Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-47775

Summary
Assigner-GitHub_M
Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa
Published At-11 Dec, 2024 | 19:15
Updated At-11 Dec, 2024 | 21:06
Rejected At-
Credits

GHSL-2024-261: GStreamer has an OOB-read in parse_ds64

GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been found in the parse_ds64 function within gstwavparse.c. The parse_ds64 function does not check that the buffer buf contains sufficient data before attempting to read from it, doing multiple GST_READ_UINT32_LE operations without performing boundary checks. This can lead to an OOB-read when buf is smaller than expected. This vulnerability allows reading beyond the bounds of the data buffer, potentially leading to a crash (denial of service) or the leak of sensitive data. This vulnerability is fixed in 1.24.10.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:GitHub_M
Assigner Org ID:a0819718-46f1-4df5-94e2-005712e83aaa
Published At:11 Dec, 2024 | 19:15
Updated At:11 Dec, 2024 | 21:06
Rejected At:
▼CVE Numbering Authority (CNA)
GHSL-2024-261: GStreamer has an OOB-read in parse_ds64

GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been found in the parse_ds64 function within gstwavparse.c. The parse_ds64 function does not check that the buffer buf contains sufficient data before attempting to read from it, doing multiple GST_READ_UINT32_LE operations without performing boundary checks. This can lead to an OOB-read when buf is smaller than expected. This vulnerability allows reading beyond the bounds of the data buffer, potentially leading to a crash (denial of service) or the leak of sensitive data. This vulnerability is fixed in 1.24.10.

Affected Products
Vendor
gstreamer
Product
gstreamer
Versions
Affected
  • < 1.24.10
Problem Types
TypeCWE IDDescription
CWECWE-125CWE-125: Out-of-bounds Read
Type: CWE
CWE ID: CWE-125
Description: CWE-125: Out-of-bounds Read
Metrics
VersionBase scoreBase severityVector
4.05.1MEDIUM
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
Version: 4.0
Base score: 5.1
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://securitylab.github.com/advisories/GHSL-2024-261_Gstreamer/
x_refsource_CONFIRM
https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042.patch
x_refsource_MISC
https://gstreamer.freedesktop.org/security/sa-2024-0027.html
x_refsource_MISC
Hyperlink: https://securitylab.github.com/advisories/GHSL-2024-261_Gstreamer/
Resource:
x_refsource_CONFIRM
Hyperlink: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042.patch
Resource:
x_refsource_MISC
Hyperlink: https://gstreamer.freedesktop.org/security/sa-2024-0027.html
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security-advisories@github.com
Published At:12 Dec, 2024 | 02:03
Updated At:18 Dec, 2024 | 21:37

GStreamer is a library for constructing graphs of media-handling components. An OOB-read vulnerability has been found in the parse_ds64 function within gstwavparse.c. The parse_ds64 function does not check that the buffer buf contains sufficient data before attempting to read from it, doing multiple GST_READ_UINT32_LE operations without performing boundary checks. This can lead to an OOB-read when buf is smaller than expected. This vulnerability allows reading beyond the bounds of the data buffer, potentially leading to a crash (denial of service) or the leak of sensitive data. This vulnerability is fixed in 1.24.10.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.05.1MEDIUM
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary3.19.1CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
Type: Secondary
Version: 4.0
Base score: 5.1
Base severity: MEDIUM
Vector:
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Primary
Version: 3.1
Base score: 9.1
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
CPE Matches
gstreamer_project
gstreamer_project
>>gstreamer>>Versions before 1.24.10(exclusive)
cpe:2.3:a:gstreamer_project:gstreamer:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-125Primarysecurity-advisories@github.com
CWE ID: CWE-125
Type: Primary
Source: security-advisories@github.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042.patchsecurity-advisories@github.com
Patch
https://gstreamer.freedesktop.org/security/sa-2024-0027.htmlsecurity-advisories@github.com
Release Notes
https://securitylab.github.com/advisories/GHSL-2024-261_Gstreamer/security-advisories@github.com
Third Party Advisory
Hyperlink: https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/8042.patch
Source: security-advisories@github.com
Resource:
Patch
Hyperlink: https://gstreamer.freedesktop.org/security/sa-2024-0027.html
Source: security-advisories@github.com
Resource:
Release Notes
Hyperlink: https://securitylab.github.com/advisories/GHSL-2024-261_Gstreamer/
Source: security-advisories@github.com
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

253Records found
CVE-2019-10554
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.22% / 44.51%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple Read overflows issue due to improper length check while decoding Identity Request in CSdomain/Authentication Reject in CS domain/ PRAU accept/while logging DL message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9635m_firmwareapq8096_firmwaremdm9640_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632apq8096sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996aumdm9645sdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670qcs605_firmwaresc8180xmdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwaremdm9635mapq8098mdm9615mdm9205mdm9206_firmwaremsm8939qcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresdm660mdm9655_firmwaresc8180x_firmwaresdm710qm215mdm9607mdm9645_firmwareapq8017_firmwaremdm9625_firmwaresdm710_firmwaremsm8939_firmwaremdm9150msm8937msm8905sm8150_firmwaremsm8909mdm9655apq8096ausdm439_firmwarerennellsdm630_firmwaremdm9205_firmwaresda660_firmwaremdm9625rennell_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaremdm9615_firmwaremsm8998sm8150sdx20_firmwaresdm850apq8017nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-12141
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.1||CRITICAL
EPSS-0.50% / 64.73%
||
7 Day CHG~0.00%
Published-19 Oct, 2021 | 15:23
Updated-04 Aug, 2024 | 11:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds read in the SNMP stack in Contiki-NG 4.4 and earlier allows an attacker to cause a denial of service and potentially disclose information via crafted SNMP packets to snmp_ber_decode_string_len_buffer in os/net/app-layer/snmp/snmp-ber.c.

Action-Not Available
Vendor-contiki-ngn/a
Product-contiki-ngn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-28228
Matching Score-4
Assigner-Yandex N.V.
ShareView Details
Matching Score-4
Assigner-Yandex N.V.
CVSS Score-9.1||CRITICAL
EPSS-0.26% / 49.47%
||
7 Day CHG~0.00%
Published-23 Dec, 2022 | 00:00
Updated-15 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds read was discovered in YDB server. An attacker could construct a query with insert statement that would allow him to read sensitive information from other memory locations or cause a crash.

Action-Not Available
Vendor-ydbn/a
Product-ydbYDB
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-49846
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.2||HIGH
EPSS-0.05% / 15.07%
||
7 Day CHG~0.00%
Published-06 May, 2025 | 08:32
Updated-09 May, 2025 | 19:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in Multi-Mode Call Processor

Memory corruption while decoding of OTA messages from T3448 IE.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_w5\+_gen_1_wearablewsa8840fastconnect_7800_firmwarewcd9340_firmwarewsa8835sw5100par8035_firmwarear8035qca6678aqwsa8830wsa8835_firmwareqca6574ausnapdragon_x75_5g_modem-rf_system_firmwareqca6678aq_firmwareqfw7124snapdragon_w5\+_gen_1_wearable_firmwaresnapdragon_x72_5g_modem-rf_systemsnapdragon_x72_5g_modem-rf_system_firmwareqca6595au_firmwarewcd9395qca6698aq_firmwarewsa8845hwsa8845_firmwaresnapdragon_x75_5g_modem-rf_systemqfw7114_firmwaresw5100_firmwaresw5100wsa8832_firmwaresdx80m_firmwareqca6688aqsnapdragon_auto_5g_modem-rf_gen_2_firmwareqcn6274qca8081_firmwareqcn6224_firmwaresm8750_firmwaresm8750pqca8081wcd9340wsa8840_firmwarewsa8845sm8750p_firmwareqca6688aq_firmwarewcd9395_firmwarewsa8845h_firmwarewsa8830_firmwareqca8337qca8337_firmwaresw5100p_firmwareqca6574au_firmwareqcn6274_firmwaresnapdragon_auto_5g_modem-rf_gen_2qfw7114qfw7124_firmwareqcc710_firmwaresm8750qca6595auqcc710qca6698aqwsa8832fastconnect_7800sdx80mqcn6224Snapdragon
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2020-27299
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-9.1||CRITICAL
EPSS-0.22% / 44.89%
||
7 Day CHG~0.00%
Published-26 Jan, 2021 | 19:04
Updated-04 Aug, 2024 | 16:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The affected product is vulnerable to an out-of-bounds read, which may allow an attacker to obtain and disclose sensitive data information or cause the device to crash on the OPC UA Tunneller (versions prior to 6.3.0.8233).

Action-Not Available
Vendor-n/aHoneywell International Inc.
Product-opc_ua_tunnellerOPC UA Tunneller
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-28805
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.1||CRITICAL
EPSS-0.12% / 32.54%
||
7 Day CHG-0.01%
Published-08 Apr, 2022 | 00:00
Updated-03 Aug, 2024 | 06:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

singlevar in lparser.c in Lua from (including) 5.4.0 up to (excluding) 5.4.4 lacks a certain luaK_exp2anyregup call, leading to a heap-based buffer over-read that might affect a system that compiles untrusted Lua code.

