053-aa\)_firmwaresg4150pqcm2150sm8550p_firmwarevideo_collaboration_vc3_platform_firmwaresnapdragon_4_gen_2_mobile_platform_firmwareqca6574au_firmwaresm6370sd_8_gen1_5g_firmwarewcd9378snapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)_firmwareqcm4290_firmwaresnapdragon_662_mobile_platform_firmwarewcn3680_firmwareqca6595au_firmwareqcs8300_firmwaresnapdragon_460_mobile_platformsnapdragon_8_gen_2_mobile_platformwcn3680b_firmwaresnapdragon_480\+_5g_mobile_platform_\(sm4350-ac\)_firmwarewcn3980wcn7880_firmwaresnapdragon_730g_mobile_platform_\(sm7150-ab\)_firmwaresnapdragon_778g\+_5g_mobile_platform_\(sm7325-ae\)sa8150pqualcomm_205_mobile_platform_firmwareqcs610_firmwaresnapdragon_660_mobile_platformsa8145p_firmwareqca6797aqsnapdragon_626_mobile_platform_firmwareqam8650p_firmwarewcn3615_firmwareqcm2290sm8750_firmwareqca6564asa8155pqcm6125snapdragon_632_mobile_platformsw5100_firmwarewcd9385wcd9380_firmwareqcs410sm8750pwcn6450sm8735_firmwaresnapdragon_680_4g_mobile_platformqca6574asnapdragon_675_mobile_platformwcd9340qca6564_firmwarewcn7880qca6436wsa8845_firmwarewcd9341sa7255pqca6426_firmwaresnapdragon_685_4g_mobile_platform_\(sm6225-ad\)_firmwarefastconnect_6200snapdragon_626_mobile_platformsd888wcn3988_firmwaresnapdragon_675_mobile_platform_firmwaresnapdragon_765_5g_mobile_platform_\(sm7250-aa\)_firmwareqca6698aqwsa8832snapdragon_429_mobile_platform_firmwareaqt1000_firmwaresd675_firmwaresnapdragon_660_mobile_platform_firmwarewcn3680qualcomm_205_mobile_platformsnapdragon_7c\+_gen_3_computesnapdragon_480\+_5g_mobile_platform_\(sm4350-ac\)snapdragon_670_mobile_platform_firmwareqcs2290snapdragon_425_mobile_platformwcd9370sm7675psm6250qca6698aq_firmwareapq8064au_firmwarefastconnect_6800qca6574a_firmwaresnapdragon_632_mobile_platform_firmwarewsa8832_firmwaresnapdragon_439_mobile_platform_firmwaresa8650psw5100psa4150psnapdragon_690_5g_mobile_platform_firmwarewcn7860qca6678aq_firmwaresm6250_firmwaresnapdragon_636_mobile_platform_firmwarequalcomm_215_mobile_platformsnapdragon_680_4g_mobile_platform_firmwaresm8550psm7250pwcd9378_firmwarewcn7881_firmwarewcn3615qcn9274_firmwaresm6650qcs5430qcs2290_firmwaresm7315_firmwareqcs615sa8145pwsa8845h_firmwarewcd9371wcd9395_firmwareapq8064ausd670fastconnect_6900_firmwareqca6678aqsa8195pwsa8835_firmwaresa9000psa8295psnapdragon_4_gen_1_mobile_platformsnapdragon_888_5g_mobile_platformwcd9390sa8775p_firmwaresnapdragon_212_mobile_platform_firmwaresdx55_firmwaresnapdragon_xr1_platform_firmwaresd730sm7675p_firmwarewcn3988qam8775pqcm2290_firmwareqca6696_firmwareqca6320sd660_firmwareqca6320_firmwareqca6797aq_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareqca6564au_firmwaresnapdragon_429_mobile_platformapq8017snapdragon_730_mobile_platform_\(sm7150-aa\)sa8650p_firmwaresnapdragon_678_mobile_platform_\(sm6150-ac\)robotics_rb3_platform_firmwareqcs4490_firmwaresm7675_firmwarewcn7881snapdragon_780g_5g_mobile_platformsrv1mwcd9395snapdragon_662_mobile_platformqcs410_firmwareqcm4490wcn6755_firmwaresd835wsa8810_firmwarewcn6650snapdragon_768g_5g_mobile_platform_\(sm7250-ac\)_firmwaresd660qcm4325wsa8840sdm429w_firmwaresnapdragon_778g_5g_mobile_platformwcn7861_firmwarewsa8840_firmwaresnapdragon_460_mobile_platform_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwaresnapdragon_636_mobile_platformfastconnect_6700_firmwaresnapdragon_630_mobile_platform_firmwaresa8155_firmwaresnapdragon_685_4g_mobile_platform_\(sm6225-ad\)snapdragon_782g_mobile_platform_\(sm7325-af\)_firmwarevision_intelligence_100_platform_\(apq8053-aa\)fastconnect_6700snapdragon_730_mobile_platform_\(sm7150-aa\)_firmwaresm7250p_firmwarewcn3950_firmwareqca6696wcn3620_firmwarewcn3980_firmwareqcm5430_firmwarewcn3610qcs8550_firmwarewsa8845hqca6426sa4155p_firmwaresnapdragon_625_mobile_platform_firmwareqca6310snapdragon_780g_5g_mobile_platform_firmwaresnapdragon_8\+_gen_1_mobile_platformsxr1120_firmwaresnapdragon_720g_mobile_platform_firmwaresnapdragon_865_5g_mobile_platformqcn9274qam8295p_firmwarewcn3910sm7635_firmwaresm7325pqcm4290sd626qcs9100wcd9326snapdragon_4_gen_2_mobile_platformsnapdragon_690_5g_mobile_platformsnapdragon_x55_5g_modem-rf_systemwcd9370_firmwaresnapdragon_855_mobile_platform_firmwarewcn3660bsnapdragon_870_5g_mobile_platform_\(sm8250-ac\)_firmwaresnapdragon_8_gen_1_mobile_platformsrv1lwsa8845snapdragon_865_5g_mobile_platform_firmwaremsm8996ausa8155snapdragon_695_5g_mobile_platform_firmwarewcn7860_