ByteOS Network

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410/12, SD 615/16/SD 415, SD 808, and SD 810, improper input validation while processing SCM Command can lead to unauthorized memory access.

Vendor-Qualcomm Technologies, Inc.

Product-sd_615_firmware sd_810 sd_412 sd_410_firmware sd_808_firmware sd_808 sd_412_firmware sd_415_firmware sd_410 sd_616 sd_810_firmware sd_616_firmware sd_615 sd_415 Snapdragon Mobile

CWE ID-CWE-20

Improper Input Validation

CVE-2016-10492

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-9.1||CRITICAL

EPSS-0.26% / 49.34%

7 Day CHG~0.00%

Published-18 Apr, 2018 | 14:00

Updated-16 Sep, 2024 | 19:46

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9645, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, improper ciphersuite validation leads SecSSL accept an unadvertised ciphersuite.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2015-9069

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-9.8||CRITICAL

EPSS-0.11% / 28.27%

7 Day CHG~0.00%

Published-18 Aug, 2017 | 18:00

Updated-13 May, 2026 | 00:24

In all Qualcomm products with Android releases from CAF using the Linux kernel, the Secure File System can become corrupted.

Vendor-Google LLC Qualcomm Technologies, Inc.

Product-android All Qualcomm products

CWE ID-CWE-20

Improper Input Validation

CVE-2015-9033

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.06% / 18.20%

7 Day CHG~0.00%

Published-13 Jun, 2017 | 20:00

Updated-13 May, 2026 | 00:24

In all Android releases from CAF using the Linux kernel, a QTEE system call fails to validate a pointer.

Vendor-Google LLC Qualcomm Technologies, Inc.

Product-android All Qualcomm products

CWE ID-CWE-20

Improper Input Validation

CVE-2015-9068

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-9.8||CRITICAL

EPSS-0.11% / 28.27%

7 Day CHG~0.00%

Published-18 Aug, 2017 | 18:00

Updated-13 May, 2026 | 00:24

In all Qualcomm products with Android releases from CAF using the Linux kernel, an argument to a mink syscall is not properly validated.

Vendor-Google LLC Qualcomm Technologies, Inc.

Product-android All Qualcomm products

CWE ID-CWE-20

Improper Input Validation

CVE-2015-9210

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-9.8||CRITICAL

EPSS-0.21% / 42.81%

7 Day CHG~0.00%

Published-18 Apr, 2018 | 14:00

Updated-16 Sep, 2024 | 20:47

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, lack of input validation in playready_licacq_process_response() can lead to memory over read.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-20

Improper Input Validation

CVE-2015-9146

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-9.8||CRITICAL

EPSS-0.21% / 42.81%

7 Day CHG~0.00%

Published-18 Apr, 2018 | 14:00

Updated-16 Sep, 2024 | 22:08

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, MDM9635M, MDM9645, MDM9650, MDM9655, SD 400, SD 800, SD 835, SD 845, SD 850, and SDX20, when QDI read, write, or ioctl are called, the passed-in pointer is not properly validated before accessing it for the delayed response.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2015-9116

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-9.8||CRITICAL

EPSS-0.30% / 53.03%

7 Day CHG~0.00%

Published-18 Apr, 2018 | 14:00

Updated-16 Sep, 2024 | 16:13

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 810, SD 820, and SD 820A, in a QTEE syscall handler, an untrusted pointer dereference can occur.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2015-9208

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-9.8||CRITICAL

EPSS-0.21% / 42.81%

7 Day CHG~0.00%

Published-18 Apr, 2018 | 14:00

Updated-16 Sep, 2024 | 19:10

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, and SD 810, the function tzbsp_pil_verify_sig() does not strictly check that the pointer to ELF and program headers and hash segment is within secure memory. It only checks that the address is not in non-secure memory. A given address range can overlap with both secure and non-secure regions - hence if such an address is passed in, it would not pass the non-secure range check, and would be considered valid by the function, even though that memory area could be modified by the non-secure side.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2015-9139

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-9.8||CRITICAL

EPSS-0.21% / 42.81%

7 Day CHG~0.00%

Published-18 Apr, 2018 | 14:00

Updated-16 Sep, 2024 | 16:28

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, SD 810, and SD 820, improper input validation can occur while negotiating an SSL handshake.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2015-9110

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-9.8||CRITICAL

EPSS-0.30% / 53.03%

7 Day CHG~0.00%

Published-18 Apr, 2018 | 14:00

Updated-16 Sep, 2024 | 16:24

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, no address argument validation is performed on calls to the qsee_get_secure_state syscall.

Vendor-Qualcomm Technologies, Inc.

Product-sd_652 sd_425_firmware sd_820a sd_625_firmware sd_450 sd_425 sd_430_firmware sd_430 sd_625 sd_820_firmware sd_820 sd_650 sd_450_firmware sd_652_firmware sd_820a_firmware sd_650_firmware Snapdragon Automobile, Snapdragon Mobile

CWE ID-CWE-20

Improper Input Validation

CVE-2015-9108

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-9.8||CRITICAL

EPSS-0.30% / 53.03%

7 Day CHG~0.00%

Published-18 Apr, 2018 | 14:00

Updated-16 Sep, 2024 | 19:04

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, no address argument validation performed on calls to a QSEE syscall may lead to arbitrary read/write or NULL Pointer exception when calling a downstream function.

Vendor-Qualcomm Technologies, Inc.

Product-sd_652 sd_425_firmware sd_820a sd_625_firmware sd_450 mdm9625 sd_425 sd_430_firmware sd_430 sd_625 sd_820_firmware sd_820 sd_650 mdm9625_firmware sd_450_firmware sd_652_firmware sd_820a_firmware sd_650_firmware Snapdragon Automobile, Snapdragon Mobile

CWE ID-CWE-20

Improper Input Validation

CVE-2022-40502

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.5||HIGH

EPSS-0.36% / 58.19%

7 Day CHG~0.00%

Published-09 Feb, 2023 | 06:58

Updated-03 Aug, 2024 | 12:21

Improper input validation in WLAN Host

Transient DOS due to improper input validation in WLAN Host.

