Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-28583

Summary
Assigner-qualcomm
Assigner Org ID-2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At-02 Jan, 2024 | 05:38
Updated At-17 Jun, 2025 | 18:38
Rejected At-
Credits

Double Free in Data Network Stack & Connectivity

Memory corruption when IPv6 prefix timer object`s lifetime expires which are created while Netmgr daemon gets an IPv6 address.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:qualcomm
Assigner Org ID:2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At:02 Jan, 2024 | 05:38
Updated At:17 Jun, 2025 | 18:38
Rejected At:
▼CVE Numbering Authority (CNA)
Double Free in Data Network Stack & Connectivity

Memory corruption when IPv6 prefix timer object`s lifetime expires which are created while Netmgr daemon gets an IPv6 address.

Affected Products
Vendor
Qualcomm Technologies, Inc.Qualcomm, Inc.
Product
Snapdragon
Platforms
  • Snapdragon Auto
  • Snapdragon Mobile
  • Snapdragon Wearables
Default Status
unaffected
Versions
Affected
  • AQT1000
  • FastConnect 6200
  • QCA6420
  • QCA6430
  • QCA6574AU
  • QCA6696
  • SA6145P
  • SA6150P
  • SA6155P
  • SA8145P
  • SA8150P
  • SA8155P
  • SA8195P
  • SD855
  • Snapdragon 855 Mobile Platform
  • Snapdragon 855+/860 Mobile Platform (SM8150-AC)
  • Snapdragon W5+ Gen 1 Wearable Platform
  • Snapdragon Wear 4100+ Platform
  • SW5100
  • SW5100P
  • WCD9341
  • WCN3610
  • WCN3660B
  • WCN3680B
  • WCN3980
  • WCN3988
  • WSA8810
  • WSA8815
  • WSA8830
  • WSA8835
Problem Types
TypeCWE IDDescription
CWECWE-415CWE-415 Double Free
Type: CWE
CWE ID: CWE-415
Description: CWE-415 Double Free
Metrics
VersionBase scoreBase severityVector
3.16.7MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 6.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin
N/A
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin
x_transferred
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:product-security@qualcomm.com
Published At:02 Jan, 2024 | 06:15
Updated At:12 Apr, 2024 | 16:15

Memory corruption when IPv6 prefix timer object`s lifetime expires which are created while Netmgr daemon gets an IPv6 address.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Secondary3.16.7MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 6.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Qualcomm Technologies, Inc.
qualcomm
>>aqt1000_firmware>>-
cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>aqt1000>>-
cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>fastconnect_6200_firmware>>-
cpe:2.3:o:qualcomm:fastconnect_6200_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>fastconnect_6200>>-
cpe:2.3:h:qualcomm:fastconnect_6200:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6420_firmware>>-
cpe:2.3:o:qualcomm:qca6420_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6420>>-
cpe:2.3:h:qualcomm:qca6420:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6430_firmware>>-
cpe:2.3:o:qualcomm:qca6430_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6430>>-
cpe:2.3:h:qualcomm:qca6430:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6574au_firmware>>-
cpe:2.3:o:qualcomm:qca6574au_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6574au>>-
cpe:2.3:h:qualcomm:qca6574au:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6696_firmware>>-
cpe:2.3:o:qualcomm:qca6696_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6696>>-
cpe:2.3:h:qualcomm:qca6696:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sa6145p_firmware>>-
cpe:2.3:o:qualcomm:sa6145p_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sa6145p>>-
cpe:2.3:h:qualcomm:sa6145p:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sa6150p_firmware>>-
cpe:2.3:o:qualcomm:sa6150p_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sa6150p>>-
cpe:2.3:h:qualcomm:sa6150p:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sa6155p_firmware>>-
cpe:2.3:o:qualcomm:sa6155p_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sa6155p>>-
cpe:2.3:h:qualcomm:sa6155p:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sa8145p_firmware>>-
cpe:2.3:o:qualcomm:sa8145p_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sa8145p>>-
cpe:2.3:h:qualcomm:sa8145p:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sa8150p_firmware>>-
cpe:2.3:o:qualcomm:sa8150p_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sa8150p>>-
cpe:2.3:h:qualcomm:sa8150p:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sa8155p_firmware>>-
cpe:2.3:o:qualcomm:sa8155p_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sa8155p>>-
cpe:2.3:h:qualcomm:sa8155p:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sa8195p_firmware>>-
cpe:2.3:o:qualcomm:sa8195p_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sa8195p>>-
cpe:2.3:h:qualcomm:sa8195p:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd855_firmware>>-
cpe:2.3:o:qualcomm:sd855_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd855>>-
cpe:2.3:h:qualcomm:sd855:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>snapdragon_855_mobile_platform_firmware>>-
cpe:2.3:o:qualcomm:snapdragon_855_mobile_platform_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>snapdragon_855_mobile_platform>>-
cpe:2.3:h:qualcomm:snapdragon_855_mobile_platform:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>snapdragon_855\+\/860_mobile_platform_firmware>>-
cpe:2.3:o:qualcomm:snapdragon_855\+\/860_mobile_platform_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>snapdragon_855\+\/860_mobile_platform>>-
cpe:2.3:h:qualcomm:snapdragon_855\+\/860_mobile_platform:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>snapdragon_w5\+_gen_1_wearable_platform_firmware>>-
cpe:2.3:o:qualcomm:snapdragon_w5\+_gen_1_wearable_platform_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>snapdragon_w5\+_gen_1_wearable_platform>>-
cpe:2.3:h:qualcomm:snapdragon_w5\+_gen_1_wearable_platform:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>snapdragon_wear_4100\+_platform_firmware>>-
cpe:2.3:o:qualcomm:snapdragon_wear_4100\+_platform_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>snapdragon_wear_4100\+_platform>>-
cpe:2.3:h:qualcomm:snapdragon_wear_4100\+_platform:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sw5100_firmware>>-
cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sw5100>>-
cpe:2.3:h:qualcomm:sw5100:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sw5100p_firmware>>-
cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sw5100p>>-
cpe:2.3:h:qualcomm:sw5100p:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wcd9341_firmware>>-
cpe:2.3:o:qualcomm:wcd9341_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wcd9341>>-
cpe:2.3:h:qualcomm:wcd9341:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wcn3610_firmware>>-
cpe:2.3:o:qualcomm:wcn3610_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wcn3610>>-
cpe:2.3:h:qualcomm:wcn3610:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wcn3660b_firmware>>-
cpe:2.3:o:qualcomm:wcn3660b_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wcn3660b>>-
cpe:2.3:h:qualcomm:wcn3660b:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wcn3680b_firmware>>-
cpe:2.3:o:qualcomm:wcn3680b_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wcn3680b>>-
cpe:2.3:h:qualcomm:wcn3680b:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wcn3980_firmware>>-
cpe:2.3:o:qualcomm:wcn3980_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wcn3980>>-
cpe:2.3:h:qualcomm:wcn3980:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-415Primarynvd@nist.gov
CWE-415Secondaryproduct-security@qualcomm.com
CWE ID: CWE-415
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-415
Type: Secondary
Source: product-security@qualcomm.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletinproduct-security@qualcomm.com
Vendor Advisory
Hyperlink: https://www.qualcomm.com/company/product-security/bulletins/january-2024-bulletin
Source: product-security@qualcomm.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

977Records found
CVE-2019-10558
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.80%
||
7 Day CHG~0.00%
Published-21 Jan, 2020 | 06:30
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While transferring data from APPS to DSP, Out of bound in FastRPC HLOS Driver due to the data buffer which can be controlled by DSP in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCN7605, QCS605, QM215, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM6150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwareapq8009_firmwaremsm8917sxr2130qcs605_firmwaremdm9206sdx24_firmwaresdm636sda845_firmwareapq8098qcn7605mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009apq8053_firmwaresda845nicobarmsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwareqm215mdm9607apq8017_firmwareqcn7605_firmwaremsm8937mdm9207c_firmwaremdm9207csm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwaresdm630_firmwaresda660_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250msm8998sm8150sdx20_firmwareapq8017nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2019-10604
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.80%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possibility of heap-buffer-overflow during last iteration of loop while populating image version information in diag command response packet, in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096AU, APQ8098, MDM9607, MDM9640, MSM8909W, MSM8917, MSM8953, Nicobar, QCS605, QM215, Rennell, SA6155P, Saipan, SDA660, SDM429, SDM439, SDM450, SDM632, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa6155p_firmwaremdm9640_firmwaremsm8953sdm450sdm845_firmwaresdm632_firmwareapq8098_firmwaresdm845sdm450_firmwaresdm632sdm439mdm9607_firmwaresm8250_firmwaresdm429sm7150_firmwaresdm710msm8909w_firmwaremdm9607qm215sm6150sdm710_firmwaresm7150msm8917sa6155psdm670sxr2130qcs605_firmwaresdm670_firmwaresm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwarerennellapq8098sda660_firmwarerennell_firmwareqm215_firmwareqcs605msm8953_firmwareapq8053apq8096au_firmwaresaipan_firmwaresm6150_firmwaremsm8917_firmwaresdm429_firmwaresm8250sm8150sda660sxr1130_firmwarenicobar_firmwaremsm8909wsaipansxr1130apq8053_firmwarenicobarmdm9640Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-10496
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.92%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 17:11
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of checking a variable received from driver and populating in Firmware data structure leads to buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_632sd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdm439sd_636snapdragon_high_med_2016_firmwaremsm8909w_firmwaremsm8996ausd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaresd_425_firmwaresd_665sd_625_firmwaresd_450sd_8cx_firmwaresd_845qcs605sd_632_firmwaresd_835_firmwaresd_835sda660sxr1130_firmwaresd_210_firmwaresxr1130msm8909wsd_665_firmwaresd_205_firmwaresd_212sd_427_firmwaresd_712sd_855sd_730_firmwarequalcomm_215sd_425sdm660sd_430_firmwaresd_710_firmwaresd_435sdm630sd_625sd_210sd_820_firmwaresd_636_firmwaresd_439_firmwarequalcomm_215_firmwaresd_429_firmwaresd_730snapdragon_high_med_2016sd_212_firmwaresd_850_firmwaresdm439_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_8cxsd_427sd_430sd_670sd_435_firmwaresd_710sd_205sdm660_firmwaresd_855_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-10566
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.83%
||
7 Day CHG~0.00%
Published-21 Nov, 2019 | 14:38
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow can occur in wlan module if supported rates or extended rates element length is greater than max rate set length in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8905, MSM8996AU, Nicobar, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS405, QCS605, SDA845, SDM670, SDM710, SDM845, SDX20, SM6150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaremsm8996au_firmwaresdm845sdx20mdm9607_firmwaresm8250_firmwaremdm9650qcs405qca6574ausdm710sm6150mdm9607msm8996auapq8017_firmwaresdm710_firmwareqcn7605_firmwaresdm670sxr2130qcs605_firmwaremdm9207c_firmwaremdm9206msm8905mdm9207cqca6174a_firmwareqca6174aqca9379_firmwaresdm670_firmwaresm8150_firmwaresxr2130_firmwareapq8096auqcs405_firmwareqca9377sda845_firmwareqcn7605mdm9206_firmwareqcs605apq8053apq8096au_firmwaresm6150_firmwaresm8250mdm9650_firmwaresm8150sdx20_firmwaremsm8905_firmwareqca6574au_firmwareapq8017nicobar_firmwareqca9379apq8053_firmwaresda845nicobarsdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-10596
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.80%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Improper access control can lead signed process to guess pid of other processes and access their address space' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Bitra, Nicobar, QCS605, QCS610, Rennell, SA6155P, Saipan, SC7180, SC8180X, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm850_firmwaresa6155p_firmwareqcs610sdm845sm8250_firmwaresc8180x_firmwaresm7150_firmwaresdm710sc7180_firmwaresm6150sdm710_firmwaresm7150sa6155psdm670qcs610_firmwaresxr2130sc8180xqcs605_firmwaresdm670_firmwaresm8150_firmwaresxr2130_firmwarerennellsc7180bitrarennell_firmwareqcs605saipan_firmwaresm6150_firmwaresm8250bitra_firmwaresm8150sdm850sxr1130_firmwarenicobar_firmwaresaipansxr1130nicobarsdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CVE-2019-10497
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.88%
||
7 Day CHG~0.00%
Published-30 Sep, 2019 | 15:40
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free issue occurs If another instance of open for voice_svc node has been called from application without closing the previous one. in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632mdm9640_firmwaresd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdx24sdm439mdm9650sd_636sd_615_firmwaremsm8909w_firmwaremsm8996ausd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_425_firmwaresd_665sdx24_firmwaresd_625_firmwaresd_450sd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sd_210_firmwaresd_415_firmwaremsm8909wsd_665_firmwaresd_616_firmwaresd_205_firmwaresd_415sd_212sd_427_firmwaresd_712sd_855sd_730_firmwarequalcomm_215sdx20sd_616sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_615sd_710_firmwaresdm630sd_625sd_820_firmwaresd_210mdm9607sd_636_firmwaresd_439_firmwarequalcomm_215_firmwaremdm9150sd_429_firmwaresd_730sd_212_firmwaresd_850_firmwaresd_855_firmwaresdm439_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_430sd_427sd_670sd_435_firmwaresdx20_firmwaresd_710sd_205sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2019-10518
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.67%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 05:25
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free of a pointer in iWLAN scenario during netmgr state transition to CONNECT in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, IPQ4019, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, QCA6574AU, QCS405, QCS605, SDA660, SDA845, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9640_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwareipq4019_firmwaremdm9206sdm670_firmwaresdx24_firmwareipq8074sdm636sda845_firmwareapq8098mdm9206_firmwaremsm8939qcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwareqca6574au_firmwaresda660sdx55_firmwareipq8064sxr1130_firmwareapq8064_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwareipq8064_firmwaresda845msm8920msm8953sdm636_firmwareapq8064sdm845_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwareqcs405ipq8074_firmwareqca6574ausdm710mdm9607apq8017_firmwaresdm710_firmwaremsm8939_firmwaremdm9150msm8937mdm9207c_firmwaremsm8905mdm9207csm8150_firmwaremsm8909sxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwaresdm630_firmwaresda660_firmwareipq4019sdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250msm8998sm8150sdx20_firmwareapq8017sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-416
Use After Free
CVE-2023-22668
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 11.19%
||
7 Day CHG~0.00%
Published-05 Dec, 2023 | 03:03
Updated-02 Aug, 2024 | 10:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Audio