firmwareqamsrv1hsnapdragon_710_mobile_platform_firmwaresnapdragon_845_mobile_platform_firmwaresm8750qca6574qcm6125_firmwaresnapdragon_xr2_5g_platformwcn6740_firmwaresa6150p_firmwaresa8255p_firmwaresg4150p_firmwaresnapdragon_425_mobile_platform_firmwarewcn3910_firmwarevision_intelligence_200_platform_\(apq8053-ac\)sa6155sm8750p_firmwareqcs615_firmwaresd855_firmwaresnapdragon_210_processor_firmwaresnapdragon_212_mobile_platformsnapdragon_782g_mobile_platform_\(sm7325-af\)snapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_8\+_gen_1_mobile_platform_firmwaresd835_firmwaresnapdragon_855\+\/860_mobile_platform_\(sm8150-ac\)_firmwarevideo_collaboration_vc1_platform_firmwarefastconnect_7800_firmwaresnapdragon_765_5g_mobile_platform_\(sm7250-aa\)sd675sa7775psnapdragon_820_automotive_platformsa8620p_firmwarevideo_collaboration_vc1_platformsnapdragon_695_5g_mobile_platformsnapdragon_888\+_5g_mobile_platform_\(sm8350-ac\)sa8770psrv1m_firmwarewcd9375qca6574_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqcs4490wcn6450_firmwaresa8620psdm429wsnapdragon_768g_5g_mobile_platform_\(sm7250-ac\)apq8017_firmwaresa6145p_firmwaresm6370_firmwaresnapdragon_439_mobile_platformsnapdragon_630_mobile_platformqca6430qca6595_firmwareqam8775p_firmwareqca6391_firmwarewcn6755sa8195p_firmwaresnapdragon_835_mobile_pc_platform_firmwarewcn6740sm7635snapdragon_8_gen_3_mobile_platformqca6688aq_firmwareqmp1000qcm4325_firmwarewcd9335_firmwaresnapdragon_732g_mobile_platform_\(sm7150-ac\)sd888_firmwaresm8635sw5100p_firmwaresa6155_firmwaresa7775p_firmwaresnapdragon_750g_5g_mobile_platform_firmwarewcd9335wcn7861sa8775pwsa8815_firmwaresa9000p_firmwarewcn6650_firmwaresnapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)wcd9390_firmwaremsm8996au_firmwaresnapdragon_765g_5g_mobile_platform_\(sm7250-ab\)fastconnect_6900qam8255pvideo_collaboration_vc3_platformfastconnect_6200_firmwarewsa8835sd865_5gfastconnect_6800_firmwarewcd9375_firmwarerobotics_rb3_platformwcn3660b_firmwareqca6564auqmp1000_firmwaresa6150pqam8620pqca6595ausnapdragon_732g_mobile_platform_\(sm7150-ac\)_firmwaresm4125_firmwaresnapdragon_778g\+_5g_mobile_platform_\(sm7325-ae\)_firmwaresa6155p_firmwareqamsrv1mwcn3950sa4155psxr2130_firmwaresrv1h_firmwaresm6650_firmwaresnapdragon_710_mobile_platformfastconnect_7800qcs6125_firmwaresd_675qcs6125sa6145pqcm5430talynplussm8635psnapdragon_670_mobile_platformsm8650qsnapdragon_x50_5g_modem-rf_system_firmwareqcs9100_firmwaresm4635qca6564a_firmwaresnapdragon_8_gen_3_mobile_platform_firmwaresd730_firmwareqca6335snapdragon_w5\+_gen_1_wearable_platform_firmwaresa4150p_firmwarewcn3610_firmwaresnapdragon_855\+\/860_mobile_platform_\(sm8150-ac\)sw5100wcn3990_firmwaretalynplus_firmwareqam8620p_firmwarewcd9371_firmwarewsa8830wcn3990wsa8830_firmwareqca6574auqca6430_firmwaresa8155p_firmwareqcs5430_firmwaresa8770p_firmwaresnapdragon_678_mobile_platform_\(sm6150-ac\)_firmwaresm8735qcm6490wcn7750qca6420snapdragon_xr2_5g_platform_firmwareqca6436_firmwareqca6595sd865_5g_firmwaresxr2130sa8255psmart_display_200_platform_\(apq5053-aa\)_firmwaresnapdragon_750g_5g_mobile_platformsm8635_firmwareSnapdragon
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2019-20553
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.15% / 35.15%
||
7 Day CHG~0.00%
Published-24 Mar, 2020 | 18:20
Updated-05 Aug, 2024 | 02:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung mobile devices with P(9.0) (SM6150, SM8150, SM8150_FUSION, exynos7885, exynos9610, and exynos9820 chipsets) software. Arbitrary memory read and write operations can occur in RKP. The Samsung ID is SVE-2019-15143 (October 2019).

Action-Not Available
Vendor-n/aGoogle LLCQualcomm Technologies, Inc.Samsung
Product-exynos_9610sm6150sm8150androidexynos_7885sm8150_fusionexynos_9820n/a
CVE-2006-6024
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.46% / 63.89%
||
7 Day CHG~0.00%
Published-21 Nov, 2006 | 23:00
Updated-03 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in Eudora Worldmail, possibly Worldmail 3 version 6.1.22.0, have unknown impact and attack vectors, as demonstrated by the (1) "Eudora WorldMail stack overflow" and (2) "Eudora WorldMail heap overflow" modules in VulnDisco Pack. NOTE: Some of these details are obtained from third party information. As of 20061118, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.

Action-Not Available
Vendor-n/aQualcomm Technologies, Inc.