Vendor-Qualcomm Technologies, Inc.

Product-qcn5024_firmware wsa8830 qcn9070 sxr2230p_firmware qcs610 ipq8173_firmware qcn5124 qca4024_firmware qcn9072 wcn3950_firmware ipq8078a ipq5028_firmware qca6595au_firmware ipq6000 wcd9370 ssg2115p qcn5152_firmware qca6584au_firmware qcn9000_firmware ipq5018 qca6554a_firmware wcd9385_firmware qam8295p wcn3950 ipq8076a qcn6024_firmware sd_8_gen1_5g_firmware ipq8074a qcn5124_firmware qam8295p_firmware qcn6100_firmware qcn6102_firmware wcn7850 qca6574au_firmware qcn5122_firmware qcn5164_firmware qca6595au qca8081_firmware qcn6023_firmware wcd9375_firmware qcn9002 ipq5010 qca6564au_firmware qca6584au sa6155p_firmware sd680_firmware ipq8078a_firmware qcn9274 ipq8174 qcn9001 wcn7851 ipq5028 qca6698aq qcn5052 ipq6010 qcn6112_firmware wcn3988_firmware qcn9074 sa8195p qcn6132 wsa8810_firmware sd680 sa6155p sg4150p qca8081 wcn7851_firmware qca6698aq_firmware ipq8071a qcn6023 ipq8071a_firmware wcd9385 qca9888_firmware qcn6122 wcd9341 qca6696_firmware ipq9008_firmware qcn5154_firmware csr8811 wcd9375 qcn9100_firmware wsa8830_firmware ipq5010_firmware ipq8074a_firmware wcn3988 wsa8815_firmware wcn7850_firmware wsa8835_firmware sa8195p_firmware sm8475 qcn5022_firmware sa8295p_firmware sa4150p sg4150p_firmware qca8072 ipq5018_firmware wcd9380_firmware ssg2125p qcn9000 ipq8072a qca6554a ipq8076a_firmware qca6595 ipq8078 qca6564au qcn9001_firmware ipq8173 wcn6856_firmware ipq9008 qcn5164 qcn6122_firmware qca6574 sxr1230p_firmware wsa8835 csr8811_firmware wcd9380 qcn5054_firmware qcs410 qcn5154 qca8075_firmware ssg2125p_firmware qca6574a qcn5024 wcn6855_firmware qca9889 qcn6132_firmware qcn9003_firmware sxr1230p qca9888 qca8072_firmware wcn3980 qcn5052_firmware qcn9274_firmware qcn9003 ipq8070a_firmware ipq6018_firmware ipq8076_firmware qca6574_firmware wsa8815 qcn6112 sxr2230p ipq8076 qca6574a_firmware qcn5152 ipq6028 qcn9024 ipq9574_firmware wcn3980_firmware sa8295p wcn6740_firmware qcn6102 qcn9100 ipq8078_firmware wsa8832_firmware qcn5054 qcn9070_firmware ipq6028_firmware ipq8072a_firmware qca6574au qca9889_firmware sa8155p_firmware ipq9574 qcn5122 qcn9024_firmware ipq8174_firmware wcd9341_firmware wsa8810 wsa8832 wcn6855 qcs610_firmware wcn6856 ipq6018 qcn5022 ipq6010_firmware qca6595_firmware wcn6740 qca6696 sa4150p_firmware qca4024 wcd9370_firmware qca8075 qcn9022_firmware sa8155p qcn6024 qcn9022 ipq8070a qcn9002_firmware qcn6100 qcn9072_firmware ipq6000_firmware ssg2115p_firmware qcn9074_firmware qcs410_firmware Snapdragon qcn5024_firmware ipq5018_firmware wcd9380_firmware sxr2230p_firmware ipq8076a_firmware ipq8173_firmware qcn9001_firmware wcn6856_firmware qca4024_firmware qcn6122_firmware sxr1230p_firmware wcn3950_firmware csr8811_firmware ipq5028_firmware qca6595au_firmware qcn5054_firmware qca8075_firmware ssg2125p_firmware wcn6855_firmware qcn5152_firmware qcn6132_firmware qcn9003_firmware qca6584au_firmware qca8072_firmware qcn9000_firmware qcn5052_firmware qcn9274_firmware ipq8070a_firmware qca6554a_firmware wcd9385_firmware qcn6024_firmware ipq8076_firmware ipq6018_firmware qca6574_firmware sd_8_gen1_5g_firmware qcn5124_firmware qam8295p_firmware qcn6100_firmware qcn6102_firmware qca6574a_firmware qca6574au_firmware qcn5122_firmware qcn5164_firmware wcd9375_firmware qca8081_firmware qcn6023_firmware ipq9574_firmware wcn3980_firmware wcn6740_firmware qca6564au_firmware sd680_firmware sa6155p_firmware ipq8078a_firmware ipq8078_firmware wsa8832_firmware qcn9070_firmware ipq6028_firmware ipq8072a_firmware qcn6112_firmware wcn3988_firmware qca9889_firmware sa8155p_firmware qcn9024_firmware ipq8174_firmware wsa8810_firmware wcd9341_firmware qcs610_firmware wcn7851_firmware qca6698aq_firmware ipq8071a_firmware qca9888_firmware ipq6010_firmware qca6696_firmware qca6595_firmware ipq9008_firmware qcn5154_firmware sa4150p_firmware wcd9370_firmware qcn9100_firmware qcn9022_firmware wsa8830_firmware qcn9002_firmware ipq5010_firmware ipq8074a_firmware wsa8815_firmware wsa8835_firmware wcn7850_firmware qcn9072_firmware ipq6000_firmware sa8195p_firmware ssg2115p_firmware qcn9074_firmware qcs410_firmware qcn5022_firmware sa8295p_firmware sg4150p_firmware

CWE ID-CWE-20

Improper Input Validation

CVE-2025-21477

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.5||HIGH

EPSS-0.13% / 31.59%

7 Day CHG~0.00%

Published-06 Aug, 2025 | 07:25

Updated-20 Aug, 2025 | 19:42

Improper Input Validation in Modem

Transient DOS while processing CCCH data when NW sends data with invalid length.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2022-34146

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.5||HIGH

EPSS-0.47% / 64.60%

7 Day CHG~0.00%

Published-09 Feb, 2023 | 06:58

Updated-03 Aug, 2024 | 08:16

Improper input validation in WLAN Host

Transient DOS due to improper input validation in WLAN Host while parsing frame during defragmentation.

