Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-21465

Summary
Assigner-qualcomm
Assigner Org ID-2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At-06 Aug, 2025 | 07:25
Updated At-06 Aug, 2025 | 19:26
Rejected At-
Credits

Out-of-bounds Read in Core

Information disclosure while processing the hash segment in an MBN file.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:qualcomm
Assigner Org ID:2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At:06 Aug, 2025 | 07:25
Updated At:06 Aug, 2025 | 19:26
Rejected At:
â–¼CVE Numbering Authority (CNA)
Out-of-bounds Read in Core

Information disclosure while processing the hash segment in an MBN file.

Affected Products
Vendor
Qualcomm Technologies, Inc.Qualcomm, Inc.
Product
Snapdragon
Platforms
  • Snapdragon Auto
  • Snapdragon CCW
  • Snapdragon Compute
  • Snapdragon Connectivity
  • Snapdragon Consumer IOT
  • Snapdragon Industrial IOT
  • Snapdragon MC
  • Snapdragon MDM
  • Snapdragon Mobile
  • Snapdragon Technology
  • Snapdragon Voice & Music
  • Snapdragon WBC
  • Snapdragon Wearables
  • Snapdragon Wired Infrastructure and Networking
Default Status
unaffected
Versions
Affected
  • 315 5G IoT Modem
  • 9205 LTE Modem
  • AQT1000
  • AR8031
  • AR8035
  • C-V2X 9150
  • CSR8811
  • CSRA6620
  • CSRA6640
  • CSRB31024
  • FastConnect 6200
  • FastConnect 6700
  • FastConnect 6800
  • FastConnect 6900
  • FastConnect 7800
  • Flight RB5 5G Platform
  • Immersive Home 3210 Platform
  • Immersive Home 326 Platform
  • IPQ5300
  • IPQ5302
  • IPQ5312
  • IPQ5332
  • IPQ6000
  • IPQ6005
  • IPQ6010
  • IPQ6018
  • IPQ6028
  • IPQ9008
  • IPQ9048
  • IPQ9554
  • IPQ9570
  • IPQ9574
  • MDM9205S
  • QAM8255P
  • QAM8295P
  • QAM8620P
  • QAM8650P
  • QAM8775P
  • QAMSRV1H
  • QAMSRV1M
  • QCA0000
  • QCA4004
  • QCA4024
  • QCA6174A
  • QCA6310
  • QCA6335
  • QCA6391
  • QCA6420
  • QCA6421
  • QCA6426
  • QCA6430
  • QCA6431
  • QCA6436
  • QCA6564
  • QCA6564A
  • QCA6564AU
  • QCA6574
  • QCA6574A
  • QCA6574AU
  • QCA6584AU
  • QCA6595
  • QCA6595AU
  • QCA6678AQ
  • QCA6688AQ
  • QCA6696
  • QCA6698AQ
  • QCA6797AQ
  • QCA8072
  • QCA8075
  • QCA8081
  • QCA8082
  • QCA8084
  • QCA8085
  • QCA8337
  • QCA8386
  • QCA9377
  • QCA9984
  • QCC710
  • QCC711
  • QCC7225
  • QCC7226
  • QCC7228
  • QCF8000
  • QCF8000SFP
  • QCF8001
  • QCM2290
  • QCM4290
  • QCM4325
  • QCM4490
  • QCM5430
  • QCM6125
  • QCM6490
  • QCM8550
  • QCN5021
  • QCN5022
  • QCN5052
  • QCN5121
  • QCN5122
  • QCN5124
  • QCN5152
  • QCN6023
  • QCN6024
  • QCN6224
  • QCN6274
  • QCN6402
  • QCN6412
  • QCN6422
  • QCN6432
  • QCN7606
  • QCN9000
  • QCN9011
  • QCN9012
  • QCN9013
  • QCN9022
  • QCN9024
  • QCN9070
  • QCN9072
  • QCN9074
  • QCN9160
  • QCN9274
  • QCS2290
  • QCS410
  • QCS4290
  • QCS4490
  • QCS5430
  • QCS610
  • QCS6125
  • QCS6490
  • QCS7230
  • QCS8155
  • QCS8250
  • QCS8300
  • QCS8550
  • QCS9100
  • QDU1000
  • QDU1010
  • QDU1110
  • QDU1210
  • QDX1010
  • QDX1011
  • QEP8111
  • QFW7114
  • QFW7124
  • QRB5165M
  • QRB5165N
  • QRU1032
  • QRU1052
  • QRU1062
  • QSM8250
  • QSM8350
  • QTS110
  • Qualcomm Video Collaboration VC1 Platform
  • Qualcomm Video Collaboration VC3 Platform
  • Qualcomm Video Collaboration VC5 Platform
  • QXM8083
  • Robotics RB2 Platform
  • Robotics RB3 Platform
  • Robotics RB5 Platform
  • SA2150P
  • SA4150P
  • SA4155P
  • SA6145P
  • SA6150P
  • SA6155
  • SA6155P
  • SA7255P
  • SA7775P
  • SA8145P
  • SA8150P
  • SA8155
  • SA8155P
  • SA8195P
  • SA8255P
  • SA8295P
  • SA8530P
  • SA8540P
  • SA8620P
  • SA8650P
  • SA8770P
  • SA8775P
  • SA9000P
  • SC8180X+SDX55
  • SC8380XP
  • SD 675
  • SD 8 Gen1 5G
  • SD 8CX
  • SD460
  • SD662
  • SD670
  • SD675
  • SD730
  • SD855
  • SD865 5G
  • SD888
  • SDX55
  • SDX57M
  • SDX61
  • SDX65M
  • SDX71M
  • SDX80M
  • SG4150P
  • SG8275P
  • SM4125
  • SM4635
  • SM6250
  • SM6250P
  • SM6370
  • SM6650
  • SM7250P
  • SM7315
  • SM7325P
  • SM7635
  • SM7675
  • SM7675P
  • SM8550P
  • SM8635
  • SM8635P
  • SM8750
  • SM8750P
  • Smart Audio 400 Platform
  • Snapdragon 4 Gen 1 Mobile Platform
  • Snapdragon 4 Gen 2 Mobile Platform
  • Snapdragon 460 Mobile Platform
  • Snapdragon 480 5G Mobile Platform
  • Snapdragon 480+ 5G Mobile Platform (SM4350-AC)
  • Snapdragon 662 Mobile Platform