Product-eudora_worldmailn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-1910
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.3||HIGH
EPSS-0.23% / 46.02%
||
7 Day CHG~0.00%
Published-07 May, 2021 | 09:10
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Double free in video due to lack of input buffer length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qca9377_firmwareqpm5679_firmwaresm6250p_firmwarepmd9607_firmwareqdm5579qfs2608_firmwareqfs2530qpm8870_firmwareqln1030pm6125qat5522_firmwarewcn3950_firmwarepm8150aqdm5670qca6595au_firmwareqpa5581_firmwaresa6155pm7150lqpa8821pm8998_firmwarewtr5975_firmwareqcs6125_firmwarepm456_firmwareqpa5580_firmwarewcn3998wcd9371_firmwarewcn3950sm4125sd720gmdm9206_firmwareqsw8573_firmwarewcn3660bsd450_firmwareqfe4320qsw8574_firmwaresd460_firmwarepm8953_firmwaresd6905gqpa4360_firmwarewcn3998_firmwareqfe2520_firmwareapq8009w_firmwarepm855papq8053_firmwareqca6420pm6150aqpm6670_firmwareqca9367_firmwarepm660_firmwarepm8150bsa8155_firmwareqfe2101qca6430qat3522pmr735awcd9340sdm830_firmwaresd765gsdr660qfs2630_firmwaresdr865qdm5620_firmwaresmb1358smr545qca6696_firmwareqln5020wcd9371sd870_firmwaresmb1350pmm855au_firmwaresa8150ppm6350qdm5621qfe3340qtc800sqat3514_firmwaresd660qet6105pm640p_firmwaresd660_firmwarewcn6750_firmwareqat5516_firmwarepm6150lsd450sd8885gpm855l_firmwareqtc410swcn3991qpa8801sdm429wpm8150l_firmwareqat5533_firmwaresdx55m_firmwaresdxr25gqpa8673_firmwarepm6150smb1354_firmwaresd670_firmwareqca6574sd632_firmwareqfs2630qpa8842sdr052_firmwarepmm8996auwcd9380qualcomm215qln4640qcs410smb1380_firmwareqfe4309_firmwarepmk8350_firmwaresmb1381pm855p_firmwarepm7250qca9379_firmwarewtr4905qpa8803sd439_firmwaresdxr25g_firmwareqdm2301wcd9340_firmwarewsa8815wcn6850qfe2101_firmwareqdm5621_firmwareqdm2301_firmwaresd835wcn3980_firmwaresd730pm660l_firmwarepm6250_firmwarewcn6740_firmwarepm8008pm8350b_firmwareqtm525_firmwarepme605_firmwarepme605sd678_firmwareapq8064au_firmwareqpm5621_firmwareqcs603rsw8577qpa6560_firmwareqpa8802_firmwareqln4640_firmwareqfe4308_firmwareqpm5621qpm6582sd670pm8009_firmwareapq8009wqfe4303qfs2580_firmwareqcm4290_firmwarewcn6855pm8150lpmi8998_firmwareqcs610_firmwaresa6145ppm660a_firmwarepm215pm4250ar8031wtr2965sdm630_firmwareqca6391_firmwarepmx20_firmwarepmi8937_firmwarewcd9370_firmwareqat3516_firmwaresdx55apq8053csra6640pm8350bhsqat3555_firmwareqpa8803_firmwarewcn3660qca9379pm855bqpm5870pm8909wsa8830pm660qet6110_firmwareqdm5579_firmwarepm6125_firmwareqbt1500qpa5581mdm9650fsm10055_firmwareqbt1500_firmwareqpm5870_firmwareqcs4290qet6100pmm855auqca6420_firmwaresmb1394_firmwareapq8009_firmwaresmb1396pm7150asd675_firmwarepm8350qca6564qpa4361_firmwarepm8350c_firmwareqpa5461_firmwareqca6426wcn3990_firmwareqca9377qpm5641qpa5373_firmwaresdw2500_firmwarewcd9385_firmwareqdm5650_firmwareqpa4340_firmwarewcd9326_firmwarewcn3615_firmwarewtr2955rgr7640au_firmwarepm7250_firmwaresdr845_firmwareqdm5620smb1380pmk8002_firmwareqsw6310_firmwaresa8155qdm4650_firmwaresdx55_firmwarepmm6155au_firmwareqat5533wcn3615sm7250p_firmwarewcn3610_firmwareqsm7250_firmwareqpm6670pm7150l_firmwareqpm4641qat5515_firmwarepm855qpm8830_firmwaresd429pm8250qca9367sdm630qdm4643qfs2530_firmwarewcn3988_firmwarepmx55qpm4641_firmwaresd205sd429_firmwarepm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresa8195psdr735_firmwarepm8953qat5515qpm5677qat3514wcd9326wcd9335pm6350_firmwarepm8004_firmwaresdr8150_firmwareqcs4290_firmwarepm439qtc800h_firmwarepmk7350_firmwareqpm5620qpm4630qca6390wcd9375sd750g_firmwareaqt1000sm6250_firmwarepmm8195auqln4642msm8917_firmwareqpm5677_firmwaresdx20_firmwarewsa8815_firmwarewtr3925_firmwarepmi8937pm8998pmk7350smr525_firmwareqpm8820_firmwareqfe4301_firmwareapq8017qln1020_firmwareqpm6621_firmwarepm670a_firmwareqcm6125_firmwarepmx55_firmwarewtr2955_firmwareqfe4373fc_firmwaresmb1398_firmwareqpm8830pmm8996au_firmwareqat5522pm8150cpmr735bsd665_firmwareqpa4360pmk8003_firmwareqpa4361qpm4640_firmwaremdm9206wcn6855_firmwareqdm5679_firmwarepm8350csmr525qca6310_firmwareqfe4305_firmwarepm6150l_firmwarepmr525pm8150a_firmwareqca6574_firmwaresd665pm6150a_firmwarepm6150_firmwaresd765pmx20pmd9607qca6574a_firmwareqpm4630_firmwareqat3555apq8009qpa5461wtr2965_firmwarepm670_firmwareqfs2608sd480_firmwareqtc801sqpm5641_firmwaresd710pm8008_firmwaresdx20m_firmwareqpm6621pmr735a_firmwarepmw3100pmx50qca6564_firmwaresdr8250sd768gqln1030_firmwaresmb1350_firmwarewcn6740pmw3100_firmwarepm8004pm640lpmk8002sdw2500apq8096au_firmwaresd845sd455_firmwaresdm830smb1357qcs410_firmwareqpa5580fsm10055qfe2550sa6150p_firmwareqcs610qpm5620_firmwareqdm2307qca6431_firmwareqpa8802qpm6585_firmwareqat3519qbt2000_firmwareqtc800hsa8150p_firmwareqcs2290sdr8250_firmwareqca6335msm8917csra6620_firmwareqcs605_firmwareqln1020smr546_firmwareqdm5671csra6640_firmwareqpm4650_firmwareqat3518sd632sdr425_firmwaresmr526_firmwareqpa5