Vendor-Qualcomm Technologies, Inc.

Product-qcn5024_firmware wsa8830 qcn9070 sxr2230p_firmware qcs610 ipq8173_firmware qcn5124 qca4024_firmware qcn9072 wcn3950_firmware ipq8078a ipq5028_firmware qca6595au_firmware ipq6000 wcd9370 ssg2115p qcn5152_firmware qca6584au_firmware qcn9000_firmware ipq5018 qca6554a_firmware wcd9385_firmware qam8295p wcn3950 ipq8076a qcn6024_firmware sd_8_gen1_5g_firmware ipq8074a qcn5124_firmware qam8295p_firmware qcn6100_firmware qcn6102_firmware wcn7850 qca6574au_firmware qcn5122_firmware qcn5164_firmware qca6595au qca8081_firmware qcn6023_firmware wcd9375_firmware qcn9002 ipq5010 qca6564au_firmware qca6584au sa6155p_firmware sd680_firmware ipq8078a_firmware qcn9274 ipq8174 qcn9001 wcn7851 ipq5028 qca6698aq qcn5052 ipq6010 qcn6112_firmware wcn3988_firmware qcn9074 sa8195p qcn6132 wsa8810_firmware sd680 sa6155p sg4150p qca8081 wcn7851_firmware qca6698aq_firmware ipq8071a qcn6023 ipq8071a_firmware wcd9385 qca9888_firmware qcn6122 wcd9341 qca6696_firmware ipq9008_firmware qcn5154_firmware csr8811 wcd9375 qcn9100_firmware wsa8830_firmware ipq5010_firmware ipq8074a_firmware wcn3988 wsa8815_firmware wcn7850_firmware wsa8835_firmware sa8195p_firmware sm8475 qcn5022_firmware sa8295p_firmware sa4150p sg4150p_firmware qcm4325 qca8072 ipq5018_firmware wcd9380_firmware ssg2125p qcn9000 ipq8072a qca6554a ipq8076a_firmware qca6595 ipq8078 qca6564au qcn9001_firmware ipq8173 wcn6856_firmware ipq9008 qcn5164 qcn6122_firmware qca6574 sxr1230p_firmware wsa8835 csr8811_firmware wcd9380 qcn5054_firmware qcs410 qcn5154 qca8075_firmware ssg2125p_firmware qca6574a qcn5024 wcn6855_firmware qca9889 qcn6132_firmware qcn9003_firmware sxr1230p qca9888 qca8072_firmware wcn3980 qcn5052_firmware qcn9274_firmware qcn9003 ipq8070a_firmware ipq6018_firmware ipq8076_firmware qcm4325_firmware qca6574_firmware wsa8815 qcn6112 sxr2230p ipq8076 qca6574a_firmware qcn5152 ipq6028 qcn9024 ipq9574_firmware wcn3980_firmware sa8295p wcn6740_firmware qcn6102 qcn9100 ipq8078_firmware wsa8832_firmware qcn5054 qcn9070_firmware ipq6028_firmware ipq8072a_firmware qca6574au qca9889_firmware sa8155p_firmware ipq9574 qcn5122 qcn9024_firmware ipq8174_firmware wcd9341_firmware wsa8810 wsa8832 wcn6855 qcs610_firmware wcn6856 ipq6018 qcn5022 ipq6010_firmware qca6595_firmware wcn6740 qca6696 sa4150p_firmware qca4024 wcd9370_firmware qca8075 qcn9022_firmware sa8155p qcn6024 qcn9022 ipq8070a qcn9002_firmware qcn6100 qcn9072_firmware ipq6000_firmware ssg2115p_firmware qcn9074_firmware qcs410_firmware Snapdragon qcn5024_firmware ipq5018_firmware wcd9380_firmware sxr2230p_firmware ipq8076a_firmware ipq8173_firmware qcn9001_firmware wcn6856_firmware qca4024_firmware qcn6122_firmware sxr1230p_firmware wcn3950_firmware csr8811_firmware ipq5028_firmware qca6595au_firmware qcn5054_firmware qca8075_firmware ssg2125p_firmware wcn6855_firmware qcn5152_firmware qcn6132_firmware qcn9003_firmware qca6584au_firmware qca8072_firmware qcn9000_firmware qcn5052_firmware qcn9274_firmware ipq8070a_firmware qca6554a_firmware wcd9385_firmware qcn6024_firmware ipq8076_firmware ipq6018_firmware qcm4325_firmware qca6574_firmware sd_8_gen1_5g_firmware qcn5124_firmware qam8295p_firmware qcn6100_firmware qcn6102_firmware qca6574a_firmware qca6574au_firmware qcn5122_firmware qcn5164_firmware wcd9375_firmware qca8081_firmware qcn6023_firmware ipq9574_firmware wcn3980_firmware wcn6740_firmware qca6564au_firmware sd680_firmware sa6155p_firmware ipq8078a_firmware ipq8078_firmware wsa8832_firmware qcn9070_firmware ipq6028_firmware ipq8072a_firmware qcn6112_firmware wcn3988_firmware qca9889_firmware sa8155p_firmware qcn9024_firmware ipq8174_firmware wsa8810_firmware wcd9341_firmware qcs610_firmware wcn7851_firmware qca6698aq_firmware ipq8071a_firmware qca9888_firmware ipq6010_firmware qca6696_firmware qca6595_firmware ipq9008_firmware qcn5154_firmware sa4150p_firmware wcd9370_firmware qcn9100_firmware qcn9022_firmware wsa8830_firmware qcn9002_firmware ipq5010_firmware ipq8074a_firmware wsa8815_firmware wsa8835_firmware wcn7850_firmware qcn9072_firmware ipq6000_firmware sa8195p_firmware ssg2115p_firmware qcn9074_firmware qcs410_firmware qcn5022_firmware sa8295p_firmware sg4150p_firmware