  • Snapdragon 665 Mobile Platform
  • Snapdragon 670 Mobile Platform
  • Snapdragon 675 Mobile Platform
  • Snapdragon 678 Mobile Platform (SM6150-AC)
  • Snapdragon 680 4G Mobile Platform
  • Snapdragon 685 4G Mobile Platform (SM6225-AD)
  • Snapdragon 690 5G Mobile Platform
  • Snapdragon 695 5G Mobile Platform
  • Snapdragon 710 Mobile Platform
  • Snapdragon 712 Mobile Platform
  • Snapdragon 720G Mobile Platform
  • Snapdragon 730 Mobile Platform (SM7150-AA)
  • Snapdragon 730G Mobile Platform (SM7150-AB)
  • Snapdragon 732G Mobile Platform (SM7150-AC)
  • Snapdragon 750G 5G Mobile Platform
  • Snapdragon 765 5G Mobile Platform (SM7250-AA)
  • Snapdragon 765G 5G Mobile Platform (SM7250-AB)
  • Snapdragon 768G 5G Mobile Platform (SM7250-AC)
  • Snapdragon 778G 5G Mobile Platform
  • Snapdragon 778G+ 5G Mobile Platform (SM7325-AE)
  • Snapdragon 780G 5G Mobile Platform
  • Snapdragon 782G Mobile Platform (SM7325-AF)
  • Snapdragon 7c Compute Platform (SC7180-AC)
  • Snapdragon 7c Gen 2 Compute Platform (SC7180-AD) "Rennell Pro"
  • Snapdragon 7c+ Gen 3 Compute
  • Snapdragon 8 Gen 1 Mobile Platform
  • Snapdragon 8 Gen 2 Mobile Platform
  • Snapdragon 8 Gen 3 Mobile Platform
  • Snapdragon 8+ Gen 1 Mobile Platform
  • Snapdragon 8+ Gen 2 Mobile Platform
  • Snapdragon 845 Mobile Platform
  • Snapdragon 850 Mobile Compute Platform
  • Snapdragon 855 Mobile Platform
  • Snapdragon 855+/860 Mobile Platform (SM8150-AC)
  • Snapdragon 865 5G Mobile Platform
  • Snapdragon 865+ 5G Mobile Platform (SM8250-AB)
  • Snapdragon 870 5G Mobile Platform (SM8250-AC)
  • Snapdragon 888 5G Mobile Platform
  • Snapdragon 888+ 5G Mobile Platform (SM8350-AC)
  • Snapdragon 8c Compute Platform (SC8180X-AD) "Poipu Lite"
  • Snapdragon 8c Compute Platform (SC8180XP-AD) "Poipu Lite"
  • Snapdragon 8cx Compute Platform (SC8180X-AA, AB)
  • Snapdragon 8cx Compute Platform (SC8180XP-AC, AF) "Poipu Pro"
  • Snapdragon 8cx Gen 2 5G Compute Platform (SC8180X-AC, AF) "Poipu Pro"
  • Snapdragon 8cx Gen 2 5G Compute Platform (SC8180XP-AA, AB)
  • Snapdragon 8cx Gen 3 Compute Platform (SC8280XP-AB, BB)
  • Snapdragon AR1 Gen 1 Platform
  • Snapdragon AR1 Gen 1 Platform "Luna1"
  • Snapdragon AR2 Gen 1 Platform
  • Snapdragon Auto 5G Modem-RF
  • Snapdragon Auto 5G Modem-RF Gen 2
  • Snapdragon W5+ Gen 1 Wearable Platform
  • Snapdragon Wear 1300 Platform
  • Snapdragon X24 LTE Modem
  • Snapdragon X35 5G Modem-RF System
  • Snapdragon X50 5G Modem-RF System
  • Snapdragon X55 5G Modem-RF System
  • Snapdragon X62 5G Modem-RF System
  • Snapdragon X65 5G Modem-RF System
  • Snapdragon X70 Modem-RF System
  • Snapdragon X72 5G Modem-RF System
  • Snapdragon X75 5G Modem-RF System
  • Snapdragon XR1 Platform
  • Snapdragon XR2 5G Platform
  • Snapdragon XR2+ Gen 1 Platform
  • Snapdragon Auto 4G Modem
  • SRV1H
  • SRV1L
  • SRV1M
  • SSG2115P
  • SSG2125P
  • SW5100
  • SW5100P
  • SXR1120
  • SXR1230P
  • SXR2130
  • SXR2230P
  • SXR2250P
  • SXR2330P
  • TalynPlus
  • Vision Intelligence 300 Platform
  • Vision Intelligence 400 Platform
  • WCD9306
  • WCD9326
  • WCD9335
  • WCD9340
  • WCD9341
  • WCD9360
  • WCD9370
  • WCD9371
  • WCD9375
  • WCD9378
  • WCD9380
  • WCD9385
  • WCD9390
  • WCD9395
  • WCN3910
  • WCN3950
  • WCN3980
  • WCN3988
  • WCN3990
  • WCN3999
  • WCN6450
  • WCN6650
  • WCN6740
  • WCN6755
  • WCN7860
  • WCN7861
  • WCN7880
  • WCN7881
  • WSA8810
  • WSA8815
  • WSA8830
  • WSA8832
  • WSA8835
  • WSA8840
  • WSA8845
  • WSA8845H
Problem Types
TypeCWE IDDescription
CWECWE-125CWE-125: Out-of-bounds Read
Type: CWE
CWE ID: CWE-125
Description: CWE-125: Out-of-bounds Read
Metrics
VersionBase scoreBase severityVector
3.16.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2025-bulletin.html
N/A
Hyperlink: https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2025-bulletin.html
Resource: N/A
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:product-security@qualcomm.com
Published At:06 Aug, 2025 | 08:15
Updated At:28 Nov, 2025 | 16:25

Information disclosure while processing the hash segment in an MBN file.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.16.5MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Type: Primary
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
CPE Matches
Qualcomm Technologies, Inc.