460pm640a_firmwarewgr7640_firmwareqdm2305_firmwareqpm5670_firmwaresd710_firmwareqca4020qdm5652qca6574au_firmwareqpm8870wcd9375_firmwareqpm5679qbt2000sa6155_firmwaremsm8909wsdx20mpmx50_firmwareqpa8675_firmwaresdr735gqpa5460_firmwarewcn3999qdm3301_firmwareqsm7250qcs6125sd662_firmwaresmb1360qcs405qualcomm215_firmwarersw8577_firmwareqdm2308_firmwarefsm10056_firmwarepm439_firmwareqca4020_firmwareqca6436sa6155pwcn6851qcs603_firmwareqpa6560sdr675_firmwarewcn3660_firmwarewcd9341pmi8952qdm4643_firmwarepm8937_firmwareqca6431sm7350_firmwareqet4100_firmwaresd750gqfe4320_firmwareqdm3302wcn3910_firmwareqpm5657qpm5875_firmwarewsa8830_firmwaresd855_firmwareqdm5650wcn3988wtr3925sdr052sa8195p_firmwaresmb1390qet4100wcn3610qpa8686_firmwareqpm6585sda429w_firmwarewcd9380_firmwaresmb1355qln4650wcd9330msm8996au_firmwaresdr735g_firmwarepm8350bhs_firmwarewgr7640qat5568qet5100qdm5671_firmwareqpa8801_firmwareqca6564ausd636wcn6856_firmwarepm8005_firmwareqet4101_firmwarepm7250bqln4642_firmwaresmb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwaresdx50m_firmwaresdr735smb1395pm660lar8151smr526wtr5975qca6430_firmwarepmk8003qtc801s_firmwarewcd9335_firmwareqat3522_firmwarewcn3980pm7350c_firmwareqca6335_firmwareqsw8573qcs605wcn3910qca6320mdm9650_firmwaresmb1394qca6426_firmwarepm8350_firmwarewcn3660b_firmwarewcn3680qfe4309pm8009qpa8675sdr051_firmwarewcd9330_firmwaresdx55mpm670aqca6421_firmwareqfe4373fcmsm8953qat3518_firmwarepmi8998qfe2520qsw8574sd6905g_firmwarear8031_firmwarewcn3680_firmwarepm855lwcn6851_firmwareqdm5670_firmwaresd8655gpm7150a_firmwarepm8150b_firmwareqfe4302smr545_firmwareqca6564a_firmwareqdm2310_firmwarepm4250_firmwaresd480sd870sd8885g_firmwarepm670sd210_firmwareqdm5677pm8005pm855_firmwareqdm2302pmm6155ausdxr1pm855b_firmwareapq8096auqcs405_firmwareqpm6582_firmwarepm640l_firmwareqln4650_firmwareqpm5875qet5100msd888_firmwaresa8155psd675sd439qet4101qat3516pm670lqpm5658qcm2290qpm5658_firmwarewcn3991_firmwareqdm5652_firmwarepmm8155au_firmwaresd678sdr051qln5030qcs2290_firmwarepm4125fsm10056pmi632qpa2625_firmwarepm456pm8350bh_firmwarecsra6620pmr735b_firmwareqet5100_firmwareqpa5373qpm4621smb1360_firmwareqet6100_firmwarepm670l_firmwaresdr660gsd455sd765g_firmwareqpa8686smb1358_firmwareqca6390_firmwaresd730_firmwarewcd9370sdr425pmr525_firmwareqfe3340_firmwarear8151_firmwarepmi632_firmwareqat5516sd662qpa8821_firmwareqfe4308sdr660g_firmwarepm8350bhpm3003aqca6320_firmwarewcn3680b_firmwareqca6595auwcn3999_firmwareqca6436_firmwaresm7350smb1354qca6564au_firmwareqdm2305sa6155p_firmwareqca6310qpm8820pm8937qpm2630qln5020_firmwaresmb1398sa6145p_firmwaresdr675sm6250apq8017_firmwarewsa8810_firmwaresmb231sd765_firmwareqdm5677_firmwareqca6174a_firmwarewcd9385qdm2302_firmwareqat3550_firmwarepmm8155auqln5040_firmwarepm4125_firmwareapq8064auqpa8673qdm2310qfe2550_firmwaremsm8953_firmwareqln5030_firmwaresda429wsd210wcn3620_firmwareqfe4302_firmwaresmb1396_firmwarewcn6850_firmwarewcn3620wsa8835_firmwareqca6564asmr546qet6110pmi8952_firmwareqcm2290_firmwareqln5040qpm8895sdr845qpm5670wcn3990pmk8350qdm3302_firmwaresd888pm8350bqdm2307_firmwaremsm8909w_firmwarewsa8835msm8996ausdm429w_firmwareqpm5657_firmwaresm6250prgr7640ausdr660_firmwarepm8909_firmwareqca6574apm8916_firmwaresmb1390_firmwareqca6174aqfe4303_firmwareqpm4640wcn6750pm7350cqet5100m_firmwareqpm4650qtm525wtr6955sd855sm4125_firmwareqfe4305wtr6955_firmwarepm640psd768g_firmwaresdr865_firmwarepm8250_firmwaresd460qca6391sdxr1_firmwaresmb1351smb1357_firmwareaqt1000_firmwarepm215_firmwareqpm8895_firmwarepm660aqpa4340qcm4290sdx50mpm640asdr8150sdx20pm8916smb1395_firmwareqdm4650pmd9655qca6574ausa8155p_firmwaresd205_firmwareqsw6310qet6105_firmwaresd8655g_firmwarewcd9341_firmwareqcm6125wsa8810qtc410s_firmwareqpm2630_firmwaresmb231_firmwareqat5568_firmwareqdm2308qat3550wtr4905_firmwarewcn6856qdm5679wcn3680bsd835_firmwarepm3003a_firmwareqca6696qfe4301qtc800s_firmwaresmb1381_firmwaresd845_firmwareqpa2625sa6150ppmm8195au_firmwaresm7250psd720g_firmwareqpm4621_firmwaresd636_firmwarepm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-415
Double Free
CVE-2019-14112
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.36% / 57.93%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Potential buffer overflow while processing CBF frames due to lack of check of buffer length before copy in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in APQ8098, IPQ6018, IPQ8074, MSM8998, Nicobar, QCA8081, QCN7605, QCS404, QCS605, Rennell, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm850_firmwaresdm636_firmwareapq8098_firmwaresdm845msm8998_firmwaresdm660sdm630qcs404_firmwaresc8180x_firmwaresm7150_firmwareipq8074_firmwaresdm710sc7180_firmwaresm6150sdm710_firmwaresm7150qcn7605_firmwaresdm670qca8081sxr2130qcs605_firmwaresc8180xipq6018sdm670_firmwareqcs404sm8150_firmwaresxr2130_firmwareipq8074sdm636sda845_firmwarerennellsc7180sdm630_firmwareapq8098qcn7605sda660_firmwarerennell_firmwareipq6018_firmwareqcs605sm6150_firmwaremsm8998sm8150sdm850sda660sxr1130_firmwareqca8081_firmwarenicobar_firmwaresxr1130sdm660_firmwaresda845nicobarsdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-11212