Memory Corruption in Audio while invoking IOCTLs calls from the user-space.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_855\+\/860_mobile_platform_firmwareqam8255p_firmwarewsa8830qca8337_firmwarewcd9380_firmwaresw5100pqca8337sd865_5gqfw7124fastconnect_6800snapdragon_w5\+_gen_1_wearable_platformqam8775psnapdragon_870_5g_mobile_platform_firmwarear8035_firmwaresnapdragon_865_5g_mobile_platformqualcomm_215_mobile_platformqualcomm_205_mobile_platformqcn6224_firmwarewsa8835snapdragon_212_mobile_platformqcn6274wcd9380qca6420_firmwaresnapdragon_wear_4100\+_platform_firmwaresnapdragon_210_processorsnapdragon_855\+\/860_mobile_platformsxr2130snapdragon_wear_4100\+_platformqca6426qca6584au_firmwareqca6430_firmwarewcn3980qfw7114_firmwarefastconnect_6200sa9000pwcd9340_firmwaresd855wsa8815snapdragon_865\+_5g_mobile_platformsnapdragon_xr2_5g_platform_firmwareqca6426_firmwaresa9000p_firmwaresnapdragon_x55_5g_modem-rf_systemsa8775pfastconnect_6200_firmwaresnapdragon_212_mobile_platform_firmwareqca8081_firmwarewcn3980_firmwareqfw7114snapdragon_x55_5g_modem-rf_system_firmwareqca6391wcn3610_firmwareqca6420qca6436_firmwaresnapdragon_w5\+_gen_1_wearable_platform_firmwarefastconnect_7800aqt1000_firmwareqca6584ausnapdragon_865\+_5g_mobile_platform_firmwaresnapdragon_870_5g_mobile_platformqcn6274_firmwaresnapdragon_xr2_5g_platformsa8775p_firmwareqca6698aqfastconnect_6900snapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwarewcn3988_firmwareqca6430wcd9340wsa8810_firmwareqcn6224wcd9341_firmwarefastconnect_7800_firmwaresw5100wsa8810qca6436sa8255p_firmwaresnapdragon_x75_5g_modem-rf_systemsw5100p_firmwareqca8081qca6698aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2qualcomm_215_mobile_platform_firmwarequalcomm_205_mobile_platform_firmwaresa8770p_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqam8775p_firmwaresa8255psxr2130_firmwarewcd9341qcc710qca6391_firmwarear8035snapdragon_855_mobile_platform_firmwareaqt1000snapdragon_210_processor_firmwaresnapdragon_855_mobile_platformqcc710_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewcn3988wsa8815_firmwarewsa8835_firmwaresnapdragon_865_5g_mobile_platform_firmwaresw5100_firmwarefastconnect_6800_firmwareqfw7124_firmwareqam8255psa8770pwcn3610Snapdragon
CWE ID-CWE-416
Use After Free
CVE-2019-10600
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 27.24%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 05:25
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use of local variable as argument to netlink CB callback goes out of it scope when callback triggered lead to invalid stack memory in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCA6574AU, QCA8081, QCS405, QCS605, QM215, SA6155P, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwareipq4019_firmwaremdm9206sdm670_firmwaresdx24_firmwareipq8074sdm636sda845_firmwareapq8098mdm9206_firmwaremsm8939qcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwareqca6574au_firmwaresdx55_firmwareipq8064sxr1130_firmwareqca8081_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwareipq8064_firmwaresda845nicobarsa6155p_firmwaremsm8920msm8953sdm450sdm636_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwareqcs405ipq8074_firmwareqca6574ausdm710qm215mdm9607apq8017_firmwaresdm710_firmwaremsm8939_firmwaresa6155pqca8081mdm9150msm8937mdm9207c_firmwaremdm9207csm8150_firmwaremsm8909sxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwaresdm630_firmwareqm215_firmwareipq4019sdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250msm8998sm8150sdx20_firmwareapq8017nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2019-10537
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.80%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 05:25
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper validation of event buffer extracted from FW response can lead to integer overflow, which will allow to pass the length check and eventually will lead to buffer overwrite when event data is copied to context buffer in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607, Nicobar, QCA6574AU, QCN7605, QCS405, QCS605, SDM660, SDM845, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm8150_firmwaresxr2130_firmwaresdm660_firmwareqcs405_firmwaresdm845qcn7605sdm660mdm9607_firmwaresm8250_firmwareqcs605sdx55qcs405sm7150_firmwareqca6574ausm6150_firmwaresm6150sm8250mdm9607sm8150qca6574au_firmwaresdx55_firmwaresm7150sxr1130_firmwareqcn7605_firmwarenicobar_firmwaresxr1130sxr2130qcs605_firmwarenicobarsdm845_firmwareSnapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-10607
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 27.24%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 05:25
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bounds memcpy can occur by providing the embedded NULL character string and length greater than the actual string length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9615, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8996, MSM8996AU, QCA4531, QCA8081, QCA9531, QCA9558, QCA9886, QCA9980, QCN7605, QCS605, SDA660, SDX20, SDX24, SDX55, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca4531_firmwaremdm9640_firmwareqca9980_firmwaremsm8996au_firmwaresdx24mdm9650msm8940_firmwareqca9558_firmwareqca9558msm8909w_firmwaremsm8996auapq8009_firmwaremsm8917qcs605_firmwareipq4019_firmwaremdm9206sdx24_firmwareipq8074qca4531apq8098qcn7605mdm9615mdm9206_firmwaremsm8939qcs605qca9886msm8937_firmwaremdm9650_firmwaremsm8905_firmwaresda660sdx55_firmwareipq8064sxr1130_firmwareapq8064_firmwareqca8081_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwareipq8064_firmwaremsm8920apq8064apq8098_firmwaresdx20msm8920_firmwaremdm9607_firmwareqca9531ipq8074_firmwaremdm9607qca9980apq8017_firmwaremsm8939_firmwareqcn7605_firmwareqca8081msm8937mdm9207c_firmwaremsm8996_firmwaremsm8905mdm9207cqca9886_firmwaresm8150_firmwaremsm8909apq8096ausda660_firmwareipq4019sdx55msm8940apq8053apq8096au_firmwaremsm8917_firmwaremdm9615_firmwaresm8150sdx20_firmwareqca9531_firmwareapq8017msm8996mdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-10498
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.83%
||
7 Day CHG~0.00%
Published-30 Sep, 2019 | 15:40
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow scenario if the client sends more than 5 io_vec requests to the server in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632mdm9640_firmwaresd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdx24sdm439mdm9650sd_636sd_615_firmwaremsm8909w_firmwaremsm8996ausd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_425_firmwaresd_665sdx24_firmwaresd_625_firmwaresd_450sd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sd_210_firmwaresd_415_firmwaremsm8909wsd_665_firmwaresd_616_firmwaresd_205_firmwaresd_415sd_212sd_427_firmwaresd_712sd_855sd_730_firmwarequalcomm_215sdx20sd_616sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_615sd_710_firmwaresdm630qcs405sd_625sd_820_firmwaresd_210mdm9607sd_636_firmwaresd_439_firmwarequalcomm_215_firmwaremdm9150sd_429_firmwaresd_730sd_212_firmwaresd_850_firmwaresd_855_firmwaresdm439_firmwareqcs405_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_430sd_427sd_670sd_435_firmwaresdx20_firmwaresd_710sd_205sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-21654
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 3.50%
||
7 Day CHG~0.00%
Published-05 Sep, 2023 | 06:23
Updated-02 Aug, 2024 | 09:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Restriction of Operations within the Bounds of a Memory Buffer in Audio

Memory corruption in Audio during playback session with audio effects enabled.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwarewsa8830sda429w_firmwaresa6150p_firmwarewcd9380_firmwaresa8145p_firmwareqcs610sw5100pmsm8996au_firmwaresd865_5gqca6564auqcc5100sdx55m_firmwaremdm9628_firmwarewsa8835msm8996auwcn3950_firmwarewcd9380sa8150p_firmwareqca6420_firmwareqca6390_firmwareqcs410wcd9370qca6574aqca6426qca6564aqca6430_firmwarewcn3980sa415mwcn3998qam8295psdxr2_5g_firmwarewcn3950mdm9628wcn3660bsd855wsa8815wcn6850qam8295p_firmwareqca6426_firmwarewcn3660b_firmwareqca6574a_firmwareqca6574au_firmwaresdx55_firmwarewcn3680b_firmwarewcn3998_firmwarewcn3980_firmwareqca6391wcn3610_firmwareqca6420qca6436_firmwaresdx55msa8295pqcc5100_firmwareaqt1000_firmwareqca6564au_firmwaresa6155p_firmwaresdxr2_5gwcn6851_firmwaresa415m_firmwarewcn3988_firmwareqca6430qca6574auqcn9074sa6145p_firmwaresa8155p_firmwareqca6564a_firmwaresa8195pwsa8810_firmwarewcd9341_firmwaresw5100wsa8810sd870qca6436wcn6851sa6155psw5100p_firmwareqcs610_firmwaremdm9150qsm8250sa6145pwcn3680bwcd9341apq8096auqca6696_firmwaresa8145psd870_firmwareqca6696qca6391_firmwareqca6390wcd9370_firmwareaqt1000sa8150psa6150psdx55apq8096au_firmwarewsa8830_firmwaresda429wsa8155psd855_firmwaresd865_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresw5100_firmwareqcn9074_firmwareqcs410_firmwaresa8295p_firmwarewcn3610qsm8250_firmwareSnapdragon
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-21673
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.7||HIGH
EPSS-0.02% / 4.97%
||
7 Day CHG~0.00%
Published-03 Oct, 2023 | 05:00
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Access Control in Kernel

Improper Access to the VM resource manager can lead to Memory Corruption.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1010_firmwareqcm8550_firmwarevision_intelligence_300_platformsd865_5gqca6595wcd9370qca8081_firmwaresm7250-absnapdragon_x50_5g_modem-rf_systemqca6696wcd9340_firmwarewcd9341_firmwarewcd9395_firmwareqcc710_firmwareqca6426sc8180x-abwcn6740_firmwarefastconnect_6700sc8280xp-ab_bb_firmwaresm7325-ae_firmwarewsa8832_firmwareqca8337qdu1110qca6426_firmwarewcd9395qca6574au_firmwareqam8295pwcd9341qca6574auwcd9390wsa8810_firmwarewsa8845h_firmwaresa9000p_firmwaresrv1hfastconnect_6800_firmwaresm8150-acsnapdragon_4_gen_2_mobile_platform_firmwaressg2115pqcc710snapdragon_850_mobile_compute_platformsc8180xp-ac_af_firmwaresa8540psm7250-aa_firmwareqsm8350_firmwarerobotics_rb3_platformfastconnect_6900qru1032_firmwareqfw7114wcd9385_firmwareqca6421snapdragon_x55_5g_modem-rf_systemqca6310qam8255p_firmwaresa8155_firmwaresnapdragon_888_5g_mobile_platform_firmwareqca6335snapdragon_ar2_gen_1_platform_firmwareqcs4490snapdragon_8_gen_1_mobile_platform_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwarewsa8845sa6155pqca6421_firmwaresc8180x-adqca6564au_firmwarewsa8810qam8650pvideo_collaboration_vc5_platform_firmwaresa9000pqdu1000_firmwaresrv1h_firmwaresnapdragon_8\+_gen_2_mobile_platformsm8350-acqca6595ausm7315_firmwareqdu1010wcd9326_firmwaresa6155p_firmwarewsa8840qcs8550_firmwareqdu1210_firmwareqfw7124_firmwareqca6436_firmwareqcn9012snapdragon_8\+_gen_1_mobile_platformsc8280xp-ab_bbqcs4490_firmwaresnapdragon_8_gen_2_mobile_platformsnapdragon_7c\+_gen_3_compute_firmwaresm8250-ac_firmwareqca6420wcd9370_firmwaresnapdragon_845_mobile_platformsnapdragon_x55_5g_modem-rf_system_firmwareqdu1110_firmwareqdu1000qca6574asm7325-aeqca6174awcd9340qcs8250_firmwareqdu1210sm6150-acqca6335_firmwareqcm6490sa8540p_firmwaresm8150-ac_firmwaresm8550p_firmwareqcm8550wcn3988qca6574snapdragon_x75_5g_modem-rf_systemsm7325-afsxr2230p_firmwaresd675_firmwareqca6430_firmwaresc8180x-aaqcn9011qamsrv1hsdx57mwsa8845hsm7250-aawcd9326sa8155p_firmwareqca6564asa8155pwsa8830snapdragon_675_mobile_platformsm8550psa6145psnapdragon_8\+_gen_1_mobile_platform_firmwarevision_intelligence_400_platform_firmwaresa8255p_firmwareflight_rb5_5g_platform_firmwarear8035sa6155qrb5165m_firmwaresa8650p_firmwarerobotics_rb5_platformqcn6224qca6698aqwcn3950_firmwaressg2125p_firmwareqrb5165nsnapdragon_8_gen_1_mobile_platformsm7250-acfastconnect_6200sc8180x-aa_firmwaresd670sm7325p_firmwareqdx1011sa8150p_firmwaresc8180xp-aa_abfastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwarewcn3990sd670_firmwareqcs6490qcs8250fastconnect_6200_firmwarewsa8830_firmwareqcn6224_firmwareqca6431snapdragon_850_mobile_compute_platform_firmwarewsa8845_firmwarewsa8832sdx57m_firmwaresxr2130_firmwaresnapdragon_675_mobile_platform_firmwarear8035_firmwareqrb5165msnapdragon_888_5g_mobile_platformsm8250-ab_firmwaresd888_firmwareqca6564ausc8180xp-adsm7325-af_firmwarewsa8815_firmwaresm8250-abqca8337_firmwaresg8275p_firmwareqca9377_firmwareqcm6490_firmwaresc8180xp-aa_ab_firmwaresm8350-ac_firmwaresm7250p_firmwareqcm4490_firmwaresnapdragon_855_mobile_platformqru1032robotics_rb3_platform_firmwarewcn3950sc8180xp-ac_afflight_rb5_5g_platformsnapdragon_xr2_5g_platformsnapdragon_x65_5g_modem-rf_system_firmwareqca6797aq_firmwaresnapdragon_7c\+_gen_3_computesnapdragon_670_mobile_platform_firmwaresnapdragon_780g_5g_mobile_platformsa8295p_firmwaresd_675_firmwaresm7250psa8155sd_8cx_firmwaresc8180x-ad_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresnapdragon_845_mobile_platform_firmwareqcn6274_firmwaresd888qcn9011_firmwareqru1062_firmwaresnapdragon_4_gen_2_mobile_platformwcn6740qru1062qca6310_firmwarefastconnect_6800qfw7114_firmwareqcs7230sm8250-acqca6595_firmwarefastconnect_7800_firmwarefastconnect_6900_firmwarewcd9380sa6145p_firmwareqam8255psa6155_firmwaresxr2230psnapdragon_xr2_5g_platform_firmwaresa8150psc8180x-ac_af_firmwarevision_intelligence_300_platform_firmwaresnapdragon_778g_5g_mobile_platformsnapdragon_x24_lte_modemsxr1230pvideo_collaboration_vc3_platformaqt1000snapdragon_865_5g_mobile_platform_firmwareqam8295p_firmwaresd855qca6431_firmwaresc8180x-ab_firmwarewcn3990_firmwaresm7315qca6698aq_firmwareqca6564a_firmwarewcd9385sc8180x-ac_afqsm8350sa8255pqcs7230_firmwaresxr1230p_firmwarewcd9390_firmwareqca6430sg8275psdx55_firmwareqdx1011_firmwaresc8180xp-ad_firmwaresm7250-ab_firmwaressg2125pqru1052sxr2130qcm4490qca6174a_firmwaresm7325pqam8650p_firmwarevideo_collaboration_vc5_platformsnapdragon_855_mobile_platform_firmwareqca6420_firmwareaqt1000_firmwareqcs6490_firmwaresm6150-ac_firmwaresnapdragon_x65_5g_modem-rf_systemsd855_firmwarewcn3980_firmwareqrb5165n_firmwareqca6436qcn6274qfw7124snapdragon_x24_lte_modem_firmwarewsa8835qca6391_firmwarewsa8840_firmwareqca6595au_firmwareqdu1010_firmwaresnapdragon_ar2_gen_1_platformqca6696_firmwaresnapdragon_865_5g_mobile_platformwcd9380_firmwareqca6574_firmwareqca8081wsa8815sd_8_gen1_5gqam8775pqca9377qca6797aqvision_intelligence_400_platformqca6574a_firmwaresdx55sd675sd_8_gen1_5g_firmwarewcd9375_firmwareqca6391snapdragon_778g_5g_mobile_platform_firmwareqcn9012_firmwareqru1052_firmwaresnapdragon_670_mobile_platformsnapdragon_8_gen_2_mobile_platform_firmwaresa8295psnapdragon_x50_5g_modem-rf_system_firmwareqcs8550robotics_rb5_platform_firmwarefastconnect_7800sa8650pqam8775p_firmwaresd865_5g_firmwarewcd9375wcn3988_firmwareqamsrv1h_firmwaresd_675sd_8cxwsa8835_firmwaressg2115p_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewcn3980sm7250-ac_firmwareqdx1010Snapdragon
CWE ID-CWE-284
Improper Access Control
CVE-2023-21670
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.65%
||
7 Day CHG~0.00%
Published-06 Jun, 2023 | 07:39
Updated-07 Jan, 2025 | 19:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Access control in GPU Subsystem

