ByteOS Network

Type	CWE ID	Description
CWE	CWE-823	CWE-823 Use of Out-of-range Pointer Offset

Version	Base score	Base severity	Vector
3.1	6.7	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Hyperlink	Resource
https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin	N/A

Hyperlink	Resource
https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin	x_transferred

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Type	Version	Base score	Base severity	Vector
Primary	3.1	7.8	HIGH	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary	3.1	6.7	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE ID	Type	Source
CWE-843	Primary	nvd@nist.gov
CWE-823	Secondary	product-security@qualcomm.com

Hyperlink	Source	Resource
https://www.qualcomm.com/company/product-security/bulletins/august-2023-bulletin	product-security@qualcomm.com	Patch Vendor Advisory

CVE-2018-13916

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.09% / 27.24%

||

7 Day CHG~0.00%

Published-21 Nov, 2019 | 14:38

Updated-05 Aug, 2024 | 09:14

Out-of-bounds memory access in Qurt kernel function when using the identifier to access Qurt kernel buffer to retrieve thread data. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, IPQ8074, MDM9150, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8976, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX55, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130

Vendor-Qualcomm Technologies, Inc.

Product-mdm9150_firmware mdm9635m_firmware apq8096_firmware mdm9640_firmware qcm2150_firmware sdm632_firmware msm8996au_firmware sdm845 sdm450_firmware sdm632 apq8096 sdm439 qcs404_firmware mdm9650 sdm429 msm8940_firmware snapdragon_high_med_2016_firmware msm8909w_firmware msm8976_firmware msm8996au apq8009_firmware msm8917 sdm670 sxr2130 qcs605_firmware sc8180x mdm9206 sdm670_firmware qcs404 ipq8074 sdm636 sda845_firmware mdm9635m apq8098 qcn7605 mdm9206_firmware qcs605 msm8937_firmware mdm9650_firmware sdm429_firmware msm8905_firmware sda660 sdx55_firmware sxr1130_firmware qca8081_firmware sxr1130 msm8909w apq8009 msm8909_firmware apq8053_firmware sda845 nicobar sdm850_firmware msm8920 msm8953 sdm450 sdm636_firmware sdm845_firmware apq8098_firmware sdx20 msm8998_firmware qcm2150 msm8920_firmware sdm630 mdm9607_firmware sm8250_firmware mdm9655_firmware sdm660 sc8180x_firmware qcs405 ipq8074_firmware sdm710 qm215 mdm9607 apq8017_firmware sdm710_firmware qcn7605_firmware qca8081 mdm9150 msm8937 msm8996_firmware msm8905 snapdragon_high_med_2016 sm8150_firmware msm8909 sxr2130_firmware mdm9655 apq8096au sdm439_firmware qcs405_firmware sdm630_firmware sda660_firmware qm215_firmware msm8976 sdx55 msm8953_firmware msm8940 apq8053 apq8096au_firmware sm8250 msm8917_firmware msm8998 sm8150 sdx20_firmware sdm850 apq8017 msm8996 nicobar_firmware sdm660_firmware mdm9640 Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2020-3635

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.04% / 12.10%

||

7 Day CHG~0.00%

Published-22 Jun, 2020 | 07:10

Updated-04 Aug, 2024 | 07:37

Stack based overflow If the maximum number of arguments allowed per request in perflock exceeds in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096AU, APQ8098, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, Saipan, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Vendor-Qualcomm Technologies, Inc.

Product-qcm2150_firmware sdm429w msm8996au_firmware sdm632_firmware sdm845 sdm450_firmware sdm632 sdm439 sdm429 msm8940_firmware sm7150_firmware sm6150 msm8909w_firmware msm8996au sdm429w_firmware sm7150 msm8917 sdm670 sxr2130 qcs605_firmware sdm670_firmware sdm636 apq8098 qcs605 msm8937_firmware sdm429_firmware sxr1130_firmware sxr1130 msm8909w apq8053_firmware nicobar msm8920 msm8953 sdm450 sdm636_firmware apq8098_firmware msm8998_firmware qcm2150 msm8920_firmware sdm630 sdm660 sm8250_firmware sdm710 qm215 sdm710_firmware msm8937 sm8150_firmware sxr2130_firmware apq8096au sdm439_firmware rennell sdm630_firmware rennell_firmware qm215_firmware msm8940 apq8053 apq8096au_firmware msm8953_firmware saipan_firmware msm8917_firmware sm6150_firmware msm8998 sm8150 sm8250 nicobar_firmware saipan sdm660_firmware sdm845_firmware Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

CWE ID-CWE-787

Out-of-bounds Write

CVE-2020-3690

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 7.80%

||

7 Day CHG~0.00%

Published-02 Nov, 2020 | 06:21

Updated-04 Aug, 2024 | 07:44

u'Due to an incorrect SMMU configuration, the modem crypto engine can potentially compromise the hypervisor' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Agatti, Bitra, Kamorta, Nicobar, QCA6390, QCS404, QCS605, QCS610, Rennell, SA415M, SA515M, SA6155P, SA8155P, Saipan, SC7180, SC8180X, SDA845, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Vendor-Qualcomm Technologies, Inc.

CVE-2020-3638

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 7.60%

||

7 Day CHG~0.00%

Published-02 Nov, 2020 | 06:21

Updated-04 Aug, 2024 | 07:37

u'An Unaligned address or size can propagate to the database due to improper page permissions and can lead to improper access control' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Agatti, Bitra, Kamorta, QCA6390, QCS404, QCS610, Rennell, SA515M, SC7180, SC8180X, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

CVE-2020-3678

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.16% / 37.46%

||

7 Day CHG~0.00%

Published-02 Nov, 2020 | 06:21

Updated-04 Aug, 2024 | 07:44

u'A buffer overflow could occur if the API is improperly used due to UIE init does not contain a buffer size a param' in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Agatti, Kamorta, QCS404, QCS605, SDA845, SDM670, SDM710, SDM845, SXR1130

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2020-3684

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.02% / 2.94%

||

7 Day CHG~0.00%

Published-02 Nov, 2020 | 06:21

Updated-04 Aug, 2024 | 07:44

u'QSEE reads the access permission policy for the SMEM TOC partition from the SMEM TOC contents populated by XBL Loader and applies them without validation' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Agatti, APQ8009, APQ8098, Bitra, IPQ6018, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8998, Nicobar, QCA6390, QCS404, QCS405, QCS605, QCS610, Rennell, SA415M, SA515M, SA6155P, SA8155P, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Vendor-Qualcomm Technologies, Inc.