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.27% / 50.69%
||
7 Day CHG~0.00%
Published-21 Jan, 2021 | 09:41
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bounds reads while parsing NAN beacons attributes and OUIs due to improper length of field check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100qfs2580qca1023qca8337ar9380qfs2530qln1030qpa8688pm6125qcn5124mdm9645pm8150aqdm5670sa6155pm7150lqpa8821mdm8215apq8076qfe2320msm8108sa415mwcn3998wcn3950sm4125sd720gwtr1605wcn3660bqfe4320qcc112sd6905gpm855pqca6420pm6150apm8150bqca0000qfe2101qca6430qat3522qfe4455fcpmr735awcd9340sd765gsdr660qfe3345sdr865smb1358smr545qln5020wcd9371smb1350pmm8920ausa8150pwtr3950pm6350qdm5621qfe3340qtc800ssd660sd712qcn5121pm6150lsd450sd8885gqtc410swcn3991qpa8801ipq8078ipq8173sdxr25gpm6150qca6574qfs2630qpa8842pmm8996auwcd9380qualcomm215qln4640qcs410smb1381qcn5024pm7250wtr4905qpa8803pmd9645qdm2301wsa8815wcn6850qpm6375ipq6028ipq8064sd835pmp8074qca1990sd730pm8008pme605qca6234qcn5054qcs603rsw8577qca9994qca9980qpm5621qpm6582sd670qfe4303wcn6855pm8150lsa6145ppm215ar8031qpm5577wtr2965pm8150qca4024sdx55apq8053csra6640pmi8994wcn3660qca9379pm855bsmb2351qln1031qcn7606qpm5870pm8909qfe1040wsa8830pm660qpm6325qbt1500qpa5581csrb31024mdm9650qca9378apmk8001qca9992qcs4290pmm855auqet6100mdm9250smb1396pm7150aipq8072pm8350qca6564qca6426qca9377qca4531qpm5641whs9410wtr2955qdm5620qln1021aqipq8074asmb1380apq8094sa8155qca6584qat5533wcn3615pm8940qpm6670wcd9306qca6584aumsm8208qpm4641ipq8174pm855sd429pm8250qcn5052qca9367apq8092sdm630qdm4643pmx55qcn9074sd205qca6421qdm3301sa8195ppm8953qat5515qca6694qpm5677qat3514wcd9326wcd9335qcn6023pm439qpm5620qpm4630qca6390wcd9375aqt1000msm8976pmm8195auqln4642msm8994qfe2310pmi8937pm8998msm8916apq8017pm8019qca6595qpm8830apq8039qat5522pm8150cpmr735bqpa4360qcn5154qpa4361mdm9206pm8350csmr525qca9888pmr525mdm9615msm8929qca9886sd665qca6175asd765pmx20pmd9607qat3555apq8009qpa5461mdm9310qfe2082fcqfs2608qln1036aqqtc801sqfe3320sd710mdm9607qcn5122qpm6621pmx50pm8018qcn5022sdr8250sd768gpm8004pm640lmsm8940pmk8002qca8075qcn6024qcn9022sd845sdm830smb1357qpa5580qpm5579qfe2550qcs610qcn5550pmi8996qfe1045qdm2307qpa8802qat3519ipq8078aqtc800hqcs2290qca6335msm8917qcn5064qln1020wtr3905qca1990aqdm5671pmc1000hqfe2330qat3518sd632sd8cipq8076amdm9628qpa5460qca4020qca6428qdm5652ipq8071qpm8870qpm5679qbt2000wcd9360sdx20mwtr1625lsdr735gwcn3999qsm7250pm8996qcs6125ipq6010smb1360qcs405qfe3440fcqca6436wcn6851sa6155pqpa6560msm8937wcd9341pmi8952mdm9655qca6431sd750gqpm5657qdm5650wcn3988qca6438wtr3925qfe2080fcsdr052smb1390qca9898ipq4028qet4100wcn3610msm8608mdm9640qpm6585smb1355ipq8072aqln4650wcd9330wgr7640csr6030qat5568qet5100sd636qca6564auqcn5164pm8994pm7250bsdr735smb1395smb358spm660lar8151smr526wtr5975qca6174pmk8003wcn3980qsw8573msm8939qcs605qbt1000sd7cqca6320wcn3910wcn3680qca9984qfe4309qcn9024pm8009qpa8675sdx55mpm670aqfe4373fcmsm8953qsw8574pmi8998qfe2520pm855lipq8070sd8655gqfe4302pm670qdm5677pm8005ipq6018qdm2302pmm6155ausdxr1apq8096auqpm5875qet5100msa8155psd675wtr4605sd439qet4101pm8952qat3516pm670lqpm5658qcm2290qfe4465fcsdr051qcn9070qln5030pm4125pmi632pm456qca9378csra6620qpa5373qpm4621qcn9072sdr660gqfe2340sd455qpa8686ipq6000wcd9370sdr425ipq5018qca9369qcn7605qpm5541qat5516sd662qfe4308pm8350bhapq8037pm3003aqca6595auqtc800tsmb1354ipq5010qdm2305qca6310qpm8820pm8937qpm2630qfe2081fcqca9990smb1398sd821sdr675msm8992sm6250smb231qfe1100qca4010qet4200aqqca8081ipq8071awcd9385pmm8155auar8035csr8811apq8064auqpa8673qdm2310sd210sd820wcn3620qca6564asmr546pmx24qet6110qln5040qca8072qpm8895sdr845qpm5670wcn3990qcn9000qtm527pmk8350sdx24qcn9012pm8350bwsa8835msm8996auqfe1035pmi8940sm6250prgr7640auqln1035bdpm855aipq4018qca6574aqca9889qca6174aipq8074qpm4640wcn6750qpm4650qtm525sa515mwtr6955qfe3335sd855sd8cxqfe4305ipq8076pm640pqcn5021ipq8069qcn5152msm8209sd460qca6391smb1351ipq6005msm8920qcn9100mdm9626pm660aqpa4340qcm4290sdx50mpm640asdr8150sdx20pm8916qdm4650mdm9215pmd9655qca6574auqsw6310qcm6125wsa8810qdm2308qat3550wcn6856qdm5679wcn3680bqca6696qfe4301sm4350apq8016qpa2625sa6150pipq8070asm7250pipq4029pm8956sd850pm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-11134
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 56.03%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 05:00