Memory Corruption in GPU Subsystem due to arbitrary command execution from GPU in privileged mode.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwareqam8255p_firmwaresm7325-ae_firmwaresa6150p_firmwaresm6250p_firmwareqcs610315_5g_iot_modem_firmwareqca8337qam8775psnapdragon_212_mobile_platformwcn3950_firmwaresa8150p_firmwaresm4450_firmwareqcs2290qca6595au_firmwaresa6155qca6335sm8350sdm670csra6620_firmwareqcs605_firmwarecsra6640_firmwarewcn685x-1qcs400_firmwaresm7350-ab_firmwaresda845_firmwaresnapdragonwear_4100\+_platformsm4375wcn3998qam8295pwcn3950qcn6024_firmwaresm4125wcn3660bsm7150-acqsm8350_firmwareqsm8350sm7315_firmwaresm7325-aesnapdragon_695_5g_mobile_platform_firmwareqca6574au_firmwaresm4250-aawcd9375_firmwarewcn3998_firmwareqca8081_firmwaresa6155_firmwaresm6225-adqca6420sda845snapdragon_auto_5g_modem-rf_firmwaresm6225-ad_firmwareqrb5165m_firmwareqrb5165_firmwareqca6698aqsa4155p_firmwaresa8155_firmwaresnapdragon_7c\+_gen3_computesm7250-ab_firmwareqca6430wcd9340sw5100qca6436sa6155pqca6698aq_firmwaresnapdragon_690_5g_mobile_platformmsm8905wcn685x-1_firmwaresm8150_firmwarewcd9341qam8775p_firmwaresa8255psnapdragon_ar2_gen1_platform_firmwareqca6696_firmwaresnapdragon_x12_lte_modemqca6797aqwcn3910_firmwaresm4350_firmwaresa8150psm8250-ac_firmwarewsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwaresm7225_firmwarewcn3988sd660_firmwaresm4250-aa_firmwaresa8195p_firmwaresm8475wcn6750_firmwaresm6125_firmwaresa8295p_firmwarewcn3610snapdragon_675_mobile_platform_firmwarec-v2x9150wcn3991qca8337_firmwarewcd9380_firmwaressg2125psdm429wsw5100psdm429sd670_firmwareqca6574wcd9380qcs410snapdragon_210_processorsm7150-aa_firmwaresxr1230pqcn9012_firmwareqca6430_firmwarewcd9335_firmwarewcn3980qca6335_firmwaresm7225qcm4325_firmwareqcs605wcd9340_firmwarewsa8815sm6150-ac_firmwarewcn3910sdm429_firmwareqcs8250qca6426_firmwaresm4450wcn3660b_firmwarewcn3680qcn9024wcn3980_firmwaresd730snapdragon_x50_5g_modem-rf_system_firmwaresm7150-aasa8295psm8475_firmwarewcn6740_firmwaresm7125qcs4490_firmwaresnapdragon_xr2_5g_platformsnapdragon_x65_5g_modem-rf_systemar8031_firmwarewcn3680_firmwaresm7150-ab_firmwareqrb5165sm8350_firmwaresnapdragon_xr2\+_gen1_platformsdm660qca6797aq_firmwarewcn785x-1_firmwaresdm710sd670qcn9024_firmwareqcm4290_firmwaresnapdragon_x24_lte_modemwsa8832sw5100p_firmwareqcs610_firmwaresa6145par8031qcs4490qca6595_firmwaresa8145pqca6391_firmwaresa4150p_firmwarewcd9370_firmwareqm215_firmwaresm4350-ac_firmwaresdx55sd888_firmwaresm8250csra6640sa8155psnapdragon_695_5g_mobile_platformssg2115p_firmwareqcs8155_firmwareqam8255psa4155par8035_firmwareqcm2290sdm845_firmwarewcn3991_firmwarewsa8830snapdragon_662_mobile_platform_firmwaresxr2230p_firmwaresa8145p_firmwaresm6125snapdragon_x24_lte_modem_firmwareqcs2290_firmwareqam8650pwcn785x-5flight_rb5_5g_platformcsra6620flight_rb5_5g_platform_firmwaresm7250-ac_firmwareqcs4290qca6420_firmwareqca6390_firmwaresd730_firmwarewcd9370ssg2115pqca6426wcn3990_firmwareqrb5165n_firmwaresm8450qca9377sm8250-abwcd9385_firmwarewcd9326_firmwarewcn3615_firmwaresnapdragon_w5\+_gen1_wearable_platformqam8295p_firmwaresm7325-afqcn9011_firmwaresa8155snapdragon_x55_5g_modem-rf_systemmsm8905_firmwarewcn3680b_firmwaresdx55_firmwaresnapdragon_7c\+_gen3_compute_firmwaresnapdragon_212_mobile_platform_firmwarewcn3615qca6595ausm7325-af_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwaresm4350-acqrb5165nsnapdragon_680_4g_mobile_platform_firmwaresa6155p_firmwareqca6310snapdragon_x65_5g_modem-rf_system_firmwareqcs8155qcs6490qcs8550_firmwaresm8250_firmwaresm8250-acwcn3988_firmware315_5g_iot_modemqcn9074sa6145p_firmwareqm215sm6250sm7250-aasnapdragon_xr2\+_gen1_platform_firmwaresa8195psxr1120sdm710_firmwarewsa8810_firmwaresm4375_firmwaresm8450_firmwarewcd9326wcd9335sa8255p_firmwaresg4150pqca8081qcm4490qca6174a_firmwareqcs4290_firmwarewcd9385sxr2130_firmwareqcs6490_firmwaresnapdragon_x12_lte_modem_firmwaresm7150-abqca6390wcd9375ar8035aqt1000snapdragon_210_processor_firmwaresm6250_firmwaresnapdragon_662_mobile_platformwcn3620_firmwaresm8150wsa8815_firmwareqcm6490wsa8835_firmwarewcn3620sm7350-absxr1120_firmwaresa4150psg4150p_firmwarewcn785x-1qcm4325qcm2290_firmwarewcn3990sdm845sd865_5gsnapdragon_ar2_gen1_platformqca6595sm8350-ac_firmwaresm8150-acqcn9012sd888wsa8835sxr1230p_firmwaresdm429w_firmwarec-v2x9150_firmwaresnapdragon_auto_5g_modem-rfsm6250psxr2130ssg2125p_firmwareqca6574awcn685x-5_firmwareqca6174asm7325psdm670_firmwareqca6310_firmwaresm7325wcn6750sm7150-ac_firmwaresm7250-abqca6574_firmwaresd855sm4125_firmwaresm7325p_firmwaresxr2230psnapdragon_xr2_5g_platform_firmwareqca6574a_firmwareqrb5165mwcn785x-5_firmwaresm7315snapdragon_x55_5g_modem-rf_system_firmwaresm8250-ab_firmwareqca6391aqt1000_firmwareqcm4490_firmwaresnapdragon_690_5g_mobile_platform_firmwaresnapdragon_w5\+_gen1_wearable_platform_firmwareqcm4290qcm6490_firmwarewsa8832_firmwaresnapdragon_xr1_platformwcn685x-5qcn9011qca6574ausa8155p_firmwareqcs8250_firmwarewcd9341_firmwarewsa8810sm7250-aa_firmwaresm7250-acsnapdragon_680_4g_mobile_platformsm8150-ac_firmwarewcn3680bsm8350-acqam8650p_firmwaresnapdragon_675_mobile_platformwcn6740qca6696qcs8550snapdragonwear_4100\+_platform_firmwaresm4350sm6150-acsm7125_firmwaresnapdragon_x50_5g_modem-rf_systemsa6150pqcn6024sm7250psw5100_firmwareqcn9074_firmwareqcs410_firmwareqcs400sdm660_firmwaresnapdragon_xr1_platform_firmwaresm7325_firmwareSnapdragon
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-863
Incorrect Authorization
CVE-2023-21650
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 8.89%
||
7 Day CHG~0.00%
Published-08 Aug, 2023 | 09:14
Updated-02 Aug, 2024 | 09:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Validation of Array Index in GPS HLOS Driver

Memory Corruption in GPS HLOS Driver when injectFdclData receives data with invalid data length.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wsa8830sda429w_firmwaresa6150p_firmwarewcd9380_firmwaresa8145p_firmwareqcs610sw5100psd865_5gqca6564auqcc5100csrb31024sdx55m_firmwarewsa8835wcn3950_firmwarewcd9380sa8150p_firmwareqca6420_firmwareqca6595au_firmwareqca6390_firmwareqcs410wcd9370qca6574aqca6564qca6426qca6430_firmwarewcn3980sa415mwcn3998qam8295psdxr2_5g_firmwarewcn3950wcn3660bsd855wsa8815wcn6850qam8295p_firmwareqca6426_firmwarewcn3660b_firmwareqca6574a_firmwareqca6574au_firmwarewcn3680b_firmwareqca6595auwcn3998_firmwarewcn3980_firmwareqca6391wcn3610_firmwareqca6420qca6436_firmwaresdx55msa8295pqcc5100_firmwareaqt1000_firmwareqca6564au_firmwaresa6155p_firmwarecsrb31024_firmwaresdxr2_5gwcn6851_firmwaresa415m_firmwarewcn3988_firmwareqca6430qca6574ausa6145p_firmwaresa8155p_firmwaresa8195pwsa8810_firmwarewcd9341_firmwaresw5100wsa8810sd870qca6436wcn6851sa6155psw5100p_firmwareqcs610_firmwaresa6145pwcn3680bqca6564_firmwarewcd9341qca6696_firmwaresa8145psd870_firmwareqca6696qca6391_firmwareqca6390wcd9370_firmwareaqt1000sa8150psa6150psa8155pwsa8830_firmwaresda429wsd855_firmwaresd865_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresw5100_firmwareqcs410_firmwaresa8295p_firmwarewcn3610Snapdragon
CWE ID-CWE-129
Improper Validation of Array Index
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-21662
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.52%
||
7 Day CHG~0.00%
Published-05 Sep, 2023 | 06:24
Updated-27 Feb, 2025 | 21:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy without Checking the Size of Input(Classic Buffer Overflow) in Core Platform