Product-mdm9150_firmware kamorta_firmware qcs610 sdm845 sdx24 qcs404_firmware mdm9650 sm7150_firmware sm6150 agatti_firmware sm7150 qca6390_firmware apq8009_firmware sdm670 sxr2130 qcs605_firmware sc8180x mdm9206 sdm670_firmware qcs404 sdx24_firmware sdm636 sda845_firmware sa415m bitra apq8098 ipq6018_firmware mdm9205 mdm9206_firmware sa515m qcs605 bitra_firmware mdm9650_firmware msm8905_firmware sda660 sdx55_firmware sxr1130_firmware sxr1130 apq8009 agatti sda845 nicobar sdm850_firmware sa6155p_firmware sdm636_firmware sa515m_firmware apq8098_firmware sdx20 msm8998_firmware sdm660 sdm630 mdm9607_firmware sm8250_firmware sc8180x_firmware sa415m_firmware qcs405 sa8155p_firmware sc7180_firmware sdm710 mdm9607 sdm710_firmware sa6155p qcs610_firmware mdm9150 msm8905 ipq6018 sm8150_firmware sxr2130_firmware qcs405_firmware rennell sc7180 sdm630_firmware mdm9205_firmware sda660_firmware rennell_firmware qca6390 sdx55 saipan_firmware sm6150_firmware sa8155p sm8250 msm8998 sm8150 sdx20_firmware sdm850 kamorta saipan nicobar_firmware sdm660_firmware sdm845_firmware Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

CVE-2020-3696

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.04% / 12.67%

||

7 Day CHG~0.00%

Published-02 Nov, 2020 | 06:21

Updated-04 Aug, 2024 | 07:44

u'Use after free while installing new security rule in ipcrtr as old one is deleted and this rule could still be in use for checking security permission for particular process' in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909W, MSM8996AU, QCA4531, QCA6574AU, QCA9531, QCM2150, QCS605, SDM429W, SDX20, SDX24

CWE ID-CWE-416

Use After Free

CVE-2020-3636

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.04% / 12.10%

||

7 Day CHG~0.00%

Published-08 Sep, 2020 | 09:31

Updated-04 Aug, 2024 | 07:37

u'Out of bound writes happen when accessing usage_table header entry beyond the memory allocated for the header' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, QCS610, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130

CVE-2020-3630

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.04% / 12.10%

||

7 Day CHG~0.00%

Published-02 Jun, 2020 | 15:05

Updated-04 Aug, 2024 | 07:37

Possibility of out of bound access while processing the responses from video firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8917, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS405, QCS605, QM215, Rennell, SA415M, SA6155P, Saipan, SC8180X, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Vendor-Qualcomm Technologies, Inc.

Product-mdm9150_firmware kamorta_firmware qcm2150_firmware mdm9640_firmware sdm429w msm8996au_firmware sdm632_firmware sdm845 sdm450_firmware sdm632 sdx24 sdm439 mdm9650 sdm429 sm7150_firmware sm6150 msm8909w_firmware msm8996au sdm429w_firmware sm7150 apq8009_firmware msm8917 sdm670 sxr2130 qcs605_firmware sc8180x mdm9206 sdm670_firmware sdx24_firmware sdm636 sa415m apq8098 mdm9206_firmware qcs605 sdm429_firmware mdm9650_firmware sda660 sdx55_firmware sxr1130_firmware sxr1130 msm8909w apq8009 apq8053_firmware nicobar sa6155p_firmware msm8953 sdm450 sdm636_firmware sdm845_firmware apq8098_firmware sdx20 msm8998_firmware qcm2150 sdm660 sdm630 mdm9607_firmware sm8250_firmware sc8180x_firmware sa415m_firmware qcs405 sdm710 qm215 mdm9607 sdm710_firmware sa6155p mdm9150 mdm9207c_firmware msm8996_firmware mdm9207c sm8150_firmware sxr2130_firmware apq8096au sdm439_firmware qcs405_firmware rennell sdm630_firmware sda660_firmware rennell_firmware qm215_firmware sdx55 msm8953_firmware apq8053 saipan_firmware sm6150_firmware apq8096au_firmware msm8917_firmware sm8250 msm8998 sm8150 sdx20_firmware kamorta msm8996 saipan nicobar_firmware sdm660_firmware mdm9640 Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

CWE ID-CWE-129

Improper Validation of Array Index

CVE-2020-3693

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.05% / 14.23%

||

7 Day CHG~0.00%

Published-02 Nov, 2020 | 06:21

Updated-04 Aug, 2024 | 07:44

u'Use out of range pointer issue can occur due to incorrect buffer range check during the execution of qseecom.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8098, Bitra, MSM8909W, MSM8996AU, Nicobar, QCM2150, QCS605, Saipan, SDM429W, SDX20, SM6150, SM8150, SM8250, SXR2130

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2020-3632

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 7.80%

||

7 Day CHG~0.00%

Published-12 Nov, 2020 | 10:00

Updated-04 Aug, 2024 | 07:37

u'Incorrect validation of ring context fetched from host memory can lead to memory overflow' in Snapdragon Compute, Snapdragon Mobile in QSM8350, SC7180, SDX55, SDX55M, SM6150, SM6250, SM6250P, SM7125, SM7150, SM7150P, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P

CWE ID-CWE-129

Improper Validation of Array Index

CVE-2020-3647

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.05% / 16.83%

||

7 Day CHG~0.00%

Published-08 Sep, 2020 | 09:31

Updated-04 Aug, 2024 | 07:37

u'Potential buffer overflow when accessing npu debugfs node "off"/"log" with large buffer size' in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607, QCS405, SC8180X, SDX55, SM6150, SM7150, SM8150

Vendor-Qualcomm Technologies, Inc.

Product-qcs405 sm7150_firmware sm6150_firmware sm6150 sdx55 mdm9607 sm8150_firmware sm8150 qcs405_firmware sdx55_firmware sm7150 mdm9607_firmware sc8180x sc8180x_firmware Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

CWE ID-CWE-787

Out-of-bounds Write

CVE-2020-3625

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 7.80%

||

7 Day CHG~0.00%

Published-02 Jun, 2020 | 15:05

Updated-04 Aug, 2024 | 07:37

When making query to DSP capabilities, Stack out of bounds occurs due to wrong buffer length configured for DSP attributes in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile in SM8250, SXR2130

Vendor-Qualcomm Technologies, Inc.

Product-sm8250 sxr2130 sm8250_firmware sxr2130_firmware Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2020-3676

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.13% / 33.15%

||

7 Day CHG~0.00%

Published-22 Jun, 2020 | 07:10

Updated-04 Aug, 2024 | 07:44

Possible memory corruption in perfservice due to improper validation array length taken from user application. in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8096AU, APQ8098, Kamorta, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, Saipan, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

CWE ID-CWE-787

Out-of-bounds Write

CWE ID-CWE-20

Improper Input Validation

CVE-2020-3656

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 7.80%

||

7 Day CHG~0.00%

Published-09 Sep, 2020 | 06:25

Updated-04 Aug, 2024 | 07:44

Out of bound access can happen in MHI command process due to lack of check of command channel id value received from MHI devices in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, Kamorta, MDM9607, MSM8917, MSM8953, Nicobar, QCM2150, QCS405, QCS605, QM215, Rennell, SA6155P, SA8155P, Saipan, SC8180X, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM710, SDM845, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2020-3646

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.05% / 16.83%

||

7 Day CHG~0.00%

Published-08 Sep, 2020 | 09:31

Updated-04 Aug, 2024 | 07:37

u'Buffer overflow seen as the destination buffer size is lesser than the source buffer size in video application' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Bitra, MSM8909W, QCM2150, QCS405, QCS605, Saipan, SC8180X, SDA845, SDM429W, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2020-3624

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.05% / 16.83%

||

7 Day CHG~0.00%

Published-08 Sep, 2020 | 09:31

Updated-04 Aug, 2024 | 07:37

u'A potential buffer overflow exists due to integer overflow when parsing handler options due to wrong data type usage in operation' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, MDM9207C, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCN7605, QCS605, QCS610, QM215, Rennell, SA415M, SA515M, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

Vendor-Qualcomm Technologies, Inc.