Updated-04 Aug, 2024 | 11:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible stack out of bound write might happen due to time bitmap length and bit duration fields of the attributes like NAN ranging setup attribute inside a NAN management frame are not Properly validated in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qpm5679_firmwaresm6250p_firmwareqca8337ipq8173_firmwareqfs2608_firmwareqfs2530qpm8870_firmwareqpa8688pm6125qcn5124qat5522_firmwarewcn3950_firmwarepm8150aqdm5670qca6595au_firmwareqpm5541_firmwareqpa5581_firmwaresa6155pm7150lqpa8821qcs6125_firmwarepm456_firmwareqpa5580_firmwarewcn3998wcd9371_firmwarewcn3950qcn6024_firmwaresd720gsm4125qsw8573_firmwareqsw8574_firmwaresd460_firmwaresmb2351_firmwareqpa4360_firmwareqca8081_firmwarewcn3998_firmwarepm855pqca6420pm6150aqpm6670_firmwareipq8070_firmwareipq8078a_firmwarepm8150bipq8072_firmwaresa8155_firmwareqca6430qat3522pmr735awcd9340sd765gsdr660qfs2630_firmwaresdr865qdm5620_firmwareqca9888_firmwareqca6696_firmwareqln5020wcd9371qcn5154_firmwarepmm855au_firmwaresd_8cxsa8150ppm6350qdm5621sd865_5g_firmwarepm640p_firmwareqcn5121qcn5022_firmwareqcn7606_firmwareqat5516_firmwarepm6150lwcn6750_firmwarepm855l_firmwareqca6428_firmwareqtc410swcn3991qpa8801ipq8078pm8150l_firmwareipq8173qat5533_firmwaresdx55m_firmwareqpa8673_firmwarepm6150smb1354_firmwareqca6574qfs2630qpa8842csr8811_firmwaresdr052_firmwarewcd9380qln4640qcs410qpm5579_firmwarepmk8350_firmwareqcn5024pm855p_firmwaresd690_5g_firmwaresmb1381pm7250qpa8803qcn9012_firmwareqdm2301ipq6018_firmwarewcd9340_firmwarewsa8815wcn6850pmp8074_firmwareqdm5621_firmwareqdm2301_firmwareqpm6375sd_8c_firmwareipq6028pmp8074wcn3980_firmwaresd730pm6250_firmwarepm8008pm8350b_firmwareqtm525_firmwareqcn5064_firmwareipq8078_firmwareqpm5621_firmwareqcn5054qln1021aq_firmwareqpa6560_firmwareqpa8802_firmwareqln4640_firmwareqpm5621qpm6582qcn9024_firmwareipq8174_firmwarepm8009_firmwareqfs2580_firmwarewcn6855qcn7605_firmwarepm8150lqcs610_firmwaresa6145par8031qpm5577wtr2965qca6391_firmwarepm8150qca4024wcd9370_firmwareqat3516_firmwaresdx55qcn5021_firmwarecsra6640qat3555_firmwareqpa8803_firmwarepm855bsmb2351qln1031qcn7606qpm5870wsa8830qet6110_firmwareqpm6325pm6125_firmwareqbt1500qpa5581qbt1500_firmwareqpm5870_firmwareqet6100pmm855auqca6420_firmwaresd690_5gsmb1396pm7150asd675_firmwareipq8072pm8350qpa5461_firmwareqpa4361_firmwarepm8350c_firmwareqca6426wcn3990_firmwareqca9984_firmwareqpm5641wcd9385_firmwareqdm5650_firmwaresdxr2_5g_firmwarewhs9410pm7250_firmwareqdm5620qln1021aqipq8074apmk8002_firmwareqsw6310_firmwaresa8155qln1031_firmwareqdm4650_firmwareqcn5122_firmwaresdx55_firmwareqat5533qcn6023_firmwaresm7250p_firmwareqsm7250_firmwareqpm6670pm7150l_firmwareqca6584auqpm4641qat5515_firmwareipq8174pm855qpm8830_firmwarepm8250qcn5052qdm4643qfs2530_firmwarewcn3988_firmwarepmx55qpm4641_firmwareqcn9074pm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresa8195psdr735_firmwareqpm5677qat5515qca6694wcd9335pm6350_firmwareqcn6023pm8004_firmwaresdr8150_firmwareqtc800h_firmwareqpm5620qpm4630qca6390wcd9375sd750g_firmwareaqt1000sm6250_firmwareqln4642qpm5677_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwaresmr525_firmwarewsa8815_firmwarewtr3925_firmwareqpm8820_firmwareqpm6621_firmwareqcm6125_firmwarepmx55_firmwaresd865_5gqca6595pm8150_firmwaresmb1398_firmwareqpm8830qat5522pm8150cpmr735bsd665_firmwareqpa4360pmk8003_firmwareqcn5154qca8075_firmwareqpa4361ipq6005_firmwareqpm4640_firmwareqpm5577_firmwarewcn6855_firmwareqdm5679_firmwarepm8350csmr525qca9888ipq8070a_firmwarepm6150l_firmwarepmr525pm8150a_firmwareqca6574_firmwareqln1036aq_firmwaresd665pm6150a_firmwarepm6150_firmwareqca6175asd765qca6574a_firmwareqpm4630_firmwareqat3555qpa5461wtr2965_firmwareqfs2608qcn9070_firmwareqln1036aqqtc801sipq6028_firmwareipq8072a_firmwareqpm5641_firmwareqca9889_firmwareqcn5122pm8008_firmwareqpm6621pmr735a_firmwarepmx50qcn5022sdr8250sd768gpm8004pm640lpmk8002qca8075qcn6024qcn9022ipq6000_firmwareqcs410_firmwareqca6175a_firmwareqpa5580qpm5579sa6150p_firmwareqcs610qcn5550qpm5620_firmwareqdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqat3519qbt2000_firmwareqca4024_firmwarepm855a_firmwareipq8078aqtc800hsa8150p_firmwaresdr8250_firmwareqcn5064csra6620_firmwaresd_675_firmwareqdm5671csra6640_firmwarepmc1000hqpm4650_firmwareqat3518sdr425_firmwaresmr526_firmwareipq8076apm640a_firmwarewgr7640_firmwareqdm2305_firmwareqpm5670_firmwareqca6428qdm5652qca6574au_firmwareqcn5164_firmwareipq8071qpm8870wcd9375_firmwareqpm5679qbt2000sa6155_firmwarewcd9360qca6438_firmwarepmx50_firmwareqpa8675_firmwarewhs9410_firmwaresdr735gwcn3999qdm3301_firmwareqsm7250qcs6125ipq6010sd662_firmwareqcs405qdm2308_firmwareqca6436wcn6851sa6155pqpa6560sdr675_firmwarepmc7180wcd9341qdm4643_firmwareqca6431qet4100_firmwaresd750gwcn3910_firmwareqpm5657qpm5875_firmwarewsa8830_firmwaresd855_firmwareqdm5650wcn3988qca6438wtr3925sdr052sa8195p_firmwaresmb1390qet4100qpa8686_firmwareipq5018_firmwareqpm6585qca8337_firmwarewcd9380_firmwaresmb1355ipq8072aqln4650sdr735g_firmwarewgr7640ipq8076a_firmwareqat5568qdm5671_firmwareqet5100qca6564auqpa8801_firmwareqtm527_firmwarewcn6856_firmwareqcn5164qet4101_firmwarepm7250bqln4642_firmwaresmb