Memory corruption in Core Platform while printing the response buffer in log.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresd_8cx_gen3_firmwaresa6150p_firmwareqca8337qca6431_firmwaresdx65wcn3950_firmwareipq5028_firmwaresa8150p_firmwareqca6595au_firmwaresa6155qca6335qcs605_firmwaresd_675_firmwarewcn3998qam8295psd_8cx_gen2_firmwareqcn6024_firmwareqca8386_firmwarewcn3950sd_8_gen1_5g_firmwareqca8084_firmwareqsm8350_firmwareqsm8350sm7315_firmwarewcn7850qca6574au_firmwarewcd9375_firmwareqca8081_firmwaresa6155_firmwarewcn3998_firmwareqca6420sd_8cx_gen2qrb5165_firmwareipq5028qrb5165m_firmwareqca6698aqsa4155p_firmwaresa8155_firmwareqca6430sdx65mwcd9340qcn6132sd765gfsm10056_firmwareqca6436wcn6851sa6155pqcs603_firmwarewcn7851_firmwareqca6698aq_firmwareqcn6122wcd9341qca6431qca6696_firmwaresd870_firmwareipq9008_firmwaresd_8cxsa8150pwsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwaresd660_firmwarewcn7850_firmwaresa8195p_firmwaresa8295p_firmwarewcn6750_firmwareipq5018_firmwarewcn3991qca8337_firmwarewcd9380_firmwaressg2125pqca8084qca6564ausdx55m_firmwarewcn6856_firmwareipq9008sd670_firmwareqca6574wcd9380sdx50m_firmwaresxr1230psdx24_firmwareqca6430_firmwareqcn9012_firmwareqcn9274_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqcs605wcd9340_firmwarewsa8815wcn6850qca6426_firmwareqcn9024ipq9574_firmwarewcn3980_firmwaresdx55msa8295pqca6421_firmwarewcn6740_firmwaresd678_firmwareqrb5165wcn6851_firmwareqcs603sd670qca6564a_firmwareqcn9024_firmwaresdx57msd870wsa8832wcn6855sa8540psa6145pqca6595_firmwaresa8145pqca6391_firmwaresa4150p_firmwaresd780g_firmwarewcd9370_firmwaresdx55sd888_firmwaresa8155psd675sdx70mssg2115p_firmwareqcs8155_firmwaresa4155par8035_firmwarewcn3991_firmwarewsa8830sd678qcn9070sa8145p_firmwarefsm10056qca8082qcn9072qca8386sd765g_firmwareqca6420_firmwareqca6390_firmwarewcd9370sd675_firmwaressg2115pqca6564qca6426wcn3990_firmwareqrb5165n_firmwareqcn9000_firmwareipq5018qca9377sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwareqam8295p_firmwareqcn9011_firmwareqca8082_firmwaresa8155sa9000p_firmwaresdx55_firmwareqca6595auqcn6023_firmwaresm7250p_firmwareqca6436_firmwareqrb5165nipq5010qca6564au_firmwaresd778gsa6155p_firmwareqca6310qcn9274qcs8155wcn7851qcs6490sdxr2_5gqcn9074sa6145p_firmwareqca6421qca8085sd778g_firmwaresa8195pwsa8810_firmwaresd765_firmwarewcd9326wcd9335qca8081qcn6023sdx65m_firmwareqca6174a_firmwarewcd9385qca8085_firmwareqcs6490_firmwaresd_8cx_gen3sdx70m_firmwarear8035qca6390wcd9375aqt1000qcn9100_firmwareipq5010_firmwareqcm6490sd888_5g_firmwarewcn6850_firmwarewsa8815_firmwarewsa8835_firmwareqca6564asa4150pwcn3990qcn9000sd_675sd780gsd865_5gqca6595sdx24qcn9012sd888qcn6122_firmwarewsa8835sxr1230p_firmwaresa8540p_firmwaresd_8_gen1_5gsd888_5gssg2125p_firmwareqca6574awcn6855_firmwareqca6174asm7325pqcn6132_firmwareqca6310_firmwarewcn6750sa9000pqca6574_firmwaresd855sm7325p_firmwaresdx57m_firmwaresd765qca6574a_firmwaresd768g_firmwareqrb5165msd850_firmwaresm7315qca6391aqt1000_firmwareqcn9100sdx65_firmwareqcm6490_firmwaresdx50mwsa8832_firmwareqcn9070_firmwareqcn9011qca6574ausa8155p_firmwareipq9574wcd9341_firmwarewsa8810wcn6856qca6564_firmwaresd768gwcn6740qca6696sd845_firmwaresa6150pqcn9022_firmwareqcn6024qcn9022sd845qcn9072_firmwaresm7250pqcn9074_firmwaresd850Snapdragon
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-10615
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.51%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-04 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Possibility of integer overflow in keymaster 4 while allocating memory due to multiplication of large numcerts value and size of keymaster bob which can lead to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SA415M, SA515M, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwarekamorta_firmwareqcm2150_firmwareqcs610sdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439qcs404_firmwaremdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaresc8180xmdm9206sdm670_firmwareqcs404sdx24_firmwaresdm636sda845_firmwaresa415mapq8098mdm9205mdm9206_firmwaresa515mqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaresa6155p_firmwaremsm8920msm8953sdm450sdm636_firmwaresa515m_firmwareapq8098_firmwaremsm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwaresdm660sc8180x_firmwaresa415m_firmwareqcs405sdm710qm215sc7180_firmwaremdm9607apq8017_firmwaresdm710_firmwaresa6155pqcs610_firmwaremdm9150msm8937msm8996_firmwaremsm8905sm8150_firmwaremsm8909sxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwarerennellsc7180sdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250msm8998sm8150sdm850kamortaapq8017msm8996nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-21656
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.52%
||
7 Day CHG~0.00%
Published-06 Jun, 2023 | 07:39
Updated-02 Aug, 2024 | 09:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in WLAN HOST

Memory corruption in WLAN HOST while receiving an WMI event from firmware.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qam8255p_firmwaresm7325-ae_firmwaresa6150p_firmwareqcs610qca8337qam8775pwcd9360_firmwarewcn3950_firmwaresa8150p_firmwaresm4450_firmwareqca6595au_firmwaresa6155sm8350csra6620_firmwarecsra6640_firmwarewcn685x-1sm7350-ab_firmwaresm4375wcn3998qca6554a_firmwareqam8295pwcn3950qcn6024_firmwaresd_8_gen1_5g_firmwaresm6375_firmwarewcn3660bsm7315_firmwaresm7325-aeqca6574au_firmwaresm4250-aawcd9375_firmwarewcn3998_firmwareqca8081_firmwaresa6155_firmwaresm6225-adwcd9360snapdragon_xr2\+_gen_1_platformsnapdragon_auto_5g_modem-rf_firmwareqca6678aq_firmwaresmart_audio_400_platform_firmwaresm6225-ad_firmwareqca6698aqsa4155p_firmwaresa8155_firmwarewcd9340sw5100qca6436sa6155pqca6698aq_firmwarewcn685x-1_firmwarewcd9341qam8775p_firmwaresa8255pqca6696_firmwareqca6797aqsm4350_firmwaresa8150psm8250-ac_firmwarewsa8830_firmwaresd865_5g_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewcn3988sm4250-aa_firmwaresa8195p_firmwaresm8475wcn6750_firmwaresa8295p_firmwaresm6375wcn3991qca8337_firmwarewcd9380_firmwaressg2125psdm429wsw5100psnapdragon_w5\+_gen_1_wearable_platformqca6564ausdm429qca6574snapdragon_7c\+_gen_3_computewcd9380qcs410sxr1230pwcd9335_firmwarewcn3980qcc2073_firmwareqcm4325_firmwarewcd9340_firmwarewsa8815qca6320sdm429_firmwareqca6426_firmwaresm4450wcn3660b_firmwaresd835qcn9024wcn3980_firmwaresnapdragon_xr2\+_gen_1_platform_firmwaresa8295psm8475_firmwarewcn6740_firmwareqcs4490_firmwaresnapdragon_xr2_5g_platformqca6678aqsnapdragon_x65_5g_modem-rf_systemsm8350_firmwareqca6797aq_firmwarewcn785x-1_firmwareqcn9024_firmwarewsa8832sw5100p_firmwareqcs610_firmwaresa6145pqcs4490qca6595_firmwaresa8145pqca6391_firmwaresa4150p_firmwarewcd9370_firmwaresm4350-ac_firmwaresdx55sd888_firmwaresa8155pcsra6640sm8250ssg2115p_firmwareqam8255psa4155par8035_firmwarewcn3991_firmwarewsa8830sa8145p_firmwaresxr2230p_firmwareqam8650pwcn785x-5csrb31024csra6620qca6390_firmwaresnapdragon_auto_4g_modem_firmwarewcd9370ssg2115pqca6426qca6584au_firmwarewcn3990_firmwaresm8450sm8250-abwcd9385_firmwarewcd9326_firmwareqam8295p_firmwaresm7325-afsa8155qca6320_firmwaresnapdragon_x55_5g_modem-rf_systemsnapdragon_835_mobile_pc_platform_firmwaresdx55_firmwareqca6595ausm7325-af_firmwareqca6436_firmwaresm4350-acsnapdragon_w5\+_gen_1_wearable_platform_firmwareqca6564au_firmwareqca6584ausa6155p_firmwareqca6310snapdragon_x65_5g_modem-rf_system_firmwaresm6225qcs6490qcs8550_firmwaresm8250_firmwaresm8250-acwcn3988_firmwaresa6145p_firmwaresa8195pwsa8810_firmwaresm4375_firmwaresm8450_firmwaresnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwarewcd9326wcd9335qca8081qcm4490wcd9385sxr2130_firmwareqcs6490_firmwareqca6390ar8035wcd9375wcn3620_firmwareqcm6490wsa8815_firmwarewsa8835_firmwarewcn3620sm7350-absa4150pwcn785x-1qcm4325wcn3990qca6554asd865_5gqca6595sm8350-ac_firmwaresnapdragon_835_mobile_pc_platformsd888wsa8835sxr1230p_firmwaresdm429w_firmwaresnapdragon_auto_5g_modem-rfsd_8_gen1_5gssg2125p_firmwaresxr2130qca6574asmart_audio_400_platformwcn685x-5_firmwaresm7325pqca6310_firmwaresm7325wcn6750qcc2076_firmwareqca6574_firmwaresm7325p_firmwaresxr2230psnapdragon_xr2_5g_platform_firmwareqca6175aqca6574a_firmwarewcn785x-5_firmwaresm7315sm8250-ab_firmwareqca6391snapdragon_x55_5g_modem-rf_system_firmwareqcm4490_firmwaresnapdragon_auto_4g_modemcsrb31024_firmwareqcm6490_firmwarewsa8832_firmwarewcn685x-5sm6225_firmwareqca6574ausa8155p_firmwarewcd9341_firmwarewsa8810snapdragon_ar2_gen_1_platformsd835_firmwaresm8350-acqam8650p_firmwarewcn6740qca6696qcs8550sm4350sa6150pqcn6024qcc2076sw5100_firmwareqcs410_firmwareqcc2073qca6175a_firmwaresm7325_firmwareSnapdragon
CWE ID-CWE-20
Improper Input Validation
CVE-2019-10562
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.29%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Improper authentication and signature verification of debug polices in secure boot loader will allow unverified debug policies to be loaded into secure memory and leads to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ6018, Kamorta, MSM8998, Nicobar, QCS404, QCS605, QCS610, Rennell, SA415M, SA6155P, SC7180, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm850_firmwarekamorta_firmwaresa6155p_firmwareqcs610sdm636_firmwaresdm845msm8998_firmwaresdm660sdx24sdm630qcs404_firmwaresm8250_firmwaresa415m_firmwaresm7150_firmwaresdm710sc7180_firmwaresm6150sdm710_firmwaresm7150sa6155psdm670qcs610_firmwaresxr2130qcs605_firmwareipq6018sdm670_firmwareqcs404sdx24_firmwaresm8150_firmwaresxr2130_firmwaresdm636sda845_firmwarerennellsa415msc7180sdm630_firmwaresda660_firmwarerennell_firmwareipq6018_firmwareqcs605sdx55sm6150_firmwaresm8250msm8998sm8150sdm850sda660kamortasdx55_firmwaresxr1130_firmwarenicobar_firmwaresxr1130sdm660_firmwaresda845nicobarsdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-287
Improper Authentication
CWE ID-CWE-347
Improper Verification of Cryptographic Signature
CVE-2019-10605
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 27.24%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 05:25
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overwrite can occur in IEEE80211 header filling function due to lack of range check of array index received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, IPQ8074, MDM9607, MDM9650, MSM8909, MSM8939, QCN7605, SDA660, SDM630, SDM636, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-msm8909sdx24_firmwaresdm636_firmwareipq8074sdm636sdm630_firmwaresda660_firmwaresdx20qcn7605sdm660sdx24sdm630mdm9607_firmwaremsm8939mdm9650apq8053ipq8074_firmwaremdm9607mdm9650_firmwaresdx20_firmwaresda660msm8939_firmwareapq8009_firmwareqcn7605_firmwareapq8009msm8909_firmwareapq8053_firmwaresdm660_firmwareSnapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-10598
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 27.24%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 05:25
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound access can occur while processing peer info in IBSS connection mode due to lack of upper bounds check to ensure that for loop further will not cause an overflow in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, APQ8096AU, MDM9607, MSM8996AU, QCA6574AU, QCN7605, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm636_firmwaremsm8996au_firmwaresdm845sdx20sdm660sdx24sdm630mdm9607_firmwaresm7150_firmwareqca6574ausm6150mdm9607msm8996ausm7150qcn7605_firmwareqcs605_firmwaresm8150_firmwaresdx24_firmwareapq8096ausdm636sda845_firmwaresdm630_firmwaresda660_firmwareqcn7605qcs605sdx55apq8053apq8096au_firmwaresm6150_firmwaresm8150sdx20_firmwareqca6574au_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130apq8053_firmwaresdm660_firmwaresda845sdm845_firmwareSnapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-10601
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 27.24%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 05:25
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound access can occur while processing firmware event due to lack of validation of WMI message received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8096AU, IPQ4019, IPQ8064, IPQ8074, MSM8996AU, Nicobar, QCA6574AU, QCN7605, QCS405, SDM630, SDM636, SDM660, SDM845, SM6150, SM7150, SM8150

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm636_firmwaremsm8996au_firmwaresdm845sdm660sdm630qcs405sm7150_firmwareipq8074_firmwareqca6574ausm6150msm8996ausm7150qcn7605_firmwareipq4019_firmwaresm8150_firmwareipq8074apq8096ausdm636qcs405_firmwaresdm660_firmwaresdm630_firmwareqcn7605ipq4019apq8096au_firmwaresm6150_firmwaresm8150ipq8064qca6574au_firmwarenicobar_firmwareipq8064_firmwarenicobarsdm845_firmwareSnapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2019-10582
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.69%
||
7 Day CHG~0.00%
Published-21 Jan, 2020 | 06:30
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free issue due to using of invalidated iterator to delete an object in sensors HAL in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8096AU, MSM8909W, Nicobar, QCS605, SA6155P, SDA845, SDM429W, SDM670, SDM710, SDM845, SM6150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa6155p_firmwaresdm429wsdm845mdm9607_firmwaresm8250_firmwaresdm710msm8909w_firmwaremdm9607sm6150sdm429w_firmwaresdm710_firmwaresa6155psdm670sxr2130qcs605_firmwaresdm670_firmwaresm8150_firmwaresxr2130_firmwareapq8096ausda845_firmwareqcs605apq8096au_firmwaresm6150_firmwaresm8250sm8150sxr1130_firmwarenicobar_firmwaremsm8909wsxr1130sda845nicobarsdm845_firmwareSnapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2019-10628
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 27.24%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-04 Aug, 2024 | 22:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Memory can be potentially corrupted if random index is allowed to manipulate TLB entries in Kernel from user library' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8098, Bitra, MDM9205, MDM9650, MSM8998, Nicobar, QCA6390, QCN7605, QCS404, QCS405, QCS605, QCS610, Rennell, SA415M, SA6155P, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcs610sdm845sdx24qcs404_firmwaremdm9650sm7150_firmwaresm6150sm7150qca6390_firmwaresdm670sxr2130qcs605_firmwaresc8180xsdm670_firmwareqcs404sdx24_firmwaresdm636sda845_firmwaresa415mbitraapq8098qcn7605mdm9205qcs605bitra_firmwaremdm9650_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130sda845nicobarsdm850_firmwaresa6155p_firmwaresdm636_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660sdm630sm8250_firmwaresc8180x_firmwaresa415m_firmwareqcs405sdm710sc7180_firmwaresdm710_firmwareqcn7605_firmwaresa6155pqcs610_firmwaresm8150_firmwaresxr2130_firmwareqcs405_firmwarerennellsc7180sdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwareqca6390sdx55saipan_firmwaresm6150_firmwaresm8250msm8998sm8150sdx20_firmwaresdm850nicobar_firmwaresaipansdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2023-21665
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.07% / 22.06%
||
7 Day CHG~0.00%
Published-02 May, 2023 | 05:08
Updated-02 Aug, 2024 | 09:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incorrect Type Conversion or Cast in Graphics