Product-mdm9150_firmware kamorta_firmware mdm9635m_firmware mdm9640_firmware qcm2150_firmware qcs610 sdm429w msm8996au_firmware sdm632_firmware sdm845 sdm450_firmware sdm632 sdx24 sdm439 mdm9650 sdm429 msm8940_firmware sm7150_firmware sm6150 msm8909w_firmware msm8996au mdm9645 sdm429w_firmware sm7150 apq8009_firmware msm8917 sdm670 qcs605_firmware sc8180x mdm9206 sdm670_firmware sdx24_firmware sdm636 sda845_firmware sa415m mdm9635m apq8098 qcn7605 mdm9615 mdm9205 mdm9206_firmware sa515m qcs605 msm8937_firmware mdm9650_firmware sdm429_firmware msm8905_firmware sda660 sdx55_firmware sxr1130_firmware sxr1130 msm8909w apq8009 msm8909_firmware apq8053_firmware sda845 nicobar sdm850_firmware msm8920 msm8953 sdm450 sdm636_firmware sdm845_firmware sa515m_firmware apq8098_firmware sdx20 msm8998_firmware qcm2150 msm8920_firmware sdm630 mdm9607_firmware sdm660 mdm9655_firmware sc8180x_firmware sa415m_firmware sdm710 qm215 sc7180_firmware mdm9607 mdm9645_firmware apq8017_firmware mdm9625_firmware sdm710_firmware qcn7605_firmware qcs610_firmware mdm9150 msm8937 mdm9207c_firmware msm8905 mdm9207c sm8150_firmware msm8909 mdm9655 apq8096au sdm439_firmware rennell sc7180 sdm630_firmware mdm9205_firmware sda660_firmware mdm9625 rennell_firmware qm215_firmware sdx55 msm8953_firmware msm8940 saipan_firmware sm6150_firmware apq8053 msm8917_firmware apq8096au_firmware msm8998 sm8150 sdx20_firmware sdm850 mdm9615_firmware kamorta apq8017 saipan nicobar_firmware sdm660_firmware mdm9640 Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

CWE ID-CWE-190

Integer Overflow or Wraparound

CVE-2020-3648

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.04% / 12.10%

||

7 Day CHG~0.00%

Published-08 Sep, 2020 | 09:31

Updated-04 Aug, 2024 | 07:37

u'Possible out of bound write in DSP driver code due to lack of check of data received from user' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W

Vendor-Qualcomm Technologies, Inc.

Product-msm8909w_firmware msm8909w Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

CWE ID-CWE-787

Out-of-bounds Write

CWE ID-CWE-20

Improper Input Validation

CVE-2020-3694

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.05% / 14.23%

||

7 Day CHG~0.00%

Published-02 Nov, 2020 | 06:21

Updated-04 Aug, 2024 | 07:44

u'Use out of range pointer issue can occur due to incorrect buffer range check during the execution of qseecom' in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Voice & Music in Bitra, Nicobar, Saipan, SM6150, SM8150, SM8250, SXR2130

Vendor-Qualcomm Technologies, Inc.

Product-sxr2130 saipan_firmware sm6150_firmware sm6150 sm8250 bitra_firmware sm8150_firmware sm8150 sxr2130_firmware bitra nicobar_firmware saipan sm8250_firmware nicobar Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Voice & Music

CVE-2020-3701

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.10% / 27.67%

||

7 Day CHG~0.00%

Published-30 Jul, 2020 | 11:40

Updated-04 Aug, 2024 | 07:44

Use after free issue while processing error notification from camx driver due to not properly releasing the sequence data in Snapdragon Mobile in Saipan, SM8250, SXR2130

Vendor-Qualcomm Technologies, Inc.

Product-saipan_firmware sm8250 sxr2130_firmware saipan sxr2130 sm8250_firmware Snapdragon Mobile

CWE ID-CWE-416

Use After Free

CVE-2020-3640

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 7.80%

||

7 Day CHG~0.00%

Published-08 Sep, 2020 | 09:31

Updated-04 Aug, 2024 | 07:37

u'Resizing the usage table header before passing all the checks leads to the function exiting with a usage table in invalid state when a HLOS adversary calls the function with wrong input' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Bitra, Kamorta, QCS404, QCS610, Rennell, Saipan, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130

CWE ID-CWE-131

Incorrect Calculation of Buffer Size

CVE-2020-3629

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.04% / 12.10%

||

7 Day CHG~0.00%

Published-08 Sep, 2020 | 09:31

Updated-04 Aug, 2024 | 07:37

u'Stack out of bound issue occurs when making query to DSP capabilities due to wrong assumption was made on determining the buffer size for the DSP attributes' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Bitra, Kamorta, Rennell, SC7180, SDM845, SM6150, SM7150, SM8150, SM8250, SXR2130

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2020-3666

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.09% / 27.24%

||

7 Day CHG~0.00%

Published-08 Sep, 2020 | 09:31

Updated-04 Aug, 2024 | 07:44

u'Out of bounds memory access during memory copy while processing Host command' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8996AU, MSM8998, QCA6174A, QCA6574, QCA6574AU, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9531, QCA9558, QCA9563, QCA9880, QCA9886, QCA9980, QCN5500, QCN5502, QCS404, QCS405, QCS605, SA6155P, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SXR1130

Vendor-Qualcomm Technologies, Inc.