Action-Not Available
Vendor-luan/aFedora Project
Product-luafedoran/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-11144
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.29% / 51.70%
||
7 Day CHG~0.00%
Published-21 Jan, 2021 | 09:41
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer over-read while UE process invalid DL ROHC packet for decompression due to lack of check of size of compresses packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100qfs2580qpm5579fsm10055qfe2550qcs610pmi8996qca8337qfe1045qdm2307qfs2530qpa8802qln1030pm6125qat3519mdm9645pm8150asc8180x\+sdx55qtc800hqdm5670qcs2290qca6335msm8917pm7150lqpa8821mdm8215qln1020wtr3905qdm5671pmc1000hqat3518sd632sd8cmsm8108sa415mwcn3998wcn3950sm4125sd720gwtr1605mdm9628qpa5460wcn3660bqfe4320qcc112qca4020mdm8215mqdm5652mdm9630qpm8870qpm5679qbt2000msm8909wpm855pqca6420wcd9360pm6150amdm8207pm8150bqsm7250pm8996qcs6125qfe2101mdm9615mqca6430qcc1110qat3522qfe4455fcpmr735awtr1625smb1360wcd9340sd765gqfe3440fcsdr660qca6436qpa6560qfe3345msm8937sdr865smb1358wcd9341pmi8952mdm9655qca6431qln5020wcd9371smb1350wtr3950qfe3340qdm5621qtc800sqca4004sd660qdm5650sd712wcn3988wtr3925qfe2080fcsdr052smb1390pm6150lsd450qet4100wcn3610msm8608mdm9640qpm6585qtc410swcn3991smb1355qln4650qpa8801sdm429wwcd9330wgr7640csr6030qet5100sd636qca6564ausdxr25gpm6150qca6574pm7250bqpa8842pmm8996auwcd9380qualcomm215mdm9230qln4640qcs410smb1381smb1395pm7250wtr4905smb358spm660lqpa8803ar8151smr526wtr5975qca6174wcn3980pmd9645qdm2301qsw8573qcs605wsa8815wcn6850qbt1000wcn3910qca6320qpm6375wcn3680qfe4309sd835pm8009qpa8675sd730sdx55mqfe4373fcpm8008msm8953qsw8574pmi8998qfe2520pme605pm855lqcs603rsw8577pmd9635sd8655gqfe4302qpm5621qpm6582sd670apq8009wqfe4303pm670pm8150lwtr1605lqdm5677pm8005sdr105pm215qdm2302sdxr1apq8096auqpm5577wtr2965pm8150sdx55qet5100mapq8053sa8155psd675wtr4605sd439qet4101pm8952pmi8994qat3516pm670lwcn3660qpm5658qca9379pm855bsmb2351qln1031qcm2290pm8909qfe1040qfe4465fcsdr051pm660qln5030qpm6325pm4125qbt1500pmi632pm456csrb31024mdm9650qpa5373pmk8001qcs4290sdr660gpmm855auqfe2340sd455mdm9250qpa8686pm7150awcd9370sdr425qca6426qca9377whs9410qpm5541qat5516wtr2955qdm5620qln1021aqsd662smb1380qfe4308apq8037pm3003asa8155qca6584qat5533wcn3615qca6595auqtc800tpm8940mdm9207smb1354wcd9306qca6584auqdm2305qca6310msm8208qpm8820pm8937qpm2630qfe2081fcpm855sd429pm8250qca9367apq8084sdm630sd821msm8976sgpmx55sd205sdr675qca6421sm6250qdm3301pm8953qat5515qca6694qpm5677smb231qfe1100qat3514wcd9326wcd9335qet4200aqwcd9385mdm8615mpm439mdm9625qca6390wcd9375ar8035aqt1000msm8976qpa8673qdm2310qln4642qca6694ausda429wsd210sd820pmi8937pm8998sdw3100wcn3620smb358apq8017ar6003qca6564apmx24qet6110qln5040qpm8895sdr845qpm5670wcn3990qtm527pm8019qca6595sdx24qpm8830qat5522msm8996aupm8150cqfe1035pmi8940sm6250prgr7640auqpa4360qln1035bdpm855aqpa4361qca6574amdm9206qca6174asmr525wcn6750mdm9635mpmr525mdm9615qpm4650qtm525mdm9205sa515mwtr6955qfe3335sd855sd8cxsd665qfe4305sd765pm640ppmx20pmd9607msm8209qat3555apq8009sd460qca6391smb1351mdm9310qfe2082fcmsm8920pm660aqpa4340qcm4290sdx50mpm640asdr8150sdx20pm8916qln1036aqqtc801spmd9655aumdm9215pmd9655qca6574auqfe3320sd710mdm9607qsw6310qcm6125wsa8810qdm2308pmw3100pmx50pm8018qat3550mdm9150qdm5679wcn3680bsdr8250sd768gqca6696qfe4301pm8004pm640lmsm8940pmk8002sdw2500qpa2625sd845sm7250psmb1357mdm9330pm8956sd850pm6250qpa5580Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
CVE-2020-11166
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.29% / 51.70%
||
7 Day CHG~0.00%
Published-17 Mar, 2021 | 06:00
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Potential out of bound read exception when UE receives unusually large number of padding octets in the beginning of ROHC header in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100qfe2080fc_firmwareqca9377_firmwareqfs2580qpm5679_firmwaremdm9640_firmwaresm6250p_firmwarepmd9607_firmwareqfe4455fc_firmwareqca8337qfs2530qpm8870_firmwareqln1030pm6125qat5522_firmwaremdm9645wcn3950_firmwarepm8150aqdm5670qca6595au_firmwarepm7150lqcc1110_firmwaremdm8215pm8998_firmwareqpa8821sd_455_firmwarewtr5975_firmwareqcs6125_firmwarepm456_firmwareqpa5580_firmwaremsm8108sa415mwcn3998wcd9371_firmwaremsm8108_firmwarewcn3950sm4125sd720gwtr1605mdm9206_firmwareqsw8573_firmwarewcn3660bsd450_firmwareqfe4320qsw8574_firmwaresd460_firmwaremdm9230_firmwaresmb2351_firmwaremdm8215mpm8953_firmwareqpa4360_firmwarewcn3998_firmwareqfe2520_firmwareapq8009w_firmwarepm855papq8053_firmwareqca6420pm6150awtr4605_firmwareqca9367_firmwaremdm8207pm660_firmwarepm8150bsa8155_firmwareqca4004_firmwareqfe2101mdm9615mqca6430qat3522qfe4455fcpmr735awcd9306_firmwarewtr1625wcd9340mdm9625_firmwaresd765gsdr660qfe1045_firmwareqfe3345msm8209_firmwaresdr865mdm9250_firmwareqdm5620_firmwaresmb1358qca6696_firmwareqln5020wcd9371sd870_firmwaremdm8215_firmwarepmm855au_firmwaresd_8cxwtr3950qfe3340qdm5621qtc800sqca4004qat3514_firmwaremdm9330_firmwaresd660sd865_5g_firmwaresd712pm640p_firmwaresd660_firmwareqat5516_firmwarepm6150lsd450pm855l_firmwareqtc410swcn3991qfe3335_firmwareqpa8801sdm429wpm8150l_firmwareqat5533_firmwaresdx55m_firmwareqpa8673_firmwarepm6150smb1354_firmwaremsm8976_firmwareqca6574sd632_firmwaresd670_firmwareqpa8842sdr052_firmwarepmm8996auwcd9380qualcomm215qln4640qcs410smb1380_firmwareqfe4309_firmwaresmb1381pm855p_firmwareqfe3100_firmwarepm7250qca9379_firmwarewtr4905qpa8803sdx24_firmwaresd439_firmwarepmd9645qdm2301wcd9340_firmwarewsa8815wcn6850qfe2101_firmwareqca6584_firmwareqdm2301_firmwaremsm8937_firmwareqdm5621_firmwaresd_8c_firmwaremdm9215_firmwaresd835wcn3980_firmwaresd730qfe3320_firmwarepm660l_firmwarepm6250_firmwarear6003_firmwarepm8008qtm525_firmwarepme605_firmwarewtr1605l_firmwarepme605sd678_firmwareqpm5621_firmwareqln1021aq_firmwareqcs603rsw8577qpa6560_firmwareqpa8802_firmwareqln4640_firmwareqfe4308_firmwareqpm5621qpm6582sd670pm8009_firmwareapq8009wqfe4303qfs2580_firmwareqcm4290_firmwarepm8150lpmi8998_firmwareqcs610_firmwareapq8084_firmwaresdr105pm660a_firmwarepm215pm4250mdm8207_firmwaresdm630_firmwarewtr2965mdm9205_firmwareqca6391_firmwaresa2150ppmx20_firmwaresd820_firmwarepm8150pmi8937_firmwarewcd9370_firmwareqat3516_firmwaresdx55apq8053qat3555_firmwarepmi8994qpa8803_firmwarewcn3660qca9379pm855bsmb2351qln1031pm8909mdm9150_firmwareqfe1040pm660qet6110_firmwarepm6125_firmwareqbt1500qfe1040_firmwarecsrb31024mdm9628_firmwareqfe2340_firmwaremdm9650sd_636pmx24_firmwarefsm10055_firmwareqbt1500_firmwarepmk8001qcs4290pmm855aumdm9250qca6420_firmwarepmd9635_firmwareapq8009_firmwarepm7150amdm9310_firmwaresd675_firmwareqpa4361_firmwareqca6426wcn3990_firmwareqca9377qpa5373_firmwaresdw2500_firmwarewcd9385_firmwareqdm5650_firmwareqpa4340_firmwaresdxr2_5g_firmwaremdm9615m_firmwarewcd9326_firmwarewcn3615_firmwarergr7640au_firmwarewhs9410pm7250_firmwarewtr2955sdr845_firmwareqdm5620qln1021aqsmb1380pmk8002_firmwareqsw6310_firmwaresa8155qca6584qln1031_firmwaresdx55_firmwareqat5533wcn3615sm7250p_firmwarewcn3610_firmwarepm8940mdm9207pm7150l_firmwarewcd9306qca6584aumsm8208qat5515_firmwarepm855qpm8830_firmwaresd429pm8250qca9367qfe2082fc_firmwaresdm630mdm9607_firmwaremdm9655_firmwaremsm8976sgqfs2530_firmwarepmx55sa415m_firmwarewcn3988_firmwaresd205sd429_firmwarepm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwarepm8953qat5515qca6694qpm5677qat3514wcd9326wcd9335pm8004_firmwaresdr8150_firmwareqcs4290_firmwarepm439qtc800h_firmwaremdm9625qca6390wcd9375aqt1000msm8976sm6250_firmwareqln4642msm8917_firmwareqpm5677_firmwaresdx20_firmwarewsa8815_firmwarewtr3925_firmwarepmi8937pm8998sdw3100smr525_firmwareqpm8820_firmwareqfe4301_firmwareapq8017ar6003qln1020_firmwaremdm9630_firmwareqcm6125_firmwarepmx55_firmwarewtr2955_firmwareqbt1000_firmwareqfe4373fc_firmwaresd865_5gpm8019qca6595pm8150_firmwareqpm8830pmm8996au_firmwareqat5522pm8150csd665_firmwareqpa4360sc8180xqpa4361mdm9206qdm5679_firmwaresmr525wfr1620_firmwareqca6310_firmwareqfe4305_firmwarepm6150l_firmwarepmr525mdm9615pm8150a_firmwareqca6574_firmwarewtr3950_firmwareqln1036aq_firmwaresd665pm6150a_firmwarepm6150_firmwaresd765pmx20pmd9607qca6574a_firmwareqat3555sd850_firmwareapq8009mdm9310qfe2082fcwtr2965_firmwarepm670_firmwarecsrb31024_firmwareqln1036aqqtc801spmi8940_firmwaresc8180x_firmwareqfe3320mdm8215m_firmwaremdm9607sd710mdm9645_firmwarepm8008_firmwareqln1035bd_firmwarepmr735a_firmwarepmw3100pmx50pm8018qfe3345_firmwaresdr8250sd768gqln1030_firmwarepmw3100_firmwarepm8004pm640lmsm8940pmk8002apq8096au_firmwaresdw2500sd845mdm9615_firmwaresmb1357pmd9655au_firmwareqcs410_firmwaremdm9330qpa5580pm8018_firmwarefsm10055qfe2550qcs610pmi8996qfe1045qdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqat3519qbt2000_firmwarepm855a_firmwareqtc800hsdr8250_firmwareqcs2290qca6335msm8917qln1020qcs605_firmwaresd_675_firmwarewtr3905qdm5671pmc1000hmdm8615m_firmwareqat3518sd632sdr425_firmwaresmr526_firmwaremdm9628pm640a_firmwareqpa5460wgr7640_firmwareqdm2305_firmwareqpm5670_firmwaresd710_firmwareqca4020qdm5652qca6574au_firmwaremdm9630qpm8870wcd9375_firmwareqpm5679qbt2000msm8909wwcd9360pmx50_firmwareqpa8675_firmwarewhs9410_firmwareqpa5460_firmwarepm8940_firmwareqdm3301_firmwarepm8996qcs6125sd662_firmwareqcc1110smb1360qualcomm215_firmwareqfe3440fcqdm2308_firmwarersw8577_firmwarepm439_firmwareqca4020_firmwareqca6436qcs603_firmwareqpa6560msm8937sdr675_firmwarewcn3660_firmwarewcd9341pmi8952mdm9655pm8937_firmwareqca6431qet4100_firmwareqfe4320_firmwarewcn3910_firmwarewtr1605_firmwaremdm9207_firmwaresd855_firmwareqdm5650wcn3988wtr3925qfe2080fcsdr052smb1390sdw3100_firmwaremsm8208_firmwareqet4100wcn3610mdm9640msm8608qpa8686_firmwareqpm6585qca8337_firmwaresda429w_firmwarewcd9380_firmwaresmb1355qln4650qtc800t_firmwarewcd9330msm8996au_firmwarewgr7640csr6030qet5100qdm5671_firmwareqpa8801_firmwareqca6564auqtm527_firmwarepm8005_firmwaremsm8940_firmwareqet4101_firmwarepm7250bqln4642_firmwarepmk8001_firmwaresmb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwaremdm9230pm8996_firmwareqet4200aq_firmwaresdx50m_firmwaresmb358spm660lsmb358s_firmwarear8151smr526wtr5975qca6174qca6430_firmwareqtc801s_firmwarewcd9335_firmwareqat3522_firmwarewcn3980qca6335_firmwareqsw8573qcs605qbt1000wcn3910qca6320mdm9650_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680qfe4309pm8009qpa8675sdr051_firmwarewcd9330_firmwaresdx55mqca6421_firmwarewtr3905_firmwareqfe4373fcmsm8953qat3518_firmwarepmi8998qfe2520qsw8574sd821_firmwarewcn3680_firmwarepm855lqdm5670_firmwarepmd9635pm7150a_firmwarepm8150b_firmwareqfe4302sd_636_firmwarepmc1000h_firmwareqca6564a_firmwareqdm2310_firmwareqca6694au_firmwarepm4250_firmwaremsm8976sg_firmwaresdr105_firmwarepmd9645_firmwaresd870pm670sd210_firmwarewtr1605lqdm5677pm8005pm855_firmwareqdm2302sdxr1pm855b_firmwareapq8096auqca6595_firmwareqpm6582_firmwarepm640l_firmwarepmi8996_firmwarewfr1620qln4650_firmwareqet5100msa8155psd675wtr4605sd439qet4101pm8952qat3516pm670lqpm5658qcm2290qpm5658_firmwarewcn3991_firmwareqdm5652_firmwareqfe4465fcsd678sdr051qln5030qcs2290_firmwarepm4125pmi632qpa2625_firmwarepm456qfe2081fc_firmwaresmb1360_firmwareqet5100_firmwareqfe1100_firmwareqpa5373pm670l_firmwaresdr660gqfe2340sd765g_firmwareqpa8686smb1358_firmwareqca6390_firmwareqca6174_firmwaresd730_firmwarewcd9370sdr425pmr525_firmwareqca6584au_firmwareqfe3340_firmwarear8151_firmwarepmi632_firmwaresd_8cx_firmwareqat5516smb358_firmwaresd662qpa8821_firmwareqfe4308sdr660g_firmwareapq8037pm3003aqca6320_firmwarewcn3680b_firmwareqca6595auqca6436_firmwareqtc800tsmb1354qca6564au_firmwareqdm2305qca6310qpm8820pm8937qpm2630qfe2081fcqln5020_firmwaresa515m_firmwaresdxr2_5gapq8084sd821sdr675sm6250sd712_firmwareapq8017_firmwarewsa8810_firmwaresmb231qfe1100sd765_firmwareqdm5677_firmwareqet4200aqqca6174a_firmwarewcd9385mdm8615mqdm2302_firmwareqat3550_firmwareqln5040_firmwarepm4125_firmwarepm8019_firmwareqpa8673qca6694_firmwareqdm2310qfe2550_firmwaremsm8953_firmwareqln5030_firmwareqca6694aupm8952_firmwaresda429wsd210wcn3620_firmwareqfe4302_firmwaresd820wcn6850_firmwarewcn3620wtr1625_firmwaresmb358csr6030_firmwareqca6564apmx24qet6110pmi8952_firmwareqcm2290_firmwareqln5040qpm8895sdr845mdm9635m_firmwareqpm5670wcn3990sd_675qtm527qfe3440fc_firmwaresdx24pmi8994_firmwareqdm2307_firmwaremsm8909w_firmwaremsm8996ausdm429w_firmwareqfe1035pmi8940sm6250prgr7640auqln1035bdpm855asdr660_firmwarepm8909_firmwareqca6574apm8916_firmwaresmb1390_firmwareqca6174aqfe4303_firmwaremdm9635mpm8956_firmwareqet5100m_firmwareqtm525mdm9205sa515mwtr6955sa2150p_firmwareqfe3335sd855sm4125_firmwareqfe4305wtr6955_firmwarepm640psd768g_firmwaresdr865_firmwaremsm8209qfe4465fc_firmwarepm8250_firmwaresd460qca6391sdxr1_firmwaresmb1351smb1357_firmwareaqt1000_firmwarepm215_firmwaremsm8920qpm8895_firmwarepm660aqpa4340qfe1035_firmwareqcm4290sdx50mpm640asdr8150sdx20pm8916pmd9655aumsm8920_firmwaremdm9215sd_455pmd9655qca6574ausa8155p_firmwaresd205_firmwareqsw6310wcd9341_firmwareqcm6125wsa8810qtc410s_firmwareqpm2630_firmwaresmb231_firmwareqdm2308wtr4905_firmwareqat3550mdm9150qdm5679sd_8cwcn3680bsd835_firmwarepm3003a_firmwareqca6696qfe4301qtc800s_firmwaresmb1381_firmwaresd845_firmwaremsm8608_firmwareqpa2625apq8037_firmwaresm7250psd720g_firmwarepm8956sd850pm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-11276
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.24% / 46.83%
||
7 Day CHG~0.00%
Published-22 Feb, 2021 | 06:26
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer over read while processing P2P IE and NOA attribute of beacon and probe response frames due to improper validation of P2P IE and NOA attribute lengths in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100qfe2080fc_firmwareqca9377_firmwareqpm5679_firmwarepmd9607_firmwareqca1023qfs2530qpm8870_firmwareqln1030pm6125mdm9645msm8992_firmwarewcn3950_firmwarepm8150aqdm5670qpm5541_firmwareqpa5581_firmwareqpa8821mdm8215qcs6125_firmwarepm456_firmwaresa415mwcn3998wcd9371_firmwarewcn3950mdm9206_firmwareqsw8573_firmwarewcn3660bqsm8350_firmwareqsm8350smb2351_firmwarepm855pwtr4605_firmwarepm6150aqca9367_firmwareipq8072_firmwaresa8155_firmwareqat3522qfe4455fcpmr735asdm830_firmwaresd765gsdr660qfe1045_firmwareqfe3345qfs2630_firmwaresdr865mdm9250_firmwareqdm5620_firmwaresmr545qca6696_firmwareqln5020qca1062mdm8215_firmwarepmm855au_firmwarepmm8920ausa8150pqfe3340sd660sd712pm640p_firmwareqcn5121pm6150lsd8885gpm855l_firmwareqca6428_firmwareqtc410sipq4018_firmwareqca4531_firmwareqfe3335_firmwareqpa8801ipq8078qat5533_firmwareipq8173sdx55m_firmwareqpa8673_firmwaresd670_firmwareqfs2630pmm8996auqpm5579_firmwaresmb1380_firmwarepmk8350_firmwareqcn5024pm855p_firmwaresmb1381pm7250wtr4905sdx24_firmwareqcn9012_firmwareqdm2301qfe2101_firmwareqca6584_firmwareqdm5621_firmwareqpm6375ipq6028ipq8064pmp8074qca1990wcn3980_firmwaresd730qfe3320_firmwarepm8008pm8350b_firmwaremdm9225pme605_firmwarepme605apq8064au_firmwaremdm9225mipq8078_firmwareqcn5054qln1021aq_firmwareqcs603qca6164_firmwareqln4640_firmwareqca9980qpm6582qcn9024_firmwareqcs610_firmwareapq8084_firmwareqca9886_firmwarear8031wtr2965qca6164qca6391_firmwarepmx20_firmwareqca4024qat3516_firmwareapq8053qcn5021_firmwareqca9379pm855bsmb2351qpa5581qfe1040_firmwarecsrb31024mdm9628_firmwaremdm9650qbt1500_firmwareqpm5870_firmwarepmk8001qcs4290qet6100pmd9635_firmwareapq8009_firmwaremdm9310_firmwaresd675_firmwareipq8072qca6426qca9984_firmwareqca9377qpm5641wtr2955rgr7640au_firmwarepm7250_firmwareqdm5620ipq8074aqcn5122_firmwareqat5533qcn6023_firmwaresm7250p_firmwarewcn3610_firmwareqsm7250_firmwareqpm6670pm7150l_firmwareqca6584aupm855pm8250qcn5052mdm9235m_firmwaremdm9607_firmwaremdm9655_firmwareqfs2530_firmwaresa415m_firmwareqat3519_firmwareqpm5677qat5515qcs4290_firmwareqtc800h_firmwareqpm5620mdm9625sd750g_firmwareaqt1000sm6250_firmwarepmm8195auqln4642msm8994ipq5010_firmwareipq8074a_firmwaremdm9625msmr525_firmwarewsa8815_firmwareqpm8820_firmwareapq8017qpm6621_firmwaremdm9630_firmwarewtr2955_firmwareqbt1000_firmwarepm8019qca6595smb1398_firmwarepm8150cpmr735bsd665_firmwareqcn5154qpm5577_firmwareqdm5679_firmwareqca6310_firmwareapq8094_firmwarepm6150l_firmwaremdm9615qca6574_firmwaresd665pm6150a_firmwarepmd9607mdm9310sd8c_firmwarewtr2965_firmwarecsrb31024_firmwareqfs2608qcn9070_firmwareqln1036aqipq6028_firmwareipq8072a_firmwareqca9889_firmwaresd710mdm9607mdm9645_firmwareqln1035bd_firmwaresdx20m_firmwareqca6564_firmwareqca1064_firmwaresmb1350_firmwarepmk8002apq8096au_firmwareqcn9022sdm830smb1357qpa5580pm8018_firmwareqpm5579qfe2550qcn5550qdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqat3519qbt2000_firmwareipq8078asa8150p_firmwaresdr8250_firmwareqcn5064csra6620_firmwareqln1020csra6640_firmwarepmc1000hqat3518smr526_firmwareipq8076apm640a_firmwarewgr7640_firmwareqca4020qca6428qdm5652qcn5164_firmwareipq8071sa6155_firmwarewcd9360sdx20mqca6438_firmwareqpa8675_firmwarewtr1625lqpa5460_firmwarewcn3999qsm7250pm8996ipq4029_firmwareipq6010sd662_firmwareqdm2308_firmwareqca4020_firmwareqca6436wcn6851sa6155pqcs603_firmwarepmi8952mdm9655qca6431wcn3910_firmwaresd855_firmwareqdm5650qfe2080fcsdr052sa8195p_firmwaresmb1390qca9898ipq4028qpa8686_firmwarewcd9380_firmwarewgr7640sd636csr6030qat5568qdm5671_firmwareqpa8801_firmwareqtm527_firmwarepm8005_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwaremdm9230pm8996_firmwaresmb358sar8151smr526qca8072_firmwareqca6174pmk8003qca6430_firmwareqtc801s_firmwareqat3522_firmwarewcn3980qsw8573qcs605qbt1000mdm9225_firmwaresd7cwcn3910qca6426_firmwarepm8350_firmwarepm8009ipq8064_firmwareqat3518_firmwaresd821_firmwarepmi8998qfe2520ar8031_firmwarepm855lpmd9635pm8150b_firmwaresmr545_firmwarepm670sd210_firmwarepm8005qdm2302sdxr1apq8096auqcs405_firmwarepmi8996_firmwareqln4650_firmwareqet5100mqca9378a_firmwarepm8952qat3516qpm5658ar8035_firmwareqcm2290qpm5658_firmwareqcn5024_firmwarewcn3991_firmwareqdm5652_firmwareqfe4465fcqcn9070pmi632qca9378pm8350bh_firmwarepmr735b_firmwaresmb1360_firmwarepm670l_firmwaresdr660gqfe2340sd455ipq8069_firmwaresd730_firmwarewcd9370sdr425qcn9000_firmwareipq5018qca9369ar8151_firmwareqpm5541qat5516qcn5124_firmwarepm8350bhqca6320_firmwarewcn3680b_firmwareqca6595auipq5010qdm2305sa6155p_firmwareqca6310pm8937qpm2630qca9990smb1398msm8994_firmwaresa6145p_firmwaresdr675ipq8071aipq8071a_firmwarewcd9385qat3550_firmwareqln5040_firmwarepm4125_firmwarear8035pm8019_firmwareapq8064auqca6694_firmwareqdm2310qfe2550_firmwareqcn9100_firmwareqln5030_firmwarepm8952_firmwaresd820smb1396_firmwarecsr6030_firmwaresmr546pmx24qfe1055qca8072qln5040qpm8895sdr845qtm527qfe3440fc_firmwarepmk8350msm8996aupm8994_firmwareqfe1035qpm5657_firmwaresm6250pqln1035bdpm855asdr660_firmwarepm8909_firmwareipq4018qca6574aqpm4640mdm9635mqet5100m_firmwareipq8076_firmwareqpm4650sa515msd8cxipq8076qca9378_firmwaresdr865_firmwareqfe4465fc_firmwarepm8250_firmwaresd460qca6391sdxr1_firmwaremdm9626pm660asdx50mpm640apm8916qdm4650ipq8074_firmwareqca6574ausa8155p_firmwareqsw6310qcm6125qpm2630_firmwaresmb231_firmwareqdm2308qat3550wcn6856sd835_firmwareqtc800s_firmwaresa6150pqcn9022_firmwareqpa8688_firmwareipq8070apmm8195au_firmwareqcn9072_firmwaresm7250psd720g_firmwareqpm4621_firmwareipq4029sd850qln4640sd636_firmwareqfs2580mdm9640_firmwaresm6250p_firmwareipq4028_firmwareqfe4455fc_firmwareqca8337ar9380ipq8173_firmwareqfs2608_firmwareqpa8688qcn5124qat5522_firmwareqca6595au_firmwaresa6155pm7150lpm8998_firmwareapq8076wtr5975_firmwareqpa5580_firmwareqcn6024_firmwaresd720gsm4125wtr1605pmm8920au_firmwareqsw8574_firmwaresd460_firmwaremdm9230_firmwarepm8953_firmwaresd6905gqpa4360_firmwareqca8081_firmwareqfe2520_firmwarewcn3998_firmwareqca6420apq8053_firmwareqpm6670_firmwareipq8070_firmwareipq8078a_firmwarepm660_firmwarepm8150bqca0000qfe2101qca6430wcd9340mdm9625_firmwaresmb1358qca9888_firmwarewcd9371smb1350qfe1055_firmwareqcn5154_firmwaresm4350_firmwarewtr3950pm6350qdm5621qtc800sqat3514_firmwaremdm9330_firmwareqca9992_firmwaresd660_firmwareqcn5022_firmwareqcn7606_firmwareqat5516_firmwarewcn3991qca9980_firmwarepm8150l_firmwaresdxr25gpm6150smb1354_firmwaremsm8976_firmwareqca6574qpa8842csr8811_firmwaresdr052_firmwarewcd9380qcs410qfe3100_firmwareqca9379_firmwareqpa8803sdxr25g_firmwarepmd9645ipq6018_firmwarewcd9340_firmwarewsa8815wcn6850pmp8074_firmwareqdm2301_firmwaremdm9215_firmwaresd835pm660l_firmwarepm6250_firmwareqtm525_firmwareqcn5064_firmwareqpm5621_firmwareqca6234rsw8577qpa6560_firmwareqca9994qpa8802_firmwareqpm5621sd670ipq8174_firmwarepm8009_firmwareqfs2580_firmwareqcm4290_firmwarewcn6855qcn7605_firmwarepm8150lpmi8998_firmwaresa6145ppm660a_firmwarepm4250qca1023_firmwareqpm5577sdm630_firmwaresd820_firmwarepm8150wcd9370_firmwaresdx55csra6640qat3555_firmwarepmi8994qpa8803_firmwareqca6234_firmwareqln1031qcn7606qpm5870pm8909qfe1040wsa8830pm660qet6110_firmwareqca1062_firmwareqpm6325pm6125_firmwareqbt1500qfe2340_firmwarepmx24_firmwareqca9378aqca9992pmm855aumdm9250qca6420_firmwaresmb1396pm7150apm8350qca6564qpa4361_firmwarepm8350c_firmwareqpa5461_firmwarewcn3990_firmwareqca4531wcd9385_firmwareqdm5650_firmwareqpa4340_firmwarewcd9326_firmwarewhs9410wcn3615_firmwaresdr845_firmwareqln1021aqsmb1380pmk8002_firmwareapq8094qsw6310_firmwaresa8155qca6584qdm4650_firmwareqln1031_firmwarepmm6155au_firmwaresdx55_firmwarewcn3615qpm4641qat5515_firmwareipq8174qpm8830_firmwareqca9367qfe2082fc_firmwareapq8092sdm630qdm4643wcn3988_firmwarepmx55qpm4641_firmwareqcn9074pm8150c_firmwareqca6421qdm3301qpa8842_firmwaresa8195psdr735_firmwarepm8953qca6694qat3514wcd9326wcd9335pm6350_firmwareqcn6023pm8004_firmwaresdr8150_firmwareqpm4630qca6390qca9898_firmwarewcd9375msm8976qpm5677_firmwareapq8092_firmwaresdx20_firmwarewtr3925_firmwarepm8998qln1020_firmwaremdm9235mpm670a_firmwareqcm6125_firmwarewtr1625l_firmwarepmx55_firmwarepm8150_firmwareqpm8830pmm8996au_firmwareqat5522qca9369_firmwareqpa4360pmk8003_firmwareqca8075_firmwareqpa4361ipq6005_firmwaremdm9206qpm4640_firmwarewcn6855_firmwarepm8350csmr525qca9888ipq8070a_firmwarepmr525pm8150a_firmwarewtr3950_firmwareqca9886qln1036aq_firmwarepm6150_firmwareqca6175asd765wtr3925lpmx20qca6574a_firmwareqpm4630_firmwareqat3555sd850_firmwareapq8009qpa5461qfe2082fcpm670_firmwareqtc801smdm9626_firmwareqpm5641_firmwareqfe3320qcn5122pm8008_firmwareqpm6621pmr735a_firmwarepmx50pm8018qfe3345_firmwareqcn5022sdr8250sd768gqln1030_firmwarepm8004pm640lqca8075qcn6024sd845mdm9615_firmwaresd455_firmwareipq6000_firmwareqcs410_firmwaremdm9330qca6175a_firmwaresa6150p_firmwareqcs610pmi8996qpm5620_firmwareqfe1045qca4024_firmwarepm855a_firmwareqtc800hqcs2290qca6335qcs605_firmwaresmr546_firmwarewtr3905qdm5671qfe2330qpm4650_firmwaresd8csdr425_firmwaremdm9628qpa5460qdm2305_firmwareqpm5670_firmwaresd710_firmwareqca6574au_firmwaremdm9630qpm8870wcd9375_firmwareqpm5679qbt2000pmx50_firmwarewhs9410_firmwaresdr735gqdm3301_firmwareqcs6125smb1360qcs405qca1990_firmwareqfe3440fcrsw8577_firmwareqpa6560sdr675_firmwarewcd9341qdm4643_firmwarepm8937_firmwareqet4100_firmwaresd750gqpm5657wtr1605_firmwareqpm5875_firmwarewsa8830_firmwarewcn3988qca6438wtr3925qet4100wcn3610mdm9640ipq5018_firmwareqpm6585qca8337_firmwaresmb1355ipq8072aqln4650qtc800t_firmwaremsm8996au_firmwaresdr735g_firmwarewcd9330ipq8076a_firmwareqet5100mdm9225m_firmwareqca6564auwcn6856_firmwareqcn5164pm8994qet4101_firmwarepm7250bqln4642_firmwarepmk8001_firmwaresmb1355_firmwareqcn5054_firmwareqet4200aq_firmwaresdx50m_firmwaresdr735smb1395pm660lsmb358s_firmwarewtr5975wcd9335_firmwareqcn5052_firmwareqca6335_firmwareqca6320mdm9650_firmwarewcn3660b_firmwareqca9984qcn9024qpa8675qcn5550_firmwaresdr051_firmwaresdx55mwcd9330_firmwarepm670aqca6421_firmwarewtr3905_firmwareqsw8574sd6905g_firmwarewcn6851_firmwareqdm5670_firmwareipq8070sd8655gpm7150a_firmwarewtr3925l_firmwarepmc1000h_firmwareqca6564a_firmwareqdm2310_firmwarepm4250_firmwarepmd9645_firmwareqcn5121_firmwaresd8885g_firmwareqdm5677ipq6018pm855_firmwarepmm6155aupm855b_firmwareqca6595_firmwareqpm6582_firmwareqpm6375_firmwarepm640l_firmwareqpm5875sa8155psd675wtr4605qet4101pm670lqfe2330_firmwarepmm8155au_firmwaresdr051qln5030qcs2290_firmwarepm4125qpa2625_firmwarepm456sd7c_firmwareqfe2081fc_firmwarecsra6620qet5100_firmwareqfe1100_firmwareqpm4621qcn9072qet6100_firmwaresd765g_firmwareqpa8686smb1358_firmwareqca6390_firmwareipq6000qca6174_firmwareqcn5152_firmwareqca0000_firmwarepmr525_firmwareqca6584au_firmwareapq8076_firmwareqfe3340_firmwarepmi632_firmwareqcn7605sd662qpa8821_firmwaresdr660g_firmwareqca1064pm3003awcn3999_firmwareqca6436_firmwareqtc800tsmb1354qca6564au_firmwareqpm8820qfe2081fcqln5020_firmwaresa515m_firmwareapq8084sd821msm8992sm6250sd712_firmwareapq8017_firmwarewsa8810_firmwaresmb231qfe1100sd765_firmwareqdm5677_firmwareqca8081qet4200aqqca6174a_firmwareqpm6325_firmwareqdm2302_firmwarepmm8155aucsr8811qpa8673sd210wcn6850_firmwarewsa8835_firmwareqca6564aqet6110pmi8952_firmwareqcm2290_firmwaremdm9635m_firmwareqpm5670wcn3990qcn9000mdm9625m_firmwarear9380_firmwaresdx24qcn9012pmi8994_firmwarepm8350bqdm2307_firmwarewsa8835rgr7640aupm8916_firmwareqca9889qca6174asmb1390_firmwareipq8074qca9994_firmwarepm8956_firmwareqtm525wtr6955qfe3335sd855sm4125_firmwarewtr6955_firmwarepm640pqcn5021ipq8069qcn5152sd768g_firmwaresmb1351smb1357_firmwaresd8cx_firmwareipq6005aqt1000_firmwareqcn9100qpm8895_firmwareqpa4340qfe1035_firmwareqcm4290sdr8150sdx20smb1395_firmwaremdm9215pmd9655sd8655g_firmwarewcd9341_firmwarewsa8810qtc410s_firmwareqat5568_firmwarewtr4905_firmwareqdm5679wcn3680bipq6010_firmwarepm3003a_firmwareqca6696sm4350sd845_firmwaresmb1381_firmwareqpa2625qca9990_firmwareipq8071_firmwareqcn9074_firmwarepm8956pm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-13910
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.1||CRITICAL
EPSS-0.43% / 61.93%
||
7 Day CHG~0.00%
Published-07 Jun, 2020 | 19:36
Updated-04 Aug, 2024 | 12:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Pengutronix Barebox through v2020.05.0 has an out-of-bounds read in nfs_read_reply in net/nfs.c because a field of an incoming network packet is directly used as a length field without any bounds check.