Memory corruption in Graphics while importing a file.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresm7325-ae_firmwaresa6150p_firmwaresm6250p_firmwaressm7250-aaqcs610315_5g_iot_modem_firmwareqca8337qca6431_firmwaresnapdragon_820_automotive_platform_firmwarewcn3950_firmwaresa8150p_firmwareqcs2290qca6595au_firmwaresa6155qca6335sm8350sdm670qca-4024-0-68cmqfncsra6620_firmwareqcs605_firmwareapq8076sd_675_firmwarecsra6640_firmwareqcs6125_firmwareapq5053-aa_firmwarewcn685x-1qcs400_firmwaresm7350-ab_firmwaremsm8108sm4375wcn3998wcd9371_firmwaremsm8108_firmwareqam8295pwcn3950qcn6024_firmwaresm4125mdm9628sm6375_firmwarewcn3660bsm7150-ac8998_firmwaresm7315_firmwaresm7325-aeqca6574au_firmwaresm4250-aasnapdragon_636_mobile_platform8976_firmwarewcn3998_firmwareqca8081_firmwaresa6155_firmwaresm6225-adwcd9375_firmwareqca6420snapdragon_xr2\+_gen_1_platformsdx20msnapdragon_auto_5g_modem-rf_firmwareqca9367_firmware8909sdm450wcn3999sm6225-ad_firmwareqrb5165m_firmwareqrb5165_firmwareqca6698aqqcs6125sa4155p_firmwaresa8155_firmwareapq8056_firmwaresm7250-ab_firmwareqca6430snapdragon_630_mobile_platform8905_firmwarewcd9340sd626_firmwaresw5100qca64368953_firmwaresa6155papq8052qca6698aq_firmwaremsm8209_firmwarewcn685x-1_firmwaremdm9250_firmwaresm8150_firmwarewcn3660_firmwarewcd9341qca6431qca6696_firmwarewcd9371snapdragon_x12_lte_modem8952_firmwarewcn3910_firmwaresm4350_firmwaresa8150pqca-4020-0-217mspsm8250-ac_firmwarewsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwaresm7225_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewcn3988sd660_firmwaresm4250-aa_firmwaresa8195p_firmwareqca-4020-1-217msp_firmwarewcn6750_firmwaresm6125_firmwaresa8295p_firmwarewcn3610msm8608sm6375sm6115_firmwareqca8337_firmwarewcd9380_firmwaresdm429wsw5100pmsm8996au_firmware8956_firmwarewcd9330snapdragon_w5\+_gen_1_wearable_platformqca6564ausdm429sd670_firmwareqca6574apq8053-acsnapdragon_7c\+_gen_3_computewcd9380snapdragon_wear_4100\+_platform_firmwareqcs410apq8053-ac_firmwareqca9379_firmwaresm7150-aa_firmwarec-v2x_9150_firmwareqcn9012_firmwaresd626qca6174qca6430_firmwarewcd9335_firmwarewcn3980qca6335_firmwaresm72258976pro_firmwareqcs605wcd9340_firmwarewsa8815sm6150-ac_firmwareqca-4020-1-217mspwcn3910qca6320sdm429_firmwaresnapdragon_630_mobile_platform_firmwaremdm9650_firmwareqcs8250qca6426_firmwarewcn3660b_firmwarewcn3680sd835qcn9024wcn3980_firmwaresd730snapdragon_xr2\+_gen_1_platform_firmwarewcd9330_firmwaresnapdragon_x50_5g_modem-rf_system_firmwaresm7150-aasa8295psnapdragon_820_automotive_platformsm6350wcn6740_firmwareqca6421_firmwaresm7125snapdragon_xr2_5g_platformsnapdragon_x65_5g_modem-rf_systemapq8064au_firmwarear8031_firmwarewcn3680_firmwaresm7150-ab_firmwareqrb5165sm8350_firmwaresdm660sm6350_firmware9206_lte_modem_firmwaresdm710sd670qcn9024_firmwareqca6564a_firmwareqca-4024-1-68cmqfnapq8053-lite_firmwareqcm4290_firmwaresnapdragon_x24_lte_modemsw5100p_firmwareqcs610_firmwareqsm8250sa6145par8031sdm439_firmwareqca6595_firmwaresa8145pqca6391_firmwaresa4150p_firmwarewcd9370_firmwaresm4350-ac_firmwaresdx55sd888_firmwaresm8250csra6640sa8155psd675qcs8155_firmwaresnapdragon_x20_lte_modemsnapdragon_1200_wearable_platformwcn3660qca9379sa4155par8035_firmwareqcm2290qsm8250_firmwaresdm845_firmwaresnapdragon_632_mobile_platformwsa88308998sa8145p_firmwaresm6125snapdragon_x24_lte_modem_firmwareqcs2290_firmwaresdm450_firmwarecsrb31024mdm9628_firmwareflight_rb5_5g_platformmdm9650qca-4020-0-217msp_firmwarecsra6620flight_rb5_5g_platform_firmwareqca-4024-1-68cmqfn_firmwaresm7250-ac_firmwareqcs4290snapdragon_x20_lte_modem_firmwaremdm9250apq8053-liteqca6420_firmwareqca6390_firmwaresnapdragon_auto_4g_modem_firmwareqca6174_firmwaresd730_firmwarewcd9370sd675_firmwareqca6564sm6115qca6426qca6584au_firmwarewcn3990_firmwareqrb5165n_firmwareapq8076_firmwareqca9377sm8250-abwcd9385_firmwarewcd9326_firmwarewcn3615_firmwaresnapdragon_1200_wearable_platform_firmwareqam8295p_firmwaresm7325-afqcn9011_firmwaresa8155snapdragon_x55_5g_modem-rf_systemqca6320_firmware8976prosdx55_firmwaresda\/sdm845_firmwaresnapdragon_208_processor_firmwarewcn3615wcn3680b_firmware8917_firmwareqca6595ausm7250p_firmware8953wcn3610_firmwaresm7325-af_firmwarewcn3999_firmwareqca6436_firmwareqrb5165nsm4350-acsnapdragon_w5\+_gen_1_wearable_platform_firmwareqca6564au_firmwareqca6584ausa6155p_firmwareqca6310snapdragon_x65_5g_modem-rf_system_firmwareqcs8155apq8053-aa_firmwaresm6225snapdragon_208_processorqcs6490snapdragon_x5_lte_modem_firmware9206_lte_modemqca9367sm8250_firmware8976sm8250-acwcn3988_firmware315_5g_iot_modemqcn9074sa6145p_firmwareqca6421sm6250c-v2x_9150sa8195psxr1120sdm710_firmwareapq8017_firmwarewsa8810_firmwaresm4375_firmwarewcd9326wcd9335qca80818917apq8053-aaqca6174a_firmwareqcs4290_firmwarewcd9385sxr2130_firmwareqcs6490_firmwaresnapdragon_x12_lte_modem_firmwaresm7150-abqca6390wcd9375ar8035aqt1000sda\/sdm845apq8064ausm6250_firmware8909_firmwaresm6150_firmwareapq8056wcn3620_firmwaresm8150wsa8815_firmwareqcm6490wsa8835_firmwarewcn3620snapdragon_636_mobile_platform_firmwaresm7350-abapq8017sxr1120_firmwareqca6564asa4150pqcm6125_firmwaresnapdragon_x5_lte_modemqcm2290_firmwareapq5053-aawcn3990sd_675sdm845sd865_5g8953proqca6595sm8350-ac_firmwaresdm439sm8150-acqcn9012sd888sm6150wsa8835msm8996ausdm429w_firmwaresnapdragon_auto_5g_modem-rfsm6250psxr2130snapdragon_wear_4100\+_platformqca6574awcn685x-5_firmwareqca6174asm7325psdm670_firmwaressm7250-aa_firmwareqca6310_firmwaresm7325sdm660_firmwarewcn6750apq8052_firmwaresm7150-ac_firmwaresm7250-abqca6574_firmwaresd855sm4125_firmwaresm7325p_firmwaresnapdragon_xr2_5g_platform_firmwareqca6574a_firmware8953pro_firmwaremsm8209qrb5165m8956sm7315snapdragon_x55_5g_modem-rf_system_firmwaresm8250-ab_firmwareqca6391aqt1000_firmwaresnapdragon_auto_4g_modemsnapdragon_632_mobile_platform_firmwareqcm4290csrb31024_firmwareqcm6490_firmwaresnapdragon_xr1_platformwcn685x-5qcn9011sm6225_firmwareqca6574ausa8155p_firmwareqcs8250_firmwarewcd9341_firmwaresdx20m_firmwareqcm6125wsa88108905sm7250-acsm8150-ac_firmwareqca-4024-0-68cmqfn_firmwarewcn3680bsm8350-acsd835_firmwareqca6564_firmwarewcn6740qca6696sm4350msm8608_firmwaresm6150-acsm7125_firmwaresnapdragon_x50_5g_modem-rf_systemsa6150pqcn6024sm7250psw5100_firmwareqcn9074_firmwareqcs410_firmwareqcs4008952snapdragon_xr1_platform_firmwaresm7325_firmwareSnapdragonqca9377_firmwaresnapdragon_662_mobile_platform_firmwaresa6150p_firmwaresm6250p_firmwaresa8145p_firmware315_5g_iot_modem_firmwareqcs2290_firmwaresnapdragon_x24_lte_modem_firmwareqca6431_firmwaremdm9628_firmwaresnapdragon_820_automotive_platform_firmwareflight_rb5_5g_platform_firmwaresnapdragon_x20_lte_modem_firmwarewcn3950_firmwaresnapdragon_653_mobile_platform_firmwaresnapdragon_888_5g_mobile_platform_firmwaresa8150p_firmwareqca6420_firmwareqca6595au_firmwaresnapdragon_450_mobile_platform_firmwaresnapdragon_xr1_platform_firmwareqca6174_firmwaresd730_firmwaresnapdragon_auto_4g_modem_firmwarecsra6620_firmwaresd_675_firmwaresd675_firmwarecsra6640_firmwaresnapdragon_460_mobile_platform_firmwareqcs6125_firmwaresnapdragon_480_5g_mobile_platform_firmwareqca6584au_firmwareapq8076_firmwareqrb5165n_firmwarewcn3990_firmwarewcd9371_firmwaremsm8108_firmwarewcd9385_firmwareqcn6024_firmwarewcd9326_firmwarewcn3615_firmwaresnapdragon_1200_wearable_platform_firmwaresnapdragon_660_mobile_platform_firmwareqam8295p_firmwareqcn9011_firmwaresm7315_firmwareqca6320_firmwaresnapdragon_429_mobile_platform_firmwareqca6574au_firmwaresdx55_firmwaresnapdragon_208_processor_firmwaresnapdragon_212_mobile_platform_firmwaresnapdragon_695_5g_mobile_platform_firmwareqca8081_firmwaresa6155_firmwaresnapdragon_835_mobile_pc_platform_firmwaresm7250p_firmwarewcd9375_firmwarewcn3610_firmwarewcn3999_firmwareqca6436_firmwaresnapdragon_680_4g_mobile_platform_firmwareqca6564au_firmwaresnapdragon_auto_5g_modem-rf_firmwaresa6155p_firmwareqca9367_firmwaresnapdragon_x65_5g_modem-rf_system_firmwaresmart_audio_400_platform_firmwaresnapdragon_x5_lte_modem_firmwareqrb5165m_firmwaresa4155p_firmwareapq8056_firmwaresa8155_firmwarerobotics_rb3_platform_firmwarewcn3988_firmwaresa6145p_firmwarefastconnect_6700_firmwareapq8017_firmwaresd626_firmwaresnapdragon_626_mobile_platform_firmwarewsa8810_firmwarehome_hub_100_platform_firmwareqca6698aq_firmwaremsm8209_firmwareqca6174a_firmwarequalcomm_205_mobile_platform_firmwaremdm9250_firmwareqcs4290_firmwaresxr2130_firmwarewcn3660_firmwareqca6696_firmwareqcs6490_firmwaresnapdragon_x12_lte_modem_firmwaresnapdragon_665_mobile_platform_firmwarewcn3910_firmwaresnapdragon_855_mobile_platform_firmwaresnapdragon_210_processor_firmwaresm6250_firmwarevision_intelligence_400_platform_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewcn3620_firmwarewsa8815_firmwarewsa8835_firmwaresd660_firmwaresnapdragon_636_mobile_platform_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwaresxr1120_firmwaresa8295p_firmwaresnapdragon_750g_5g_mobile_platform_firmwareqcm6125_firmwaresnapdragon_675_mobile_platform_firmwareqcm2290_firmwarerobotics_rb5_platform_firmwareqca8337_firmwarewcd9380_firmwaresnapdragon_778g_5g_mobile_platform_firmwaremsm8996au_firmwaresnapdragon_670_mobile_platform_firmwaresd670_firmwaresdm429w_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_425_mobile_platform_firmwareqca9379_firmwarec-v2x_9150_firmwareqca6310_firmwareqca6430_firmwareqcn9012_firmwarewcd9335_firmwareapq8052_firmwareqca6335_firmwareqca6574_firmwarewcd9340_firmwaresm4125_firmwarewcn3680b_firmwaresm7325p_firmwaremdm9650_firmwaresnapdragon_630_mobile_platform_firmwaresnapdragon_439_mobile_platform_firmwareqca6426_firmwaresnapdragon_xr2_5g_platform_firmwarewcn3660b_firmwareqca6574a_firmwarefastconnect_6200_firmwarewcn3980_firmwaresnapdragon_x55_5g_modem-rf_system_firmwarewcd9330_firmwaresnapdragon_x50_5g_modem-rf_system_firmwareqca6421_firmwareaqt1000_firmwarewcn6740_firmwaresnapdragon_690_5g_mobile_platform_firmwaresnapdragon_845_mobile_platform_firmwaresnapdragon_632_mobile_platform_firmwareapq8064au_firmwarear8031_firmwarecsrb31024_firmwareqcm6490_firmwarewcn3680_firmwarefastconnect_6900_firmware9206_lte_modem_firmwaresa8155p_firmwaresmart_audio_200_platform_firmwareqca6564a_firmwareqcn9024_firmwareqcs8250_firmwarewcd9341_firmwaresdx20m_firmwareqcm4290_firmwaresw5100p_firmwareqcs610_firmwarequalcomm_215_mobile_platform_firmwaresd835_firmwaresnapdragon_617_processor_firmwareqca6564_firmwareqca6595_firmwaresnapdragon_650_mobile_platform_firmwareqca6391_firmwaresnapdragon_710_mobile_platform_firmwaresa4150p_firmwaremsm8608_firmwarewcd9370_firmwaresd888_firmwaresnapdragon_652_mobile_platform_firmwareqcs8155_firmwareqcn9074_firmwareqcs410_firmwaresw5100_firmwaresnapdragon_720g_mobile_platform_firmwarear8035_firmwareqsm8250_firmwaresnapdragon_625_mobile_platform_firmware
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2019-10629
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 27.24%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-04 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'User Process can potentially corrupt kernel virtual page by passing a crafted page in API' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Bitra, IPQ6018, IPQ8074, MDM9205, Nicobar, QCA8081, QCN7605, QCS404, QCS405, QCS605, QCS610, Rennell, SA415M, SA6155P, Saipan, SC7180, SC8180X, SDA845, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm850_firmwaresa6155p_firmwareqcs610sdm845sdx20sdx24qcs404_firmwaresm8250_firmwaresc8180x_firmwaresa415m_firmwareqcs405sm7150_firmwareipq8074_firmwaresdm710sc7180_firmwaresm6150sdm710_firmwaresm7150qcn7605_firmwaresa6155psdm670qca8081qcs610_firmwareqcs605_firmwaresc8180xsxr2130ipq6018sdm670_firmwareqcs404sdx24_firmwaresm8150_firmwareipq8074sxr2130_firmwareqcs405_firmwarerennellsa415msc7180bitrasda845_firmwaremdm9205_firmwareqcn7605rennell_firmwareipq6018_firmwaremdm9205qcs605sdx55saipan_firmwaresm6150_firmwaresm8250bitra_firmwaresm8150sdx20_firmwaresdm850sxr1130_firmwaresdx55_firmwareqca8081_firmwarenicobar_firmwaresaipansxr1130sda845nicobarsdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2019-10544
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.10%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 05:25
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper length check on source buffer to handle userspace data received can lead to out-of-bound access in diag handlers in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, QCN7605, QCS405, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaremdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwareapq8098qcn7605mdm9206_firmwaremsm8939qcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845msm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwareqcs405sdm710qm215mdm9607apq8017_firmwaresdm710_firmwaremsm8939_firmwareqcn7605_firmwaremsm8937mdm9207c_firmwaremsm8905mdm9207csm8150_firmwaremsm8909sxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwaresdm630_firmwaresda660_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250msm8998sm8150sdx20_firmwareapq8017sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2019-10602
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.69%
||
7 Day CHG~0.00%
Published-21 Jan, 2020 | 06:30
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Potential use-after-free heap error during Validate/Present calls on display HW composer in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, QCS605, SDA660, SDM845, SDX20, SM8150