Product-qca9377_firmware qcn5500 mdm9640_firmware qca9980_firmware msm8996au_firmware sdm845 sdx24 qca9563_firmware qcs404_firmware mdm9650 qca9558 qca9558_firmware qca6574 msm8996au qca9880_firmware apq8009_firmware sdm670 qcs605_firmware ipq4019_firmware mdm9206 qca9379_firmware qca6174a sdm670_firmware qcs404 sdx24_firmware qca6584au_firmware ipq8074 sdm636 sda845_firmware qca9377 apq8098 ipq6018_firmware mdm9206_firmware qca9563 qca6574_firmware qca9886 qcn5502_firmware qcs605 mdm9650_firmware qca6574au_firmware ipq8064 sxr1130_firmware qca8081_firmware sxr1130 apq8009 apq8053_firmware ipq8064_firmware sda845 sdm850_firmware qca6584au sa6155p_firmware sdm636_firmware sdm845_firmware apq8098_firmware sdx20 msm8998_firmware sdm660 sdm630 mdm9607_firmware qcn5502 qcs405 qca9531 ipq8074_firmware qca6574au sdm710 mdm9607 qca9980 apq8017_firmware sdm710_firmware qca9880 sa6155p qcn5500_firmware qca8081 mdm9207c_firmware ipq6018 mdm9207c qca6174a_firmware qca9886_firmware apq8096au qcs405_firmware sdm630_firmware ipq4019 apq8053 apq8096au_firmware msm8998 sdx20_firmware sdm850 qca9531_firmware apq8017 qca9379 sdm660_firmware mdm9640 Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

CWE ID-CWE-787

Out-of-bounds Write

CVE-2020-3613

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.10% / 28.53%

||

7 Day CHG~0.00%

Published-22 Jun, 2020 | 07:10

Updated-04 Aug, 2024 | 07:37

Double free issue in kernel memory mapping due to lack of memory protection mechanism in Snapdragon Compute, Snapdragon Mobile, Snapdragon Voice & Music in SM8150

Vendor-Qualcomm Technologies, Inc.

Product-sm8150 sm8150_firmware Snapdragon Compute, Snapdragon Mobile, Snapdragon Voice & Music

CWE ID-CWE-415

Double Free

CVE-2020-3611

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.04% / 12.10%

||

7 Day CHG~0.00%

Published-08 Sep, 2020 | 09:31

Updated-04 Aug, 2024 | 07:37

u'XBL SEC clears only ZI region when loading Qualcomm-signed segments can lead to improper access issue' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in APQ8098, Kamorta, MSM8998, QCS404, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SXR1130

CVE-2020-3616

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 8.51%

||

7 Day CHG~0.00%

Published-02 Jun, 2020 | 15:05

Updated-04 Aug, 2024 | 07:37

Buffer overflow in display function due to memory copy without checking length of size using strcpy function in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8909W, MSM8917, MSM8953, MSM8996AU, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SM6150, SM7150, SM8150

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2020-3623

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 7.80%

||

7 Day CHG~0.00%

Published-02 Jun, 2020 | 15:05

Updated-04 Aug, 2024 | 07:37

kernel failure due to load failures while running v1 path directly via kernel in Snapdragon Mobile in SM8250, SXR2130

Vendor-Qualcomm Technologies, Inc.

Product-sm8250 sxr2130 sm8250_firmware sxr2130_firmware Snapdragon Mobile

CWE ID-CWE-20

Improper Input Validation

CVE-2020-3622

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.05% / 15.20%

||

7 Day CHG~0.00%

Published-08 Sep, 2020 | 09:31

Updated-04 Aug, 2024 | 07:37

u'Channel name string which has been read from shared memory is potentially subjected to string manipulations but not validated for NULL termination can results into memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Bitra, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SA415M, SA6155P, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Vendor-Qualcomm Technologies, Inc.

Product-mdm9150_firmware mdm9640_firmware qcs610 sdm632 sdm450_firmware qcs404_firmware mdm9650 mdm9645 apq8009_firmware msm8917 sdm670 qcs605_firmware sda845_firmware sa415m bitra apq8098 qcn7605 mdm9206_firmware bitra_firmware msm8905_firmware sda660 sdx55_firmware qca8081_firmware sxr1130 apq8053_firmware sda845 sa6155p_firmware sdm450 sdm636_firmware apq8098_firmware msm8998_firmware sdm630 mdm9607_firmware sm8250_firmware mdm9655_firmware sa415m_firmware qcs405 qm215 sc7180_firmware apq8017_firmware sdm710_firmware sa6155p qca8081 msm8937 msm8905 sm8150_firmware msm8909 sxr2130_firmware mdm9655 rennell sc7180 msm8953_firmware saipan_firmware sm6150_firmware msm8917_firmware msm8998 sm8150 sdx20_firmware sdm850 kamorta apq8017 msm8996 saipan mdm9640 kamorta_firmware qcm2150_firmware sdm429w msm8996au_firmware sdm632_firmware sdm845 sdx24 sdm439 sdm429 msm8940_firmware sm7150_firmware sm6150 msm8996au sdm429w_firmware sm7150 sxr2130 sc8180x mdm9206 sdm670_firmware qcs404 sdx24_firmware ipq8074 sdm636 ipq6018_firmware mdm9205 qcs605 msm8937_firmware mdm9650_firmware sdm429_firmware sxr1130_firmware apq8009 msm8909_firmware nicobar sdm850_firmware msm8920 msm8953 sdx20 qcm2150 sdm660 msm8920_firmware sc8180x_firmware ipq8074_firmware sdm710 mdm9607 mdm9645_firmware qcn7605_firmware qcs610_firmware mdm9150 msm8996_firmware ipq6018 apq8096au sdm439_firmware qcs405_firmware sdm630_firmware mdm9205_firmware sda660_firmware rennell_firmware qm215_firmware sdx55 msm8940 apq8053 sm8250 apq8096au_firmware nicobar_firmware sdm660_firmware sdm845_firmware Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

CWE ID-CWE-787

Out-of-bounds Write

CVE-2020-3618

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 7.80%

||

7 Day CHG~0.00%

Published-02 Jun, 2020 | 15:05

Updated-04 Aug, 2024 | 07:37

NULL exception due to accessing bad pointer while posting events on RT FIFO in Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ6018, IPQ8074, QCA8081, SC8180X, SXR2130

Vendor-Qualcomm Technologies, Inc.

Product-ipq6018 ipq8074_firmware sxr2130_firmware ipq8074 qca8081_firmware ipq6018_firmware qca8081 sxr2130 sc8180x sc8180x_firmware Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

CWE ID-CWE-416

Use After Free

CVE-2018-11980

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.12% / 31.78%

||

7 Day CHG~0.00%

Published-18 Dec, 2019 | 05:25

Updated-05 Aug, 2024 | 08:24

When a fake broadcast/multicast 11w rmf without mmie received, since no proper length check in wma_process_bip, buffer overflow will happen in both cds_is_mmie_valid and qdf_nbuf_trim_tail in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8937, MSM8996AU, MSM8998, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS605, SDM630, SDM636, SDM660, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2022-33218

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-8.2||HIGH

EPSS-0.04% / 9.88%

||

7 Day CHG~0.00%

Published-06 Jan, 2023 | 05:02

Updated-09 Apr, 2025 | 19:52

Improper Input Validation in Automotive

Memory corruption in Automotive due to improper input validation.

CWE ID-CWE-787

Out-of-bounds Write

CVE-2018-11952

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.02% / 4.11%

||

7 Day CHG~0.00%

Published-26 Nov, 2024 | 08:55

Updated-09 Jan, 2025 | 20:39

Improper Authentication in TrustZone

An image with a version lower than the fuse version may potentially be booted lead to improper authentication.