Action-Not Available
Vendor-pengutronixn/a
Product-bareboxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-11251
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.2||HIGH
EPSS-0.24% / 46.83%
||
7 Day CHG~0.00%
Published-07 Apr, 2021 | 07:55
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds read vulnerability while accessing DTMF payload due to lack of check of buffer length before copying in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100qfe2080fc_firmwareqca9377_firmwareqfs2580qpm5679_firmwaremdm9640_firmwaresm6250p_firmwarepmd9607_firmwareqfe4455fc_firmwareqca8337qfs2530qpm8870_firmwareqln1030pm6125qat5522_firmwarewcn3950_firmwarepm8150aqdm5670qca6595au_firmwarepm7150lqcc1110_firmwaremdm8215pm8998_firmwareqpa8821wtr5975_firmwareqcs6125_firmwarepm456_firmwareqpa5580_firmwaremsm8108sa415mwcn3998wcd9371_firmwaremsm8108_firmwarewcn3950sm4125sd720gwtr1605mdm9206_firmwareqsw8573_firmwarewcn3660bsd450_firmwareqfe4320qcc112qsw8574_firmwaresd460_firmwaremdm9230_firmwaresmb2351_firmwaremdm8215mpm8953_firmwareqpa4360_firmwarewcn3998_firmwareqfe2520_firmwareapq8009w_firmwarepm855papq8053_firmwareqca6420pm6150awtr4605_firmwareqca9367_firmwaremdm8207pm660_firmwarepm8150bsa8155_firmwareqca4004_firmwareqfe2101qca6430qat3522qfe4455fcpmr735awcd9306_firmwarewcd9340sd765gsdr660qfe1045_firmwareqfe3345msm8209_firmwaresdr865mdm9250_firmwareqdm5620_firmwaresmb1358qca6696_firmwareqln5020wcd9371sd870_firmwaresmb1350mdm8215_firmwarepmm855au_firmwarewtr3950qfe3340qdm5621qtc800sqca4004qat3514_firmwaremdm9330_firmwaresd660sd712pm640p_firmwaresd660_firmwareqat5516_firmwarepm6150lsd450pm855l_firmwareqtc410swcn3991qfe3335_firmwareqpa8801sdm429wpm8150l_firmwareqat5533_firmwaresdx55m_firmwaresdxr25gqpa8673_firmwarepm6150smb1354_firmwaremsm8976_firmwareqca6574sd632_firmwaresd670_firmwareqpa8842sdr052_firmwarepmm8996auwcd9380sd850qualcomm215qln4640qcs410smb1380_firmwareqfe4309_firmwaresmb1381pm855p_firmwareqfe3100_firmwarepm7250qca9379_firmwarewtr4905qpa8803sdx24_firmwaresd439_firmwaresdxr25g_firmwarepmd9645qdm2301wcd9340_firmwarewsa8815wcn6850qfe2101_firmwareqca6584_firmwareqdm2301_firmwaremsm8937_firmwareqdm5621_firmwaremdm9215_firmwaresd835wcn3980_firmwaresd730qfe3320_firmwarepm660l_firmwarepm6250_firmwarear6003_firmwarepm8008qtm525_firmwarepme605_firmwarewtr1605l_firmwarepme605sd678_firmwareqpm5621_firmwareqln1021aq_firmwareqcs603rsw8577qpa6560_firmwareqpa8802_firmwareqln4640_firmwareqfe4308_firmwareqpm5621qpm6582sd670pm8009_firmwareapq8009wqfe4303qfs2580_firmwareqcm4290_firmwarepm8150lpmi8998_firmwareqcs610_firmwaresdr105pm660a_firmwarepm215pm4250mdm8207_firmwaresdm630_firmwarewtr2965mdm9205_firmwareqca6391_firmwaresd820_firmwarepmx20_firmwarepm8150pmi8937_firmwarewcd9370_firmwareqat3516_firmwaresdx55apq8053qat3555_firmwarepmi8994qpa8803_firmwarewcn3660qca9379pm855bsmb2351qln1031pm8909mdm9150_firmwareqfe1040pm660qet6110_firmwarepm6125_firmwareqbt1500qfe1040_firmwarecsrb31024mdm9628_firmwareqfe2340_firmwaremdm9650pmx24_firmwareqbt1500_firmwarepmk8001qcs4290pmm855aumdm9250qca6420_firmwarepmd9635_firmwareapq8009_firmwarepm7150amdm9310_firmwaresd675_firmwareqpa4361_firmwareqca6426wcn3990_firmwareqca9377qpa5373_firmwaresdw2500_firmwarewcd9385_firmwareqdm5650_firmwareqpa4340_firmwarewcd9326_firmwarewhs9410wcn3615_firmwarewtr2955rgr7640au_firmwarepm7250_firmwaresdr845_firmwareqdm5620qln1021aqsmb1380pmk8002_firmwareqsw6310_firmwaresa8155qca6584qln1031_firmwaresdx55_firmwareqat5533wcn3615sm7250p_firmwarewcn3610_firmwarepm8940mdm9207qsm7250_firmwarepm7150l_firmwarewcd9306qca6584aumsm8208qat5515_firmwarepm855qpm8830_firmwaresd429pm8250qca9367qfe2082fc_firmwaresdm630mdm9607_firmwaremdm9655_firmwaremsm8976sgqfs2530_firmwarepmx55sa415m_firmwarewcn3988_firmwaresd205sd429_firmwarepm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwarepm8953qat5515qca6694qpm5677qat3514wcd9326wcd9335pm8004_firmwaresdr8150_firmwareqcs4290_firmwarepm439qtc800h_firmwareqca6390wcd9375aqt1000msm8976sm6250_firmwareqln4642msm8917_firmwareqpm5677_firmwaresdx20_firmwarewsa8815_firmwarewtr3925_firmwarepmi8937pm8998sdw3100smr525_firmwareqpm8820_firmwareqfe4301_firmwareapq8017qcc112_firmwarear6003qln1020_firmwaremdm9630_firmwareqcm6125_firmwarepmx55_firmwarewtr2955_firmwareqbt1000_firmwareqfe4373fc_firmwareqca6595pm8150_firmwareqpm8830pmm8996au_firmwareqat5522pm8150csd665_firmwareqpa4360sc8180xqpa4361mdm9206qdm5679_firmwaresmr525qca6310_firmwareqfe4305_firmwarepm6150l_firmwarepmr525mdm9615pm8150a_firmwareqca6574_firmwarewtr3950_firmwareqln1036aq_firmwaresd665pm6150a_firmwarepm6150_firmwaresd765pmx20pmd9607qca6574a_firmwareqat3555sd850_firmwareapq8009mdm9310qfe2082fcsd8c_firmwarewtr2965_firmwarepm670_firmwarecsrb31024_firmwareqln1036aqqtc801spmi8940_firmwaresc8180x_firmwareqfe3320mdm8215m_firmwaremdm9607sd710pm8008_firmwareqln1035bd_firmwarepmr735a_firmwarepmw3100pmx50pm8018qfe3345_firmwaresdr8250sd768gqln1030_firmwaresmb1350_firmwarepmw3100_firmwarepm8004pm640lmsm8940pmk8002apq8096au_firmwaresdw2500sd845mdm9615_firmwaresd455_firmwaresmb1357pmd9655au_firmwareqcs410_firmwaremdm9330qpa5580pm8018_firmwareqfe2550qcs610pmi8996qfe1045qdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqat3519qbt2000_firmwarepm855a_firmwareqtc800hsdr8250_firmwareqcs2290qca6335msm8917qln1020qcs605_firmwarewtr3905qdm5671pmc1000hqpm4650_firmwaremdm8615m_firmwareqat3518sd8csd632sdr425_firmwaresmr526_firmwaremdm9628pm640a_firmwareqpa5460wgr7640_firmwareqdm2305_firmwareqpm5670_firmwaresd710_firmwareqca4020qdm5652qca6574au_firmwaremdm9630qpm8870wcd9375_firmwareqpm5679qbt2000msm8909wwcd9360pmx50_firmwareqpa8675_firmwarewhs9410_firmwareqpa5460_firmwarepm8940_firmwareqdm3301_firmwarepm8996qsm7250qcs6125sd662_firmwareqcc1110smb1360qualcomm215_firmwareqfe3440fcqdm2308_firmwarersw8577_firmwarepm439_firmwareqca4020_firmwareqca6436wcn6851qcs603_firmwareqpa6560msm8937sdr675_firmwarewcn3660_firmwarewcd9341pmi8952mdm9655pm8937_firmwareqca6431qet4100_firmwareqfe4320_firmwarewcn3910_firmwarewtr1605_firmwaremdm9207_firmwaresd855_firmwareqdm5650wcn3988wtr3925qfe2080fcsdr052smb1390sdw3100_firmwaremsm8208_firmwareqet4100wcn3610msm8608mdm9640qpa8686_firmwareqpm6585qca8337_firmwaresda429w_firmwarewcd9380_firmwaresmb1355qln4650qtc800t_firmwarewcd9330msm8996au_firmwarewgr7640csr6030qet5100qdm5671_firmwareqpa8801_firmwareqca6564auqtm527_firmwaresd636pm8005_firmwaremsm8940_firmwareqet4101_firmwarepm7250bqln4642_firmwarepmk8001_firmwaresmb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwaremdm9230pm8996_firmwareqet4200aq_firmwaresdx50m_firmwaresmb358spm660lsmb358s_firmwarear8151smr526wtr5975qca6174qca6430_firmwareqtc801s_firmwarewcd9335_firmwareqat3522_firmwarewcn3980qca6335_firmwareqsw8573qcs605qbt1000wcn3910qca6320mdm9650_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680qfe4309pm8009qpa8675sdr051_firmwarewcd9330_firmwaresdx55mqca6421_firmwarewtr3905_firmwareqfe4373fcmsm8953qat3518_firmwarepmi8998qfe2520qsw8574sd821_firmwarewcn3680_firmwarepm855lwcn6851_firmwareqdm5670_firmwarepmd9635sd8655gpm7150a_firmwarepm8150b_firmwareqfe4302pmc1000h_firmwareqca6564a_firmwareqdm2310_firmwareqca6694au_firmwarepm4250_firmwaremsm8976sg_firmwaresdr105_firmwarepmd9645_firmwaresd870pm670sd210_firmwarewtr1605lqdm5677pm8005pm855_firmwareqdm2302sdxr1pm855b_firmwareapq8096auqca6595_firmwareqpm6582_firmwarepm640l_firmwarepmi8996_firmwareqln4650_firmwareqet5100msa8155psd675wtr4605sd439qet4101pm8952qat3516pm670lqpm5658qcm2290qpm5658_firmwarewcn3991_firmwareqdm5652_firmwareqfe4465fcsd678sdr051qln5030qcs2290_firmwarepm4125pmi632qpa2625_firmwarepm456qfe2081fc_firmwaresmb1360_firmwareqet5100_firmwareqpa5373pm670l_firmwaresdr660gqfe2340sd455sd765g_firmwareqpa8686smb1358_firmwareqca6390_firmwareqca6174_firmwaresd730_firmwarewcd9370sdr425pmr525_firmwareqca6584au_firmwareqfe3340_firmwarear8151_firmwarepmi632_firmwareqat5516smb358_firmwaresd662qpa8821_firmwareqfe4308sdr660g_firmwareapq8037pm3003aqca6320_firmwarewcn3680b_firmwareqca6595auqca6436_firmwareqtc800tsmb1354qca6564au_firmwareqdm2305qca6310qpm8820pm8937qpm2630qfe2081fcqln5020_firmwaresa515m_firmwaresd821sdr675sm6250sd712_firmwareapq8017_firmwarewsa8810_firmwaresmb231sd765_firmwareqdm5677_firmwareqet4200aqqca6174a_firmwarewcd9385mdm8615mqdm2302_firmwareqat3550_firmwareqln5040_firmwarepm4125_firmwareqpa8673qca6694_firmwareqdm2310qfe2550_firmwaremsm8953_firmwareqln5030_firmwareqca6694aupm8952_firmwaresda429wsd210wcn3620_firmwareqfe4302_firmwaresd820wcn6850_firmwarewcn3620smb358csr6030_firmwareqca6564apmx24qet6110pmi8952_firmwareqcm2290_firmwareqln5040qpm8895sdr845qpm5670wcn3990qtm527qfe3440fc_firmwaresdx24pmi8994_firmwareqdm2307_firmwaremsm8909w_firmwaremsm8996ausdm429w_firmwareqfe1035pmi8940sm6250prgr7640auqln1035bdpm855asdr660_firmwarepm8909_firmwareqca6574apm8916_firmwaresmb1390_firmwareqca6174aqfe4303_firmwarepm8956_firmwareqet5100m_firmwareqpm4650mdm9205qtm525sa515mwtr6955qfe3335sd855sd8cxsm4125_firmwareqfe4305wtr6955_firmwarepm640psd768g_firmwaresdr865_firmwaremsm8209qfe4465fc_firmwarepm8250_firmwaresd460qca6391sd8cx_firmwaresdxr1_firmwaresmb1351smb1357_firmwareaqt1000_firmwarepm215_firmwaremsm8920qpm8895_firmwarepm660aqpa4340qfe1035_firmwareqcm4290sdx50mpm640asdr8150sdx20pm8916pmd9655aumsm8920_firmwaremdm9215pmd9655qca6574ausa8155p_firmwaresd205_firmwareqsw6310sd8655g_firmwarewcd9341_firmwareqcm6125wsa8810qtc410s_firmwareqpm2630_firmwaresmb231_firmwareqdm2308wtr4905_firmwareqat3550mdm9150qdm5679wcn3680bsd835_firmwarepm3003a_firmwareqca6696qfe4301qtc800s_firmwaresmb1381_firmwaresd845_firmwaremsm8608_firmwareqpa2625apq8037_firmwaresm7250psd720g_firmwarepm8956sd636_firmwarepm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-11275
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.29% / 51.65%
||
7 Day CHG~0.00%
Published-22 Feb, 2021 | 06:26
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer over-read while parsing quiet IE in Rx beacon frame due to improper check of IE length in received beacon in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100qfe2080fc_firmwareqca9377_firmwareqfs2580qpm5679_firmwaremdm9640_firmwaresm6250p_firmwareipq4028_firmwarepmd9607_firmwareqca1023qca8337qfe4455fc_firmwarear9380ipq8173_firmwareqfs2608_firmwareqfs2530qpm8870_firmwareqln1030qpa8688pm6125qcn5124qat5522_firmwarewcn3950_firmwarepm8150aqdm5670qca6595au_firmwareqpm5541_firmwareqpa5581_firmwaresa6155pm7150lqpa8821mdm8215pm8998_firmwarewtr5975_firmwareqcs6125_firmwarepm456_firmwareqpa5580_firmwaresa415mwcn3998wcd9371_firmwarewcn3950qcn6024_firmwaresd720gsm4125mdm9206_firmwareqsw8573_firmwarewtr1605wcn3660bqsm8350_firmwareqsw8574_firmwareqsm8350sd460_firmwaresmb2351_firmwarepm8953_firmwaresd6905gqpa4360_firmwareqca8081_firmwarewcn3998_firmwarepm855pqca6420apq8053_firmwarewtr4605_firmwarepm6150aqpm6670_firmwareipq8070_firmwareqca9367_firmwareipq8078a_firmwarepm660_firmwarepm8150bipq8072_firmwaresa8155_firmwareqfe2101qca6430qat3522qfe4455fcpmr735awcd9340sdm830_firmwaresd765gsdr660qfs2630_firmwaresdr865mdm9250_firmwareqdm5620_firmwareqca9888_firmwaresmb1358smr545qca6696_firmwareqln5020wcd9371smb1350qca1062qcn5154_firmwaremdm8215_firmwarepmm855au_firmwaresm4350_firmwarewtr3950sa8150ppm6350qdm5621qtc800sqat3514_firmwareqca9992_firmwaresd660sd712pm640p_firmwaresd660_firmwareqcn5121qcn5022_firmwareqcn7606_firmwareqat5516_firmwarepm6150lwcn6750_firmwaresd8885gpm855l_firmwareqca6428_firmwareqtc410sipq4018_firmwarewcn3991qca9980_firmwareqpa8801ipq8078pm8150l_firmwareipq8173qat5533_firmwaresdx55m_firmwaresdxr25gqpa8673_firmwarepm6150smb1354_firmwaresd670_firmwareqca6574qfs2630qpa8842csr8811_firmwarepmm8996ausdr052_firmwarewcd9380sd850qln4640qcs410qpm5579_firmwaresmb1380_firmwarepmk8350_firmwareqcn5024pm855p_firmwaresmb1381qfe3100_firmwarepm7250qca9379_firmwarewtr4905qpa8803sdx24_firmwareqcn9012_firmwaresdxr25g_firmwarepmd9645qdm2301ipq6018_firmwarewcd9340_firmwarewsa8815wcn6850qfe2101_firmwarepmp8074_firmwareqca6584_firmwareqdm2301_firmwareqdm5621_firmwareqpm6375mdm9215_firmwareipq6028ipq8064sd835pmp8074wcn3980_firmwaresd730qfe3320_firmwarepm660l_firmwarepm6250_firmwarepm8008pm8350b_firmwareqtm525_firmwarepme605_firmwareqcn5064_firmwarepme605ipq8078_firmwareqpm5621_firmwareqcn5054qln1021aq_firmwareqcs603rsw8577qpa6560_firmwareqca9994qpa8802_firmwareqln4640_firmwareqca9980qpm5621qcn9024_firmwareipq8174_firmwarepm8009_firmwareqpm6582qfs2580_firmwaresd670qcm4290_firmwarewcn6855qcn7605_firmwarepm8150lpmi8998_firmwareqcs610_firmwaresa6145ppm660a_firmwarepm4250qca9886_firmwarear8031qca1023_firmwareqpm5577wtr2965sdm630_firmwaresd820_firmwareqca6391_firmwarepmx20_firmwarepm8150qca4024wcd9370_firmwareqat3516_firmwaresdx55apq8053qcn5021_firmwarecsra6640qat3555_firmwarepmi8994qpa8803_firmwareqca9379pm855bsmb2351qln1031qcn7606qpm5870pm8909wsa8830pm660qet6110_firmwareqca1062_firmwareqpm6325pm6125_firmwareqbt1500qpa5581csrb31024mdm9628_firmwaremdm9650pmx24_firmwareqbt1500_firmwareqpm5870_firmwarepmk8001qca9992qcs4290pmm855auqet6100mdm9250qca6420_firmwareapq8009_firmwaresmb1396pm7150amdm9310_firmwaresd675_firmwareipq8072pm8350qca6564qpa4361_firmwarepm8350c_firmwareqpa5461_firmwareqca6426wcn3990_firmwareqca9984_firmwareqca9377qpm5641wcd9385_firmwareqdm5650_firmwareqpa4340_firmwarewcd9326_firmwarewhs9410wcn3615_firmwarergr7640au_firmwarepm7250_firmwaresdr845_firmwareqdm5620qln1021aqipq8074asmb1380pmk8002_firmwareqsw6310_firmwaresa8155qca6584qdm4650_firmwareqcn5122_firmwarepmm6155au_firmwareqat5533qln1031_firmwareqcn6023_firmwaresdx55_firmwarewcn3615sm7250p_firmwarewcn3610_firmwareqsm7250_firmwareqpm6670pm7150l_firmwareqca6584auqpm4641qat5515_firmwareipq8174pm855qpm8830_firmwarepm8250qcn5052qca9367qfe2082fc_firmwaresdm630mdm9607_firmwaremdm9655_firmwareqdm4643qfs2530_firmwaresa415m_firmwarepmx55qpm4641_firmwareqcn9074wcn3988_firmwarepm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresa8195psdr735_firmwarepm8953qat5515qca6694qpm5677qat3514wcd9326wcd9335pm6350_firmwareqcn6023pm8004_firmwaresdr8150_firmwareqcs4290_firmwareqtc800h_firmwareqpm5620qpm4630qca6390qca9898_firmwaresd750g_firmwareaqt1000wcd9375sm6250_firmwarepmm8195auqln4642msm8994qpm5677_firmwareipq5010_firmwareipq8074a_firmwaresdx20_firmwaresmr525_firmwarepm8998wsa8815_firmwarewtr3925_firmwareqpm8820_firmwareapq8017qln1020_firmwareqpm6621_firmwarepm670a_firmwareqcm6125_firmwarepmx55_firmwareqbt1000_firmwarepm8019qca6595pm8150_firmwaresmb1398_firmwareqpm8830pmm8996au_firmwareqat5522pm8150cpmr735bsd665_firmwareqca9369_firmwareqpa4360pmk8003_firmwareqcn5154qca8075_firmwaresc8180xqpa4361ipq6005_firmwaremdm9206qpm4640_firmwareqpm5577_firmwarewcn6855_firmwareqdm5679_firmwarepm8350csmr525qca9888qca6310_firmwareipq8070a_firmwarepm6150l_firmwarepmr525mdm9615pm8150a_firmwareqca6574_firmwareqca9886wtr3950_firmwareqln1036aq_firmwaresd665pm6150a_firmwarepm6150_firmwareqca6175asd765pmx20pmd9607qca6574a_firmwareqpm4630_firmwareqat3555sd850_firmwareapq8009qpa5461mdm9310qfe2082fcsd8c_firmwarewtr2965_firmwarepm670_firmwarecsrb31024_firmwareqfs2608qcn9070_firmwareqln1036aqqtc801sipq6028_firmwareipq8072a_firmwaresc8180x_firmwaremdm9626_firmwareqpm5641_firmwareqca9889_firmwareqfe3320mdm9607qcn5122sd710pm8008_firmwareqln1035bd_firmwaresdx20m_firmwareqpm6621pmr735a_firmwarepmx50pm8018qcn5022qca6564_firmwaresdr8250sd768gqca1064_firmwareqln1030_firmwaresmb1350_firmwarepm8004pm640lpmk8002qca8075apq8096au_firmwareqcn6024qcn9022sd845mdm9615_firmwaresd455_firmwaresdm830ipq6000_firmwaresmb1357qcs410_firmwareqca6175a_firmwareqpa5580pm8018_firmwareqpm5579qfe2550sa6150p_firmwareqcs610qcn5550pmi8996qpm5620_firmwareqdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqat3519qbt2000_firmwareqca4024_firmwarepm855a_firmwareipq8078aqtc800hsa8150p_firmwareqcs2290sdr8250_firmwareqca6335qcn5064csra6620_firmwareqcs605_firmwareqln1020smr546_firmwarewtr3905qdm5671csra6640_firmwarepmc1000hqpm4650_firmwareqat3518sd8csdr425_firmwaresmr526_firmwareipq8076amdm9628pm640a_firmwareqpa5460wgr7640_firmwareqdm2305_firmwareqpm5670_firmwaresd710_firmwareqca4020qca6428qdm5652qca6574au_firmwareqcn5164_firmwareipq8071qpm8870wcd9375_firmwareqpm5679qbt2000sa6155_firmwarewcd9360sdx20mqca6438_firmwarepmx50_firmwareqpa8675_firmwarewhs9410_firmwaresdr735gqpa5460_firmwarewcn3999qdm3301_firmwarepm8996qsm7250ipq4029_firmwareqcs6125ipq6010sd662_firmwaresmb1360qcs405qfe3440fcqdm2308_firmwarersw8577_firmwareqca4020_firmwareqca6436wcn6851sa6155pqcs603_firmwareqpa6560sdr675_firmwarewcd9341pmi8952qdm4643_firmwaremdm9655pm8937_firmwareqca6431qet4100_firmwaresd750gwcn3910_firmwareqpm5657wtr1605_firmwareqpm5875_firmwarewsa8830_firmwaresd855_firmwareqdm5650wcn3988qca6438wtr3925qfe2080fcsdr052sa8195p_firmwaresmb1390qca9898ipq4028qet4100wcn3610mdm9640qpa8686_firmwareipq5018_firmwareqpm6585qca8337_firmwarewcd9380_firmwaresmb1355ipq8072aqln4650qtc800t_firmwaremsm8996au_firmwaresdr735g_firmwarewcd9330wgr7640qat5568csr6030ipq8076a_firmwareqdm5671_firmwareqca6564auqet5100qpa8801_firmwareqtm527_firmwaresd636pm8005_firmwarewcn6856_firmwareqcn5164qet4101_firmwarepm7250bqln4642_firmwarepmk8001_firmwaresmb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwareqcn5054_firmwarepm8996_firmwareqet4200aq_firmwaresdx50m_firmwaresdr735smb1395smb358spm660lsmb358s_firmwarear8151smr526qca8072_firmwarewtr5975qca6430_firmwarepmk8003qcn5052_firmwareqtc801s_firmwareqat3522_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqsw8573qcs605qbt1000sd7cqca6320wcn3910mdm9650_firmwareqca6426_firmwarepm8350_firmwarewcn3660b_firmwareqca9984qcn9024pm8009qpa8675qcn5550_firmwaresdr051_firmwaresdx55mwcd9330_firmwareipq8064_firmwarepm670aqca6421_firmwarewtr3905_firmwareqat3518_firmwareqsw8574pmi8998sd6905g_firmwarear8031_firmwarepm855lwcn6851_firmwareqdm5670_firmwareipq8070sd8655gpm7150a_firmwarepm8150b_firmwaresmr545_firmwarepmc1000h_firmwareqca6564a_firmwareqdm2310_firmwarepm4250_firmwarepmd9645_firmwareqcn5121_firmwaresd8885g_firmwarepm670sd210_firmwareqdm5677pm8005ipq6018pm855_firmwareqdm2302pmm6155ausdxr1pm855b_firmwareapq8096auqca6595_firmwareqcs405_firmwareqpm6582_firmwareqpm6375_firmwarepm640l_firmwarepmi8996_firmwareqln4650_firmwareqpm5875qet5100msa8155psd675wtr4605qet4101qat3516pm670lqpm5658ar8035_firmwareqcm2290qpm5658_firmwareqcn5024_firmwarewcn3991_firmwareqdm5652_firmwarepmm8155au_firmwareqfe4465fcqcn9070sdr051qln5030qcs2290_firmwarepm4125pmi632qpa2625_firmwarepm456sd7c_firmwareqfe2081fc_firmwarepm8350bh_firmwarecsra6620pmr735b_firmwareqet5100_firmwareqpm4621smb1360_firmwareqcn9072qet6100_firmwarepm670l_firmwaresdr660gsd455sd765g_firmwareqpa8686smb1358_firmwareipq8069_firmwareqca6390_firmwareipq6000sd730_firmwarewcd9370qcn5152_firmwaresdr425pmr525_firmwareqca6584au_firmwareqcn9000_firmwareipq5018qca9369ar8151_firmwarepmi632_firmwareqcn7605qpm5541qat5516sd662qpa8821_firmwareqcn5124_firmwaresdr660g_firmwarepm8350bhqca1064pm3003aqca6320_firmwarewcn3680b_firmwareqca6595auwcn3999_firmwareqca6436_firmwareqtc800tsmb1354ipq5010qca6564au_firmwareqdm2305sa6155p_firmwareqca6310qpm8820pm8937qpm2630qfe2081fcqln5020_firmwaresa515m_firmwareqca9990smb1398msm8994_firmwaresa6145p_firmwaresdr675sm6250sd712_firmwareapq8017_firmwarewsa8810_firmwaresmb231sd765_firmwareqdm5677_firmwareqca8081qet4200aqipq8071aqca6174a_firmwareipq8071a_firmwarewcd9385qpm6325_firmwareqdm2302_firmwareqat3550_firmwarepmm8155auqln5040_firmwarepm4125_firmwarear8035csr8811pm8019_firmwareqpa8673qca6694_firmwareqdm2310qfe2550_firmwareqcn9100_firmwareqln5030_firmwaresd210sd820smb1396_firmwarewcn6850_firmwarewsa8835_firmwarecsr6030_firmwareqca6564apmx24smr546qet6110pmi8952_firmwareqca8072qcm2290_firmwareqln5040qpm8895sdr845qpm5670wcn3990qcn9000qtm527qfe3440fc_firmwarear9380_firmwarepmk8350sdx24qcn9012pmi8994_firmwarepm8350bqdm2307_firmwarewsa8835msm8996auqpm5657_firmwaresm6250prgr7640auqln1035bdpm855asdr660_firmwarepm8909_firmwareipq4018qca6574apm8916_firmwareqca9889qca6174asmb1390_firmwareipq8074qca9994_firmwareqpm4640wcn6750qet5100m_firmwareipq8076_firmwareqpm4650qtm525sa515mwtr6955sd855sm4125_firmwaresd8cxipq8076wtr6955_firmwarepm640pqcn5021ipq8069qcn5152sd768g_firmwaresdr865_firmwareqfe4465fc_firmwarepm8250_firmwaresd460qca6391sd8cx_firmwaresdxr1_firmwaresmb1351smb1357_firmwareipq6005aqt1000_firmwareqcn9100qpm8895_firmwaremdm9626pm660aqpa4340qcm4290sdx50mpm640asdr8150sdx20pm8916smb1395_firmwareqdm4650mdm9215pmd9655ipq8074_firmwareqca6574ausa8155p_firmwareqsw6310sd8655g_firmwarewcd9341_firmwareqcm6125wsa8810qtc410s_firmwareqpm2630_firmwaresmb231_firmwareqat5568_firmwareqdm2308qat3550wtr4905_firmwarewcn6856qdm5679wcn3680bsd835_firmwareipq6010_firmwarepm3003a_firmwareqca6696qtc800s_firmwaresm4350sd845_firmwaresmb1381_firmwareqpa2625sa6150pqcn9022_firmwareqpa8688_firmwareqca9990_firmwareipq8070apmm8195au_firmwareqcn9072_firmwaresm7250psd720g_firmwareipq8071_firmwareqcn9074_firmwareqpm4621_firmwareipq4029sd636_firmwarepm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-37042
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-9.1||CRITICAL
EPSS-0.23% / 45.73%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 15:45
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an Improper verification vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause out-of-bounds read.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-magic_uiemuiMagic UIEMUI
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-11190
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.37% / 58.01%
||
7 Day CHG~0.00%
Published-17 Mar, 2021 | 06:00
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100qfe2080fc_firmwareqca9377_firmwareqfs2580qpm5679_firmwaremdm9640_firmwaresm6250p_firmwarepmd9607_firmwareqfe4455fc_firmwareqca8337qfs2530qpm8870_firmwareqln1030pm6125qat5522_firmwaremdm9645wcn3950_firmwarepm8150aqdm5670qca6595au_firmwareqpm5541_firmwarepm7150lqcc1110_firmwarepm8998_firmwareqpa8821sd_455_firmwarewtr5975_firmwareqcs6125_firmwarepm456_firmwareqpa5580_firmwaremsm8108sa415mwcn3998wcd9371_firmwaremsm8108_firmwarewcn3950sm4125sd720gmdm9206_firmwareqsw8573_firmwarewcn3660bsd450_firmwareqfe4320qsw8574_firmwaresd460_firmwaremdm9230_firmwaresmb2351_firmwarepm8953_firmwareqpa4360_firmwarewcn3998_firmwareqfe2520_firmwareapq8009w_firmwarepm855papq8053_firmwareqca6420pm6150awtr4605_firmwareqca9367_firmwaremdm8207pm660_firmwarepm8150bsa8155_firmwareqca4004_firmwareqfe2101qca6430qat3522qfe4455fcpmr735awcd9306_firmwarewcd9340sd765gsdr660qfe1045_firmwareqfe3345msm8209_firmwaresdr865mdm9250_firmwareqdm5620_firmwaresmb1358qca6696_firmwareqln5020wcd9371sd870_firmwarepmm855au_firmwaresd_8cxwtr3950qfe3340qdm5621qtc800sqca4004qat3514_firmwaremdm9330_firmwaresd660sd865_5g_firmwaresd712pm640p_firmwaresd660_firmwarewcn6750_firmwareqat5516_firmwarepm6150lsd450pm855l_firmwareqtc410swcn3991qfe3335_firmwareqpa8801sdm429wpm8150l_firmwareqat5533_firmwaresdx55m_firmwareqpa8673_firmwarepm6150smb1354_firmwaremsm8976_firmwareqca6574sd632_firmwaresd670_firmwareqpa8842sdr052_firmwarepmm8996auwcd9380qualcomm215qln4640qcs410qpm5579_firmwaresmb1380_firmwareqfe4309_firmwaresmb1381pm855p_firmwareqfe3100_firmwarepm7250qca9379_firmwarewtr4905qpa8803sdx24_firmwaresd439_firmwarepmd9645qdm2301wcd9340_firmwarewsa8815wcn6850qfe2101_firmwareqca6584_firmwareqdm2301_firmwaremsm8937_firmwareqdm5621_firmwareqpm6375sd_8c_firmwaresd835wcn3980_firmwaresd730qfe3320_firmwarepm660l_firmwarepm6250_firmwarepm8008qtm525_firmwarepme605_firmwarepme605sd678_firmwareqpm5621_firmwareqln1021aq_firmwareqcs603rsw8577qpa6560_firmwareqpa8802_firmwareqln4640_firmwareqfe4308_firmwareqpm5621qpm6582sd670pm8009_firmwareapq8009wqfe4303qfs2580_firmwareqcm4290_firmwarepm8150lpmi8998_firmwareqcs610_firmwareapq8084_firmwaresdr105pm660a_firmwarepm215pm4250qpm5577mdm8207_firmwaresdm630_firmwarewtr2965mdm9205_firmwareqca6391_firmwaresa2150ppmx20_firmwaresd820_firmwarepm8150pmi8937_firmwarewcd9370_firmwareqat3516_firmwaresdx55apq8053qat3555_firmwarepmi8994qpa8803_firmwarewcn3660qca9379pm855bsmb2351qln1031pm8909mdm9150_firmwareqfe1040pm660qet6110_firmwareqpm6325pm6125_firmwareqbt1500qfe1040_firmwarecsrb31024mdm9628_firmwareqfe2340_firmwaremdm9650sd_636pmx24_firmwareqbt1500_firmwarepmk8001qcs4290pmm855aumdm9250qca6420_firmwarepmd9635_firmwareapq8009_firmwarepm7150asd675_firmwareqpa4361_firmwareqca6426wcn3990_firmwareqca9377qpa5373_firmwaresdw2500_firmwarewcd9385_firmwareqdm5650_firmwareqpa4340_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwarewhs9410rgr7640au_firmwarewtr2955pm7250_firmwaresdr845_firmwareqdm5620qln1021aqsmb1380pmk8002_firmwareqsw6310_firmwaresa8155qca6584qln1031_firmwaresdx55_firmwareqat5533wcn3615sm7250p_firmwarewcn3610_firmwarepm8940mdm9207qsm7250_firmwarepm7150l_firmwarewcd9306qca6584aumsm8208qat5515_firmwarepm855qpm8830_firmwaresd429pm8250qca9367qfe2082fc_firmwaresdm630mdm9607_firmwaremdm9655_firmwaremsm8976sgqfs2530_firmwarepmx55sa415m_firmwarewcn3988_firmwaresd205sd429_firmwarepm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwarepm8953qat5515qca6694qpm5677qat3514wcd9326wcd9335pm8004_firmwaresdr8150_firmwareqcs4290_firmwarepm439qtc800h_firmwareqca6390wcd9375aqt1000msm8976sm6250_firmwareqln4642msm8917_firmwareqpm5677_firmwaresdx20_firmwarewsa8815_firmwarewtr3925_firmwarepmi8937pm8998sdw3100smr525_firmwareqpm8820_firmwareqfe4301_firmwareapq8017qln1020_firmwaremdm9630_firmwareqcm6125_firmwarepmx55_firmwarewtr2955_firmwareqbt1000_firmwareqfe4373fc_firmwaresd865_5gqca6595pm8150_firmwareqpm8830pmm8996au_firmwareqat5522pm8150csd665_firmwareqpa4360sc8180xqpa4361mdm9206qpm5577_firmwareqdm5679_firmwaresmr525qca6310_firmwareqfe4305_firmwarepm6150l_firmwarepmr525pm8150a_firmwareqca6574_firmwarewtr3950_firmwareqln1036aq_firmwaresd665pm6150a_firmwarepm6150_firmwaresd765pmx20pmd9607qca6574a_firmwareqat3555sd850_firmwareapq8009qfe2082fcwtr2965_firmwarepm670_firmwarecsrb31024_firmwareqln1036aqqtc801spmi8940_firmwaresc8180x_firmwareqfe3320sd710mdm9607mdm9645_firmwarepm8008_firmwareqln1035bd_firmwarepmr735a_firmwarepmw3100pmx50qfe3345_firmwaresdr8250sd768gqln1030_firmwarepmw3100_firmwarepm8004pm640lmsm8940pmk8002apq8096au_firmwaresdw2500sd845smb1357pmd9655au_firmwareqca617_firmwareqcs410_firmwaremdm9330qpa5580qpm5579qfe2550qcs610pmi8996qfe1045qdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqat3519qbt2000_firmwarepm855a_firmwareqtc800hsdr8250_firmwareqcs2290qca6335msm8917qln1020qcs605_firmwaresd_675_firmwarewtr3905qdm5671pmc1000hqpm4650_firmwareqat3518sd632sdr425_firmwaresmr526_firmwaremdm9628pm640a_firmwareqpa5460wgr7640_firmwareqdm2305_firmwareqpm5670_firmwaresd710_firmwareqca4020qdm5652qca6574au_firmwaremdm9630qpm8870wcd9375_firmwareqpm5679qbt2000msm8909wwcd9360pmx50_firmwareqpa8675_firmwarewhs9410_firmwareqpa5460_firmwarepm8940_firmwareqdm3301_firmwarepm8996qsm7250qcs6125sd662_firmwareqcc1110smb1360qualcomm215_firmwareqfe3440fcqdm2308_firmwarersw8577_firmwarepm439_firmwareqca4020_firmwareqca6436wcn6851qcs603_firmwareqpa6560msm8937sdr675_firmwarewcn3660_firmwarewcd9341pmi8952mdm9655pm8937_firmwareqca6431qet4100_firmwareqfe4320_firmwarewcn3910_firmwaremdm9207_firmwaresd855_firmwareqdm5650wcn3988wtr3925qfe2080fcsdr052smb1390sdw3100_firmwaremsm8208_firmwareqet4100wcn3610msm8608mdm9640qpa8686_firmwareqpm6585qca8337_firmwaresda429w_firmwarewcd9380_firmwaresmb1355qln4650qtc800t_firmwarewcd9330msm8996au_firmwarewgr7640csr6030qet5100qdm5671_firmwareqpa8801_firmwareqca6564auqtm527_firmwarepm8005_firmwaremsm8940_firmwareqet4101_firmwarepm7250bqln4642_firmwarepmk8001_firmwaresmb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwaremdm9230pm8996_firmwareqet4200aq_firmwaresdx50m_firmwaresmb1395smb358spm660lsmb358s_firmwarear8151smr526wtr5975qca6430_firmwarewcd9335_firmwareqtc801s_firmwarewcn3980qat3522_firmwareqca6335_firmwareqsw8573qcs605qbt1000wcn3910qca6320mdm9650_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680qfe4309pm8009qpa8675sdr051_firmwarewcd9330_firmwaresdx55mqca6421_firmwarewtr3905_firmwareqfe4373fcmsm8953qat3518_firmwarepmi8998qfe2520qsw8574sd821_firmwarewcn3680_firmwareqca617pm855lwcn6851_firmwareqdm5670_firmwarepmd9635pm7150a_firmwarepm8150b_firmwareqfe4302sd_636_firmwarepmc1000h_firmwareqca6564a_firmwareqdm2310_firmwareqca6694au_firmwarepm4250_firmwaremsm8976sg_firmwaresdr105_firmwarepmd9645_firmwaresd870pm670sd210_firmwareqdm5677pm8005pm855_firmwareqdm2302sdxr1pm855b_firmwareapq8096auqca6595_firmwareqpm6582_firmwareqpm6375_firmwarepm640l_firmwarepmi8996_firmwareqln4650_firmwareqet5100msa8155psd675wtr4605sd439qet4101pm8952qat3516pm670lqpm5658ar8035_firmwareqcm2290qpm5658_firmwarewcn3991_firmwareqdm5652_firmwareqfe4465fcsd678sdr051qln5030qcs2290_firmwarepm4125pmi632qpa2625_firmwarepm456qfe2081fc_firmwaresmb1360_firmwareqet5100_firmwareqpa5373pm670l_firmwaresdr660gqfe2340sd765g_firmwareqpa8686smb1358_firmwareqca6390_firmwaresd730_firmwarewcd9370sdr425pmr525_firmwareqca6584au_firmwareqfe3340_firmwarear8151_firmwarepmi632_firmwaresd_8cx_firmwareqpm5541qat5516smb358_firmwaresd662qpa8821_firmwareqfe4308sdr660g_firmwareapq8037pm3003aqca6320_firmwarewcn3680b_firmwareqca6595auqca6436_firmwareqtc800tsmb1354qca6564au_firmwareqdm2305qca6310qpm8820pm8937qpm2630qfe2081fcqln5020_firmwaresa515m_firmwaresdxr2_5gapq8084sd821sdr675sm6250sd712_firmwareapq8017_firmwarewsa8810_firmwaresmb231sd765_firmwareqdm5677_firmwareqet4200aqqca6174a_firmwarewcd9385qpm6325_firmwareqdm2302_firmwareqat3550_firmwareqln5040_firmwarepm4125_firmwarear8035qpa8673qca6694_firmwareqdm2310qfe2550_firmwaremsm8953_firmwareqln5030_firmwareqca6694aupm8952_firmwaresda429wsd210wcn3620_firmwareqfe4302_firmwaresd820wcn6850_firmwarewcn3620smb358csr6030_firmwareqca6564apmx24qet6110pmi8952_firmwareqcm2290_firmwareqln5040qpm8895sdr845qpm5670wcn3990sd_675qtm527qfe3440fc_firmwaresdx24pmi8994_firmwareqdm2307_firmwaremsm8909w_firmwaremsm8996ausdm429w_firmwareqfe1035pmi8940sm6250prgr7640auqln1035bdpm855asdr660_firmwarepm8909_firmwareqca6574apm8916_firmwaresmb1390_firmwareqca6174aqfe4303_firmwarewcn6750pm8956_firmwareqet5100m_firmwareqpm4650mdm9205qtm525sa515msa2150p_firmwarewtr6955qfe3335sd855sm4125_firmwareqfe4305wtr6955_firmwarepm640psd768g_firmwaresdr865_firmwaremsm8209qfe4465fc_firmwarepm8250_firmwaresd460qca6391sdxr1_firmwaresmb1351smb1357_firmwareaqt1000_firmwarepm215_firmwaremsm8920qpm8895_firmwarepm660aqpa4340qfe1035_firmwareqcm4290sdx50mpm640asdr8150sdx20pm8916pmd9655aumsm8920_firmwaresmb1395_firmwaresd_455pmd9655qca6574ausa8155p_firmwaresd205_firmwareqsw6310wcd9341_firmwareqcm6125wsa8810qtc410s_firmwareqpm2630_firmwaresmb231_firmwareqdm2308wtr4905_firmwareqat3550mdm9150qdm5679sd_8cwcn3680bsd835_firmwarepm3003a_firmwareqca6696qfe4301qtc800s_firmwaresmb1381_firmwaresd845_firmwaremsm8608_firmwareqpa2625apq8037_firmwaresm7250psd720g_firmwarepm8956sd850pm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-11126
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.29% / 51.65%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 05:00
Updated-04 Aug, 2024 | 11:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound read while WLAN frame parsing due to lack of check for body and header length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100qfs2580qca9377_firmwareqpm5679_firmwaremdm9640_firmwaresm6250p_firmwareipq4028_firmwareqca8337ar9380ipq8173_firmwareqfs2608_firmwareqfs2530qpm8870_firmwareqln1030qpa8688pm6125qcn5124qat5522_firmwarewcn3950_firmwarepm8150aqdm5670qca6595au_firmwareqpm5541_firmwareqpa5581_firmwaresa6155pm7150lqpa8821pm8998_firmwaresd_455_firmwarewtr5975_firmwareqcs6125_firmwarepm456_firmwareqpa5580_firmwarewcn3998wcd9371_firmwarewcn3950qcn6024_firmwaresd720gsm4125qsw8573_firmwareqsw8574_firmwaresd460_firmwaresmb2351_firmwareqpa4360_firmwareqca8081_firmwarewcn3998_firmwarepm855pqca6420pm6150aqpm6670_firmwareipq8070_firmwareipq8078a_firmwarepm660_firmwarepm8150bipq8072_firmwaresa8155_firmwareqca6430qat3522pmr735awcd9340sdm830_firmwaresd765gsdr660qfe1045_firmwareqfe3345qfs2630_firmwaresdr865qdm5620_firmwareqca9888_firmwareqca6696_firmwareqln5020wcd9371qcn5154_firmwarepmm855au_firmwaresd_8cxsa8150ppm6350qdm5621qtc800sqat3514_firmwareqca9992_firmwaresd660sd865_5g_firmwaresd712pm640p_firmwaresd660_firmwareqcn5121qcn5022_firmwareqcn7606_firmwareqat5516_firmwarepm6150lwcn6750_firmwarepm855l_firmwareqca6428_firmwareqtc410sipq4018_firmwarewcn3991qfe3335_firmwareqca9980_firmwareqpa8801ipq8078pm8150l_firmwareipq8173qat5533_firmwaresdx55m_firmwareqpa8673_firmwarepm6150smb1354_firmwaresd670_firmwareqca6574qfs2630qpa8842csr8811_firmwarepmm8996ausdr052_firmwarewcd9380qln4640qpm5579_firmwaresmb1380_firmwarepmk8350_firmwareqcn5024pm855p_firmwaresd690_5g_firmwaresmb1381qfe3100_firmwarepm7250qca9379_firmwarewtr4905qpa8803qcn9012_firmwarepmd9645qdm2301ipq6018_firmwarewcd9340_firmwarewsa8815wcn6850pmp8074_firmwareqdm5621_firmwareqdm2301_firmwareqpm6375sd_8c_firmwareipq6028ipq8064pmp8074wcn3980_firmwaresd730qfe3320_firmwarepm660l_firmwarepm6250_firmwarepm8008pm8350b_firmwareqtm525_firmwarepme605_firmwarepme605ipq8078_firmwareqpm5621_firmwareqcn5054qln1021aq_firmwareqcs603rsw8577qpa6560_firmwareqca9994qpa8802_firmwareqln4640_firmwareqca9980qpm5621qcn9024_firmwareipq8174_firmwarepm8009_firmwareqpm6582qfs2580_firmwaresd670wcn6855qcn7605_firmwarepm8150lpmi8998_firmwaresa6145ppm660a_firmwarear8031qpm5577wtr2965sdm630_firmwaresd820_firmwareqca6391_firmwarepm8150qca4024wcd9370_firmwareqat3516_firmwaresdx55qcn5021_firmwarecsra6640qat3555_firmwareqpa8803_firmwareqca9379pm855bsmb2351qln1031qcn7606qpm5870qfe1040wsa8830pm660qet6110_firmwareqpm6325pm6125_firmwareqbt1500qpa5581qfe1040_firmwareqfe2340_firmwaresd_636qbt1500_firmwareqpm5870_firmwareqca9992qet6100pmm855auqca6420_firmwaresd690_5gsmb1396pm7150asd675_firmwareipq8072pm8350qpa5461_firmwareqpa4361_firmwarepm8350c_firmwareqca6426wcn3990_firmwareqca9984_firmwareqca9377qpm5641wcd9385_firmwareqdm5650_firmwareqpa4340_firmwaresdxr2_5g_firmwarewcd9326_firmwarewhs9410pm7250_firmwaresdr845_firmwareqdm5620qln1021aqipq8074asmb1380pmk8002_firmwareqsw6310_firmwaresa8155qln1031_firmwareqdm4650_firmwareqcn5122_firmwaresdx55_firmwareqat5533qcn6023_firmwaresm7250p_firmwareqsm7250_firmwareqpm6670pm7150l_firmwareqca6584auqpm4641qat5515_firmwareipq8174pm855qpm8830_firmwarepm8250qcn5052sdm630qdm4643qfs2530_firmwarewcn3988_firmwarepmx55qpm4641_firmwareqcn9074pm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresa8195psdr735_firmwareqpm5677qat5515qca6694qat3514wcd9326wcd9335pm6350_firmwareqcn6023pm8004_firmwaresdr8150_firmwareqtc800h_firmwareqpm5620qpm4630qca6390qca9898_firmwaresd750g_firmwareaqt1000wcd9375sm6250_firmwareqln4642qpm5677_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwaresmr525_firmwarepm8998wsa8815_firmwarewtr3925_firmwareqpm8820_firmwareqln1020_firmwareqpm6621_firmwarepm670a_firmwareqcm6125_firmwarepmx55_firmwaresd865_5gqca6595pm8150_firmwaresmb1398_firmwareqpm8830pmm8996au_firmwareqat5522pm8150cpmr735bsd665_firmwareqpa4360pmk8003_firmwareqcn5154qca8075_firmwareqpa4361ipq6005_firmwareqpm4640_firmwareqpm5577_firmwarewcn6855_firmwareqdm5679_firmwarepm8350csmr525qca9888qca6310_firmwareipq8070a_firmwarepm6150l_firmwarepmr525pm8150a_firmwareqca6574_firmwareqln1036aq_firmwaresd665pm6150a_firmwarepm6150_firmwareqca6175asd765qca6574a_firmwareqpm4630_firmwareqat3555sd850_firmwareqpa5461wtr2965_firmwarepm670_firmwareqfs2608qcn9070_firmwareqln1036aqqtc801sipq6028_firmwareipq8072a_firmwareqpm5641_firmwareqca9889_firmwareqfe3320sd710qcn5122pm8008_firmwareqpm6621pmr735a_firmwarepmx50qfe3345_firmwareqcn5022sdr8250sd768gqln1030_firmwarepm8004pm640lpmk8002qca8075apq8096au_firmwareqcn6024qcn9022sd845sdm830ipq6000_firmwareqca6175a_firmwareqpa5580qpm5579qfe2550sa6150p_firmwareqcn5550pmi8996qpm5620_firmwareqfe1045qdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqat3519qbt2000_firmwareqca4024_firmwarepm855a_firmwareipq8078aqtc800hsa8150p_firmwaresdr8250_firmwareqca6335csra6620_firmwareqcs605_firmwareqln1020sd_675_firmwarewtr3905qdm5671csra6640_firmwarepmc1000hqpm4650_firmwareqat3518sdr425_firmwaresmr526_firmwareipq8076aqpa5460pm640a_firmwarewgr7640_firmwareqdm2305_firmwareqpm5670_firmwaresd710_firmwareqca6428qdm5652qca6574au_firmwareqcn5164_firmwareipq8071qpm8870wcd9375_firmwareqpm5679qbt2000sa6155_firmwarewcd9360qca6438_firmwarepmx50_firmwareqpa8675_firmwarewhs9410_firmwaresdr735gqpa5460_firmwarewcn3999qdm3301_firmwarepm8996qsm7250ipq4029_firmwareqcs6125ipq6010sd662_firmwareqcs405rsw8577_firmwareqdm2308_firmwareqca6436wcn6851sa6155pqcs603_firmwareqpa6560sdr675_firmwarepmc7180wcd9341qdm4643_firmwareqca6431qet4100_firmwaresd750gwcn3910_firmwareqpm5657qpm5875_firmwarewsa8830_firmwaresd855_firmwareqdm5650wcn3988qca6438wtr3925sdr052sa8195p_firmwaresmb1390qca9898ipq4028qet4100mdm9640qpa8686_firmwareipq5018_firmwareqpm6585qca8337_firmwarewcd9380_firmwaresmb1355ipq8072aqln4650sdr735g_firmwarewgr7640ipq8076a_firmwareqat5568qdm5671_firmwareqet5100qca6564auqpa8801_firmwareqtm527_firmwarewcn6856_firmwarepm8005_firmwareqcn5164qet4101_firmwarepm7250bqln4642_firmwaresmb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwareqcn5054_firmwarepm8996_firmwareqet4200aq_firmwaresdx50m_firmwaresdr735smb1395pm660lsmr526qca8072_firmwarewtr5975qca6430_firmwarepmk8003qcn5052_firmwareqtc801s_firmwareqat3522_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqsw8573qcs605sd7cwcn3910qca6426_firmwarepm8350_firmwareqca9984qcn9024pm8009qpa8675qcn5550_firmwaresdr051_firmwaresdx55mipq8064_firmwarepm670aqca6421_firmwarewtr3905_firmwareqat3518_firmwareqsw8574pmi8998ar8031_firmwarepm855lwcn6851_firmwareqdm5670_firmwareipq8070pm7150a_firmwarepm8150b_firmwaresd_636_firmwarepmc1000h_firmwareqca6564a_firmwareqdm2310_firmwarepmd9645_firmwareqcn5121_firmwarepm670qdm5677pm8005ipq6018pm855_firmwareqdm2302sdxr1pm855b_firmwareapq8096auqca6595_firmwareqcs405_firmwareqpm6582_firmwareqpm6375_firmwarepm640l_firmwarepmi8996_firmwareqln4650_firmwareqpm5875qet5100msa8155psd675qet4101qat3516pm670lqpm5658ar8035_firmwareqpm5658_firmwareqcn5024_firmwarewcn3991_firmwareqdm5652_firmwarepmm8155au_firmwaresdr051qcn9070qln5030pm4125pmi632qpa2625_firmwarepm456sd7c_firmwarepm8350bh_firmwarecsra6620pmr735b_firmwareqet5100_firmwareqpm4621qcn9072qet6100_firmwarepm670l_firmwaresdr660gqfe2340sd765g_firmwareqpa8686ipq8069_firmwareqca6390_firmwareipq6000sd730_firmwarewcd9370qcn5152_firmwaresdr425pmr525_firmwareqca6584au_firmwareqcn9000_firmwareipq5018pmi632_firmwaresd_8cx_firmwareqcn7605qpm5541qat5516sd662qpa8821_firmwareqcn5124_firmwaresdr660g_firmwarepm8350bhpm3003aqca6595auwcn3999_firmwareqca6436_firmwaresmb1354ipq5010qca6564au_firmwareqdm2305sa6155p_firmwareqca6310qpm8820qpm2630qln5020_firmwareqca9990sdxr2_5gsmb1398sa6145p_firmwaresdr675sm6250sd712_firmwarewsa8810_firmwaresd765_firmwareqdm5677_firmwareqca8081qet4200aqipq8071aqca6174a_firmwareipq8071a_firmwarewcd9385qpm6325_firmwareqdm2302_firmwareqat3550_firmwarepmm8155auqln5040_firmwarepm4125_firmwarear8035csr8811qpa8673qca6694_firmwareqdm2310qfe2550_firmwareqcn9100_firmwareqln5030_firmwaresd820smb1396_firmwarewcn6850_firmwarewsa8835_firmwareqca6564aqet6110qln5040qca8072qpm8895sdr845qpm5670wcn3990qcn9000sd_675qtm527ar9380_firmwarepmk8350qcn9012pmc7180_firmwarepm8350bqdm2307_firmwarewsa8835qfe1035qpm5657_firmwaresd888_5gsm6250ppm855asdr660_firmwareipq4018qca6574asmb1390_firmwareqca9889qca6174aipq8074qca9994_firmwareqpm4640wcn6750qet5100m_firmwareipq8076_firmwareqpm4650qtm525wtr6955qfe3335sd855sm4125_firmwareipq8076wtr6955_firmwarepm640pqcn5021ipq8069qcn5152sd768g_firmwaresdr865_firmwarepm8250_firmwaresd460qca6391sdxr1_firmwaresmb1351ipq6005aqt1000_firmwareqcn9100qpm8895_firmwarepm660aqpa4340qfe1035_firmwaresdx50mpm640asdr8150smb1395_firmwareqdm4650sd_455pmd9655ipq8074_firmwareqca6574ausa8155p_firmwareqsw6310wcd9341_firmwareqcm6125wsa8810qtc410s_firmwareqpm2630_firmwareqat5568_firmwareqdm2308qat3550wtr4905_firmwarewcn6856qdm5679sd_8cipq6010_firmwarepm3003a_firmwareqca6696qtc800s_firmwaresmb1381_firmwaresd845_firmwareqpa2625sa6150pqcn9022_firmwareqpa8688_firmwareqca9990_firmwareipq8070aqcn9072_firmwaresm7250psd720g_firmwareipq8071_firmwareqcn9074_firmwareqpm4621_firmwareipq4029sd850pm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-12761
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.1||CRITICAL
EPSS-0.43% / 61.93%
||
7 Day CHG~0.00%
Published-09 May, 2020 | 17:21
Updated-04 Aug, 2024 | 12:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