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-msm8920msm8953msm8996au_firmwareapq8098_firmwaresdm845sdx20msm8920_firmwaremdm9607_firmwaremdm9650msm8940_firmwaremsm8909w_firmwaremdm9607msm8996aumsm8917msm8937mdm9207c_firmwareqcs605_firmwaremdm9206mdm9207csm8150_firmwareapq8096auapq8098sda660_firmwaremdm9206_firmwareqcs605msm8940apq8053apq8096au_firmwaremsm8953_firmwaremsm8917_firmwaremsm8937_firmwaremdm9650_firmwaresm8150sdx20_firmwaresda660msm8909wapq8053_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2019-10624
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.83%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-04 Aug, 2024 | 22:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While handling the vendor command there is an integer truncation issue that could yield a buffer overflow due to int data type copied to u8 data type in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8096AU, MSM8996AU, QCA6574AU, QCN7605, Rennell, SC8180X, SDM710, SDX55, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm8150_firmwaresxr2130_firmwareapq8096aumsm8996au_firmwarerennellqcn7605rennell_firmwaresm8250_firmwaresc8180x_firmwaresdx55sm7150_firmwareqca6574auapq8096au_firmwaresdm710sm8250msm8996ausm8150sdm710_firmwareqca6574au_firmwaresdx55_firmwaresm7150qcn7605_firmwaresxr2130sc8180xSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-681
Incorrect Conversion between Numeric Types
CVE-2019-10502
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.83%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 17:11
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible stack overflow when an index equal to io buffer size is accessed in camera module in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 845 / SD 850, SD 855, SDM439, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_712sd_850sd_632sd_855sd_730_firmwarequalcomm_215sd_675sd_439sd_670_firmwaresd_425sd_429sdx24sdm439sd_710_firmwareqcs405sd_625msm8909w_firmwaresd_210sd_450_firmwaresd_845_firmwaresd_439_firmwarequalcomm_215_firmwaresd_429_firmwareqcs605_firmwaresd_675_firmwaresd_425_firmwaresd_730sd_212_firmwaresd_665sd_850_firmwaresdx24_firmwaresd_625_firmwaresd_450sdm439_firmwareqcs405_firmwaresd_712_firmwaresd_845qcs605sd_670sd_632_firmwaresd_710sd_205sd_210_firmwaremsm8909wsd_665_firmwaresd_205_firmwaresd_212sd_855_firmwareSnapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2019-10583
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.69%
||
7 Day CHG~0.00%
Published-21 Jan, 2020 | 06:30
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free issue occurs when camera access sensors data through direct report mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8096AU, MDM9607, MSM8909W, Nicobar, QCS605, SA6155P, SDA845, SDM429W, SDM670, SDM710, SDM845, SM6150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa6155p_firmwaresdm429wsdm845mdm9607_firmwaresm8250_firmwaresdm710msm8909w_firmwaremdm9607sm6150sdm429w_firmwaresdm710_firmwaresa6155psdm670sxr2130qcs605_firmwaresdm670_firmwaresm8150_firmwaresxr2130_firmwareapq8096ausda845_firmwareqcs605apq8096au_firmwaresm6150_firmwaresm8250sm8150sxr1130_firmwarenicobar_firmwaremsm8909wsxr1130sda845nicobarsdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2023-21638
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 8.19%
||
7 Day CHG~0.00%
Published-04 Jul, 2023 | 04:46
Updated-02 Aug, 2024 | 09:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incorrect Type Conversion or Cast in Video

Memory corruption in Video while calling APIs with different instance ID than the one received in initialization.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_865_5gwcd9380_firmwarewsa8830sa6150p_firmwaresa8145p_firmwaresd865_5gfastconnect_6800snapdragon_855\+\/860_firmwaresnapdragon_8_gen_1_firmwaresnapdragon_855wsa8835snapdragon_8_gen_1wcd9380sa8150p_firmwareqca6420_firmwaresnapdragon_865\+_5gsnapdragon_x55_5gsnapdragon_855_firmwaresxr2130qca6426snapdragon_855\+\/860qca6430_firmwarefastconnect_6200sd855wsa8815qca6426_firmwarefastconnect_6200_firmwareqca6574au_firmwaresnapdragon_x55_5g_firmwareqca6391qca6420qca6436_firmwaresnapdragon_xr2_5gfastconnect_7800aqt1000_firmwaresa6155p_firmwarefastconnect_6900fastconnect_6900_firmwareqca6430qca6574ausa6145p_firmwaresa8155p_firmwaresnapdragon_870_5gsa8195pwsa8810_firmwarewcd9341_firmwarefastconnect_7800_firmwarewsa8810qca6436sa6155psa6145psnapdragon_865\+_5g_firmwaresxr2130_firmwarewcd9341qca6696_firmwaresa8145pqca6696qca6391_firmwaresnapdragon_xr2_5g_firmwareaqt1000sa8150psa6150psa8155psnapdragon_870_5g_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwarefastconnect_6800_firmwaresnapdragon_865_5g_firmwareSnapdragonaqt1000_firmwaresa6155p_firmwarewcd9380_firmwaresa6150p_firmwaresa8145p_firmwarefastconnect_6900_firmwaresa6145p_firmwaresa8155p_firmwarewsa8810_firmwaresa8150p_firmwarefastconnect_7800_firmwareqca6420_firmwarewcd9341_firmwaresnapdragon_8_gen_1_mobile_platform_firmwaresxr2130_firmwareqca6696_firmwareqca6430_firmwareqca6391_firmwaresnapdragon_855_mobile_platform_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwaresnapdragon_xr2_5g_platform_firmwareqca6426_firmwarewsa8815_firmwarewsa8835_firmwarefastconnect_6200_firmwareqca6574au_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareqca6436_firmware
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2019-10620
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.10%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-04 Aug, 2024 | 22:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Kernel memory error in debug module due to improper check of user data length before copying into memory in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8096AU, APQ8098, MSM8996AU, QCN7605, SDM439, SDX24, SM8150

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-apq8096au_firmwaremsm8996ausdx24_firmwaresm8150sm8150_firmwareapq8096ausdm439_firmwaremsm8996au_firmwareapq8098_firmwareapq8098qcn7605qcn7605_firmwaresdx24sdm439Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-21648
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 8.89%
||
7 Day CHG~0.00%
Published-08 Aug, 2023 | 09:14
Updated-02 Aug, 2024 | 09:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Integer Overflow to Buffer Overflow in RIL

Memory corruption in RIL while trying to send apdu packet.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sda429w_firmwarewsa8830sa6150p_firmwaresa8145p_firmwaresw5100pqcc5100wcd9360_firmwarewsa8835sa8150p_firmwareqca6420_firmwareqca6595au_firmwareqca6574aqca6430_firmwarewcn3980wcn3998sa515msd855wcn3660bwsa8815wcn3660b_firmwareqca6574a_firmwareqca6574au_firmwaresdx55_firmwarewcn3680b_firmwareqca6595auwcn3998_firmwarewcn3980_firmwareqca6391wcn3610_firmwarewcd9360qca6420qcc5100_firmwareaqt1000_firmwaresa6155p_firmwaresa515m_firmwarewcn3988_firmwareqca6430qca6574ausa6145p_firmwaresa8155p_firmwaresa8195pwsa8810_firmwarewcd9341_firmwaresw5100wsa8810sa6155psw5100p_firmwaresa6145pwcn3680bwcd9341qca6696_firmwaresa8145pqca6696qca6391_firmwareaqt1000sa8150psa6150psdx55sa8155pwsa8830_firmwaresda429wsd855_firmwarewcn3988wsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresw5100_firmwarewcn3610Snapdragon
CWE ID-CWE-680
Integer Overflow to Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-10492
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.52%
||
7 Day CHG~0.00%
Published-30 Sep, 2019 | 15:40
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Boot image not getting verified by AVB in Snapdragon Auto, Snapdragon Mobile, Snapdragon Wearables in MDM9607, MSM8909W, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 820, SD 820A, SDM439

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_427_firmwaresd_632sd_820aqualcomm_215sd_439sd_425sd_429sd_430_firmwaremdm9607_firmwaresd_435sdm439sd_625msm8909w_firmwaremdm9607sd_210sd_820_firmwaresd_820sd_450_firmwaresd_439_firmwaresd_820a_firmwarequalcomm_215_firmwaresd_429_firmwaresd_425_firmwaresd_212_firmwaresd_625_firmwaresd_450sdm439_firmwaresd_427sd_430sd_435_firmwaresd_632_firmwaresd_205sd_210_firmwaremsm8909wsd_205_firmwaresd_212Snapdragon Auto, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-345
Insufficient Verification of Data Authenticity
CVE-2023-21649
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 8.31%
||
7 Day CHG~0.00%
Published-08 Aug, 2023 | 09:14
Updated-02 Aug, 2024 | 09:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in WLAN

Memory corruption in WLAN while running doDriverCmd for an unspecific command.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830sa6150p_firmwaresa8145p_firmwareqcs610qca8337qca6431_firmwaremdm9628_firmwaremdm9650wcn3950_firmwaresa8150p_firmwareqca6420_firmwareqca6595au_firmwareqca6390_firmwarewcd9370qca6426qca6584au_firmwaresm4375wcn3998qca6554a_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcn3950mdm9628wcn3660bqca6574au_firmwaresdx55_firmwarewcn3680b_firmwareqca6595auwcd9375_firmwarewcn3998_firmwarewcn3610_firmwareqca6420qca6436_firmwareqca6564au_firmwareqca6584ausa6155p_firmwaresdxr2_5gwcn3988_firmwareqca6430qcn9074sa6145p_firmwareqca6421sa8195pwsa8810_firmwaresm4375_firmwaresw5100qca6436wcn6851sa6155pwcd9385wcd9341qca6431qca6696_firmwaresd870_firmwareqca6390wcd9375aqt1000sa8150pwsa8830_firmwaresda429wsd855_firmwaresd865_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwareqca6564awcn3610wcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwaresw5100pqca6554asd865_5gqca6595qca6564auqcc5100sdx55m_firmwarewsa8835qca6574wcd9380qcs410qca6574aqca6430_firmwarewcn3980qca6574_firmwaresd855wsa8815wcn6850mdm9650_firmwareqca6426_firmwarewcn3660b_firmwareqca6574a_firmwaresd695wcn3980_firmwareqca6391sdx55mqcc5100_firmwareqca6421_firmwareaqt1000_firmwaresd480_firmwarewcn6851_firmwareqca6574ausa8155p_firmwareqca6564a_firmwarewcd9341_firmwaresd480sd870wsa8810sw5100p_firmwareqcs610_firmwaresa6145pwcn3680bsd695_firmwareapq8096auqca6595_firmwaresa8145pqca6696qca6391_firmwarewcd9370_firmwaresa6150psdx55apq8096au_firmwaresa8155psw5100_firmwareqcn9074_firmwareqcs410_firmwareSnapdragonwcn3991_firmwareqca8337_firmwaresda429w_firmwaresa6150p_firmwarewcd9380_firmwaresa8145p_firmwareqca6431_firmwaresdx55m_firmwaremdm9628_firmwarewcn3950_firmwaresa8150p_firmwareqca6420_firmwareqca6595au_firmwareqca6390_firmwareqca6584au_firmwareqca6430_firmwareqca6554a_firmwarewcd9385_firmwaresdxr2_5g_firmwareqca6574_firmwaremdm9650_firmwareqca6426_firmwarewcn3660b_firmwareqca6574a_firmwareqca6574au_firmwaresdx55_firmwarewcn3680b_firmwarewcd9375_firmwarewcn3998_firmwarewcn3980_firmwarewcn3610_firmwareqca6436_firmwareqcc5100_firmwareqca6421_firmwareaqt1000_firmwareqca6564au_firmwaresa6155p_firmwaresd480_firmwarewcn6851_firmwarewcn3988_firmwaresa6145p_firmwaresa8155p_firmwareqca6564a_firmwarewsa8810_firmwarewcd9341_firmwaresm4375_firmwaresw5100p_firmwareqcs610_firmwaresd695_firmwareqca6696_firmwareqca6595_firmwaresd870_firmwareqca6391_firmwarewcd9370_firmwareapq8096au_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewsa8815_firmwarewcn6850_firmwarewsa8835_firmwaresa8195p_firmwaresw5100_firmwareqcn9074_firmwareqcs410_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-21641
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.6||MEDIUM
EPSS-0.03% / 7.58%
||
7 Day CHG~0.00%
Published-04 Jul, 2023 | 04:46
Updated-24 Oct, 2024 | 19:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Permissions, Privileges, and Access Controls in Display