qualcomm
>>315_5g_iot_modem_firmware>>-
cpe:2.3:o:qualcomm:315_5g_iot_modem_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>315_5g_iot_modem>>-
cpe:2.3:h:qualcomm:315_5g_iot_modem:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>9205_lte_modem_firmware>>-
cpe:2.3:o:qualcomm:9205_lte_modem_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>9205_lte_modem>>-
cpe:2.3:h:qualcomm:9205_lte_modem:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>aqt1000_firmware>>-
cpe:2.3:o:qualcomm:aqt1000_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>aqt1000>>-
cpe:2.3:h:qualcomm:aqt1000:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>ar8031_firmware>>-
cpe:2.3:o:qualcomm:ar8031_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>ar8031>>-
cpe:2.3:h:qualcomm:ar8031:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>ar8035_firmware>>-
cpe:2.3:o:qualcomm:ar8035_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>ar8035>>-
cpe:2.3:h:qualcomm:ar8035:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcm2290_firmware>>-
cpe:2.3:o:qualcomm:qcm2290_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcm2290>>-
cpe:2.3:h:qualcomm:qcm2290:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcm4290_firmware>>-
cpe:2.3:o:qualcomm:qcm4290_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcm4290>>-
cpe:2.3:h:qualcomm:qcm4290:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcm4325_firmware>>-
cpe:2.3:o:qualcomm:qcm4325_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcm4325>>-
cpe:2.3:h:qualcomm:qcm4325:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcm4490_firmware>>-
cpe:2.3:o:qualcomm:qcm4490_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcm4490>>-
cpe:2.3:h:qualcomm:qcm4490:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcm5430_firmware>>-
cpe:2.3:o:qualcomm:qcm5430_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcm5430>>-
cpe:2.3:h:qualcomm:qcm5430:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcm6125_firmware>>-
cpe:2.3:o:qualcomm:qcm6125_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcm6125>>-
cpe:2.3:h:qualcomm:qcm6125:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcm6490_firmware>>-
cpe:2.3:o:qualcomm:qcm6490_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcm6490>>-
cpe:2.3:h:qualcomm:qcm6490:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcm8550_firmware>>-
cpe:2.3:o:qualcomm:qcm8550_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcm8550>>-
cpe:2.3:h:qualcomm:qcm8550:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcn5021_firmware>>-
cpe:2.3:o:qualcomm:qcn5021_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcn5021>>-
cpe:2.3:h:qualcomm:qcn5021:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcn5022_firmware>>-
cpe:2.3:o:qualcomm:qcn5022_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcn5022>>-
cpe:2.3:h:qualcomm:qcn5022:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcn5052_firmware>>-
cpe:2.3:o:qualcomm:qcn5052_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcn5052>>-
cpe:2.3:h:qualcomm:qcn5052:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcn5121_firmware>>-
cpe:2.3:o:qualcomm:qcn5121_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcn5121>>-
cpe:2.3:h:qualcomm:qcn5121:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcn5122_firmware>>-
cpe:2.3:o:qualcomm:qcn5122_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcn5122>>-
cpe:2.3:h:qualcomm:qcn5122:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcn5124_firmware>>-
cpe:2.3:o:qualcomm:qcn5124_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcn5124>>-
cpe:2.3:h:qualcomm:qcn5124:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcn5152_firmware>>-
cpe:2.3:o:qualcomm:qcn5152_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcn5152>>-
cpe:2.3:h:qualcomm:qcn5152:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcn6023_firmware>>-
cpe:2.3:o:qualcomm:qcn6023_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcn6023>>-
cpe:2.3:h:qualcomm:qcn6023:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcn6024_firmware>>-
cpe:2.3:o:qualcomm:qcn6024_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcn6024>>-
cpe:2.3:h:qualcomm:qcn6024:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcn6224_firmware>>-
cpe:2.3:o:qualcomm:qcn6224_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcn6224>>-
cpe:2.3:h:qualcomm:qcn6224:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcn6274_firmware>>-
cpe:2.3:o:qualcomm:qcn6274_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcn6274>>-
cpe:2.3:h:qualcomm:qcn6274:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcn6402_firmware>>-
cpe:2.3:o:qualcomm:qcn6402_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qcn6402>>-
cpe:2.3:h:qualcomm:qcn6402:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-125Primaryproduct-security@qualcomm.com
CWE ID: CWE-125
Type: Primary
Source: product-security@qualcomm.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2025-bulletin.htmlproduct-security@qualcomm.com
Vendor Advisory
Hyperlink: https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2025-bulletin.html
Source: product-security@qualcomm.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

377Records found
CVE-2024-45558
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.27% / 50.04%
||
7 Day CHG+0.08%
Published-06 Jan, 2025 | 10:33
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Host Cmn

Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm8550_firmwareimmersive_home_214qcs410_firmwarewcn6650ipq9574qcn9000_firmwareqca6595qcn9022qcs610_firmwareipq6028_firmwarewcd9370qca8081_firmwareqca6696qam8620p_firmwarewcn7880_firmwarewcd9340_firmwaresa8530pwcd9341_firmwareipq5028_firmwarewcd9395_firmwaresxr2330p_firmwareqcn6024wcn7881_firmwarewcn6450qcc2073_firmwareqcc710_firmwareipq8076fastconnect_6700qcn6422_firmwareipq6018_firmwareqcn6023qcn5124_firmwarewsa8832_firmwareqca8337wcd9395ipq9048ipq6000qca6574au_firmwareipq8078asnapdragon_x72_5g_modem-rfipq8078a_firmwareqam8295pwcd9341ipq5312qca6574auwcd9390sa8620p_firmwarewsa8810_firmwarewsa8845h_firmwaresa9000p_firmwaresrv1hqcn9100_firmwareqcn5122qcs9100qca6554aqcs5430wcn7860qcn6024_firmwareqcm5430qcm5430_firmwarevideo_collaboration_vc1_platform_firmwaresa8770pqcn9000qcc710qcn6132_firmwaresa8540pqca6777aqfastconnect_6900qcn6402qcn6432video_collaboration_vc1_platformimmersive_home_326_firmwareipq5332_firmwaresa7255psm8635qcn5052qfw7114wcd9385_firmwareipq9574_firmwareqam8255p_firmwareipq8074a_firmwareipq8076aqcn5164snapdragon_x65_5g_modem-rfqca6787aqwsa8845sa6155pqcn9160qca6564au_firmwarecsr8811_firmwarewsa8810qca8075qam8650psa9000pqca8085srv1h_firmwareqca6595ausxr2250p_firmwaresa6155p_firmwarewsa8840srv1m_firmwareqcs8550_firmwaresnapdragon_8_gen_2_mobile_firmwareqfw7124_firmwaresm8750pqcn9012ipq8070a_firmwareqcn9070qcf8001qca8084sm8635psnapdragon_8_gen_2_mobilesdx65mwcd9370_firmwareqcc2076sa7255p_firmwareqca6574asnapdragon_x72_5g_modem-rf_firmwareipq9570snapdragon_8\+_gen_2_mobilesa8195pwcd9340snapdragon_auto_5g_modem-rf_gen_2qcm6490ipq5302sa8540p_firmwareqcn6122_firmwareqcn5154_firmwareipq9048_firmwaresm8550p_firmwaresxr2250pqcm8550wcn3988qcn5122_firmwareqcn9274qcn9024ipq8076a_firmwaresa8775pqca6574ipq9570_firmwaresxr2230p_firmwareqca6777aq_firmwaresa8775p_firmwareqamsrv1hqcn6412_firmwareqcn9024_firmwarewsa8845hqca8082qcs410sa8155p_firmwaresa8155pwsa8830ipq5312_firmwaresm8550pqcf8000_firmwareqcn9074_firmwareipq8174immersive_home_318_firmwareqcn6122sa8255p_firmwaresm7675_firmwareqcc2073ipq8174_firmwarear8035sm7635_firmwareipq8072aqamsrv1m_firmwaresa8650p_firmwareimmersive_home_216_firmwarewcn6450_firmwareimmersive_home_316qcf8000sfp_firmwaresrv1l_firmwareqcs9100_firmwareqcn6224ipq8071aqcn6112qca6698aqqxm8083wcn3950_firmwaresa7775p_firmwaresm7635sa8530p_firmwarewcd9378sm8635p_firmwarefastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwareqcn6023_firmwareqcn5164_firmwaresnapdragon_x75_5g_modem-rf_firmwareipq8078snapdragon_8_gen_3_mobileqcs6490ipq9554_firmwareqcn9072wsa8830_firmwareqcn6224_firmwareqca6678aq_firmwareqca8386_firmwarewsa8845_firmwarewsa8832qca8082_firmwarewcd9378_firmwareqcc2076_firmwaresrv1limmersive_home_216sm7675psrv1mqca6678aqqcn6432_firmwarear8035_firmwareqcn5022_firmwarewcn7860_firmwareqca4024_firmwareqca0000_firmwareipq9008ipq9554qca6564auipq9008_firmwareqcn9074ipq5300_firmwarewsa8815_firmwaresa8195p_firmwareqca8337_firmwareqca9888ipq5332ipq8173qcm6490_firmwareipq8072a_firmwareipq6010_firmwarewcn3950qcn6112_firmwaresm8750qca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareipq5028qca8085_firmwareqcf8001_firmwareqcn9070_firmwaresa8295p_firmwareqcn9022_firmwareipq5010_firmwareqcn6132ipq6018qcn9160_firmwareqca6584auqcn6274_firmwarewcn6755_firmwarewcn6650_firmwaresnapdragon_8_gen_3_mobile_firmwareqfw7114_firmwareqca4024qca6595_firmwarefastconnect_7800_firmwareqcn6422immersive_home_214_firmwareipq5302_firmwareqxm8083_firmwareipq5300ipq8070asm8635_firmwarefastconnect_6900_firmwarewcd9380qam8255psxr2230pwcn7880sxr2330pqca8075_firmwarewcn6755immersive_home_3210qcf8000qcn5052_firmwarewcn7881sm6650ipq6010sdx65m_firmwarevideo_collaboration_vc3_platformqca6688aqqam8295p_firmwareqcn6402_firmwareqca6698aq_firmwarewcd9385qca8084_firmwaresa8255pwcd9390_firmwareqcn5024sdx55_firmwareimmersive_home_326ipq8071a_firmwaresm8750_firmwareqca6554a_firmwareipq6028snapdragon_x65_5g_modem-rf_firmwareqcn9100qamsrv1mwcn7861_firmwarewcn7861qam8650p_firmwareqcs6490_firmwaresm6650_firmwareipq8076_firmwareqam8620pwcn3980_firmwareqca6584au_firmwareqcn5152_firmwareqcn6274qfw7124wsa8835wsa8840_firmwareqca6595au_firmwareqca0000qca6696_firmwarewcd9380_firmwareqca6574_firmwareqca8081wsa8815qcn5124qam8775pqca6797aqqcn5152snapdragon_x75_5g_modem-rfqcn6412sa8620pqca6574a_firmwaresdx55qcn9072_firmwareqca9888_firmwareipq8074aimmersive_home_3210_firmwareqca9889qcn5024_firmwareqca6787aq_firmwarewcd9375_firmwareqca8386sa7775pimmersive_home_318ipq5010qcn9274_firmwareipq8173_firmwareqcs5430_firmwareqcn9012_firmwaresa8770p_firmwaresa8295pqcs8550ipq6000_firmwarefastconnect_7800sa8650pqam8775p_firmwaresm8750p_firmwarewcd9375snapdragon_8\+_gen_2_mobile_firmwareipq8078_firmwareqca6688aq_firmwareqca9889_firmwarewcn3988_firmwareimmersive_home_316_firmwareqamsrv1h_firmwaresm7675qcn5154wsa8835_firmwarecsr8811qcn5022wcn3980sm7675p_firmwareqcf8000sfpqcs610Snapdragon
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2024-45568
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 5.66%
||
7 Day CHG~0.00%
Published-06 May, 2025 | 08:32
Updated-09 May, 2025 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in Camera Driver

Memory corruption due to improper bounds check while command handling in camera-kernel driver.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwaresnapdragon_429_mobile_firmwarefastconnect_7800_firmwarewcn3620_firmwarewcd9385wsa8835sxr2230p_firmwarewcn3660bwcd9385_firmwaresxr2230pwcn3620sdm429w_firmwarewsa8830wsa8830_firmwarewsa8835_firmwaresxr2250p_firmwarewcd9380snapdragon_429_mobilefastconnect_6900sdm429wfastconnect_6900_firmwarewsa8832_firmwarewsa8832wcn3660b_firmwarefastconnect_7800sxr2250pSnapdragon
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2022-33271