CWE ID-CWE-20

Improper Input Validation

CVE-2022-33216

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-6||MEDIUM

EPSS-0.04% / 10.93%

7 Day CHG~0.00%

Published-09 Feb, 2023 | 06:58

Updated-03 Aug, 2024 | 08:01

Improper Input Validation in Automotive

Transient Denial-of-service in Automotive due to improper input validation while parsing ELF file.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2022-33211

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-9.8||CRITICAL

EPSS-0.32% / 55.12%

7 Day CHG~0.00%

Published-04 Apr, 2023 | 04:46

Updated-03 Aug, 2024 | 08:01

Improper Input Validation in MODEM

memory corruption in modem due to improper check while calculating size of serialized CoAP message

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-20

Improper Input Validation

CWE ID-CWE-131

Incorrect Calculation of Buffer Size

CVE-2022-33300

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.05% / 15.46%

7 Day CHG~0.00%

Published-06 Jan, 2023 | 05:02

Updated-09 Apr, 2025 | 14:53

Improper input validation in Automotive Android OS

Memory corruption in Automotive Android OS due to improper input validation.

Vendor-Qualcomm Technologies, Inc.

Product-qca9377_firmware wsa8830 wcd9380_firmware sa6150p_firmware wcn3990 sa8145p_firmware sw5100p sd865_5g qcc5100 sdx55m_firmware wcn6856_firmware qcn9012 wsa8835 wcd9380 sa8150p_firmware sd888_5g qca6595au_firmware qca6390_firmware wcn6855_firmware qca6174a qca6426 wcn3990_firmware qrb5165n_firmware qcn9012_firmware qca9377 wcd9335_firmware wcn3980 wcd9385_firmware qam8295p sdxr2_5g_firmware sd_8_gen1_5g_firmware wsa8815 wcn6850 qam8295p_firmware qcn9011_firmware qca6426_firmware wcn7850 qca6574au_firmware qca6595au sdx12_firmware qrb5165m wcn3980_firmware qca6391 sdx55m qca6436_firmware qrb5165n sa8295p qcc5100_firmware sa6155p_firmware wcn7851 qrb5165_firmware qrb5165m_firmware sdxr2_5g qrb5165 wcn6851_firmware qcn9011 wcn3988_firmware qca6574au sa6145p_firmware sa8155p_firmware sa8195p wsa8810_firmware wcd9341_firmware sw5100 wsa8810 sd870 qca6436 wcn6851 wcd9335 sa6155p wcn6855 sw5100p_firmware wcn7851_firmware wcn6856 sa6145p qca6174a_firmware wcd9385 wcd9341 qca6696_firmware sa8145p sd870_firmware qca6696 qca6391_firmware qca6390 sa8150p sa6150p sa8155p wsa8830_firmware sd660 sd865_5g_firmware wcn3988 sd888_5g_firmware wcn6850_firmware sd660_firmware wcn7850_firmware wsa8815_firmware sa8195p_firmware wsa8835_firmware sdx12 sw5100_firmware sm8475 sa8295p_firmware Snapdragon

CWE ID-CWE-20

Improper Input Validation

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-33057

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.5||HIGH

EPSS-0.10% / 26.41%

7 Day CHG~0.00%

Published-06 Feb, 2024 | 05:47

Updated-11 Aug, 2025 | 15:06

Improper Input Validation in Multi-Mode Call Processor

Transient DOS in Multi-Mode Call Processor while processing UE policy container.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2025-47314

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 7.97%

7 Day CHG~0.00%

Published-24 Sep, 2025 | 15:33

Updated-26 Feb, 2026 | 17:48

Improper Input Validation in Automotive Software platform based on QNX

Memory corruption while processing data sent by FE driver.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2020-3652

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-9.1||CRITICAL

EPSS-0.24% / 46.95%

7 Day CHG~0.00%

Published-16 Apr, 2020 | 10:46

Updated-04 Aug, 2024 | 07:37

Possible buffer over-read issue in windows x86 wlan driver function while processing beacon or request frame due to lack of check of length of variable received. in Snapdragon Compute, Snapdragon Connectivity in MSM8998, QCA6390, SC7180, SC8180X, SDM850

Vendor-Qualcomm Technologies, Inc.

Product-sdm850_firmware sc7180_firmware msm8998 sdm850 sc7180 qca6390_firmware msm8998_firmware qca6390 sc8180x sc8180x_firmware Snapdragon Compute, Snapdragon Connectivity

CWE ID-CWE-125

Out-of-bounds Read

CWE ID-CWE-20

Improper Input Validation

CVE-2020-3698

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-9.8||CRITICAL

EPSS-0.29% / 52.84%

7 Day CHG~0.00%

Published-30 Jul, 2020 | 11:40

Updated-04 Aug, 2024 | 07:44

Out of bound write while QoS DSCP mapping due to improper input validation for data received from association response frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, Nicobar, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCM2150, QCN7605, QCS405, QCS605, QM215, SA6155P, Saipan, SC8180X, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX55, SM8150, SM8250, SXR2130

Vendor-Qualcomm Technologies, Inc.