An app with non-privileged access can change global system brightness and cause undesired system behavior.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_7800sa6145psa6155p_firmwarewcd9380_firmwarewsa8830sa6150p_firmwaresa8145p_firmwareqca6696_firmwaresa8145pqca6696fastconnect_6900fastconnect_6900_firmwaresnapdragon_8_gen_1_firmwaresa8150psa6150pqca6574ausa8155psa6145p_firmwaresa8155p_firmwarewsa8835wsa8830_firmwaresa8195psnapdragon_8_gen_1wsa8835_firmwarewcd9380sa8150p_firmwarefastconnect_7800_firmwareqca6574au_firmwaresa8195p_firmwaresa6155pSnapdragon
CWE ID-CWE-264
Not Available
CVE-2019-10499
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.61%
||
7 Day CHG~0.00%
Published-30 Sep, 2019 | 15:40
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper validation of read and write index of tx and rx fifo`s before using for data copy from fifo can lead to out-of-bound access. in Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, IPQ8074, QCS405, SD 665, SD 675, SD 730, SD 855

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_730sd_855sd_665sd_730_firmwareipq8074sd_675qcs405_firmwareipq4019_firmwareipq4019qcs405ipq8074_firmwareipq8064sd_665_firmwareipq8064_firmwaresd_675_firmwaresd_855_firmwareSnapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2023-21664
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.52%
||
7 Day CHG~0.00%
Published-05 Sep, 2023 | 06:24
Updated-27 Feb, 2025 | 21:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy without Checking the Size of Input(Classic Buffer Overflow) in Core Platform

Memory Corruption in Core Platform while printing the response buffer in log.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresd_8cx_gen3_firmwaresa6150p_firmwareqca8337qca6431_firmwaresdx65wcn3950_firmwareipq5028_firmwaresa8150p_firmwareqca6595au_firmwaresa6155qca6335qcs605_firmwaresd_675_firmwarewcn3998qam8295psd_8cx_gen2_firmwareqcn6024_firmwareqca8386_firmwarewcn3950sd_8_gen1_5g_firmwareqca8084_firmwareqsm8350_firmwareqsm8350sm7315_firmwarewcn7850qca6574au_firmwarewcd9375_firmwareqca8081_firmwaresa6155_firmwarewcn3998_firmwareqca6420sd_8cx_gen2qrb5165_firmwareipq5028qrb5165m_firmwareqca6698aqsa4155p_firmwaresa8155_firmwareqca6430sdx65mwcd9340qcn6132sd765gfsm10056_firmwareqca6436wcn6851sa6155pqcs603_firmwarewcn7851_firmwareqca6698aq_firmwareqcn6122wcd9341qca6431qca6696_firmwaresd870_firmwareipq9008_firmwaresd_8cxsa8150pwsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwaresd660_firmwarewcn7850_firmwaresa8195p_firmwaresa8295p_firmwarewcn6750_firmwareipq5018_firmwarewcn3991qca8337_firmwarewcd9380_firmwaressg2125pqca8084qca6564ausdx55m_firmwarewcn6856_firmwareipq9008sd670_firmwareqca6574wcd9380sdx50m_firmwaresxr1230psdx24_firmwareqca6430_firmwareqcn9012_firmwareqcn9274_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqcs605wcd9340_firmwarewsa8815wcn6850qca6426_firmwareqcn9024ipq9574_firmwarewcn3980_firmwaresdx55msa8295pqca6421_firmwarewcn6740_firmwaresd678_firmwareqrb5165wcn6851_firmwareqcs603sd670qca6564a_firmwareqcn9024_firmwaresdx57msd870wsa8832wcn6855sa8540psa6145pqca6595_firmwaresa8145pqca6391_firmwaresa4150p_firmwaresd780g_firmwarewcd9370_firmwaresdx55sd888_firmwaresa8155psd675sdx70mssg2115p_firmwareqcs8155_firmwaresa4155par8035_firmwarewcn3991_firmwarewsa8830sd678qcn9070sa8145p_firmwaresxr2230p_firmwarefsm10056qca8082qcn9072qca8386sd765g_firmwareqca6420_firmwareqca6390_firmwarewcd9370sd675_firmwaressg2115pqca6564qca6426wcn3990_firmwareqrb5165n_firmwareqcn9000_firmwareipq5018qca9377sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwareqam8295p_firmwareqcn9011_firmwareqca8082_firmwaresa8155sa9000p_firmwaresdx55_firmwareqca6595auqcn6023_firmwaresm7250p_firmwareqca6436_firmwareqrb5165nipq5010qca6564au_firmwaresd778gsa6155p_firmwareqca6310qcn9274qcs8155wcn7851qcs6490sdxr2_5gqcn9074sa6145p_firmwareqca6421qca8085sd778g_firmwaresa8195pwsa8810_firmwaresd765_firmwarewcd9326wcd9335qca8081qcn6023sdx65m_firmwareqca6174a_firmwarewcd9385qca8085_firmwareqcs6490_firmwaresd_8cx_gen3sdx70m_firmwarear8035qca6390wcd9375aqt1000qcn9100_firmwareipq5010_firmwareqcm6490sd888_5g_firmwarewcn6850_firmwarewsa8815_firmwarewsa8835_firmwareqca6564asa4150pwcn3990qcn9000sd_675sd780gsd865_5gqca6595sdx24qcn9012sd888qcn6122_firmwarewsa8835sxr1230p_firmwaresa8540p_firmwaresd_8_gen1_5gsd888_5gssg2125p_firmwareqca6574awcn6855_firmwareqca6174asm7325pqcn6132_firmwareqca6310_firmwarewcn6750sa9000pqca6574_firmwaresd855sm7325p_firmwaresxr2230psdx57m_firmwaresd765qca6574a_firmwaresd768g_firmwareqrb5165msd850_firmwaresm7315qca6391aqt1000_firmwareqcn9100sdx65_firmwareqcm6490_firmwaresdx50mwsa8832_firmwareqcn9070_firmwareqcn9011qca6574ausa8155p_firmwareipq9574wcd9341_firmwarewsa8810wcn6856qca6564_firmwaresd768gwcn6740qca6696sd845_firmwaresa6150pqcn9022_firmwareqcn6024qcn9022sd845qcn9072_firmwaresm7250pqcn9074_firmwaresd850Snapdragon
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-21651
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.3||CRITICAL
EPSS-0.05% / 15.80%
||
7 Day CHG~0.00%
Published-08 Aug, 2023 | 09:14
Updated-22 Oct, 2024 | 21:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incorrect Type Conversion or Cast in Core

Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresd_8cx_gen3_firmwareqca8337qca6431_firmwarewcd9360_firmwaresdx65wcn3950_firmwaresa8150p_firmwareqcs2290qca6595au_firmwaresa6155qca6335csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwaresm4375wcn3998qam8295psd_8cx_gen2_firmwareqcn6024_firmwaresm4125wcn3950sd_8_gen1_5g_firmwareqsm8350_firmwareqsm8350sd460_firmwaresm7315_firmwarewcn7850qca6574au_firmwarewcd9375_firmwareqca8081_firmwaresa6155_firmwarewcn3998_firmwareqca6420wcd9360sd680_firmwarewcn3999sd_8cx_gen2qrb5165_firmwareqrb5165m_firmwaresa8155_firmwareqca4004_firmwaresd662_firmwareqcs405qca6430wcd9306_firmwarewcd9340sd765gsw5100qca6436sd680wcn6851sa6155pqcs603_firmwarewcn7851_firmwarewcd9341qca6431qca6696_firmwaresd750gsd870_firmwarewcn3910_firmwaresxr2150p_firmwaresd_8cxsa8150pqca4004wsa8830_firmwaresd855_firmwaresd865_5g_firmwarewcn3988wcn7850_firmwareqcn7606_firmwaresa8295p_firmwarewcn6750_firmwarewcn3991qca8337_firmwarewcd9380_firmwaressg2125psw5100pqca6564ausdx55m_firmwarewcn6856_firmwaresd670_firmwareqca6574wcd9380sd690_5g_firmwaresdx50m_firmwaresxr1230psdx24_firmwareqcn9012_firmwareqca6430_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqcs605wcd9340_firmwarewsa8815wcn6850wcn3910qca6426_firmwareqca9984sd695qcn9024wcn3980_firmwaresdx55mqcc5100_firmwareqca6421_firmwaresa8295pwcn6740_firmwaresd678_firmwarear8031_firmwareqrb5165wcn6851_firmwareqcs603sd670qca6564a_firmwareqcn9024_firmwaresdx57mqcm4290_firmwaresd480sd870wcn6855wsa8832sa8540psw5100p_firmwareqsm8250sa6145psd695_firmwarear8031qca6595_firmwareqcs405_firmwaremdm9205_firmwareqca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55sd888_firmwaresa8155pcsra6640sd675ssg2115p_firmwaresxr2150par8035_firmwareqsm8250_firmwareqcm2290qcn7606wcn3991_firmwarewsa8830sd678qcs2290_firmwarecsra6620qcs4290sd765g_firmwareqca6420_firmwareqca6390_firmwaresd690_5gwcd9370sd675_firmwaressg2115pqca6426wcn3990_firmwareqrb5165n_firmwareqca9984_firmwareqca9377sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwaresd662qam8295p_firmwareqcn9011_firmwaresa8155sa9000p_firmwaresdx55_firmwareqca6595auwcn3999_firmwaresm7250p_firmwareqca6436_firmwareqrb5165nqca6564au_firmwaresd778gsa6155p_firmwareqca6310wcd9306sa515m_firmwareqcs6490wcn7851sdxr2_5gwcn3988_firmwaresa6145p_firmwareqca6421sd778g_firmwarewsa8810_firmwaresm4375_firmwaresd765_firmwarewcd9326wcd9335sg4150pqca8081qca6174a_firmwareqcs4290_firmwarewcd9385qcs6490_firmwaresd_8cx_gen3ar8035qca6390sd750g_firmwareaqt1000wcd9375qcm6490sd888_5g_firmwarewcn6850_firmwarewsa8815_firmwarewsa8835_firmwareqcx315qca6564asg4150p_firmwareqcm2290_firmwarewcn3990sd_675sd780gsd865_5gqca6595qcc5100sdx24qcn9012sd888wsa8835qcx315_firmwaresxr1230p_firmwaresd665_firmwaresa8540p_firmwaresd_8_gen1_5gsd888_5gssg2125p_firmwareqca6574awcn6855_firmwareqca6174asm7325pqca6310_firmwarewcn6750mdm9205sa515mqca6574_firmwaresa9000psd855sm4125_firmwaresm7325p_firmwaresd665sdx57m_firmwaresd765qca6574a_firmwaresd768g_firmwareqrb5165msd850_firmwaresm7315sd460qca6391aqt1000_firmwaresdx65_firmwareqcm4290qcm6490_firmwaresdx50mwsa8832_firmwaresd480_firmwareqcn9011qca6574ausa8155p_firmwarewcd9341_firmwarewsa8810wcn6856sd768gwcn6740qca6696sd845_firmwareqcn6024sd845sm7250psw5100_firmwaresd850Snapdragonqca9377_firmwaresd_8cx_gen3_firmwarewcn3991_firmwareqcs2290_firmwareqca6431_firmwarewcd9360_firmwarewcn3950_firmwaresa8150p_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqca6390_firmwarecsra6620_firmwareqcs605_firmwaresd_675_firmwaresd675_firmwarecsra6640_firmwarewcn3990_firmwareqrb5165n_firmwareqca9984_firmwaresd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwaresd_8cx_gen2_firmwareqcn6024_firmwarewcd9326_firmwaresd_8_gen1_5g_firmwareqsm8350_firmwaresd460_firmwareqam8295p_firmwareqcn9011_firmwaresa9000p_firmwaresm7315_firmwareqca6574au_firmwaresdx55_firmwarewcd9375_firmwareqca8081_firmwaresa6155_firmwarewcn3998_firmwaresm7250p_firmwarewcn3999_firmwareqca6436_firmwareqca6564au_firmwaresd680_firmwaresa6155p_firmwaresa515m_firmwareqrb5165_firmwareqrb5165m_firmwaresa8155_firmwareqca4004_firmwaresd662_firmwarewcn3988_firmwaresa6145p_firmwarewcd9306_firmwaresd778g_firmwarewsa8810_firmwaresm4375_firmwaresd765_firmwareqcs603_firmwarewcn7851_firmwareqca6174a_firmwareqcs4290_firmwareqca6696_firmwareqcs6490_firmwaresd870_firmwarewcn3910_firmwaresxr2150p_firmwaresd750g_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewsa8815_firmwaresd888_5g_firmwarewcn6850_firmwarewcn7850_firmwarewsa8835_firmwaresa8295p_firmwareqcn7606_firmwarewcn6750_firmwaresg4150p_firmwareqcm2290_firmwareqca8337_firmwarewcd9380_firmwaresdx55m_firmwarewcn6856_firmwaresd670_firmwareqcx315_firmwaresxr1230p_firmwaresd665_firmwaresa8540p_firmwaressg2125p_firmwaresd690_5g_firmwaresdx50m_firmwarewcn6855_firmwaresdx24_firmwareqca6310_firmwareqca6430_firmwareqcn9012_firmwarewcd9335_firmwareqca6335_firmwareqca6574_firmwarewcd9340_firmwaresm4125_firmwaresm7325p_firmwaresdx57m_firmwareqca6426_firmwareqca6574a_firmwaresd768g_firmwaresd850_firmwarewcn3980_firmwareqcc5100_firmwareqca6421_firmwareaqt1000_firmwarewcn6740_firmwaresdx65_firmwaresd678_firmwarear8031_firmwareqcm6490_firmwarewsa8832_firmwaresd480_firmwarewcn6851_firmwaresa8155p_firmwareqca6564a_firmwareqcn9024_firmwarewcd9341_firmwareqcm4290_firmwaresw5100p_firmwaresd695_firmwareqca6595_firmwareqcs405_firmwaremdm9205_firmwareqca6391_firmwaresd845_firmwaresd780g_firmwarewcd9370_firmwaresd888_firmwaressg2115p_firmwaresw5100_firmwarear8035_firmwareqsm8250_firmware
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2019-10571
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.10%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 08:30
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Snapshot of IB can lead to invalid address access due to missing check for size in the related function in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, Nicobar, QCN7605, QCS405, QCS605, QM215, SA6155P, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausm7150msm8917sdm670sxr2130qcs605_firmwaremdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwareapq8098qcn7605mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaresda660msm8909wmsm8909_firmwareapq8053_firmwaresda845nicobarsa6155p_firmwaremsm8920msm8953sdm450sdm636_firmwareapq8098_firmwaresdx20sdm660msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwareqcs405sdm710qm215mdm9607apq8017_firmwaresdm710_firmwareqcn7605_firmwaresa6155pmsm8937mdm9207c_firmwaremdm9207csm8150_firmwaremsm8909sxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwaresdm630_firmwaresda660_firmwareqm215_firmwaremsm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250sm8150sdx20_firmwareapq8017nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-21672
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.04% / 13.23%
||
7 Day CHG~0.00%
Published-04 Jul, 2023 | 04:46
Updated-02 Aug, 2024 | 09:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Audio