modules/loaders/loader_ico.c in imlib2 1.6.0 has an integer overflow (with resultant invalid memory allocations and out-of-bounds reads) via an icon with many colors in its color map.

Action-Not Available
Vendor-enlightenmentn/a
Product-imlib2n/a
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-11171
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.37% / 58.01%
||
7 Day CHG~0.00%
Published-17 Mar, 2021 | 06:00
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100qfe2080fc_firmwareqca9377_firmwareqfs2580qpm5679_firmwaremdm9640_firmwaresm6250p_firmwarepmd9607_firmwareqfe4455fc_firmwareqca8337qfs2530qpm8870_firmwareqln1030pm6125qat5522_firmwarewcn3950_firmwarepm8150aqdm5670qca6595au_firmwareqpm5541_firmwarepm7150lqcc1110_firmwarepm8998_firmwareqpa8821sd_455_firmwarewtr5975_firmwareqcs6125_firmwarepm456_firmwareqpa5580_firmwaremsm8108sa415mwcn3998wcd9371_firmwaremsm8108_firmwarewcn3950sm4125sd720gmdm9206_firmwareqsw8573_firmwarewcn3660bsd450_firmwareqfe4320qsw8574_firmwaresd460_firmwaresmb2351_firmwarepm8953_firmwareqpa4360_firmwarewcn3998_firmwareqfe2520_firmwareapq8009w_firmwarepm855papq8053_firmwareqca6420pm6150awtr4605_firmwareqca9367_firmwaremdm8207pm660_firmwarepm8150bsa8155_firmwareqca4004_firmwareqfe2101qca6430qat3522qfe4455fcpmr735awcd9306_firmwarewcd9340sd765gsdr660msm8209_firmwaresdr865mdm9250_firmwareqdm5620_firmwaresmb1358qca6696_firmwareqln5020wcd9371sd870_firmwarepmm855au_firmwaresd_8cxqfe3340qdm5621qtc800sqca4004qat3514_firmwaresd660sd865_5g_firmwaresd712pm640p_firmwaresd660_firmwarewcn6750_firmwareqat5516_firmwarepm6150lsd450pm855l_firmwareqtc410swcn3991qpa8801sdm429wpm8150l_firmwareqat5533_firmwaresdx55m_firmwareqpa8673_firmwarepm6150smb1354_firmwaremsm8976_firmwareqca6574sd632_firmwaresd670_firmwareqpa8842sdr052_firmwarepmm8996auwcd9380qualcomm215qln4640qcs410qpm5579_firmwaresmb1380_firmwareqfe4309_firmwaresmb1381pm855p_firmwareqfe3100_firmwarepm7250qca9379_firmwarewtr4905qpa8803sdx24_firmwaresd439_firmwarepmd9645qdm2301wcd9340_firmwarewsa8815wcn6850qfe2101_firmwareqca6584_firmwareqdm2301_firmwaremsm8937_firmwareqdm5621_firmwareqpm6375sd_8c_firmwaresd835wcn3980_firmwaresd730qfe3320_firmwarepm660l_firmwarepm6250_firmwarear6003_firmwarepm8008qtm525_firmwarepme605_firmwarewtr1605l_firmwarepme605sd678_firmwareqpm5621_firmwareqln1021aq_firmwareqcs603rsw8577qpa6560_firmwareqpa8802_firmwareqln4640_firmwareqfe4308_firmwareqpm5621qpm6582sd670pm8009_firmwareapq8009wqfe4303qfs2580_firmwareqcm4290_firmwarepm8150lpmi8998_firmwareqcs610_firmwaresdr105pm660a_firmwarepm215pm4250qpm5577mdm8207_firmwaresdm630_firmwarewtr2965mdm9205_firmwareqca6391_firmwaresa2150ppmx20_firmwarepm8150pmi8937_firmwarewcd9370_firmwareqat3516_firmwaresdx55apq8053qat3555_firmwareqpa8803_firmwarewcn3660qca9379pm855bsmb2351qln1031pm8909mdm9150_firmwarepm660qet6110_firmwareqpm6325pm6125_firmwareqbt1500csrb31024mdm9628_firmwaremdm9650sd_636pmx24_firmwareqbt1500_firmwareqcs4290pmm855aumdm9250qca6420_firmwareapq8009_firmwarepm7150asd675_firmwareqpa4361_firmwareqca6426wcn3990_firmwareqca9377qpa5373_firmwaresdw2500_firmwarewcd9385_firmwareqdm5650_firmwareqpa4340_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwarewhs9410rgr7640au_firmwarewtr2955pm7250_firmwaresdr845_firmwareqdm5620qln1021aqsmb1380pmk8002_firmwareqsw6310_firmwaresa8155qca6584qln1031_firmwaresdx55_firmwareqat5533wcn3615sm7250p_firmwarewcn3610_firmwarepm8940mdm9207qsm7250_firmwarepm7150l_firmwarewcd9306qca6584aumsm8208qat5515_firmwarepm855qpm8830_firmwaresd429pm8250qca9367qfe2082fc_firmwaresdm630mdm9607_firmwaremdm9655_firmwaremsm8976sgqfs2530_firmwarepmx55sa415m_firmwarewcn3988_firmwaresd205sd429_firmwarepm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwarepm8953qat5515qca6694qpm5677qat3514wcd9326wcd9335pm8004_firmwaresdr8150_firmwareqcs4290_firmwarepm439qtc800h_firmwareqca6390wcd9375aqt1000msm8976sm6250_firmwareqln4642msm8917_firmwareqpm5677_firmwaresdx20_firmwarewsa8815_firmwarewtr3925_firmwarepmi8937pm8998sdw3100smr525_firmwareqpm8820_firmwareqfe4301_firmwareapq8017ar6003qln1020_firmwareqcm6125_firmwarepmx55_firmwarewtr2955_firmwareqbt1000_firmwareqfe4373fc_firmwaresd865_5gqca6595pm8150_firmwareqpm8830pmm8996au_firmwareqat5522pm8150csd665_firmwareqpa4360sc8180xqpa4361mdm9206qpm5577_firmwareqdm5679_firmwaresmr525qca6310_firmwareqfe4305_firmwarepm6150l_firmwarepmr525mdm9615pm8150a_firmwareqca6574_firmwareqln1036aq_firmwaresd665pm6150a_firmwarepm6150_firmwaresd765pmx20pmd9607qca6574a_firmwareqat3555sd850_firmwareapq8009qfe2082fcwtr2965_firmwarepm670_firmwarecsrb31024_firmwareqln1036aqqtc801spmi8940_firmwaresc8180x_firmwareqfe3320sd710mdm9607pm8008_firmwareqln1035bd_firmwarepmr735a_firmwarepmw3100pmx50pm8018sdr8250sd768gqln1030_firmwarepmw3100_firmwarepm8004pm640lmsm8940pmk8002apq8096au_firmwaresdw2500sd845mdm9615_firmwaresmb1357pmd9655au_firmwareqcs410_firmwareqpa5580pm8018_firmwareqpm5579qfe2550qcs610qdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqat3519qbt2000_firmwarepm855a_firmwareqtc800hsdr8250_firmwareqcs2290qca6335msm8917qln1020qcs605_firmwaresd_675_firmwarewtr3905qdm5671pmc1000hqpm4650_firmwareqat3518sd632sdr425_firmwaresmr526_firmwaremdm9628pm640a_firmwareqpa5460wgr7640_firmwareqdm2305_firmwareqpm5670_firmwaresd710_firmwareqca4020qdm5652qca6574au_firmwareqpm8870wcd9375_firmwareqpm5679qbt2000msm8909wwcd9360pmx50_firmwareqpa8675_firmwarewhs9410_firmwareqpa5460_firmwarepm8940_firmwareqdm3301_firmwareqsm7250qcs6125sd662_firmwareqcc1110smb1360qualcomm215_firmwareqfe3440fcqdm2308_firmwarersw8577_firmwarepm439_firmwareqca4020_firmwareqca6436wcn6851qcs603_firmwareqpa6560msm8937sdr675_firmwarewcn3660_firmwarewcd9341pmi8952mdm9655pm8937_firmwareqca6431qet4100_firmwareqfe4320_firmwarewcn3910_firmwaremdm9207_firmwaresd855_firmwareqdm5650wcn3988wtr3925qfe2080fcsdr052smb1390sdw3100_firmwaremsm8208_firmwareqet4100wcn3610msm8608mdm9640qpa8686_firmwareqpm6585qca8337_firmwaresda429w_firmwarewcd9380_firmwaresmb1355qln4650qtc800t_firmwarewcd9330msm8996au_firmwarewgr7640csr6030qet5100qdm5671_firmwareqpa8801_firmwareqca6564auqtm527_firmwarepm8005_firmwaremsm8940_firmwareqet4101_firmwarepm7250bqln4642_firmwaresmb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwareqet4200aq_firmwaresdx50m_firmwaresmb1395smb358spm660lsmb358s_firmwarear8151smr526wtr5975qca6430_firmwarewcd9335_firmwareqtc801s_firmwarewcn3980qat3522_firmwareqca6335_firmwareqsw8573qcs605qbt1000wcn3910qca6320mdm9650_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680qfe4309pm8009qpa8675sdr051_firmwarewcd9330_firmwaresdx55mqca6421_firmwarewtr3905_firmwareqfe4373fcmsm8953qat3518_firmwarepmi8998qfe2520qsw8574wcn3680_firmwarepm855lwcn6851_firmwareqdm5670_firmwarepm7150a_firmwarepm8150b_firmwareqfe4302sd_636_firmwarepmc1000h_firmwareqca6564a_firmwareqdm2310_firmwareqca6694au_firmwarepm4250_firmwaremsm8976sg_firmwaresdr105_firmwarepmd9645_firmwaresd870pm670sd210_firmwarewtr1605lqdm5677pm8005pm855_firmwareqdm2302sdxr1pm855b_firmwareapq8096auqca6595_firmwareqpm6582_firmwareqpm6375_firmwarepm640l_firmwareqln4650_firmwareqet5100msa8155psd675wtr4605sd439qet4101pm8952qat3516pm670lqpm5658ar8035_firmwareqcm2290qpm5658_firmwarewcn3991_firmwareqdm5652_firmwareqfe4465fcsd678sdr051qln5030qcs2290_firmwarepm4125pmi632qpa2625_firmwarepm456qfe2081fc_firmwaresmb1360_firmwareqet5100_firmwareqpa5373pm670l_firmwaresdr660gsd765g_firmwareqpa8686smb1358_firmwareqca6390_firmwaresd730_firmwarewcd9370sdr425pmr525_firmwareqca6584au_firmwareqfe3340_firmwarear8151_firmwarepmi632_firmwaresd_8cx_firmwareqpm5541qat5516smb358_firmwaresd662qpa8821_firmwareqfe4308sdr660g_firmwareapq8037pm3003aqca6320_firmwarewcn3680b_firmwareqca6595auqca6436_firmwareqtc800tsmb1354qca6564au_firmwareqdm2305qca6310qpm8820pm8937qpm2630qfe2081fcqln5020_firmwaresa515m_firmwaresdxr2_5gsdr675sm6250sd712_firmwareapq8017_firmwarewsa8810_firmwaresmb231sd765_firmwareqdm5677_firmwareqet4200aqqca6174a_firmwarewcd9385qpm6325_firmwareqdm2302_firmwareqat3550_firmwareqln5040_firmwarepm4125_firmwarear8035qpa8673qca6694_firmwareqdm2310qfe2550_firmwaremsm8953_firmwareqln5030_firmwareqca6694aupm8952_firmwaresda429wsd210wcn3620_firmwareqfe4302_firmwarewcn6850_firmwarewcn3620smb358csr6030_firmwareqca6564apmx24qet6110pmi8952_firmwareqcm2290_firmwareqln5040qpm8895sdr845qpm5670wcn3990sd_675qtm527qfe3440fc_firmwaresdx24qdm2307_firmwaremsm8909w_firmwaremsm8996ausdm429w_firmwarepmi8940sm6250prgr7640auqln1035bdpm855asdr660_firmwarepm8909_firmwareqca6574apm8916_firmwaresmb1390_firmwareqca6174aqfe4303_firmwarewcn6750pm8956_firmwareqet5100m_firmwareqpm4650mdm9205qtm525sa515msa2150p_firmwarewtr6955sd855sm4125_firmwareqfe4305wtr6955_firmwarepm640psd768g_firmwaresdr865_firmwaremsm8209qfe4465fc_firmwarepm8250_firmwaresd460qca6391sdxr1_firmwaresmb1351smb1357_firmwareaqt1000_firmwarepm215_firmwaremsm8920qpm8895_firmwarepm660aqpa4340qcm4290sdx50mpm640asdr8150sdx20pm8916pmd9655aumsm8920_firmwaresmb1395_firmwaresd_455pmd9655qca6574ausa8155p_firmwaresd205_firmwareqsw6310wcd9341_firmwareqcm6125wsa8810qtc410s_firmwareqpm2630_firmwaresmb231_firmwareqdm2308wtr4905_firmwareqat3550mdm9150qdm5679sd_8cwcn3680bsd835_firmwarepm3003a_firmwareqca6696qfe4301qtc800s_firmwaresmb1381_firmwaresd845_firmwaremsm8608_firmwareqpa2625apq8037_firmwaresm7250psd720g_firmwarepm8956sd850pm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-12740
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.1||CRITICAL
EPSS-0.51% / 65.52%
||
7 Day CHG~0.00%
Published-08 May, 2020 | 17:03
Updated-04 Aug, 2024 | 12:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