Product-qca9377_firmware mdm9150_firmware qcm2150_firmware sdm429w msm8996au_firmware sdm632_firmware sdm845 sdm450_firmware sdm632 sdm439 mdm9650 sdm429 msm8940_firmware msm8909w_firmware msm8996au sdm429w_firmware apq8009_firmware msm8917 sxr2130 qcs605_firmware sc8180x mdm9206 qca9379_firmware qca6174a sdm636 sda845_firmware qca9377 apq8098 qcn7605 mdm9206_firmware qcs605 msm8937_firmware mdm9650_firmware sdm429_firmware msm8905_firmware qca6574au_firmware sdx55_firmware msm8909w apq8009 apq8053_firmware sda845 nicobar sa6155p_firmware msm8920 msm8953 sdm450 sdm636_firmware apq8098_firmware sdx20 qcm2150 msm8920_firmware sdm630 mdm9607_firmware sm8250_firmware sdm660 sc8180x_firmware qcs405 qca6574au qm215 mdm9607 apq8017_firmware qcn7605_firmware sa6155p mdm9150 msm8937 mdm9207c_firmware msm8905 mdm9207c qca6174a_firmware sm8150_firmware sxr2130_firmware apq8096au sdm439_firmware qcs405_firmware sdm630_firmware qm215_firmware sdx55 msm8953_firmware msm8940 saipan_firmware apq8053 apq8096au_firmware msm8917_firmware sm8250 sm8150 sdx20_firmware apq8017 saipan nicobar_firmware qca9379 sdm660_firmware sdm845_firmware Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

CWE ID-CWE-787

Out-of-bounds Write

CWE ID-CWE-20

Improper Input Validation

CVE-2020-3676

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.13% / 31.88%

7 Day CHG~0.00%

Published-22 Jun, 2020 | 07:10

Updated-04 Aug, 2024 | 07:44

Possible memory corruption in perfservice due to improper validation array length taken from user application. in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8096AU, APQ8098, Kamorta, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, Saipan, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-787

Out-of-bounds Write

CWE ID-CWE-20

Improper Input Validation

CVE-2020-3653

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-9.1||CRITICAL

EPSS-0.24% / 46.95%

7 Day CHG~0.00%

Published-16 Apr, 2020 | 10:46

Updated-04 Aug, 2024 | 07:37

Possible buffer over-read in windows wlan driver function due to lack of check of length of variable received from userspace in Snapdragon Compute, Snapdragon Connectivity in MSM8998, QCA6390, SC7180, SC8180X, SDM850

Vendor-Qualcomm Technologies, Inc.

Product-sdm850_firmware sc7180_firmware msm8998 sdm850 sc7180 qca6390_firmware msm8998_firmware qca6390 sc8180x sc8180x_firmware Snapdragon Compute, Snapdragon Connectivity

CWE ID-CWE-125

Out-of-bounds Read

CWE ID-CWE-20

Improper Input Validation

CVE-2020-3648

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.10% / 27.56%

7 Day CHG~0.00%

Published-08 Sep, 2020 | 09:31

Updated-04 Aug, 2024 | 07:37

u'Possible out of bound write in DSP driver code due to lack of check of data received from user' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W

Vendor-Qualcomm Technologies, Inc.

Product-msm8909w_firmware msm8909w Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

CWE ID-CWE-787

Out-of-bounds Write

CWE ID-CWE-20

Improper Input Validation

CVE-2020-3703

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-9.8||CRITICAL

EPSS-0.29% / 52.84%

7 Day CHG~0.00%

Published-02 Nov, 2020 | 06:21

Updated-04 Aug, 2024 | 07:44

u'Buffer over-read issue in Bluetooth peripheral firmware due to lack of check for invalid opcode and length of opcode received from central device(This CVE is equivalent to Link Layer Length Overfow issue (CVE-2019-16336,CVE-2019-17519) and Silent Length Overflow issue(CVE-2019-17518) mentioned in sweyntooth paper)' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, APQ8076, AR9344, Bitra, Kamorta, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8917, MSM8937, MSM8940, MSM8953, Nicobar, QCA6174A, QCA9377, QCM2150, QCM6125, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SC8180X, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130

Vendor-Qualcomm Technologies, Inc.

Product-qca9377_firmware kamorta_firmware qcm2150_firmware qcs610 sdm632_firmware sdm845 sdm450_firmware sdm632 sdx24 sdm439 qcs404_firmware sdm429 msm8940_firmware sm7150_firmware sm6150 ar9344 sm7150 msm8917 sdm670 qcs605_firmware apq8076 sc8180x mdm9206 qca6174a sdm670_firmware qcs404 sdx24_firmware apq8076_firmware sdm636 qca9377 bitra mdm9206_firmware qcs605 bitra_firmware msm8937_firmware sdm429_firmware msm8905_firmware sxr1130_firmware sxr1130 apq8053_firmware nicobar msm8953 sdm450 sdm636_firmware sdx20 qcm2150 sdm660 sdm630 mdm9607_firmware sc8180x_firmware qcs405 sdm710 qm215 mdm9607 sdm710_firmware qcm6125 qcs610_firmware msm8937 mdm9207c_firmware msm8905 mdm9207c qca6174a_firmware sm8150_firmware sdm439_firmware qcs405_firmware rennell sdm630_firmware rennell_firmware qm215_firmware msm8953_firmware msm8940 sm6150_firmware apq8053 msm8917_firmware sm8150 ar9344_firmware sdx20_firmware kamorta nicobar_firmware sdm660_firmware qcm6125_firmware sdm845_firmware Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music

CWE ID-CWE-125

Out-of-bounds Read

CWE ID-CWE-20

Improper Input Validation

CVE-2020-3623

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 9.79%

7 Day CHG~0.00%

Published-02 Jun, 2020 | 15:05

Updated-04 Aug, 2024 | 07:37

kernel failure due to load failures while running v1 path directly via kernel in Snapdragon Mobile in SM8250, SXR2130

Vendor-Qualcomm Technologies, Inc.