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwareqcn5054_firmwareqet4200aq_firmwaresdx50m_firmwaresdr735smb1395smr526qca8072_firmwareqca6430_firmwarepmk8003qcn5052_firmwareqtc801s_firmwareqat3522_firmwarewcd9335_firmwarewcn3980qsw8573sd7cwcn3910qca6426_firmwarepm8350_firmwareqca9984qcn9024pm8009qpa8675qcn5550_firmwaresdr051_firmwaresdx55mqca6421_firmwareqat3518_firmwareqsw8574ar8031_firmwarepm855lwcn6851_firmwareqdm5670_firmwareipq8070pm7150a_firmwarepm8150b_firmwarepmc1000h_firmwareqca6564a_firmwareqdm2310_firmwareqcn5121_firmwareqdm5677ipq6018pm855_firmwareqdm2302pm855b_firmwareqca6595_firmwareqcs405_firmwareqpm6582_firmwareqpm6375_firmwarepm640l_firmwareqln4650_firmwareqpm5875qet5100msa8155psd675qet4101qat3516qpm5658ar8035_firmwareqpm5658_firmwareqcn5024_firmwarewcn3991_firmwareqdm5652_firmwarepmm8155au_firmwaresdr051qcn9070qln5030pm4125pmi632qpa2625_firmwarepm456sd7c_firmwarepm8350bh_firmwarecsra6620pmr735b_firmwareqet5100_firmwareqpm4621qcn9072qet6100_firmwaresdr660gsd765g_firmwareqpa8686qca6390_firmwareipq6000sd730_firmwarewcd9370qcn5152_firmwaresdr425pmr525_firmwareqca6584au_firmwareqcn9000_firmwareipq5018pmi632_firmwaresd_8cx_firmwareqcn7605qpm5541qat5516sd662qpa8821_firmwareqcn5124_firmwaresdr660g_firmwarepm8350bhpm3003aqca6595auwcn3999_firmwareqca6436_firmwaresmb1354ipq5010qca6564au_firmwareqdm2305sa6155p_firmwareqpm8820qln5020_firmwaresa515m_firmwaresdxr2_5gsmb1398sa6145p_firmwaresdr675sm6250wsa8810_firmwaresd765_firmwareqdm5677_firmwareqca8081qet4200aqipq8071aipq8071a_firmwarewcd9385qpm6325_firmwareqdm2302_firmwareqat3550_firmwarepmm8155auqln5040_firmwarepm4125_firmwarear8035csr8811qpa8673qca6694_firmwareqdm2310qln5030_firmwareqcn9100_firmwaresmb1396_firmwarewcn6850_firmwarewsa8835_firmwareqca6564aqet6110qln5040qca8072qpm8895qpm5670wcn3990qcn9000sd_675qtm527pmk8350qcn9012pmc7180_firmwarepm8350bqdm2307_firmwarewsa8835qpm5657_firmwaresd888_5gsm6250ppm855asdr660_firmwareqca6574asmb1390_firmwareqca9889ipq8074qpm4640wcn6750qet5100m_firmwareipq8076_firmwareqpm4650qtm525sa515msd855sm4125_firmwareipq8076pm640pqcn5021qcn5152sd768g_firmwaresdr865_firmwarepm8250_firmwaresd460qca6391smb1351ipq6005aqt1000_firmwareqcn9100qpm8895_firmwaresdx50mpm640asdr8150smb1395_firmwareqdm4650pmd9655ipq8074_firmwareqca6574ausa8155p_firmwareqsw6310wcd9341_firmwareqcm6125wsa8810qtc410s_firmwareqat5568_firmwareqdm2308qat3550wcn6856qdm5679sd_8cipq6010_firmwarepm3003a_firmwareqca6696smb1381_firmwareqpa2625sa6150pqcn9022_firmwareqpa8688_firmwareipq8070aqcn9072_firmwaresm7250psd720g_firmwareipq8071_firmwareqcn9074_firmwareqpm4621_firmwarepm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-129
Improper Validation of Array Index
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-14006
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.36% / 57.93%
||
7 Day CHG~0.00%
Published-21 Jan, 2020 | 06:30
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow occur while playing the clip which is nonstandard due to lack of offset length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, Nicobar, QCS605, QM215, Rennell, SA6155P, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdm439sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaremdm9206sdm670_firmwaresdm636sda845_firmwareapq8098mdm9206_firmwaremsm8939qcs605msm8937_firmwaresdm429_firmwaremsm8905_firmwaresda660apq8064_firmwaremsm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarsa6155p_firmwaremsm8920msm8953sdm450sdm636_firmwareapq8064apq8098_firmwaresdx20sdm660msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwaresdm710qm215mdm9607apq8017_firmwaresdm710_firmwaremsm8939_firmwaresa6155pmsm8937mdm9207c_firmwaremsm8996_firmwaremsm8905mdm9207csm8150_firmwaremsm8909sxr2130_firmwareapq8096ausdm439_firmwarerennellsdm630_firmwaresda660_firmwarerennell_firmwareqm215_firmwaremsm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250sm8150sdx20_firmwareapq8017msm8996nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2019-14045
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.36% / 57.93%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow while processing clientlog and serverlog due to lack of validation of data received in logs in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile in APQ8096AU, QCS605, SDM439, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-apq8096au_firmwaresm8150_firmwaresm8150apq8096ausdm439_firmwaresxr1130_firmwaresxr1130sdm439qcs605qcs605_firmwareSnapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-14127