CWE ID-CWE-287

Improper Authentication

CVE-2018-11816

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.02% / 4.51%

||

7 Day CHG~0.00%

Published-26 Nov, 2024 | 13:56

Updated-06 Feb, 2025 | 16:41

Use After Free in Video

Crafted Binder Request Causes Heap UAF in MediaServer

CWE ID-CWE-416

Use After Free

CVE-2020-25859

Matching Score-8

Assigner-JFrog

View Details

Matching Score-8

Assigner-JFrog

CVSS Score-6.7||MEDIUM

EPSS-0.08% / 24.34%

||

7 Day CHG~0.00%

Published-15 Oct, 2020 | 15:12

Updated-04 Aug, 2024 | 15:49

The QCMAP_CLI utility in the Qualcomm QCMAP software suite prior to versions released in October 2020 uses a system() call without validating the input, while handling a SetGatewayUrl() request. A local attacker with shell access can pass shell metacharacters and run arbitrary commands. If QCMAP_CLI can be run via sudo or setuid, this also allows elevating privileges to root. This version of QCMAP is used in many kinds of networking devices, primarily mobile hotspots and LTE routers.

Vendor-n/a Qualcomm Technologies, Inc.

Product-qcmap Qualcomm QCMAP

CWE ID-CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CVE-2017-9711

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.02% / 3.93%

||

7 Day CHG~0.00%

Published-22 Nov, 2024 | 09:09

Updated-25 Nov, 2024 | 19:10

Permissions, Privileges, and Access Controls in Data

Certain unprivileged processes are able to perform IOCTL calls.

CWE ID-CWE-264

Not Available

CVE-2017-8246

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 7.33%

||

7 Day CHG~0.00%

Published-12 May, 2017 | 20:00

Updated-20 Apr, 2025 | 01:37

In function msm_pcm_playback_close() in all Android releases from CAF using the Linux kernel, prtd is assigned substream->runtime->private_data. Later, prtd is freed. However, prtd is not sanitized and set to NULL, resulting in a dangling pointer. There are other functions that access the same memory (substream->runtime->private_data) with a NULL check, such as msm_pcm_volume_ctl_put(), which means this freed memory could be used.

Vendor-Google LLC Qualcomm Technologies, Inc.

Product-android Android for MSM, Firefox OS for MSM, QRD Android

CWE ID-CWE-416

Use After Free

CVE-2017-8245

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.04% / 11.24%

||

7 Day CHG~0.00%

Published-12 May, 2017 | 20:00

Updated-20 Apr, 2025 | 01:37

In all Android releases from CAF using the Linux kernel, while processing a voice SVC request which is nonstandard by specifying a payload size that will overflow its own declared size, an out of bounds memory copy occurs.

Vendor-Google LLC Qualcomm Technologies, Inc.

Product-android Android for MSM, Firefox OS for MSM, QRD Android

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2020-11130

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.05% / 16.83%

||

7 Day CHG~0.00%

Published-12 Nov, 2020 | 10:00

Updated-04 Aug, 2024 | 11:21

u'Possible buffer overflow in WIFI hal process due to copying data without checking the buffer length' in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile in QCM4290, QCS4290, QM215, QSM8350, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SC8180X, SC8180XP, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6250, SM6350, SM7125, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2018-11838

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.03% / 7.80%

||

7 Day CHG~0.00%

Published-05 Mar, 2020 | 08:56

Updated-05 Aug, 2024 | 08:17

Possible double free issue in WLAN due to lack of checking memory free condition. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, MDM9640, SDA660, SDM636, SDM660, SDX20

Vendor-Qualcomm Technologies, Inc.

Product-apq8053 mdm9640_firmware sdx20_firmware sdm636_firmware sdm636 sda660 sda660_firmware sdx20 sdm660 apq8053_firmware sdm660_firmware mdm9640 Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

CWE ID-CWE-415

Double Free

CVE-2020-11165

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.04% / 11.48%

||

7 Day CHG~0.00%

Published-09 Jun, 2021 | 05:00

Updated-04 Aug, 2024 | 11:28

Memory corruption due to buffer overflow while copying the message provided by HLOS into buffer without validating the length of buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

Vendor-Qualcomm Technologies, Inc.