tcprewrite in Tcpreplay through 4.3.2 has a heap-based buffer over-read during a get_c operation. The issue is being triggered in the function get_ipv6_next() at common/get.c.

Action-Not Available
Vendor-n/aFedora ProjectBroadcom Inc.
Product-tcpreplayfedoran/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-25719
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.2||HIGH
EPSS-0.11% / 29.66%
||
7 Day CHG~0.00%
Published-19 Oct, 2022 | 00:00
Updated-09 May, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Information disclosure in WLAN due to improper length check while processing authentication handshake in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn9022wcn3660mdm9225_firmwareqcn5022_firmwaresd210_firmwarewcd9340_firmwaremsm8917_firmwarewcd9306_firmwareqcn6024sd439apq8084qca4004_firmwareipq8078apq8056_firmwaremdm9230_firmwaremdm9205_firmwareqca6174sdw2500sd210sd205_firmwareqcn5124msm8976sg_firmwareqcn5024wcn3980ipq8072a_firmwareqca1990_firmwaremsm8940_firmwareqcn9000ipq5028mdm9625mmsm8920_firmwareqcn9072apq8052wcn3620_firmwareqcn5052_firmwareipq5028_firmwarewcd9340qca1990qca6174a_firmwareqcn5122ipq8074a_firmwaremdm9630_firmwareipq8078a_firmwareapq8056ipq8076a_firmwareipq8070a_firmwareqcn6122wcn3999apq8017qcn5154wcd9326apq8009w_firmwareipq8076asdm429wipq8076sdw2500_firmwaremdm9205ipq8071a_firmwarewcn3680bwcn3680_firmwarequalcomm215_firmwareqet4101_firmwarewcn3660bwsa8810ipq6010pm8937csr8811_firmwaremsm8208_firmwarear8031apq8076csra6640msm8937_firmwarewcn3660_firmwareipq8071amsm8976_firmwaresdm429w_firmwaremdm9630mdm9635mqca4010_firmwareipq5018_firmwarewcn3999_firmwareqca4004qcn5122_firmwaremdm9235mipq8076_firmwareipq8174_firmwaresd439_firmwaremdm9225m_firmwareipq8173sda429wmsm8953qcn5152_firmwarewcn3610sd632ipq5018sd429_firmwarewcn3610_firmwarewcn3998wcd9335wsa8810_firmwaremsm8952wcd9335_firmwarewcn3998_firmwareipq6010_firmwaremdm9225wsa8815qcs405qcn6023ipq6028msm8209apq8076_firmwaremsm8608wcd9306qcn9074wcn3660b_firmwareqcn9024qcn5164qca4010ipq8072aqca9889_firmwareqcn5154_firmwareipq6018_firmwareqca4020_firmwareipq5010_firmwareipq8173_firmwaremsm8108msm8956msm8940apq8037_firmwaremsm8956_firmwarepm8937_firmwareapq8009sd429csra6640_firmwareipq6000msm8917qca6174aipq8074asd450qca9888_firmwarecsr8811msm8976sgqet4101qsw8573qca4020apq8037sd205apq8016_firmwaremsm8909w_firmwareqca4024_firmwareapq8009_firmwareqca8081sd632_firmwaremsm8208msm8108_firmwarecsra6620apq8009wqca9377qcn5164_firmwarewcn3620qcn5052qcn6024_firmwarewcn3615_firmwaremsm8209_firmwareqca8075_firmwareqca9379_firmwaremdm9225mmdm9330qca8075qcn5152qcn6122_firmwareqcn5024_firmwaremsm8909wwcn3680apq8016apq8084_firmwareqca6174_firmwaremdm9635m_firmwareipq5010qca4024qcn6023_firmwareqcn9022_firmwareapq8052_firmwareapq8017_firmwareapq8053msm8937qca9889qcn9074_firmwareqsw8573_firmwaresda429w_firmwareqcn9070msm8952_firmwareqcn5022wsa8815_firmwarewcn3980_firmwareipq8078amdm9625qcn9000_firmwareqca6164ipq6028_firmwaremsm8608_firmwareipq8174mdm9625m_firmwareqca9377_firmwareqcn5124_firmwareqcn9070_firmwareqca8081_firmwareqcn9072_firmwaremdm9625_firmwaremsm8976ipq8078_firmwaremdm9330_firmwaremsm8953_firmwareqcs405_firmwarear8031_firmwaremdm9230qcn9100_firmwarewcn3680b_firmwaremsm8920mdm9235m_firmwarecsra6620_firmwarequalcomm215ipq6018ipq8070aqca9379qcn9024_firmwarewcd9326_firmwareapq8053_firmwarewcn3615qcn6132_firmwareqcn9100sd450_firmwareqcn6132qca6164_firmwareipq6000_firmwareqca9888Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-11247
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.2||HIGH
EPSS-0.24% / 46.83%
||
7 Day CHG~0.00%
Published-07 Apr, 2021 | 07:55
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound memory read while unpacking data due to lack of offset length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qpm5679_firmwaresm6250p_firmwareqdm5579qfs2608_firmwareqfs2530qpm8870_firmwareqln1030pm6125qat5522_firmwarewcn3950_firmwarepm8150aqdm5670qca6595au_firmwareqpa5581_firmwaresa6155pm7150lqpa8821pm8998_firmwarewtr5975_firmwareqcs6125_firmwarepm456_firmwareqpa5580_firmwarewcn3998wcn3950sm4125sd720gqsw8573_firmwarewcn3660bsd450_firmwareqfe4320qsw8574_firmwaresd460_firmwarepm8953_firmwaresd6905gqpa4360_firmwarewcn3998_firmwareqfe2520_firmwarepm855pqca6420apq8053_firmwareapq8009w_firmwarepm6150aqpm6670_firmwarepm660_firmwarepm8150bsa8155_firmwareqfe2101qca6430qat3522pmr735awcd9340sd765gsdr660qfs2630_firmwaresdr865qdm5620_firmwaresmb1358smr545qca6696_firmwareqln5020sd870_firmwarepmm855au_firmwaresa8150ppm6350qdm5621qfe3340qtc800sqat3514_firmwaresd660sd660_firmwarewcn6750_firmwareqat5516_firmwarepm6150lsd450sd8885gpm855l_firmwareqtc410swcn3991qpa8801pm8150l_firmwareqat5533_firmwaresdx55m_firmwaresdxr25gqpa8673_firmwarepm6150smb1354_firmwaresd670_firmwareqca6574sd632_firmwareqfs2630qpa8842sdr052_firmwarewcd9380qualcomm215smb1380_firmwareqfe4309_firmwarepmk8350_firmwaresmb1381pm855p_firmwarepm7250wtr4905qpa8803sd439_firmwaresdxr25g_firmwareqdm2301wcd9340_firmwarewsa8815wcn6850qfe2101_firmwareqdm5621_firmwareqdm2301_firmwaremsm8937_firmwaresd835wcn3980_firmwaresd730pm660l_firmwarepm6250_firmwarewcn6740_firmwarepm8008pm8350b_firmwareqtm525_firmwaresd678_firmwareqpm5621_firmwarersw8577qpa6560_firmwareqpa8802_firmwareqln4640_firmwareqfe4308_firmwareqpm5621qpm6582sd670pm8009_firmwareapq8009wqfe4303qfs2580_firmwareqcm4290_firmwarepm8150lpmi8998_firmwaresa6145ppm660a_firmwarepm215wtr2965sdm630_firmwareqca6391_firmwarepmi8937_firmwarewcd9370_firmwareqat3516_firmwaresdx55apq8053pm8350bhsqat3555_firmwareqpa8803_firmwarepm855bqpm5870pm8909wsa8830pm660qet6110_firmwareqdm5579_firmwarepm6125_firmwareqbt1500qpa5581qbt1500_firmwareqpm5870_firmwareqcs4290qet6100pmm855auqca6420_firmwaresmb1394_firmwareapq8009_firmwaresmb1396pm7150asd675_firmwarepm8350qpa5461_firmwareqpa4361_firmwarepm8350c_firmwareqca6426wcn3990_firmwareqpm5641qpa5373_firmwarewcd9385_firmwareqdm5650_firmwareqpa4340_firmwarewcd9326_firmwarewcn3615_firmwarewtr2955pm7250_firmwareqdm5620smb1380pmk8002_firmwareqsw6310_firmwaresa8155qdm4650_firmwaresdx55_firmwarepmm6155au_firmwareqat5533wcn3615sm7250p_firmwarewcn3610_firmwarepm8940qpm6670qsm7250_firmwarepm7150l_firmwareqpm4641qat5515_firmwarepm855qpm8830_firmwaresd429pm8250sdm630qdm4643qfs2530_firmwarewcn3988_firmwarepmx55qpm4641_firmwaresd205sd429_firmwarepm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresa8195psdr735_firmwarepm8953qat5515qpm5677qat3514wcd9326wcd9335pm6350_firmwarepm8004_firmwaresdr8150_firmwareqcs4290_firmwarepm439qtc800h_firmwarepmk7350_firmwareqpm5620qpm4630qca6390wcd9375sd750g_firmwareaqt1000sm6250_firmwarepmm8195auqln4642msm8917_firmwareqpm5677_firmwarewsa8815_firmwarewtr3925_firmwarepmi8937pm8998pmk7350smr525_firmwareqpm8820_firmwareqfe4301_firmwareapq8017qln1020_firmwareqpm6621_firmwareqcm6125_firmwarepmx55_firmwarewtr2955_firmwareqfe4373fc_firmwareqca6595smb1398_firmwareqpm8830qat5522pm8150cpmr735bsd665_firmwareqpa4360pmk8003_firmwareqpa4361qpm4640_firmwareqdm5679_firmwarepm8350csmr525qca6310_firmwareqfe4305_firmwarepm6150l_firmwarepmr525pm8150a_firmwareqca6574_firmwaresd665pm6150a_firmwarepm6150_firmwaresd765qca6574a_firmwareqpm4630_firmwareqat3555apq8009qpa5461wtr2965_firmwareqfs2608qtc801sqpm5641_firmwaresd710pm8008_firmwareqpm6621pmr735a_firmwarepmx50sdr8250sd768gqln1030_firmwarewcn6740pm8004pmk8002msm8940sd845qpa5580qfe2550sa6150p_firmwareqpm5620_firmwareqdm2307qca6431_firmwareqpa8802qpm6585_firmwareqat3519qbt2000_firmwareqtc800hsa8150p_firmwareqcs2290sdr8250_firmwareqca6335msm8917qln1020smr546_firmwaresd_675_firmwareqdm5671qpm4650_firmwareqat3518sd632sdr425_firmwaresmr526_firmwarewgr7640_firmwareqdm2305_firmwareqpm5670_firmwaresd710_firmwareqdm5652qca6574au_firmwareqpm8870wcd9375_firmwareqpm5679qbt2000sa6155_firmwarepmx50_firmwareqpa8675_firmwaresdr735gpm8940_firmwareqdm3301_firmwareqsm7250qcs6125sd662_firmwarequalcomm215_firmwarersw8577_firmwareqdm2308_firmwarepm439_firmwareqca6436wcn6851sa6155pqpa6560msm8937sdr675_firmwarewcd9341pmi8952qdm4643_firmwarepm8937_firmwareqca6431sm7350_firmwareqet4100_firmwaresd750gqfe4320_firmwareqdm3302wcn3910_firmwareqpm5657qpm5875_firmwarewsa8830_firmwaresd855_firmwareqdm5650wcn3988wtr3925sdr052sa8195p_firmwaresmb1390qet4100wcn3610qpa8686_firmwareqpm6585wcd9380_firmwaresmb1355qln4650sdr735g_firmwarepm8350bhs_firmwarewgr7640qat5568qet5100qdm5671_firmwareqpa8801_firmwareqca6564auwcn6856_firmwarepm8005_firmwaremsm8940_firmwareqet4101_firmwarepm7250bqln4642_firmwaresmb1355_firmwarepm7250b_firmwaresmb1351_firmwaresdx50m_firmwaresdr735smb1395pm660lsmr526wtr5975qca6430_firmwarepmk8003qtc801s_firmwarewcd9335_firmwareqat3522_firmwarewcn3980pm7350c_firmwareqca6335_firmwareqsw8573wcn3910qca6320smb1394qca6426_firmwarepm8350_firmwarewcn3660b_firmwarewcn3680qfe4309pm8009qpa8675sdr051_firmwaresdx55mqca6421_firmwareqfe4373fcmsm8953qat3518_firmwarepmi8998qfe2520qsw8574sd6905g_firmwarewcn3680_firmwarepm855lwcn6851_firmwareqdm5670_firmwaresd8655gpm7150a_firmwarepm8150b_firmwareqfe4302smr545_firmwareqca6564a_firmwareqdm2310_firmwaresd870sd8885g_firmwaresd210_firmwareqdm5677pm8005pm855_firmwareqdm2302pmm6155ausdxr1pm855b_firmwareqca6595_firmwareqpm6582_firmwareqln4650_firmwareqpm5875qet5100msa8155psd675sd439qet4101qat3516qpm5658qcm2290qpm5658_firmwarewcn3991_firmwareqdm5652_firmwarepmm8155au_firmwaresd678sdr051qln5030qcs2290_firmwarepm4125pmi632qpa2625_firmwarepm456pm8350bh_firmwarepmr735b_firmwareqet5100_firmwareqpa5373qpm4621qet6100_firmwaresdr660gsd765g_firmwareqpa8686smb1358_firmwareqca6390_firmwaresd730_firmwarewcd9370sdr425pmr525_firmwareqfe3340_firmwarepmi632_firmwareqat5516sd662qpa8821_firmwareqfe4308sdr660g_firmwarepm8350bhapq8037pm3003aqca6320_firmwarewcn3680b_firmwareqca6595auqca6436_firmwaresm7350smb1354qca6564au_firmwareqdm2305sa6155p_firmwareqca6310qpm8820pm8937qpm2630qln5020_firmwaresmb1398sa6145p_firmwaresdr675sm6250apq8017_firmwarewsa8810_firmwaresd765_firmwareqdm5677_firmwarewcd9385qdm2302_firmwareqat3550_firmwarepmm8155auqln5040_firmwarepm4125_firmwareqpa8673qdm2310qfe2550_firmwaremsm8953_firmwareqln5030_firmwaresd210qfe4302_firmwaresmb1396_firmwarewcn6850_firmwarewsa8835_firmwareqca6564asmr546qet6110pmi8952_firmwareqcm2290_firmwareqln5040qpm8895qpm5670wcn3990sd_675pmk8350qdm3302_firmwarepm8350bqdm2307_firmwarewsa8835qpm5657_firmwaresm6250psdr660_firmwarepm8909_firmwareqca6574asmb1390_firmwareqfe4303_firmwareqpm4640wcn6750pm7350cqet5100m_firmwareqpm4650qtm525wtr6955sd855sm4125_firmwareqfe4305wtr6955_firmwaresd768g_firmwaresdr865_firmwarepm8250_firmwarepm6250sd460qca6391sdxr1_firmwaresmb1351aqt1000_firmwarepm215_firmwaremsm8920qpm8895_firmwarepm660aqpa4340qcm4290sdx50msdr8150msm8920_firmwareqdm4650smb1395_firmwareqca6574ausa8155p_firmwaresd205_firmwareqsw6310sd8655g_firmwarewcd9341_firmwareqcm6125wsa8810qtc410s_firmwareqpm2630_firmwareqat5568_firmwareqdm2308qat3550wtr4905_firmwarewcn6856qdm5679wcn3680bsd835_firmwarepm3003a_firmwareqca6696qfe4301qtc800s_firmwaresmb1381_firmwaresd845_firmwareqpa2625sa6150papq8037_firmwarepmm8195au_firmwaresm7250psd720g_firmwareqpm4621_firmwareqln4640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2014-3180
Matching Score-4
Assigner-Chrome
ShareView Details
Matching Score-4
Assigner-Chrome
CVSS Score-9.1||CRITICAL
EPSS-0.18% / 39.26%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 19:22
Updated-06 Aug, 2024 | 10:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In kernel/compat.c in the Linux kernel before 3.17, as used in Google Chrome OS and other products, there is a possible out-of-bounds read. restart_syscall uses uninitialized data when restarting compat_sys_nanosleep. NOTE: this is disputed because the code path is unreachable

Action-Not Available
Vendor-Google LLCLinux Kernel Organization, Inc
Product-linux_kernelchrome_oskernel
CWE ID-CWE-125
Out-of-bounds Read
CVE-2025-27891
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.1||CRITICAL
EPSS-0.06% / 18.38%
||
7 Day CHG~0.00%
Published-14 May, 2025 | 00:00
Updated-01 Jul, 2025 | 15:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds reads via malformed NAS packets.

Action-Not Available
Vendor-n/aSamsung
Product-exynos_1380_firmwareexynos_1480_firmwareexynos_modem_5400exynos_modem_5123_firmwareexynos_2200exynos_w920_firmwareexynos_2400exynos_modem_5300exynos_1330_firmwareexynos_990exynos_850_firmwareexynos_w930_firmwareexynos_980exynos_1280exynos_990_firmwareexynos_w1000_firmwareexynos_1080_firmwareexynos_1380exynos_2400_firmwareexynos_850exynos_1080exynos_w930exynos_2100exynos_1280_firmwareexynos_1330exynos_980_firmwareexynos_2200_firmwareexynos_modem_5123exynos_w920exynos_modem_5400_firmwareexynos_2100_firmwareexynos_1480exynos_modem_5300_firmwareexynos_w1000n/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-0339
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-9.1||CRITICAL
EPSS-0.12% / 32.08%
||
7 Day CHG~0.00%
Published-14 Oct, 2020 | 13:09
Updated-04 Aug, 2024 | 05:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a possible out of bounds read due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-162980705

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-25009
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.40% / 59.63%
||
7 Day CHG~0.00%
Published-21 May, 2021 | 16:22
Updated-05 Aug, 2024 | 12:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in GetLE16().

Action-Not Available
Vendor-webmprojectn/aRed Hat, Inc.
Product-libwebpenterprise_linuxlibwebp
CWE ID-CWE-125
Out-of-bounds Read
CVE-2014-1508
Matching Score-4
Assigner-Mozilla Corporation
ShareView Details
Matching Score-4
Assigner-Mozilla Corporation
CVSS Score-9.1||CRITICAL
EPSS-0.99% / 75.88%
||
7 Day CHG~0.00%
Published-19 Mar, 2014 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The libxul.so!gfxContext::Polygon function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process memory, cause a denial of service (out-of-bounds read and application crash), or possibly bypass the Same Origin Policy via vectors involving MathML polygon rendering.

Action-Not Available
Vendor-n/aMozilla CorporationopenSUSESUSERed Hat, Inc.Debian GNU/LinuxCanonical Ltd.
Product-enterprise_linux_serverenterprise_linux_eusfirefoxenterprise_linux_server_eusthunderbirdsuse_linux_enterprise_desktopdebian_linuxenterprise_linux_server_ausseamonkeyfirefox_esrenterprise_linux_desktopubuntu_linuxopensusesuse_linux_enterprise_serverenterprise_linux_server_tusenterprise_linux_workstationsuse_linux_enterprise_software_development_kitn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-0376
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-9.1||CRITICAL
EPSS-0.12% / 32.08%
||
7 Day CHG~0.00%
Published-14 Oct, 2020 | 13:10
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a possible out of bounds read due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-163003156

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-1587
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.15% / 35.62%
||
7 Day CHG~0.00%
Published-16 May, 2022 | 00:00
Updated-03 Aug, 2024 | 00:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds read vulnerability was discovered in the PCRE2 library in the get_recurse_data_length() function of the pcre2_jit_compile.c file. This issue affects recursions in JIT-compiled regular expressions caused by duplicate data transfers.