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-8.2||HIGH
EPSS-0.23% / 45.22%
||
7 Day CHG+0.11%
Published-09 Feb, 2023 | 06:58
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer over-read in WLAN

Information disclosure due to buffer over-read in WLAN while parsing NMF frame.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresd_8cx_gen3_firmwareqca2066mdm9640_firmwaresm6250p_firmwaresa6150p_firmwareqcs610qca8337ar9380ipq8173_firmwareqca6431_firmwarewcd9360_firmwaresdx65qcn5124qca4024_firmwarewcn3950_firmwareipq8078aipq5028_firmwaresa8150p_firmwareqca6595au_firmwaresa6155qca6335qca2062sd_455_firmwarecsra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaresa415mwcn3998qca6554a_firmwarewcd9371_firmwareqam8295pwcn3950qcn6024_firmwaresd720gsm4125sd_8cx_gen2_firmwareipq8076aqca8386_firmwaresd_8_gen1_5g_firmwareqca8084_firmwareqsm8350_firmwaresd710_firmwareqsm8350sd460_firmwaresm7315_firmwarewcn7850qca6574au_firmwareqcn5164_firmwarewcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwareqca6420wcd9360sdx20mqcn9002qca9986sd680_firmwareipq8070_firmwareqca9367_firmwareipq8065ipq8078a_firmwareqca6678aq_firmwarewcn3999sd_8cx_gen2qrb5165_firmwareipq5028qrb5165m_firmwareqca6698aqqcs6125sa8155_firmwareipq6010sd662_firmwareipq8068qcs405qca6430wcd9340qcn6132sd765gsw5100sd680qca6436wcn6851sa6155pqcs603_firmwarewcn7851_firmwareqca6698aq_firmwareqca9888_firmwareqcn6122wcd9341ipq8068_firmwareqca2066_firmwareqca6696_firmwareqca6431wcd9371sd870_firmwaresd750gqca1062ipq9008_firmwareqcn5154_firmwarewcn3910_firmwaresxr2150p_firmwaresd_8cxsa8150pwsa8830_firmwareqca9992_firmwaresd660sd865_5g_firmwaresnapdragon_4_gen_1sd712sd855_firmwarewcn3988sd660_firmwarewcn7850_firmwaresa8195p_firmwaresm8475qcn5022_firmwareqcn7606_firmwarewcn6750_firmwaresa8295p_firmwaremdm9640ipq5018_firmwareqca9985_firmwarewcn3991qca8337_firmwarewcd9380_firmwaressg2125pipq8072aqca9980_firmwaresw5100pmsm8996au_firmwarewcd9330ipq8076a_firmwareipq8078qca8084qcn9001_firmwareipq8173sdx55m_firmwareqca6564auwcn6856_firmwareipq9008qcn5164sd670_firmwareqca6574csr8811_firmwarewcd9380qcn5054_firmwareqcs410qcn5024sd690_5g_firmwaresdx50m_firmwaresxr1230psdx24_firmwareqca8072_firmwareqca9985qcn9012_firmwareqca6430_firmwareqcn9274_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980qca6335_firmwareipq6018_firmwareqcm4325_firmwareqcs605wcd9340_firmwarewsa8815wcn6850sd7cpmp8074_firmwareqcn6112wcn3910qca6320qca9986_firmwareqca6426_firmwaresd695ipq6028ipq8064sd835pmp8074qca9984ipq9574_firmwarewcn3980_firmwareqcn9024sd730wcd9330_firmwaresdx55mipq8064_firmwareqcc5100_firmwaresa8295pqca6421_firmwareqca2062_firmwarewcn6740_firmwaresd821_firmwareqca6678aqsd678_firmwarear8031_firmwareipq8078_firmwareqcn5054qrb5165wcn6851_firmwareqcs603ipq8070qca9994qca9980sd670qcn9024_firmwareipq8174_firmwaresd_636_firmwareqca6564a_firmwaresd480sd870wsa8832wcn6855qcn7605_firmwaresw5100p_firmwareqcs610_firmwareqsm8250sa6145pipq6018qca9886_firmwaresd695_firmwaresdxr1ar8031apq8096auqca6595_firmwareqcs405_firmwaresa8145psdm630_firmwaresd820_firmwareqca6391_firmwaresa4150p_firmwareqca4024wcd9370_firmwareqca2064sd780g_firmwaresdx55sd888_firmwareqcn5021_firmwaresa8155pcsra6640sd675ssg2115p_firmwaresxr2150par8035_firmwareqsm8250_firmwareqcn7606qcn5024_firmwarewcn3991_firmwarewsa8830sd678qcn9070sxr2230p_firmwaresa8145p_firmwareqca1062_firmwaresd7c_firmwarecsrb31024snapdragon_4_gen_1_firmwaresd_636csra6620qca8082qcn9072qca8386qca9992sd765g_firmwareqca6420_firmwareqca6390_firmwareqca2064_firmwaresd690_5gipq6000sd730_firmwarewcd9370sd675_firmwaressg2115pqcn5152_firmwareqca6426qca6584au_firmwarewcn3990_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwareqca9377ipq5018sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwareqcn7605wcd9326_firmwareipq8074aqca2065sd662qcn5124_firmwareqam8295p_firmwareqcn6102_firmwareqcn9011_firmwareqca1064sa8155qcn6100_firmwareqca8082_firmwareqca6320_firmwareqcn5122_firmwaresdx55_firmwareqca6595auqcn6023_firmwarewcn3999_firmwaresm7250p_firmwareqca6436_firmwareqrb5165nipq5010qca6564au_firmwareqca6584ausd778gsa6155p_firmwareqca6310qcn9274ipq8174wcn7851sa515m_firmwareqca9990qcn9001qcn5052qca9367qcs6490sdxr2_5gsdm630sd821qcn6112_firmwaresa415m_firmwarewcn3988_firmwareqcn9074sa6145p_firmwareqca6421qca8085sd778g_firmwaresm6250sa8195psd712_firmwarewsa8810_firmwaresd765_firmwarewcd9326wcd9335sg4150pqca8081qcn6023ipq8071aqca6174a_firmwareipq8071a_firmwarewcd9385qca8085_firmwareqcs6490_firmwareqca2065_firmwaresd_8cx_gen3qca6390wcd9375sd750g_firmwareaqt1000ar8035csr8811sm6250_firmwareqcn9100_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwaresdx20_firmwarewsa8815_firmwaresd820qcm6490wcn6850_firmwarewsa8835_firmwareqca6564asa4150psg4150p_firmwareqcm6125_firmwareqcm4325qca8072wcn3990qcn9000sd_675sd780gqca6554asd865_5gqca6595ar9380_firmwareqcc5100sdx24qcn9012sd888qcn6122_firmwareipq8065_firmwaresxr1230p_firmwarewsa8835msm8996ausd665_firmwaresd888_5gsm6250pqcn5154qca8075_firmwaresc8180xssg2125p_firmwareqca6574awcn6855_firmwareqca9889qca6174asm7325pqcn6132_firmwareqcn9003_firmwareqca9888qca6310_firmwareqca9994_firmwarewcn6750qcn9003ipq8070a_firmwareipq8076_firmwaresa515mqca6574_firmwareqca9886sd855sm4125_firmwaresm7325p_firmwaresd665sxr2230pipq8076sd765qca6574a_firmwareqcn5021qcn5152sd768g_firmwareqrb5165msd850_firmwaresm7315sd460qca6391sdxr1_firmwareaqt1000_firmwareqcn6102qcn9100sdx65_firmwarecsrb31024_firmwareqcm6490_firmwarewsa8832_firmwaresdx50mqcn9070_firmwaresdx20sd480_firmwareipq6028_firmwareipq8072a_firmwareqcn9011sc8180x_firmwaresd_455qca6574auqca9889_firmwaresd710sa8155p_firmwareqcn5122