Memory corruption in Audio while running concurrent tunnel playback or during concurrent audio tunnel recording sessions.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qam8255p_firmwarewsa8830wcd9380_firmwaresa6150p_firmwaressg2125psa8145p_firmwaresxr2230p_firmwaresw5100pqam8650psd865_5gqca6595snapdragon_8_gen_1_firmwareqam8775psnapdragon_ar2_gen_1snapdragon_685_4g_firmwarewsa8835qca6574sxr1230p_firmwarewcn3950_firmwaresnapdragon_8_gen_1sd_8_gen1_5gwcd9380sa8150p_firmwareqca6595au_firmwarefastconnect_6700wcd9370ssg2125p_firmwareqca6574assg2115psxr1230pwcn3980snapdragon_8\+_gen_1wcd9385_firmwareqam8295pwcn3950qcm4325_firmwareqca6574_firmwaresd_8_gen1_5g_firmwaresnapdragon_680_4g_firmwarewsa8815sxr2230pqam8295p_firmwaresnapdragon_4_gen_2qca6574a_firmwareqca6574au_firmwareqca6595auwcd9375_firmwarewcn3980_firmwaresnapdragon_w5\+_gen_1_firmwaresnapdragon_xr2_5gsa8295psnapdragon_w5\+_gen_1fastconnect_7800wcn6740_firmwaresa6155p_firmwaresnapdragon_685_4gsnapdragon_ar2_gen_1_firmwaresnapdragon_4_gen_2_firmwarewsa8832_firmwareqca6698aqsa4155p_firmwarefastconnect_6900fastconnect_6900_firmwaresa4150pwcn3988_firmwareqca6797aq_firmwareqca6574ausa6145p_firmwaresa8155p_firmwaresnapdragon_680_4gfastconnect_6700_firmwaresa8195pwsa8810_firmwaresnapdragon_8\+_gen_1_firmwarefastconnect_7800_firmwaresw5100wsa8810wsa8832sa8255p_firmwaresa6155psg4150psw5100p_firmwareqca6698aq_firmwaresa6145pqam8650p_firmwarewcd9385qam8775p_firmwaresa8255pqca6696_firmwareqca6595_firmwaresa8145pwcn6740qca6696qca6797aqsnapdragon_xr2_5g_firmwaresa4150p_firmwarewcd9375wcd9370_firmwaresa8150psa6150psa8155pwsa8830_firmwaresd865_5g_firmwarewcn3988wsa8815_firmwarewsa8835_firmwaresa8195p_firmwaressg2115p_firmwaresw5100_firmwaresa8295p_firmwareqam8255psa4155psg4150p_firmwareqcm4325Snapdragon
CWE ID-CWE-416
Use After Free
CVE-2023-21637
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 6.55%
||
7 Day CHG~0.00%
Published-04 Jul, 2023 | 04:46
Updated-02 Aug, 2024 | 09:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Restrictions of Operations within the Bounds of a Memory Buffer in Linux

Memory corruption in Linux while calling system configuration APIs.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_865_5gwsa8830wcd9380_firmwaresa6150p_firmwarewcn3990sa8145p_firmwaresw5100psd865_5gfastconnect_6800snapdragon_855\+\/860_firmwarewcd9360_firmwaresnapdragon_855wsa8835snapdragon_auto_5g_firmwarewcd9380sa8150p_firmwareqca6420_firmwareqca6595au_firmwaresnapdragon_865\+_5gsnapdragon_x55_5gsnapdragon_wear_4100\+snapdragon_855_firmwaresxr2130qca6574asnapdragon_auto_5gsnapdragon_835_firmwareqca6426snapdragon_855\+\/860wcn3990_firmwareqca6310_firmwareqca6430_firmwarewcd9335_firmwarewcn3980fastconnect_6200wcd9340_firmwarewcn3660bsd855wsa8815qca6320qca6426_firmwarewcn3660b_firmwareqca6320_firmwaresnapdragon_x55_5g_firmwareqca6574au_firmwaresdx55_firmwarewcn3680b_firmwareqca6574a_firmwareqca6595aufastconnect_6200_firmwaresd835wcn3980_firmwareqca6391wcn3610_firmwareqca6420qca6436_firmwarewcd9360snapdragon_w5\+_gen_1_firmwaresnapdragon_xr2_5gsnapdragon_w5\+_gen_1aqt1000_firmwaresa6155p_firmwareqca6310snapdragon_wear_4100\+_firmwarefastconnect_6900fastconnect_6900_firmwarewcn3988_firmwareqca6430qca6574ausa6145p_firmwaresnapdragon_870_5gsa8155p_firmwarewcd9340sa8195pwsa8810_firmwarewcd9341_firmwaresw5100wsa8810qca6436wcd9335sa6155psw5100p_firmwaresnapdragon_865\+_5g_firmwaresa6145pwcn3680bsd835_firmwaresnapdragon_835sxr2130_firmwarewcd9341qca6696_firmwaresa8145pqca6696qca6391_firmwaresnapdragon_xr2_5g_firmwareaqt1000sa8150psa6150psdx55sa8155pwsa8830_firmwaresnapdragon_870_5g_firmwaresd855_firmwaresd865_5g_firmwarewcn3988wsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresw5100_firmwarefastconnect_6800_firmwaresnapdragon_865_5g_firmwarewcn3610Snapdragon
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-10621
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.67%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-04 Aug, 2024 | 22:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free issue when MAP and UNMAP calls at same time as data structure used my MAP may be freed by UNMAP function in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in Nicobar, QCS405, Rennell, Saipan, SC8180X, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm8150_firmwaresxr2130_firmwareqcs405_firmwarerennellrennell_firmwaresm8250_firmwaresc8180x_firmwaresdx55qcs405sm7150_firmwaresaipan_firmwaresm6150_firmwaresm6150sm8250sm8150sdx55_firmwaresm7150nicobar_firmwaresaipansxr2130sc8180xnicobarSnapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-416
Use After Free
CVE-2023-21640
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 6.55%
||
7 Day CHG~0.00%
Published-04 Jul, 2023 | 04:46
Updated-26 Nov, 2024 | 18:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input in Linux

Memory corruption in Linux when the file upload API is called with parameters having large buffer.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fastconnect_7800wsa8830_firmwarewcd9380_firmwarewsa8830wsa8835snapdragon_8_gen_1wsa8835_firmwarewcd9380fastconnect_7800_firmwarefastconnect_6900fastconnect_6900_firmwaresnapdragon_8_gen_1_firmwareSnapdragonsnapdragon
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-10501
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.10% / 28.43%
||
7 Day CHG~0.00%
Published-30 Sep, 2019 | 15:40
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible use after free issue due to improper input validation in volume listener library in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632sd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdx24sdm439mdm9650sd_636msm8909w_firmwaremsm8996ausd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_425_firmwaresd_665sdx24_firmwaresd_625_firmwaresd_450sd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sd_210_firmwaremsm8909wsd_665_firmwaresd_205_firmwaresd_212sd_427_firmwaresd_712sd_855sd_730_firmwarequalcomm_215sdx20sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_710_firmwaresdm630qcs405sd_625sd_820_firmwaresd_210mdm9607sd_636_firmwaresd_439_firmwarequalcomm_215_firmwaremdm9150sd_429_firmwaresd_730sd_212_firmwaresd_850_firmwaresdm439_firmwareqcs405_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_430sd_427sd_670sd_435_firmwaresdx20_firmwaresd_710sd_205sdm660_firmwaresd_855_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CWE ID-CWE-20
Improper Input Validation
CVE-2023-21643
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.07% / 21.12%
||
7 Day CHG~0.00%
Published-08 Aug, 2023 | 09:14
Updated-02 Aug, 2024 | 09:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Untrusted Pointer Dereference in Automotive

Memory corruption due to untrusted pointer dereference in automotive during system call.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6564au_firmwareqca6584ausa6155p_firmwaresa6150p_firmwaresa8145p_firmwaremsm8996au_firmwareapq8064au_firmwareqca6595qca6564ausa8155_firmwareqca6574ausa6145p_firmwaresa8155p_firmwaremsm8996auqca6564a_firmwaresa8195psa8540p_firmwaresa8150p_firmwareqca6595au_firmwaresa6155sa6155psa8540psa8295p_firmwareqca6574asa6145pqca6584au_firmwareapq8096auqca6696_firmwareqca6595_firmwaresa8145pqca6696qam8295psa9000papq8064ausa8150psa6150papq8096au_firmwaresa8155pqam8295p_firmwaresa8155qca6574a_firmwaresa9000p_firmwareqca6574au_firmwaresa8195p_firmwareqca6595ausa6155_firmwareqca6564asa8295pSnapdragon
CWE ID-CWE-822
Untrusted Pointer Dereference
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-21634
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 11.19%
||
7 Day CHG~0.00%
Published-05 Dec, 2023 | 03:03
Updated-02 Aug, 2024 | 09:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Restriction of Operations within the Bounds of a Memory Buffer in Radio Interface Layer

Memory Corruption in Radio Interface Layer while sending an SMS or writing an SMS to SIM.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_855\+\/860_mobile_platform_firmwarewsa8830wcd9380_firmwaresa6150p_firmwarewcn3990sa8145p_firmwaresw5100psd865_5gfastconnect_6800snapdragon_w5\+_gen_1_wearable_platformsnapdragon_835_mobile_pc_platformsnapdragon_870_5g_mobile_platform_firmwaresnapdragon_865_5g_mobile_platformwsa8835wcd9380sa8150p_firmwareqca6420_firmwareqca6595au_firmwaresnapdragon_wear_4100\+_platform_firmwaresnapdragon_855\+\/860_mobile_platformsxr2130snapdragon_wear_4100\+_platformqca6426wcn3990_firmwareqca6310_firmwareqca6430_firmwarewcd9335_firmwarewcn3980fastconnect_6200wcd9340_firmwarewcn3660bsd855wsa8815qca6320snapdragon_865\+_5g_mobile_platformsnapdragon_xr2_5g_platform_firmwareqca6426_firmwarewcn3660b_firmwareqca6320_firmwaresnapdragon_x55_5g_modem-rf_systemqca6574au_firmwaresnapdragon_835_mobile_pc_platform_firmwarewcn3680b_firmwarefastconnect_6200_firmwareqca6595ausd835wcn3980_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareqca6391wcn3610_firmwareqca6420qca6436_firmwaresnapdragon_w5\+_gen_1_wearable_platform_firmwareaqt1000_firmwaresa6155p_firmwareqca6310snapdragon_865\+_5g_mobile_platform_firmwaresnapdragon_870_5g_mobile_platformsnapdragon_xr2_5g_platformfastconnect_6900fastconnect_6900_firmwarewcn3988_firmwareqca6430qca6574ausa6145p_firmwaresa8155p_firmwarewcd9340sa8195pwsa8810_firmwarewcd9341_firmwaresw5100wsa8810qca6436wcd9335sa6155psw5100p_firmwaresa6145pwcn3680bsd835_firmwaresxr2130_firmwarewcd9341qca6696_firmwaresa8145pqca6696qca6391_firmwaresnapdragon_855_mobile_platform_firmwareaqt1000sa8150psa6150psa8155pwsa8830_firmwaresd855_firmwaresd865_5g_firmwarewcn3988wsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwaresw5100_firmwarefastconnect_6800_firmwaresnapdragon_855_mobile_platformwcn3610Snapdragon
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-21655
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 3.63%
||
7 Day CHG~0.00%
Published-05 Sep, 2023 | 06:23
Updated-02 Aug, 2024 | 09:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Integer Overflow or Wraparound in Display

Memory corruption in Audio while validating and mapping metadata.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa6155p_firmwaresda429w_firmwarewcd9380_firmwaresa6150p_firmwarewsa8830sa8145p_firmwaresw5100pwcn7851wcn6851_firmwareqcc5100wcn6856_firmwarewcn3988_firmwareqca6574ausa6145p_firmwaresa8155p_firmwarewsa8835sa8195psd_8_gen1_5gwcd9380sa8150p_firmwaresd888_5gsw5100wcn6855wcn6851sa6155psw5100p_firmwarewcn7851_firmwarewcn6856sa6145pwcn3680bwcn6855_firmwarewcd9385qca6696_firmwarewcn3980sa8145pqca6696qca6391_firmwarewcd9385_firmwaresa8150psd_8_gen1_5g_firmwaresa6150pwcn3660bwcn6850sa8155pwsa8830_firmwaresda429wwcn3988sd888_5g_firmwarewcn3660b_firmwarewcn6850_firmwarewcn7850_firmwareqca6574au_firmwaresa8195p_firmwarewcn3680b_firmwarewcn7850sw5100_firmwarewsa8835_firmwarewcn3980_firmwareqca6391wcn3610_firmwarewcn3610qcc5100_firmwareSnapdragonwcn6855_firmwaresa6155p_firmwaresda429w_firmwarewcd9380_firmwaresa6150p_firmwaresa8145p_firmwareqca6696_firmwareqca6391_firmwarewcd9385_firmwarewcn6851_firmwarewcn6856_firmwaresd_8_gen1_5g_firmwarewcn3988_firmwarewsa8830_firmwaresa6145p_firmwaresa8155p_firmwaresd888_5g_firmwarewcn3660b_firmwarewcn6850_firmwarewcn7850_firmwaresa8150p_firmwareqca6574au_firmwaresa8195p_firmwarewcn3680b_firmwarewsa8835_firmwaresw5100_firmwarewcn3980_firmwaresw5100p_firmwarewcn3610_firmwarewcn7851_firmwareqcc5100_firmware
CWE ID-CWE-190
Integer Overflow or Wraparound
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 19
  • 20
  • Next
Details not found