Product-sm8250 sxr2130 sm8250_firmware sxr2130_firmware Snapdragon Mobile

CWE ID-CWE-20

Improper Input Validation

CVE-2020-3621

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-5.5||MEDIUM

EPSS-0.05% / 16.40%

7 Day CHG~0.00%

Published-08 Sep, 2020 | 09:31

Updated-04 Aug, 2024 | 07:37

u'Lack of check to ensure that the TX read index & RX write index that are read from shared memory are less than the FIFO size results into memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Bitra, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SA415M, SA6155P, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Vendor-Qualcomm Technologies, Inc.

Product-mdm9150_firmware kamorta_firmware qcm2150_firmware mdm9640_firmware qcs610 sdm429w msm8996au_firmware sdm632_firmware sdm845 sdm450_firmware sdm632 sdx24 sdm439 qcs404_firmware mdm9650 sdm429 msm8940_firmware sm7150_firmware sm6150 msm8996au mdm9645 sdm429w_firmware sm7150 apq8009_firmware msm8917 sdm670 sxr2130 qcs605_firmware sc8180x mdm9206 sdm670_firmware qcs404 sdx24_firmware ipq8074 sdm636 sda845_firmware sa415m bitra apq8098 qcn7605 mdm9205 mdm9206_firmware qcs605 bitra_firmware msm8937_firmware mdm9650_firmware sdm429_firmware msm8905_firmware sda660 sdx55_firmware sxr1130_firmware qca8081_firmware sxr1130 apq8009 msm8909_firmware apq8053_firmware sda845 nicobar sdm850_firmware sa6155p_firmware msm8920 msm8953 sdm450 sdm636_firmware sdm845_firmware apq8098_firmware sdx20 msm8998_firmware qcm2150 msm8920_firmware sdm630 mdm9607_firmware sm8250_firmware mdm9655_firmware sdm660 sa415m_firmware qcs405 sc8180x_firmware ipq8074_firmware sdm710 qm215 sc7180_firmware mdm9607 mdm9645_firmware sdm710_firmware qcn7605_firmware sa6155p qca8081 qcs610_firmware msm8937 mdm9150 msm8996_firmware msm8905 sm8150_firmware msm8909 sxr2130_firmware mdm9655 apq8096au sdm439_firmware rennell sc7180 qcs405_firmware sdm630_firmware mdm9205_firmware sda660_firmware rennell_firmware qm215_firmware sdx55 msm8953_firmware msm8940 saipan_firmware sm6150_firmware apq8053 msm8917_firmware apq8096au_firmware msm8998 sm8150 sdx20_firmware sdm850 sm8250 kamorta msm8996 saipan nicobar_firmware sdm660_firmware mdm9640 Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

CWE ID-CWE-787

Out-of-bounds Write

CWE ID-CWE-20

Improper Input Validation

CVE-2020-3617

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.1||HIGH

EPSS-0.03% / 9.80%

7 Day CHG~0.00%

Published-09 Sep, 2020 | 06:25

Updated-04 Aug, 2024 | 07:37

u'Buffer over-read Issue in Q6 testbus framework due to diag packet length is not completely validated before accessing the field and leads to Information disclosure.' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in Kamorta, Nicobar, QCS605, QCS610, Rennell, SC7180, SDA660, SDM630, SDM636, SDM660, SDM670, SDM710, SM6150, SM7150, SM8150, SXR1130

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-125

Out-of-bounds Read

CWE ID-CWE-20

Improper Input Validation

CVE-2020-11141

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-8.1||HIGH

EPSS-0.07% / 22.07%

7 Day CHG~0.00%

Published-02 Nov, 2020 | 06:21

Updated-04 Aug, 2024 | 11:28

u'Buffer over-read issue in Bluetooth estack due to lack of check for invalid length of L2cap configuration request received from peer device.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, QCA6390, QCN7605, SA415M, SA515M, SC8180X, SDX55, SM8250

Vendor-Qualcomm Technologies, Inc.

Product-sa515m_firmware sa415m qcn7605 qca6390 sa515m sm8250_firmware sdx55 sc8180x_firmware sa415m_firmware apq8053 sm8250 sdx55_firmware qca6390_firmware apq8009_firmware qcn7605_firmware apq8009 apq8053_firmware sc8180x Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

CWE ID-CWE-125

Out-of-bounds Read

CWE ID-CWE-20

Improper Input Validation

CVE-2020-11156

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-8.1||HIGH

EPSS-0.14% / 34.41%

7 Day CHG~0.00%

Published-02 Nov, 2020 | 06:21

Updated-04 Aug, 2024 | 11:28

u'Buffer over-read issue in Bluetooth estack due to lack of check for invalid length of L2cap packet received from peer device.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in QCA6390, QCN7605, QCS404, SA415M, SA515M, SC8180X, SDX55, SM8250

Vendor-Qualcomm Technologies, Inc.

Product-qcs404 sa515m_firmware sa415m qcn7605 qca6390 sa515m sm8250_firmware qcs404_firmware sdx55 sc8180x_firmware sa415m_firmware sm8250 sdx55_firmware qca6390_firmware qcn7605_firmware sc8180x Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

CWE ID-CWE-125

Out-of-bounds Read

CWE ID-CWE-20

Improper Input Validation

CVE-2020-11201

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.05% / 16.22%

7 Day CHG~0.00%

Published-12 Nov, 2020 | 10:00

Updated-04 Aug, 2024 | 11:28

Arbitrary access to DSP memory due to improper check in loaded library for data received from CPU side' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in QCM6125, QCS410, QCS603, QCS605, QCS610, QCS6125, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SDA640, SDA845, SDM640, SDM830, SDM845, SDX50M, SDX55, SDX55M, SM6125, SM6150, SM6250, SM6250P, SM7125, SM7150, SM7150P, SM8150, SM8150P

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2020-11253

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 9.79%

7 Day CHG~0.00%

Published-22 Feb, 2021 | 06:25

Updated-04 Aug, 2024 | 11:28

Arbitrary memory write issue in video driver while setting the internal buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

Vendor-Qualcomm Technologies, Inc.