ipq9574wcd9341_firmwaresdx20m_firmwareqcm6125wsa8810wcn6856qcn5022sd835_firmwaresd768gipq6010_firmwareqca1064_firmwarewcn6740qca6696sd845_firmwaresa6150pqca8075qcn9022_firmwareapq8096au_firmwareqcn6024qcn9022sd845qca9990_firmwareipq8070aqcn9002_firmwareqcn6100qcn9072_firmwaresm7250pipq6000_firmwaresd720g_firmwaresw5100_firmwareqcn9074_firmwareqcs410_firmwaresd850Snapdragonqcn5024_firmwareqca9377_firmwaresd_8cx_gen3_firmwarewcn3991_firmwaremdm9640_firmwaresa6150p_firmwaresa8145p_firmwaresm6250p_firmwaresxr2230p_firmwareqca1062_firmwareipq8173_firmwareqca6431_firmwaresd7c_firmwaresnapdragon_4_gen_1_firmwarewcd9360_firmwareqca4024_firmwarewcn3950_firmwareipq5028_firmwaresa8150p_firmwareqca6420_firmwareqca6595au_firmwaresd765g_firmwareqca6390_firmwareqca2064_firmwaresd730_firmwaresd_455_firmwarecsra6620_firmwareqcs605_firmwaresd_675_firmwaresd675_firmwarecsra6640_firmwareqcn5152_firmwareqcs6125_firmwareqca6584au_firmwarewcn3990_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwareqca6554a_firmwaresd_8cx_firmwarewcd9371_firmwaresdxr2_5g_firmwaresd_8cx_gen2_firmwareqcn6024_firmwareqca8386_firmwarewcd9326_firmwarewcd9385_firmwaresd_8_gen1_5g_firmwareqca8084_firmwareqsm8350_firmwaresd710_firmwareqcn5124_firmwaresd460_firmwareqam8295p_firmwareqcn6100_firmwareqcn6102_firmwareqcn9011_firmwareqca8082_firmwareqca6320_firmwaresm7315_firmwareqca6574au_firmwareqcn5122_firmwareqcn5164_firmwaresdx55_firmwarewcd9375_firmwareqca8081_firmwareqcn6023_firmwaresa6155_firmwaresm7250p_firmwarewcn3998_firmwarewcn3999_firmwareqca6436_firmwareqca6564au_firmwaresd680_firmwareipq8070_firmwareqca9367_firmwaresa6155p_firmwareipq8078a_firmwareqca6678aq_firmwaresa515m_firmwareqrb5165_firmwareqrb5165m_firmwaresa8155_firmwaresd662_firmwareqcn6112_firmwaresa415m_firmwarewcn3988_firmwaresa6145p_firmwaresd712_firmwaresd778g_firmwarewsa8810_firmwaresd765_firmwareqcs603_firmwarewcn7851_firmwareqca6698aq_firmwareqca6174a_firmwareipq8071a_firmwareqca8085_firmwareqca9888_firmwareipq8068_firmwareqca2066_firmwareqca6696_firmwareqca2065_firmwareqcs6490_firmwaresd870_firmwareipq9008_firmwareqcn5154_firmwarewcn3910_firmwaresxr2150p_firmwaresd750g_firmwaresm6250_firmwareqcn9100_firmwarewsa8830_firmwareqca9992_firmwaresd855_firmwaresd865_5g_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwaresdx20_firmwaresd660_firmwarewcn6850_firmwarewcn7850_firmwaresa8195p_firmwarewsa8815_firmwarewsa8835_firmwareqcn5022_firmwareqcn7606_firmwaresa8295p_firmwarewcn6750_firmwaresg4150p_firmwareqcm6125_firmwareipq5018_firmwareqca9985_firmwareqca8337_firmwarewcd9380_firmwareqca9980_firmwaremsm8996au_firmwareipq8076a_firmwarear9380_firmwareqcn9001_firmwaresdx55m_firmwarewcn6856_firmwareqcn6122_firmwareipq8065_firmwaresd670_firmwaresxr1230p_firmwaresd665_firmwarecsr8811_firmwareqcn5054_firmwareqca8075_firmwaressg2125p_firmwaresd690_5g_firmwaresdx50m_firmwarewcn6855_firmwareqcn6132_firmwareqcn9003_firmwaresdx24_firmwareqca8072_firmwareqca6310_firmwareqca6430_firmwareqca9994_firmwareqcn5052_firmwareqcn9012_firmwareipq8070a_firmwareqcn9274_firmwarewcd9335_firmwareqca6335_firmwareipq6018_firmwareipq8076_firmwareqcm4325_firmwareqca6574_firmwarewcd9340_firmwaresm4125_firmwaresm7325p_firmwarepmp8074_firmwareqca9986_firmwareqca6426_firmwareqca6574a_firmwaresd768g_firmwareipq9574_firmwaresd850_firmwarewcn3980_firmwaresdxr1_firmwarewcd9330_firmwareipq8064_firmwareqcc5100_firmwareqca6421_firmwareaqt1000_firmwareqca2062_firmwarewcn6740_firmwaresdx65_firmwaresd821_firmwaresd678_firmwarear8031_firmwarecsrb31024_firmwareqcm6490_firmwareipq8078_firmwarewsa8832_firmwareqcn9070_firmwaresd480_firmwarewcn6851_firmwareipq6028_firmwareipq8072a_firmwareqca9889_firmwaresa8155p_firmwaresd_636_firmwareqca6564a_firmwareipq8174_firmwareqcn9024_firmwarewcd9341_firmwaresdx20m_firmwareqcn7605_firmwaresw5100p_firmwareqcs610_firmwaresd835_firmwareqca9886_firmwaresd695_firmwareipq6010_firmwareqca6595_firmwareqcs405_firmwareqca1064_firmwaresdm630_firmwaresd820_firmwareqca6391_firmwaresa4150p_firmwaresd845_firmwaresd780g_firmwarewcd9370_firmwaresd888_firmwareqcn9022_firmwareqcn5021_firmwareapq8096au_firmwareqca9990_firmwareqcn9002_firmwareqcn9072_firmwareipq6000_firmwaresd720g_firmwaressg2115p_firmwaresw5100_firmwareqcn9074_firmwareqcs410_firmwarear8035_firmwareqsm8250_firmware
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-30259
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.19%
||
7 Day CHG~0.00%
Published-12 Nov, 2021 | 06:15
Updated-03 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound access due to improper validation of function table entries in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresm7250sa6150p_firmwaresm6250p_firmwareqcs610qca8337qca6431_firmwarewcd9360_firmwaresdx65wcn3950_firmwaresc8180x\+sdx55sa8150p_firmwareqcs2290qca6595au_firmwaresa6155qca6335sd_455_firmwarecsra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaresa415mwcn3998wcd9371_firmwarewcn3950sm4125sd720gsm6375_firmwarewcn3660bqsm8350_firmwaresd710_firmwareqsm8350sd460_firmwarewcn7850qca6574au_firmwarewcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwaresdx12_firmwareqca6420wcd9360whs9410_firmwarewcn3999qrb5165_firmwareqcs6125sa8155_firmwareqca4004_firmwaresd662_firmwareqcs405qca6430wcd9306_firmwarewcd9340sdm830_firmwaresd765gqca6436wcn6851sa6155pqcs603_firmwarewcn7851_firmwaremdm9250_firmwarewcd9341mdm9655qca6696_firmwareqca6431wcd9371sd870_firmwaresd750gwcn3910_firmwaresd_8cxsa8150pqca4004wsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwaresd712wcn3988sd660_firmwarewcn7850_firmwaresa8195p_firmwarewcn6750_firmwarewcn3610sm6375wcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwareqca6564ausdx55m_firmwarewcn6856_firmwaresd670_firmwareqca6574wcd9380qcs410sd690_5g_firmwaresdx50m_firmwaresdx24_firmwareqca6430_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqcs605wcd9340_firmwarewsa8815wcn6850sd7cwcn3910qca6320mdm9650_firmwaresd_8c_firmwareqca6426_firmwarewcn3660b_firmwareqca9984sd835wcn3980_firmwaresd730sdx55mqca6421_firmwarewcn6740_firmwaresd678_firmwarear8031_firmwareqrb5165wcn6851_firmwareqcs603sd670sd_636_firmwareqca6564a_firmwareqcm4290_firmwaresd480sd870wcn6855qcs610_firmwareqsm8250sa6145psdxr1ar8031qca6595_firmwareqcs405_firmwaresa8145psdm630_firmwaremdm9205_firmwareqca6391_firmwarewcd9370_firmwaresd780g_firmwaresdx55sd888_firmwaresa8155pcsra6640sd675ar8035_firmwareqcm2290qsm8250_firmwarewcn3991_firmwaremdm9150_firmwarewsa8830sd678sa8145p_firmwareqcs2290_firmwaresm7250_firmwaresd7c_firmwarecsrb31024mdm9650sd_636csra6620qcs4290mdm9250sd765g_firmwareqca6420_firmwareqca6390_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwareqca6564qca6426qca6584au_firmwarewcn3990_firmwareqrb5165n_firmwareqca9984_firmwareqca9377sm8450sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewhs9410wcd9326_firmwaresd662sa8155qca6320_firmwaresdx55_firmwareqca6595auwcn3999_firmwarewcn3610_firmwareqca6436_firmwareqrb5165nwcd9306qca6584ausd778gqca6564au_firmwaresa6155p_firmwareqca6310sm6225wcn7851sa515m_firmwareqcs6490sdxr2_5gsdm630mdm9655_firmwaresa415m_firmwarewcn3988_firmwaresa6145p_firmwareqca6421sd778g_firmwaresm6250sd712_firmwaresa8195pwsa8810_firmwaresm8450_firmwaresd765_firmwarewcd9326wcd9335qca8081qca6174a_firmwareqcs4290_firmwarewcd9385qcs6490_firmwareqca6390wcd9375sd750g_firmwareaqt1000ar8035sc8180x\+sdx55_firmwaresm6250_firmwaresda429wwcn3620_firmwaresdx20_firmwarewsa8815_firmwaresd888_5g_firmwareqcm6490wcn6850_firmwarewsa8835_firmwarewcn3620qcx315qca6564aqcm6125_firmwareqcm2290_firmwarewcn3990sd_675sd780gsd865_5gqca6595sdx24sm8450p_firmwaresd888wsa8835qcx315_firmwaresd665_firmwaresd888_5gsm6250pqca6574awcn6855_firmwareqca6174aqca6310_firmwaresm7325wcn6750mdm9205sa515mqca6574_firmwaresd855sm4125_firmwaresd665qca6175asd765qca6574a_firmwaresd768g_firmwaresd850_firmwaresd460qca6391sdxr1_firmwareaqt1000_firmwaresdx65_firmwareqcm4290csrb31024_firmwareqcm6490_firmwaresdx50msdx20sd480_firmwaresd_455sm6225_firmwareqca6574ausd710sa8155p_firmwarewcd9341_firmwareqcm6125wsa8810sm8450pmdm9150wcn6856sd_8csd835_firmwareqca6564_firmwaresd768gwcn6740qca6696sd845_firmwaresa6150psd845sdm830sd720g_firmwaresdx12qcs410_firmwareqca6175a_firmwaresd850sm7325_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-2305
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.32% / 54.80%
||
7 Day CHG~0.00%
Published-25 Jul, 2019 | 16:33
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound access when reason code is extracted from frame data without validating the frame length in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS405, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresd_850mdm9150_firmwaremdm9640_firmwaresd_820asd_675msm8996au_firmwaresd_670_firmwaresdx24mdm9650sd_636msm8996ausd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206qca9379_firmwareqca6174asd_425_firmwaresd_665sdx24_firmwaresd_625_firmwaresd_450qca9377sd_845mdm9206_firmwareqcs605mdm9640sd_835_firmwaremdm9650_firmwaresd_835qca6574au_firmwaresda660sd_665_firmwaresd_427_firmwaresd_712sd_855sd_730_firmwaresdx20sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_710_firmwaresdm630qcs405sd_625qca6574ausd_820_firmwaremdm9607sd_636_firmwaremdm9150qca6174a_firmwaresd_730sd_850_firmwareqcs405_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_427sd_430sd_670sd_435_firmwaresd_710sdx20_firmwareqca9379sdm660_firmwaresd_855_firmwareSnapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-2276
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.27% / 49.69%
||
7 Day CHG~0.00%
Published-25 Jul, 2019 | 16:33
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound read occurs while processing beaconing request due to lack of check on action frames received from user controlled space in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS405, QCS605, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 845 / SD 850, SD 855, SDM630, SDM660, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_712qca9377_firmwaresd_850sd_855sd_730_firmwaresd_820asd_675msm8996au_firmwaresd_670_firmwaresdm660sdx24sdm630mdm9607_firmwaresd_710_firmwaresd_636qcs405qca6574aumdm9607msm8996ausd_636_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwareqca6174a_firmwareqca6174aqca9379_firmwaresd_665sd_730sd_850_firmwaresdx24_firmwareqcs405_firmwareqca9377sd_712_firmwaresdm630_firmwaresd_845qcs605sd_670sd_710qca6574au_firmwareqca9379sd_665_firmwaresdm660_firmwaresd_855_firmwareSnapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-2271
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.37% / 58.55%
||
7 Day CHG~0.00%
Published-21 Nov, 2019 | 14:38
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer over read can happen while parsing downlink session management OTA messages if network sends un-intended values in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9635m_firmwareqcm2150_firmwaremdm9640_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresnapdragon_high_med_2016_firmwaresm6150msm8909w_firmwaremsm8976_firmwaremsm8996aumdm915_firmwaresm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaresc8180xmdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwaremdm9635mapq8098mdm9615mdm9205mdm9206_firmwaremsm8939qcs605mdm915msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwaremdm9655_firmwaresdm660sc8180x_firmwaresdm710qm215mdm9607apq8017_firmwaremdm9625_firmwaresdm710_firmwaremsm8939_firmwaremsm8937msm8905snapdragon_high_med_2016sm8150_firmwaremsm8909sxr2130_firmwaremdm9655apq8096ausdm439_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwaremdm9625qm215_firmwaremsm8976sdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250msm8998sm8150sdx20_firmwaresdm850mdm9615_firmwareapq8017nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-2268