Product-qfs2580 qpm5679_firmware sa6150p_firmware sm6250p_firmware qcs610 qpm5620_firmware qdm2307 qca6431_firmware qfs2608_firmware qfs2530 qpm8870_firmware qpa8802 wcd9360_firmware qpa8688 pm6125 qpm6585_firmware qat3519 qbt2000_firmware qat5522_firmware wcn3950_firmware pm8150a qtc800h qdm5670 sa8150p_firmware qca6595au_firmware qcs2290 qpa5581_firmware sa6155 sdr8250_firmware pm7150l qpa8821 pm8998_firmware sd_675_firmware qdm5671 wtr5975_firmware qpm4650_firmware qat3518 pm456_firmware qpa5580_firmware sdr425_firmware wcn3998 wcd9371_firmware smr526_firmware wcn3950 sm4125 sd720g qpa5460 pm640a_firmware wgr7640_firmware qdm2305_firmware qpm5670_firmware qsw8574_firmware sd710_firmware sd460_firmware qdm5652 qca6574au_firmware qpa4360_firmware qpm8870 wcd9375_firmware wcn3998_firmware qpm5679 qbt2000 sa6155_firmware pm855p qca6420 wcd9360 pm6150a qpm6670_firmware pmx50_firmware qpa8675_firmware whs9410_firmware sdr735g qpa5460_firmware pm660_firmware wcn3999 pm8150b qdm3301_firmware qsm7250 sa8155_firmware sd662_firmware qcs405 qca6430 qat3522 pmr735a wcd9340 sdm830_firmware sd765g qdm2308_firmware sdr660 qca6436 wcn6851 sa6155p qpa6560 qfs2630_firmware sdr675_firmware sdr865 qdm5620_firmware wcd9341 qdm4643_firmware qca6431 qca6696_firmware qln5020 wcd9371 qet4100_firmware sd750g pmm855au_firmware wcn3910_firmware sm4350_firmware sd_8cx sa8150p qpm5657 pm6350 qdm5621 qtc800s qpm5875_firmware wsa8830_firmware sd855_firmware sd865_5g_firmware qdm5650 wcn3988 wtr3925 pm640p_firmware sdr052 sa8195p_firmware smb1390 wcn6750_firmware qat5516_firmware pm6150l pm855l_firmware qet4100 qpa8686_firmware qpm6585 qtc410s wcn3991 wcd9380_firmware smb1355 qln4650 qpa8801 sdr735g_firmware wgr7640 qat5568 qet5100 qdm5671_firmware qpa8801_firmware pm8150l_firmware qat5533_firmware sdx55m_firmware pm8005_firmware qpa8673_firmware pm6150 qet4101_firmware smb1354_firmware sd670_firmware qca6574 pm7250b qln4642_firmware qfs2630 qpa8842 sdr052_firmware wcd9380 smb1355_firmware pm7250b_firmware pmd9655_firmware smb1351_firmware qln4640 qcs410 pmk8350_firmware smb1381 pm855p_firmware sd690_5g_firmware sdx50m_firmware sdr735 pm7250 smb1395 pm660l qpa8803 sdx24_firmware smr526 wtr5975 qca6430_firmware pmk8003 qtc801s_firmware wcn3980 qat3522_firmware qdm2301 wcd9340_firmware wsa8815 wcn6850 sd7c wcn3910 qdm5621_firmware qdm2301_firmware sd_8c_firmware qca6426_firmware pm8350_firmware qca9984 pm8009 wcn3980_firmware qpa8675 sd730 sdr051_firmware pm660l_firmware sdx55m pm6250_firmware qca6421_firmware pm8008 pm8350b_firmware qtm525_firmware qat3518_firmware qsw8574 pmi8998 qpm5621_firmware pm855l wcn6851_firmware qdm5670_firmware qpa6560_firmware qpa8802_firmware qln4640_firmware pm7150a_firmware pm8150b_firmware qpm5621 qpm6582 sd670 pm8009_firmware qdm2310_firmware qfs2580_firmware qcm4290_firmware pm8150l pmi8998_firmware qcs610_firmware qdm5677 pm8005 qsm8250 sa6145p pm855_firmware pmm6155au pm855b_firmware qcs405_firmware qpm6582_firmware wtr2965 qca6391_firmware pm640l_firmware wcd9370_firmware qln4650_firmware qat3516_firmware qpm5875 sdx55 qet5100m sa8155p sd675 qet4101 qat3555_firmware qat3516 qpa8803_firmware qpm5658 pm855b ar8035_firmware qcm2290 qsm8250_firmware qpm5658_firmware qpm5870 wcn3991_firmware qdm5652_firmware wsa8830 pmm8155au_firmware pm660 qet6110_firmware sdr051 qln5030 pm6125_firmware qcs2290_firmware qbt1500 pm4125 qpa5581 pmi632 qpa2625_firmware pm456 sd7c_firmware pm8350bh_firmware pmr735b_firmware pmx24_firmware qbt1500_firmware qet5100_firmware qpm5870_firmware qpm4621 qet6100_firmware qcs4290 qet6100 pmm855au sd765g_firmware qpa8686 qca6420_firmware qca6390_firmware sd690_5g smb1396 pm7150a sd730_firmware wcd9370 sd675_firmware pm8350 qpa5461_firmware sdr425 pm8350c_firmware pmr525_firmware qca6426 wcn3990_firmware qca9984_firmware qpm5641 pmi632_firmware sd_8cx_firmware wcd9385_firmware qdm5650_firmware sdxr2_5g_firmware wcd9326_firmware whs9410 qat5516 pm7250_firmware qdm5620 sd662 qpa8821_firmware pm8350bh pmk8002_firmware pm3003a sa8155 qdm4650_firmware sdx55_firmware pmm6155au_firmware qat5533 qca6595au wcn3999_firmware sm7250p_firmware qca6436_firmware qsm7250_firmware qpm6670 smb1354 pm7150l_firmware qdm2305 sa6155p_firmware qpm8820 qpm4641 qat5515_firmware qln5020_firmware pm855 qpm8830_firmware sdxr2_5g pm8250 smb1398 qdm4643 qfs2530_firmware wcn3988_firmware pmx55 qpm4641_firmware sa6145p_firmware sdr675 pm8150c_firmware qca6421 qdm3301 qpa8842_firmware qat3519_firmware sa8195p sdr735_firmware sm6250 qpm5677 qat5515 wsa8810_firmware sd765_firmware wcd9326 qdm5677_firmware pm6350_firmware pm8004_firmware sdr8150_firmware qcs4290_firmware wcd9385 qtc800h_firmware qpm5620 qat3550_firmware pmm8155au qpm4630 qln5040_firmware qca6390 wcd9375 sd750g_firmware aqt1000 pm4125_firmware ar8035 sm6250_firmware pmm8195au qpa8673 qdm2310 qln4642 qln5030_firmware qpm5677_firmware wsa8815_firmware sd888_5g_firmware smr525_firmware pm8998 wtr3925_firmware smb1396_firmware qpm8820_firmware wcn6850_firmware wsa8835_firmware qpm6621_firmware pmx24 qet6110 qln5040 qcm2290_firmware qpm8895 qpm5670 wcn3990 sd_675 pmx55_firmware sd865_5g pmk8350 sdx24 smb1398_firmware qpm8830 pm8350b qat5522 qdm2307_firmware wsa8835 pm8150c pmr735b sd665_firmware qpm5657_firmware sd888_5g sm6250p qpa4360 pmk8003_firmware sdr660_firmware qca6574a qpm4640_firmware smb1390_firmware qdm5679_firmware pm8350c smr525 qpm4640 wcn6750 pm6150l_firmware pmr525 pm8150a_firmware qet5100m_firmware qpm4650 qtm525 qca6574_firmware sd855 sm4125_firmware sd665 pm6150a_firmware pm6150_firmware sd765 pm640p qca6574a_firmware qpm4630_firmware sd768g_firmware sdr865_firmware qat3555 pm8250_firmware sd460 qca6391 smb1351 qpa5461 aqt1000_firmware qpm8895_firmware wtr2965_firmware qcm4290 sdx50m pm640a sdr8150 qfs2608 qtc801s smb1395_firmware qdm4650 pmd9655 qca6574au qpm5641_firmware sd710 sa8155p_firmware pm8008_firmware wcd9341_firmware qpm6621 wsa8810 qtc410s_firmware pmr735a_firmware qat5568_firmware qdm2308 pmx50 qat3550 qdm5679 sd_8c sdr8250 sd768g pm3003a_firmware qca6696 qtc800s_firmware sm4350 smb1381_firmware pm8004 pm640l pmk8002 qpa2625 sa6150p qpa8688_firmware pmm8195au_firmware sm7250p sdm830 sd720g_firmware qpm4621_firmware qcs410_firmware pm6250 qpa5580 Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

CWE ID-CWE-787

Out-of-bounds Write

CVE-2020-11149

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.04% / 8.88%

||

7 Day CHG~0.00%

Published-21 Jan, 2021 | 09:41

Updated-04 Aug, 2024 | 11:28

Out of bound access due to usage of an out-of-range pointer offset in the camera driver. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Vendor-Qualcomm Technologies, Inc.