Product-qfs2580 qpm5679_firmware sa6150p_firmware qpm5620_firmware qdm2307 qca6431_firmware qfs2530 qpm8870_firmware qpa8802 qpm6585_firmware qat3519 qbt2000_firmware qat5522_firmware pm8150a qtc800h qdm5670 sa8150p_firmware qca6595au_firmware sdr8250_firmware qpa5581_firmware sa6155 pm7150l qpa8821 qdm5671 pmc1000h qpm4650_firmware qat3518 sd8c qpa5580_firmware wcn3998 wcd9371_firmware smr526_firmware qdm2305_firmware qpm5670_firmware smb2351_firmware qdm5652 sd6905g qca6574au_firmware qpm8870 wcd9375_firmware wcn3998_firmware qpm5679 qbt2000 sa6155_firmware pm855p qca6420 pm6150a pmx50_firmware sdr735g pm8150b qdm3301_firmware qsm7250 sa8155_firmware qca6430 pmr735a wcd9340 sd765g qdm2308_firmware sdr660 qca6436 wcn6851 sa6155p qpa6560 sdr865 qdm5620_firmware wcd9341 qca6431 qca6696_firmware qln5020 wcd9371 sd750g pmm855au_firmware wcn3910_firmware sa8150p qpm5657 pm6350 qdm5621 wsa8830_firmware sd855_firmware qdm5650 wcn3988 sdr052 sa8195p_firmware smb1390 wcn6750_firmware qat5516_firmware pm6150l pm855l_firmware qpa8686_firmware qpm6585 wcn3991 wcd9380_firmware smb1355 qln4650 qpa8801 sdr735g_firmware qet5100 qdm5671_firmware qpa8801_firmware pm8150l_firmware qat5533_firmware sdx55m_firmware sdxr25g qpa8673_firmware pm6150 qet4101_firmware qca6574 pm7250b qln4642_firmware qpa8842 sdr052_firmware wcd9380 smb1355_firmware pm7250b_firmware smb1381 pm855p_firmware sdx50m_firmware sdr735 pm7250 smb1395 qpa8803 smr526 qca6430_firmware pmk8003 qtc801s_firmware wcn3980 sdxr25g_firmware qdm2301 wcd9340_firmware wsa8815 wcn6850 wcn3910 qdm5621_firmware qdm2301_firmware qca6426_firmware pm8009 wcn3980_firmware sd730 sdr051_firmware sdx55m qca6421_firmware pm8008 qtm525_firmware qat3518_firmware sd6905g_firmware qpm5621_firmware pm855l wcn6851_firmware qdm5670_firmware qpa6560_firmware sd8655g qpa8802_firmware pm7150a_firmware pm8150b_firmware qpm5621 qpm6582 pmc1000h_firmware pm8009_firmware qdm2310_firmware qfs2580_firmware pm8150l qdm5677 qsm8250 sa6145p pm855_firmware pmm6155au pm855b_firmware qpm6582_firmware qca6391_firmware pm8150 wcd9370_firmware qln4650_firmware qat3516_firmware sdx55 sa8155p qet4101 qat3555_firmware qat3516 qpa8803_firmware qpm5658 pm855b smb2351 qsm8250_firmware qpm5658_firmware wcn3991_firmware qdm5652_firmware wsa8830 pmm8155au_firmware sdr051 qet6110_firmware qln5030 qbt1500 qpa5581 qpa2625_firmware pmr735b_firmware qbt1500_firmware qet5100_firmware qet6100_firmware qet6100 pmm855au sd765g_firmware qpa8686 qca6420_firmware qca6390_firmware smb1396 sd730_firmware pm7150a wcd9370 pmr525_firmware qca6426 wcn3990_firmware wcd9385_firmware qdm5650_firmware qat5516 pm7250_firmware qdm5620 qpa8821_firmware pmk8002_firmware pm3003a sa8155 sdx55_firmware pmm6155au_firmware qat5533 qca6595au sm7250p_firmware qca6436_firmware qsm7250_firmware pm7150l_firmware qdm2305 sa6155p_firmware qpm8820 qat5515_firmware qln5020_firmware pm855 qpm8830_firmware pm8250 qfs2530_firmware wcn3988_firmware pmx55 sa6145p_firmware pm8150c_firmware qca6421 qdm3301 qpa8842_firmware qat3519_firmware sa8195p sdr735_firmware wsa8810_firmware qpm5677 qat5515 sd765_firmware qdm5677_firmware pm6350_firmware pm8004_firmware sdr8150_firmware wcd9385 qtc800h_firmware qpm5620 pmm8155au qln5040_firmware qca6390 wcd9375 sd750g_firmware aqt1000 qpa8673 qdm2310 pmm8195au qln5030_firmware qln4642 qpm5677_firmware wsa8815_firmware smb1396_firmware smr525_firmware wcn6850_firmware wsa8835_firmware qpm8820_firmware qet6110 qln5040 qpm8895 qpm5670 wcn3990 pmx55_firmware pm8150_firmware qpm8830 qdm2307_firmware qat5522 wsa8835 pm8150c pmr735b qpm5657_firmware pmk8003_firmware sdr660_firmware sc8180x qca6574a smb1390_firmware qdm5679_firmware smr525 wcn6750 pm6150l_firmware pmr525 pm8150a_firmware qpm4650 qtm525 qca6574_firmware sd855 sd8cx pm6150a_firmware pm6150_firmware sd765 qca6574a_firmware sd768g_firmware sdr865_firmware qat3555 pm8250_firmware qca6391 sd8cx_firmware aqt1000_firmware sd8c_firmware qpm8895_firmware sdx50m sdr8150 qtc801s smb1395_firmware sc8180x_firmware qca6574au sa8155p_firmware pm8008_firmware sd8655g_firmware wcd9341_firmware wsa8810 pmr735a_firmware qdm2308 pmx50 qdm5679 sdr8250 sd768g pm3003a_firmware qca6696 smb1381_firmware pm8004 pmk8002 qpa2625 sa6150p pmm8195au_firmware sm7250p qpa5580 Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile

CWE ID-CWE-787

Out-of-bounds Write

CWE ID-CWE-20

Improper Input Validation

CVE-2017-15845

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.02% / 4.50%

7 Day CHG~0.00%

Published-10 Jan, 2018 | 22:00

Updated-16 Sep, 2024 | 16:43

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, an invalid input of firmware size (negative value) from user space can potentially lead to the memory leak or buffer overflow during the WLAN cal data store operation.