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.36% / 57.93%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow while playing mkv clip due to lack of validation of atom size buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCS605, QM215, Rennell, SA6155P, Saipan, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdm439sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaremdm9206sdm670_firmwaresdm636apq8098mdm9206_firmwareqcs605msm8937_firmwaresdm429_firmwaremsm8905_firmwaresda660sxr1130_firmwareapq8064_firmwaresxr1130msm8909wapq8009apq8053_firmwarenicobarsa6155p_firmwaremsm8920msm8953sdm450sdm636_firmwareapq8064apq8098_firmwaresdx20msm8998_firmwaresdm660msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwaresdm710qm215mdm9607apq8017_firmwaresdm710_firmwaresa6155pmsm8937mdm9207c_firmwaremsm8905mdm9207csm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwarerennellsdm630_firmwaresda660_firmwarerennell_firmwareqm215_firmwaremsm8953_firmwaremsm8940saipan_firmwaresm6150_firmwareapq8053msm8917_firmwareapq8096au_firmwaremsm8998sm8150sdx20_firmwaresm8250apq8017saipannicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-14073
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.31% / 54.11%
||
7 Day CHG~0.00%
Published-22 Jun, 2020 | 07:10
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Copying RTCP messages into the output buffer without checking the destination buffer size which could lead to a remote stack overflow when processing large data or non-standard feedback messages in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8076, APQ8096, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SA415M, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwarekamorta_firmwaremdm9635m_firmwaremdm9640_firmwareapq8096_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632apq8096sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996aumdm9645sdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670qcs605_firmwareapq8076sc8180xmdm9206sdm670_firmwaresdx24_firmwareapq8076_firmwaresdm636sda845_firmwaresa415mmdm9635mapq8098mdm9615mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresdm660mdm9655_firmwaresc8180x_firmwaresa415m_firmwaresdm710qm215sc7180_firmwaremdm9607mdm9645_firmwareapq8017_firmwaresdm710_firmwaremdm9150msm8937mdm9207c_firmwaremsm8905mdm9207csm8150_firmwaremsm8909mdm9655apq8096ausdm439_firmwarerennellsc7180sdm630_firmwaresda660_firmwarerennell_firmwareqm215_firmwaremsm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaremdm9615_firmwaremsm8998sm8150sdx20_firmwaresdm850kamortaapq8017nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-14132
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 56.03%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer over-write when this 0-byte buffer is typecasted to some other structure and hence memory corruption in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile in QCS605, SA6155P, SM8150

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa6155p_firmwaresm8150_firmwaresm8150sa6155pqcs605qcs605_firmwareSnapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-11153
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-3.83% / 88.16%
||
7 Day CHG~0.00%
Published-02 Nov, 2020 | 06:21
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Out of bound memory access while processing GATT data received due to lack of check of pdu data length and leads to remote code execution' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8053, QCA6390, QCA9379, QCN7605, SC8180X, SDX55

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-apq8053qca9379_firmwaresdx55qca9379sdx55_firmwareqca6390_firmwareqcn7605_firmwareqcn7605qca6390apq8053_firmwaresc8180xsc8180x_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-14013
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.40% / 60.43%
||
7 Day CHG~0.00%
Published-21 Jan, 2020 | 06:30
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While parsing invalid super index table, elements within super index table may exceed total chunk size and invalid data is read into the table in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, Nicobar, QCM2150, QCS405, QCS605, QM215, Rennell, SA6155P, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdm439sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaremdm9206sdm670_firmwaresdm636sda845_firmwareapq8098mdm9206_firmwaremsm8939qcs605msm8937_firmwaresdm429_firmwaremsm8905_firmwaresda660sxr1130_firmwareapq8064_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarsa6155p_firmwaremsm8920msm8953sdm450sdm636_firmwareapq8064apq8098_firmwaresdx20qcm2150msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwaresdm660qcs405sdm710qm215mdm9607apq8017_firmwaresdm710_firmwaremsm8939_firmwaresa6155pmsm8937mdm9207c_firmwaremsm8996_firmwaremsm8905mdm9207csm8150_firmwaremsm8909sxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwarerennellsdm630_firmwaresda660_firmwarerennell_firmwareqm215_firmwaremsm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250sm8150sdx20_firmwareapq8017msm8996nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 21
  • 22
  • Next
Details not found