Product-qpm5579 qfs2580 qca8337 qdm5579 qdm2307 qfs2530 qpa8802 qln1030 pm6125 qat3519 pm8150a qtc800h qdm5670 pm7150l qpa8821 qdm5671 pmc1000h qat3518 sd8c wcn3998 wcn3950 qpa5460 wcn3660b qca4020 qdm5652 sd6905g qpm8870 qpm5679 qbt2000 pm855p qca6420 pm6150a sdx20m sdr735g wcn3999 pm8150b qsm7250 qcs405 qca6430 qat3522 pmr735a wcd9340 sd765g qca6436 sdr660 wcn6851 sa6155p qpa6560 sdr865 wcd9341 pmi8952 smr545 qca6431 qln5020 sd750g smb1350 qdm3302 pm6350 qdm5621 qtc800s qdm5650 wcn3988 wtr3925 smb1390 pm6150l sd8885g qet4100 wcn3610 qpm6585 qtc410s wcn3991 smb1355 qln4650 qpa8801 sdm429w wgr7640 qat5568 qet5100 qca6564au sdxr25g pm6150 pm7250b qca6574 qfs2630 qpa8842 pmm8996au wcd9380 qualcomm215 smb1381 sdr735 pm7250 smb1395 pm660l wtr4905 qpa8803 smr526 wtr5975 wcn3980 pmk8003 qdm2301 qsw8573 qcs605 wsa8815 wcn6850 qpm6375 smb1394 wcn3680 pm8009 sdx55m pm670a pm8008 qsw8574 pmi8998 pme605 pm855l qcs603 sd8655g qpm5621 qpm6582 pm670 pm8150l qdm5677 pm8005 sa6145p pm215 qdm2302 pmm6155au sdxr1 apq8096au ar8031 qpm5577 wtr2965 pm8150 qpm5875 sdx55 qet5100m apq8053 sa8155p csra6640 pm8350bhs sd675 qet4101 qat3516 pm670l qpm5658 qca9379 pm855b smb2351 qpm5870 pm8909 wsa8830 pm660 qln5030 qpm6325 qbt1500 pmi632 qpa5581 mdm9650 csra6620 qpm4621 qcs4290 qet6100 pmm855au sdr660g qpa8686 smb1396 pm7150a wcd9370 pm8350 qca6564 sdr425 qca6426 qca9377 qpm5641 qpm5541 qat5516 qdm5620 sd662 pm8350bh pm3003a sa8155 qat5533 qca6595au wcn3615 sm7350 qpm6670 smb1354 qca6584au qdm2305 qpm8820 qpm4641 pm855 sd429 pm8250 smb1398 qdm4643 pmx55 sd205 qca6421 qdm3301 pm8953 qat5515 qpm5677 qat3514 wcd9326 wcd9335 wcd9385 pmm8155au qpm4630 ar8035 qca6390 wcd9375 aqt1000 qpa8673 qdm2310 qln4642 sda429w sd210 pm8998 pmk7350 wcn3620 qca6564a smr546 pmx24 qet6110 qln5040 qpm8895 qpm5670 wcn3990 qtm527 pmk8350 sdx24 qpm8830 pm8350b qat5522 wsa8835 pm8150c pmr735b qpa4360 pm855a qca6574a qpa4361 qca6174a pm8350c smr525 qpm4640 wcn6750 pmr525 pm7350c qpm4650 qtm525 sd855 sd8cx sd665 sd765 pm640p pmx20 qat3555 sd460 qca6391 smb1351 qpa5461 qcm4290 pm640a sdr8150 qfs2608 sdx20 pm8916 qtc801s qdm4650 pmd9655 qca6574au qsw6310 qpm6621 wsa8810 qdm2308 pmw3100 qat3550 wcn6856 qdm5679 wcn3680b sdr8250 sd768g wcn6740 qca6696 pm8004 pm640l pmk8002 qpa2625 sm7250p sdm830 smb1357 qpa5580 Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CVE-2023-43545

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.03% / 5.99%

||

7 Day CHG~0.00%

Published-03 Jun, 2024 | 10:05

Updated-27 Jan, 2025 | 19:08

Integer Overflow or Wraparound in WLAN HOST

Memory corruption when more scan frequency list or channels are sent from the user space.

Vendor-Qualcomm Technologies, Inc.

Product-qca6584au_firmware qca6554a qcc2076_firmware qca8337_firmware wcd9335_firmware qfw7124_firmware qca6696_firmware qcc710 qca8081_firmware qcc2073_firmware qca6595au_firmware qca6584au qcn6224_firmware qfw7114_firmware qca8081 snapdragon_660_mobile qca6554a_firmware wcn3990 qca6564au sd660 qcn6224 snapdragon_x75_5g_modem-rf qcn6274_firmware qfw7114 fastconnect_7800 wcn3990_firmware ar8035 fastconnect_7800_firmware qca6564au_firmware qcc2073 sd660_firmware wcd9341_firmware wcd9340 qca6595_firmware qca8337 wcn3980_firmware qcc710_firmware ar8035_firmware qcn6274 qfw7124 qca6574a qca6595 qca6574a_firmware qcc2076 wcd9341 wcn3980 qca6574au qca6574 wcd9340_firmware wcd9335 qca6574_firmware qca6696 qca6595au snapdragon_660_mobile_firmware qca6574au_firmware snapdragon_x75_5g_modem-rf_firmware Snapdragon qca6564au_firmware qca8337_firmware qca6584au_firmware qcn6274_firmware wcn3990_firmware qca6696_firmware qca6595_firmware wcd9335_firmware qfw7114_firmware qcc2076_firmware qca6554a_firmware snapdragon_x75_5g_modem-rf_system_firmware qcc2073_firmware qca6574_firmware wcd9340_firmware qcc710_firmware qcn6224_firmware snapdragon_660_mobile_platform_firmware qca6574a_firmware sd660_firmware wcd9341_firmware fastconnect_7800_firmware qca6574au_firmware qca6595au_firmware qca8081_firmware wcn3980_firmware qfw7124_firmware ar8035_firmware

CWE ID-CWE-190

Integer Overflow or Wraparound

CVE-2023-43544

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.03% / 5.66%

||

7 Day CHG~0.00%

Published-03 Jun, 2024 | 10:05

Updated-27 Jan, 2025 | 19:11

Use After Free in Audio

Memory corruption when IPC callback handle is used after it has been released during register callback by another thread.

Vendor-Qualcomm Technologies, Inc.