Vendor-Qualcomm Technologies, Inc.Google LLC

Product-android Android for MSM, Firefox OS for MSM, QRD Android

CWE ID-CWE-20

Improper Input Validation

CWE ID-CWE-772

Missing Release of Resource after Effective Lifetime

CVE-2017-14908

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-9.8||CRITICAL

EPSS-0.11% / 28.27%

7 Day CHG~0.00%

Published-05 Dec, 2017 | 19:00

Updated-13 May, 2026 | 00:24

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the SafeSwitch test application does not properly validate the number of blocks to verify.

Vendor-Google LLC Qualcomm Technologies, Inc.

Product-android Android for MSM, Firefox OS for MSM, QRD Android

CWE ID-CWE-20

Improper Input Validation

CVE-2017-14913

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-9.8||CRITICAL

EPSS-0.70% / 72.31%

7 Day CHG~0.00%

Published-30 Mar, 2018 | 15:00

Updated-16 Sep, 2024 | 17:27

In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mobile MDM9206, SD 625, SD 650/52, SD 835, SD 845, DDR address input validation is being improperly truncated.

Vendor-Qualcomm Technologies, Inc.

Product-mdm9206 sd_625 sd_652 sd_835_firmware sd_625_firmware sd_650 sd_835 sd_845_firmware sd_652_firmware sd_845 mdm9206_firmware sd_650_firmware Snapdragon IoT, Snapdragon Mobile

CWE ID-CWE-20

Improper Input Validation

CVE-2016-5872

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-9.8||CRITICAL

EPSS-0.11% / 28.27%

7 Day CHG~0.00%

Published-18 Aug, 2017 | 18:00

Updated-13 May, 2026 | 00:24

In all Qualcomm products with Android releases from CAF using the Linux kernel, arguments to several QTEE syscalls are not properly validated.

Vendor-Google LLC Qualcomm Technologies, Inc.

Product-android All Qualcomm products

CWE ID-CWE-20

Improper Input Validation

CVE-2016-10387

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-9.8||CRITICAL

EPSS-0.29% / 52.26%

7 Day CHG~0.00%

Published-18 Aug, 2017 | 18:00

Updated-13 May, 2026 | 00:24

In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was potentially reachable in a handover scenario.

Vendor-Google LLC Qualcomm Technologies, Inc.

Product-android Snapdragon Mobile, Snapdragon Wear

CWE ID-CWE-20

Improper Input Validation

CVE-2016-10384

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-9.8||CRITICAL

EPSS-0.29% / 52.26%

7 Day CHG~0.00%

Published-18 Aug, 2017 | 18:00

Updated-13 May, 2026 | 00:24

In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was potentially reachable in a WLAN driver ioctl.

Vendor-Google LLC Qualcomm Technologies, Inc.

Product-android Snapdragon Mobile, Snapdragon Wear

CWE ID-CWE-20

Improper Input Validation

CVE-2016-10482

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-9.8||CRITICAL

EPSS-0.21% / 42.81%

7 Day CHG~0.00%

Published-18 Apr, 2018 | 14:00

Updated-17 Sep, 2024 | 02:11

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, while processing downlink information, an assert can be reached.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2016-10431

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-9.8||CRITICAL

EPSS-0.21% / 42.81%

7 Day CHG~0.00%

Published-18 Apr, 2018 | 14:00

Updated-16 Sep, 2024 | 20:11

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, and SD 850, TZ applications are not properly validated.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2015-9052

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-9.8||CRITICAL

EPSS-0.11% / 28.27%

7 Day CHG~0.00%

Published-18 Aug, 2017 | 18:00

Updated-13 May, 2026 | 00:24

In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in LTE where an assertion can be reached while processing a downlink message.

Vendor-Google LLC Qualcomm Technologies, Inc.

Product-android All Qualcomm products

CWE ID-CWE-20

Improper Input Validation

CVE-2015-9207

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-9.8||CRITICAL

EPSS-0.21% / 42.81%

7 Day CHG~0.00%

Published-18 Apr, 2018 | 14:00

Updated-16 Sep, 2024 | 17:53

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, and SD 810, lack of input validation in playready_getadditional_responsedata could lead to a buffer overread.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-20

Improper Input Validation

CVE-2015-9193

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-7.5||HIGH

EPSS-0.30% / 53.55%

7 Day CHG~0.00%

Published-18 Apr, 2018 | 14:00

Updated-17 Sep, 2024 | 02:47

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, improper input validation could cause a memory overread and cause the app to crash.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-20

Improper Input Validation

CVE-2015-9044

Matching Score-6

Assigner-Qualcomm, Inc.

View Details

Matching Score-6

Assigner-Qualcomm, Inc.

CVSS Score-9.8||CRITICAL

EPSS-0.11% / 28.27%

7 Day CHG~0.00%

Published-18 Aug, 2017 | 18:00

Updated-13 May, 2026 | 00:24

In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in LTE where an assertion can be reached due to an improper bound on the size of a frequency list.

Vendor-Google LLC Qualcomm Technologies, Inc.

Product-android All Qualcomm products

CWE ID-CWE-20

Improper Input Validation

CVE-2023-22382

Credits

Improper Input Validation in Automotive

Vendors

Products

Metrics (CVSS)

Weaknesses

Attack Patterns

Solution/Workaround

References

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

Stakeholder-Specific Vulnerability Categorization (SSVC)

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History

Similar CVEs