Action-Not Available
Vendor-pcren/aRed Hat, Inc.NetApp, Inc.Fedora Project
Product-h500senterprise_linuxactive_iq_unified_managerh300s_firmwareh410c_firmwareh410sh300ssolidfireontap_select_deploy_administration_utilityhci_management_nodeh410s_firmwarefedorah500s_firmwareh700s_firmwarepcre2h410ch700spcre2
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-23482
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.1||NONE
EPSS-0.13% / 32.99%
||
7 Day CHG~0.00%
Published-09 Dec, 2022 | 17:50
Updated-23 Apr, 2025 | 16:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-Bound Read in xrdp

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Read in xrdp_sec_process_mcs_data_CS_CORE() function. There are no known workarounds for this issue. Users are advised to upgrade.

Action-Not Available
Vendor-neutrinolabsneutrinolabsDebian GNU/Linux
Product-debian_linuxxrdpxrdp
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-23483
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.21% / 43.28%
||
7 Day CHG~0.00%
Published-09 Dec, 2022 | 17:50
Updated-23 Apr, 2025 | 16:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-Bound Read in libxrdp

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Read in libxrdp_send_to_channel() function. There are no known workarounds for this issue. Users are advised to upgrade.

Action-Not Available
Vendor-neutrinolabsneutrinolabsDebian GNU/Linux
Product-debian_linuxxrdpxrdp
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-23493
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.21% / 43.77%
||
7 Day CHG~0.00%
Published-09 Dec, 2022 | 17:48
Updated-23 Apr, 2025 | 16:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out of Bound Read in xrdp

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Read in xrdp_mm_trans_process_drdynvc_channel_close() function. There are no known workarounds for this issue. Users are advised to upgrade.

Action-Not Available
Vendor-neutrinolabsneutrinolabsDebian GNU/Linux
Product-debian_linuxxrdpxrdp
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-23097
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.1||CRITICAL
EPSS-0.09% / 27.22%
||
7 Day CHG~0.00%
Published-28 Jan, 2022 | 00:00
Updated-19 Nov, 2024 | 19:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the DNS proxy in Connman through 1.40. forward_dns_reply mishandles a strnlen call, leading to an out-of-bounds read.

Action-Not Available
Vendor-n/aIntel CorporationDebian GNU/Linux
Product-connmandebian_linuxn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-10610
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.24% / 46.83%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-04 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer over read when trying to process SDP message Video media line with frame-size attribute in video Media line in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8076, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9635m_firmwareapq8096_firmwaremdm9640_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632apq8096sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996aumdm9645sdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670qcs605_firmwareapq8076sc8180xmdm9206sdm670_firmwaresdx24_firmwareapq8076_firmwaresdm636sda845_firmwaremdm9635mapq8098mdm9615mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresdm660mdm9655_firmwaresc8180x_firmwaresdm710qm215sc7180_firmwaremdm9607mdm9645_firmwareapq8017_firmwaremdm9625_firmwaresdm710_firmwaremdm9150msm8937msm8905sm8150_firmwaremsm8909mdm9655apq8096ausdm439_firmwarerennellsc7180sdm630_firmwaresda660_firmwaremdm9625rennell_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaremdm9615_firmwaremsm8998sm8150sdx20_firmwaresdm850apq8017nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-21410
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-8.2||HIGH
EPSS-0.43% / 61.93%
||
7 Day CHG~0.00%
Published-18 Jun, 2021 | 21:00
Updated-03 Aug, 2024 | 18:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds read in the 6LoWPAN implementation

Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An out-of-bounds read can be triggered by 6LoWPAN packets sent to devices running Contiki-NG 4.6 and prior. The IPv6 header decompression function (<code>uncompress_hdr_iphc</code>) does not perform proper boundary checks when reading from the packet buffer. Hence, it is possible to construct a compressed 6LoWPAN packet that will read more bytes than what is available from the packet buffer. As of time of publication, there is not a release with a patch available. Users can apply the patch for this vulnerability out-of-band as a workaround.

Action-Not Available
Vendor-contiki-ngcontiki-ng
Product-contiki-ngcontiki-ng
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-25054
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.1||CRITICAL
EPSS-0.50% / 65.10%
||
7 Day CHG~0.00%
Published-31 Aug, 2020 | 20:24
Updated-04 Aug, 2024 | 15:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung mobile devices with software through 2020-04-02 (Exynos modem chipsets). There is a heap-based buffer over-read in the Shannon baseband. The Samsung ID is SVE-2020-17239 (August 2020).

Action-Not Available
Vendor-n/aSamsung
Product-exynosn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-24341
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.1||CRITICAL
EPSS-0.74% / 71.92%
||
7 Day CHG~0.00%
Published-11 Dec, 2020 | 22:55
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The TCP input data processing function in pico_tcp.c does not validate the length of incoming TCP packets, which leads to an out-of-bounds read when assembling received packets into a data segment, eventually causing Denial-of-Service or an information leak.

Action-Not Available
Vendor-altrann/a
Product-picotcppicotcp-ngn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2017-9053
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.1||CRITICAL
EPSS-0.43% / 61.71%
||
7 Day CHG~0.00%
Published-18 May, 2017 | 06:13
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue, also known as DW201703-005, was discovered in libdwarf 2017-03-21. A heap-based buffer over-read in _dwarf_read_loc_expr_op() is due to a failure to check a pointer for being in bounds (in a few places in this function).

Action-Not Available
Vendor-libdwarf_projectn/a
Product-libdwarfn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-24383
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.1||CRITICAL
EPSS-0.74% / 71.92%
||
7 Day CHG~0.00%
Published-11 Dec, 2020 | 22:56
Updated-04 Aug, 2024 | 15:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in FNET through 4.6.4. The code for processing resource records in mDNS queries doesn't check for proper '\0' termination of the resource record name string, leading to an out-of-bounds read, and potentially causing information leak or Denial-or-Service.

Action-Not Available
Vendor-butokn/a
Product-fnetn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-19751
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.1||CRITICAL
EPSS-0.52% / 65.68%
||
7 Day CHG~0.00%
Published-07 Sep, 2021 | 19:42
Updated-04 Aug, 2024 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in gpac 0.8.0. The gf_odf_del_ipmp_tool function in odf_code.c has a heap-based buffer over-read.

Action-Not Available
Vendor-n/aGPAC
Product-gpacn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-22062
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.2||HIGH
EPSS-0.11% / 30.79%
||
7 Day CHG~0.00%
Published-02 Sep, 2022 | 11:31
Updated-03 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds read can occur while parsing a server certificate due to improper length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresd_8cx_gen3_firmwaremdm9640_firmwaresm6250p_firmwareqcs610qca8337qca6431_firmwarewcd9360_firmwaresdx65mdm9645wcn3950_firmwaresc8180x\+sdx55qcs2290qca6595au_firmwaresa6155qca6335msm8917csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaresd632msm8108sa415mwcn3998wcd9371_firmwaremsm8108_firmwarewcn3950sm4125sd720gsd_8cx_gen2_firmwaremdm9206_firmwaremdm9628sd_8_gen1_5g_firmwarewcn3660bsd450_firmwareqsm8350_firmwaresd710_firmwareqsm8350sd460_firmwareqca4020sm7315_firmwarewcn7850qca6574au_firmwarewcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwaresdx12_firmwaremsm8909wapq8009w_firmwareqca6420apq8053_firmwarewcd9360sm7450_firmwaresd680_firmwareqca9367_firmwarewcn3999sd_8cx_gen2qrb5165_firmwareqrb5165m_firmwareqcs6125sa8155_firmwaresd662_firmwareqcs405qca6430wcd9340sd765gqualcomm215_firmwaresw5100sd680qca4020_firmwareqca6436wcn6851sa6155pqcs603_firmwarewcn7851_firmwaremsm8937msm8209_firmwaremdm9250_firmwarewcn3660_firmwarewcd9341pm8937_firmwareqca6696_firmwareqca6431wcd9371sd870_firmwaresd750gwcn3910_firmwaresd_8cxwsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwaresd712wcn3988sd660_firmwarewcn7850_firmwaresa8195p_firmwaresm8475msm8208_firmwareqcn7606_firmwarewcn6750_firmwaresd450wcn3610msm8608mdm9640wcn3991qca8337_firmwarewcd9380_firmwaresdm429wsw5100pmsm8996au_firmwarewcd9330qca6564ausdx55m_firmwarewcn6856_firmwaremsm8940_firmwaresd670_firmwareqca6574sd632_firmwarewcd9380qualcomm215qcs410ipq4019_firmwaresd690_5g_firmwaresdx50m_firmwareqca9379_firmwaresdx24_firmwareqca6174qca6430_firmwarewcd9335_firmwaresd439_firmwarewcn3980qca6335_firmwareqcs605wcd9340_firmwarewsa8815wcn6850sd7cwcn3910qca6320qca6584_firmwaremsm8937_firmwaremdm9650_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680sd695qca9984sd835wcn3980_firmwaresd730wcd9330_firmwaresdx55mqca6421_firmwaresm8475_firmwarewcn6740_firmwaremsm8953sd821_firmwaresd678_firmwarear8031_firmwarewcn3680_firmwareqrb5165wcn6851_firmwareqcs603sd670sd_636_firmwareqca6564a_firmwareapq8009wqcm4290_firmwaresd480sd870wcn6855qcn7605_firmwarewsa8832sw5100p_firmwaresd210_firmwareqcs610_firmwaresa6145psd695_firmwaresdxr1ar8031apq8096auqca6595_firmwareqcs405_firmwaresdm630_firmwaresd820_firmwareqca6391_firmwarewcd9370_firmwaresd780g_firmwaresdx55sd888_firmwareapq8053sa8155pcsra6640sd675sd439wcn3660sm8475p_firmwareqca9379ar8035_firmwareqcm2290qcn7606wcn3991_firmwaremdm9150_firmwarewsa8830sd678qcs2290_firmwaresd7c_firmwarecsrb31024mdm9628_firmwaremdm9650sd_636csra6620qcs4290mdm9250sd765g_firmwareqca6420_firmwareqca6390_firmwareapq8009_firmwaresd690_5gqca6174_firmwaresd730_firmwarewcd9370sd675_firmwareqca6564qca6426wcn3990_firmwareqrb5165n_firmwareqca9984_firmwareqca9377sdw2500_firmwaresd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwareqcn7605wcd9326_firmwarewcn3615_firmwaresd662apq8037sa8155qca6320_firmwareqca6584wcn3680b_firmwaresdx55_firmwarewcn3615qca6595auwcn3999_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwareqrb5165nqca6564au_firmwaresd778gsa6155p_firmwareqca6310msm8208pm8937wcn7851sd429sa515m_firmwareqcs6490sdxr2_5gqca9367sdm630mdm9607_firmwaresd821sa415m_firmwarewcn3988_firmwaresd429_firmwaresa6145p_firmwareqca6421sd778g_firmwaresm6250sd712_firmwaresa8195papq8017_firmwarewsa8810_firmwaresd765_firmwarewcd9326wcd9335qca8081qca6174a_firmwareqcs4290_firmwarewcd9385qcs6490_firmwaresd_8cx_gen3qca6390wcd9375sd750g_firmwareaqt1000ar8035ipq4019sc8180x\+sdx55_firmwaresm6250_firmwaremsm8953_firmwaremsm8917_firmwaresd210wcn3620_firmwaresdx20_firmwarewsa8815_firmwaresd888_5g_firmwaresd820qcm6490wcn6850_firmwarewsa8835_firmwarewcn3620sm7450apq8017qca6564aqcm6125_firmwareqcm2290_firmwarewcn3990sd_675sd780gsd865_5gqca6595sdx24sd888msm8909w_firmwarewsa8835msm8996ausdm429w_firmwaresd665_firmwaresd888_5gsm6250pqca6574amdm9206wcn6855_firmwareqca6174asm7325pqca6310_firmwarewcn6750sa515mqca6574_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665qca6175asd765qca6574a_firmwaresd768g_firmwaremsm8209qrb5165msd850_firmwaresm7315apq8009sd460qca6391sdxr1_firmwareaqt1000_firmwaremsm8920sdx65_firmwaremdm9626qcm4290csrb31024_firmwareqcm6490_firmwarewsa8832_firmwaresdx50msdx20sd480_firmwaremsm8920_firmwaremdm9626_firmwareqca6574ausd710sa8155p_firmwaremdm9607mdm9645_firmwarewcd9341_firmwareqcm6125wsa8810mdm9150wcn6856wcn3680bsd835_firmwareqca6564_firmwaresd768gwcn6740qca6696sd845_firmwaremsm8608_firmwaresdw2500msm8940apq8096au_firmwaresd845apq8037_firmwaresm7250psd720g_firmwaresdx12sw5100_firmwareqcs410_firmwareqca6175a_firmwaresd850sm8475pSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-17467
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.1||CRITICAL
EPSS-0.76% / 72.38%
||
7 Day CHG~0.00%
Published-11 Dec, 2020 | 22:36
Updated-04 Aug, 2024 | 13:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in FNET through 4.6.4. The code for processing the hostname from an LLMNR request doesn't check for '\0' termination. Therefore, the deduced length of the hostname doesn't reflect the correct length of the actual data. This may lead to Information Disclosure in _fnet_llmnr_poll in fnet_llmnr.c during a response to a malicious request of the DNS class IN.

Action-Not Available
Vendor-butokn/a
Product-fnetn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-21723
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.31% / 53.34%
||
7 Day CHG~0.00%
Published-27 Jan, 2022 | 00:00
Updated-23 Apr, 2025 | 19:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds read in multipart parsing in PJSIP

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions 2.11.1 and prior, parsing an incoming SIP message that contains a malformed multipart can potentially cause out-of-bound read access. This issue affects all PJSIP users that accept SIP multipart. The patch is available as commit in the `master` branch. There are no known workarounds.

Action-Not Available
Vendor-teluupjsipSangoma Technologies Corp.AsteriskDebian GNU/Linux
Product-certified_asteriskasteriskdebian_linuxpjsippjproject
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-16159
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.1||CRITICAL
EPSS-0.41% / 60.64%
||
7 Day CHG~0.00%
Published-19 Oct, 2020 | 17:48
Updated-04 Aug, 2024 | 13:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

GoPro gpmf-parser 1.5 has a heap out-of-bounds read and segfault in GPMF_ScaledData(). Parsing malicious input can result in a crash or information disclosure.

Action-Not Available
Vendor-gopron/a
Product-gpmf-parsern/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-17441
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.1||CRITICAL
EPSS-0.74% / 71.92%
||
7 Day CHG~0.00%
Published-11 Dec, 2020 | 22:29
Updated-04 Aug, 2024 | 13:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in picoTCP 1.7.0. The code for processing the IPv6 headers does not validate whether the IPv6 payload length field is equal to the actual size of the payload, which leads to an Out-of-Bounds read during the ICMPv6 checksum calculation, resulting in either Denial-of-Service or Information Disclosure. This affects pico_ipv6_extension_headers and pico_checksum_adder (in pico_ipv6.c and pico_frame.c).

Action-Not Available
Vendor-microchipaltrann/a
Product-mplab_harmonypicotcpn/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-21722
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.23% / 46.06%
||
7 Day CHG~0.00%
Published-27 Jan, 2022 | 00:00
Updated-23 Apr, 2025 | 19:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Potential out-of-bound read during RTP/RTCP parsing in PJSIP

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In version 2.11.1 and prior, there are various cases where it is possible that certain incoming RTP/RTCP packets can potentially cause out-of-bound read access. This issue affects all users that use PJMEDIA and accept incoming RTP/RTCP. A patch is available as a commit in the `master` branch. There are no known workarounds.

Action-Not Available
Vendor-teluupjsipDebian GNU/Linux
Product-debian_linuxpjsippjproject
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-15473
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.1||CRITICAL
EPSS-0.43% / 61.93%
||
7 Day CHG~0.00%
Published-01 Jul, 2020 | 10:54
Updated-04 Aug, 2024 | 13:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In nDPI through 3.2, the OpenVPN dissector is vulnerable to a heap-based buffer over-read in ndpi_search_openvpn in lib/protocols/openvpn.c.

Action-Not Available
Vendor-ntopn/a
Product-ndpin/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-15471
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.1||CRITICAL
EPSS-0.56% / 67.24%
||
7 Day CHG~0.00%
Published-01 Jul, 2020 | 10:54
Updated-04 Aug, 2024 | 13:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In nDPI through 3.2, the packet parsing code is vulnerable to a heap-based buffer over-read in ndpi_parse_packet_line_info in lib/ndpi_main.c.

Action-Not Available
Vendor-ntopn/a
Product-ndpin/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-15472
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.1||CRITICAL
EPSS-0.29% / 51.97%
||
7 Day CHG~0.00%
Published-01 Jul, 2020 | 10:54
Updated-04 Aug, 2024 | 13:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In nDPI through 3.2, the H.323 dissector is vulnerable to a heap-based buffer over-read in ndpi_search_h323 in lib/protocols/h323.c, as demonstrated by a payload packet length that is too short.

Action-Not Available
Vendor-ntopn/aDebian GNU/Linux
Product-debian_linuxndpin/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-3670
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.32% / 54.40%
||
7 Day CHG~0.00%
Published-02 Nov, 2020 | 06:21
Updated-04 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Potential out of bounds read while processing downlink NAS transport message due to improper length check of Information Element(IEI) NAS message container' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in Agatti, APQ8053, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909W, MSM8917, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCM6125, QCS605, QCS610, QM215, Rennell, SA415M, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwarekamorta_firmwaremdm9635m_firmwaremdm9640_firmwareqcm2150_firmwareqcs610sdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwareagatti_firmwaremdm9645msm8996ausdm429w_firmwaresm7150msm8917sdm670qcs605_firmwaresc8180xmdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwaresa415mmdm9635mapq8098mdm9205mdm9206_firmwareqcs605sdm429_firmwaremdm9650_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8053_firmwareagattisda845nicobarsdm850_firmwaremsm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150sdm660sdm630mdm9655_firmwaresc8180x_firmwaresa415m_firmwaresdm710qm215sc7180_firmwaremdm9645_firmwaremdm9625_firmwaresdm710_firmwareqcm6125qcs610_firmwaremdm9150msm8905sm8150_firmwaremdm9655apq8096ausdm439_firmwarerennellsc7180sdm630_firmwaremdm9205_firmwaresda660_firmwaremdm9625rennell_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940saipan_firmwaresm6150_firmwareapq8053msm8917_firmwareapq8096au_firmwaremsm8998sm8150sdx20_firmwaresdm850kamortasaipannicobar_firmwaresdm660_firmwareqcm6125_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-35859
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.1||CRITICAL
EPSS-0.43% / 61.93%
||
7 Day CHG~0.00%
Published-31 Dec, 2020 | 08:30
Updated-04 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the lucet-runtime-internals crate before 0.5.1 for Rust. It mishandles sigstack allocation. Guest programs may be able to obtain sensitive information, or guest programs can experience memory corruption.

Action-Not Available
Vendor-lucet-runtime-internals_projectn/a
Product-lucet-runtime-internalsn/a
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CVE-2020-29657
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-9.1||CRITICAL
EPSS-0.47% / 63.54%
||
7 Day CHG~0.00%
Published-09 Dec, 2020 | 08:06
Updated-04 Aug, 2024 | 16:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In JerryScript 2.3.0, there is an out-of-bounds read in main_print_unhandled_exception in the main-utils.c file.

Action-Not Available
Vendor-jerryscriptn/a
Product-jerryscriptn/a
CWE ID-CWE-125
Out-of-bounds Read
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • Next
Details not found