Product-qca6584au_firmware wsa8835 wsa8835_firmware wcn3988_firmware qca8337_firmware sa9000p qfw7124_firmware snapdragon_w5\+_gen_1_wearable wsa8830 qcc710 qca6698aq qca8081_firmware snapdragon_auto_5g_modem-rf_gen_2_firmware qca6584au qcn6224_firmware qfw7114_firmware qca8081 sa8770p_firmware snapdragon_w5\+_gen_1_wearable_firmware sw5100_firmware snapdragon_x75_5g_modem-rf qcn6224 qcn6274_firmware qfw7114 fastconnect_7800 qca6698aq_firmware sa9000p_firmware qam8255p ar8035 fastconnect_7800_firmware sw5100p_firmware sa8255p_firmware snapdragon_auto_5g_modem-rf_gen_2 sw5100p wcd9340 sa8775p qca8337 wcn3980_firmware qcc710_firmware ar8035_firmware qcn6274 qfw7124 wcn3980 qam8255p_firmware wcd9340_firmware sa8255p sa8775p_firmware wcn3988 qam8775p sa8770p wsa8830_firmware sw5100 qam8775p_firmware snapdragon_x75_5g_modem-rf_firmware Snapdragon qam8255p_firmware qca8337_firmware sa8770p_firmware snapdragon_auto_5g_modem-rf_gen_2_firmware qam8775p_firmware qca6584au_firmware qcn6274_firmware sa8775p_firmware qfw7114_firmware snapdragon_x75_5g_modem-rf_system_firmware wcd9340_firmware wcn3988_firmware qcc710_firmware qcn6224_firmware wsa8830_firmware sa9000p_firmware wsa8835_firmware fastconnect_7800_firmware sw5100_firmware qca8081_firmware wcn3980_firmware sa8255p_firmware qfw7124_firmware sw5100p_firmware ar8035_firmware qca6698aq_firmware snapdragon_w5\+_gen_1_wearable_platform_firmware

CWE ID-CWE-416

Use After Free

CVE-2023-43542

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-7.8||HIGH

EPSS-0.04% / 11.23%

||

7 Day CHG~0.00%

Published-03 Jun, 2024 | 10:05

Updated-11 Aug, 2025 | 15:06

Buffer Copy Without Checking Size of Input in Trusted Execution Environment

Memory corruption while copying a keyblob`s material when the key material`s size is not accurately checked.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2023-43547

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.12% / 32.30%

||

7 Day CHG~0.00%

Published-04 Mar, 2024 | 10:48

Updated-11 Aug, 2025 | 15:06

Use After Free in Automotive Multimedia

Memory corruption while invoking IOCTLs calls in Automotive Multimedia.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-416

Use After Free

CVE-2023-43554

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.04% / 11.23%

||

7 Day CHG~0.00%

Published-01 Jul, 2024 | 14:17

Updated-11 Aug, 2025 | 15:06

Improper Restriction of Operations withing the Bounds of a Memory Buffer in DSP Services

Memory corruption while processing IOCTL handler in FastRPC.

Vendor-Qualcomm Technologies, Inc.

Product-wsa8845_firmware snapdragon_7c\+_gen_3 wsa8840 wcd9370 sc8180x-ab_firmware wcd9340_firmware wcd9385 sc8380xp wcd9341_firmware sc8180xp-ab_firmware sc8280xp-bb sc8180x-af sc8180x-ab fastconnect_6700 qca6420 sc8180xp-ab sc8180xp-ad qca6430 wsa8815_firmware wcd9370_firmware sc8180xp-ad_firmware qcm6490_firmware wcd9340 wcd9341 qcm6490 sc8180xp-aa_firmware wsa8810_firmware wsa8845h_firmware sc8180x-af_firmware qca6420_firmware aqt1000_firmware qcs6490_firmware sc8180x-ac wsa8835 wsa8840_firmware qca6391_firmware sc8180x-ac_firmware qca6430_firmware sc8180x-aa fastconnect_6800_firmware qcs5430 wsa8845h sc8180xp-ac_firmware wcd9380_firmware qcm5430 sc8180x-ad_firmware qcm5430_firmware wsa8815 wsa8830 sc8180x\+sdx55_firmware sc8380xp_firmware sc8180xp-ac fastconnect_6800 sc8280xp-ab_firmware wcd9375_firmware fastconnect_7800_firmware fastconnect_6900 snapdragon_7c\+_gen_3_firmware qca6391 sc8280xp-ab qcs5430_firmware sc8180x\+sdx55 wcd9385_firmware sc8180xp-af_firmware fastconnect_6900_firmware sc8180xp-aa wcd9380 fastconnect_6200 sc8180x-aa_firmware fastconnect_7800 wcd9375 sc8180xp-af wsa8845 fastconnect_6700_firmware video_collaboration_vc3_platform_firmware sc8180x-ad wsa8835_firmware wsa8810 qcs6490 fastconnect_6200_firmware sc8280xp-bb_firmware wsa8830_firmware video_collaboration_vc3_platform aqt1000 Snapdragon aqt1000_firmware qcm5430_firmware wcd9380_firmware qca6430_firmware qcs6490_firmware qcm6490_firmware qcs5430_firmware wsa8840_firmware qualcomm_video_collaboration_vc3_platform_firmware qca6391_firmware wcd9385_firmware fastconnect_6900_firmware wcd9370_firmware sc8380xp_firmware wcd9340_firmware wsa8830_firmware wsa8845_firmware fastconnect_6700_firmware wsa8815_firmware wsa8835_firmware wsa8810_firmware fastconnect_6200_firmware wcd9341_firmware fastconnect_7800_firmware qca6420_firmware wcd9375_firmware wsa8845h_firmware fastconnect_6800_firmware

CWE ID-CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-43532

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.05% / 16.52%

||

7 Day CHG~0.00%

Published-06 Feb, 2024 | 05:47

Updated-17 Jun, 2025 | 21:29

Untrusted Pointer Dereference in Display

Memory corruption while reading ACPI config through the user mode app.

CWE ID-CWE-822

Untrusted Pointer Dereference

CWE ID-CWE-763

Release of Invalid Pointer or Reference

CVE-2023-43514

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.11% / 30.36%

||

7 Day CHG~0.00%

Published-02 Jan, 2024 | 05:38

Updated-11 Aug, 2025 | 15:06

Use After Free in DSP Services

Memory corruption while invoking IOCTLs calls from user space for internal mem MAP and internal mem UNMAP.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-416

Use After Free

CVE-2023-43538

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-9.3||CRITICAL

EPSS-0.05% / 16.35%

||

7 Day CHG~0.00%

Published-03 Jun, 2024 | 10:05

Updated-27 Jan, 2025 | 19:34

Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in TZ Secure OS

Memory corruption in TZ Secure OS while Tunnel Invoke Manager initialization.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2023-43546

Matching Score-8

Assigner-Qualcomm, Inc.

View Details

Matching Score-8

Assigner-Qualcomm, Inc.

CVSS Score-8.4||HIGH

EPSS-0.10% / 27.31%

||

7 Day CHG~0.00%

Published-04 Mar, 2024 | 10:48

Updated-11 Aug, 2025 | 15:06

Use After Free in Automotive Multimedia

Memory corruption while invoking HGSL IOCTL context create.

Vendor-Qualcomm Technologies, Inc.

CWE ID-CWE-416

Use After Free

CVE-2023-28575

Credits

Multiple Type Confusion Vulnerability

Vendors

Products

Metrics (CVSS)

Weaknesses

Attack Patterns

Solution/Workaround

References

EPSS History

Score

Latest Score

N/A

Percentile

Latest Percentile

N/A

Stakeholder-Specific Vulnerability Categorization (SSVC)

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

CISA Catalog

Metrics

CPE Matches

Weaknesses

Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References

Change History

Similar CVEs