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.34% / 56.00%
||
7 Day CHG~0.00%
Published-21 Nov, 2019 | 14:38
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible OOB read issue in P2P action frames while handling WLAN management frame in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8996AU, MSM8998, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS405, QCS605, SDA660, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresdm636_firmwaremsm8996au_firmwareapq8098_firmwaresdm845sdx20msm8998_firmwaresdm660sdm630mdm9607_firmwaremdm9650qcs405qca6574ausdm710sm6150mdm9607msm8996auapq8017_firmwaresdm710_firmwareapq8009_firmwaresdm670qcs605_firmwaremdm9207c_firmwaremdm9206mdm9207cqca6174a_firmwareqca6174aqca9379_firmwaresdm670_firmwareapq8096ausdm636qcs405_firmwareqca9377sdm630_firmwareapq8098sda660_firmwaremdm9206_firmwareqcs605apq8053apq8096au_firmwaresm6150_firmwaremdm9650_firmwaremsm8998sdx20_firmwareqca6574au_firmwaresda660apq8017apq8009qca9379apq8053_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-2249
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.48% / 64.69%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 17:11
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Kernel can do a memory read from arbitrary address passed by user during execution of a syscall in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9205, MDM9650, QCA8081, QCS605, SD 427, SD 435, SD 450, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_427_firmwaresd_712sd_850sd_855sd_730_firmwaresd_675sdx20sd_670_firmwaresdm660sdm630sd_710_firmwaresd_435mdm9650sd_636sd_625ipq8074_firmwaresnapdragon_high_med_2016_firmwaresd_636_firmwaresd_450_firmwaresd_845_firmwareqca8081qcs605_firmwaresd_675_firmwaresd_730snapdragon_high_med_2016sd_665sd_850_firmwaresd_625_firmwareipq8074sd_450sd_712_firmwaresdm630_firmwaremdm9205_firmwaresd_8cx_firmwaresda660_firmwaremdm9205sd_845sd_427qcs605sd_8cxsd_670sd_435_firmwaresd_835_firmwaremdm9650_firmwaresd_710sdx20_firmwaresd_835sda660sxr1130_firmwareqca8081_firmwaresxr1130sd_665_firmwaresdm660_firmwaresd_855_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-30336
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.03% / 9.19%
||
7 Day CHG~0.00%
Published-03 Jan, 2022 | 07:26
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound read due to lack of domain input validation while processing APK close session request in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830sd678sa6150p_firmwaresa8145p_firmwareqcs2290_firmwareqcs4290wcn3950_firmwaresa8150p_firmwaresd765g_firmwareqcs2290qca6595au_firmwareqca6390_firmwaresa6155sd690_5gsd730_firmwarewcd9370sd_675_firmwaresd675_firmwaresm8450wcd9385_firmwarewcn3950sd720gsm6375_firmwarewcn3660bsd662sd460_firmwaresa8155sm7315_firmwareqca6574au_firmwareqca6595ausa6155_firmwarewcd9375_firmwaresm7250p_firmwarewcn3610_firmwaresd778gsa6155p_firmwaresm6225qcs6490sa8155_firmwaresd662_firmwarewcn3988_firmwaresa6145p_firmwaresm6250sd778g_firmwaresa8195pqualcomm215_firmwaresd765gsm8450_firmwaresd765_firmwarewcn6851sa6155pqcs4290_firmwarewcd9385qca6696_firmwareqcs6490_firmwaresd750gsd870_firmwareqca6390wcd9375sd750g_firmwarewcn3910_firmwaresa8150psm6250_firmwarewsa8830_firmwaresda429wsd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewsa8835_firmwaresa8195p_firmwarewcn6750_firmwarewcn3610qcm2290_firmwaresm6375wcn3991sda429w_firmwarewcd9380_firmwaresd_675sd780gsd865_5gsdx55m_firmwarewcn6856_firmwaresm8450p_firmwaresd888wsa8835qca6574sd665_firmwarewcd9380sd888_5gqualcomm215qca6574asd690_5g_firmwarewcn6855_firmwaresm7325pwcn6750qca6574_firmwaresm7325p_firmwaresd665wcn3910wcn6850sd765wcn3660b_firmwareqca6574a_firmwaresd768g_firmwaresm7315sd730sd460qca6391sdx55msdxr1_firmwarewcn6740_firmwaresd678_firmwareqcm4290qcm6490_firmwaresd480_firmwarewcn6851_firmwaresm6225_firmwareqca6574ausa8155p_firmwareqcm4290_firmwaresd480sd870sm8450pwcn6855wcn6856sa6145psdxr1sd768gsa8145pwcn6740qca6696qca6391_firmwaresd780g_firmwarewcd9370_firmwaresa6150psd888_firmwaresa8155psd675sm7250psd720g_firmwareqcm2290Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-30257
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.09% / 26.39%
||
7 Day CHG~0.00%
Published-20 Oct, 2021 | 06:31
Updated-03 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound read or write in VR service due to lack of validation of DSP selection values in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830sd678sm7250qcs2290_firmwaresm7250_firmwaresd_636qcs4290wcn3950_firmwaresd765g_firmwareqca6420_firmwareqcs2290qca6390_firmwaremsm8917sd690_5gsd730_firmwarewcd9370qcs605_firmwaresd_675_firmwaresd675_firmwareqcs6125_firmwareqca6426sd632wcn3998wcd9385_firmwaresdxr2_5g_firmwarewcn3950sm4125sd720gwcn3615_firmwarewcn3660bsd662sd460_firmwarewcn3680b_firmwaresdx55_firmwarewcd9375_firmwarewcn3615wcn3998_firmwareqca6420qca6436_firmwareapq8053_firmwaresd778gqcs6490sd429sdxr2_5gqcs6125sd662_firmwaresdm630wcn3988_firmwareqca6430sd429_firmwaresm6250sd778g_firmwareapq8017_firmwarequalcomm215_firmwaresd765gsd765_firmwareqca6436wcn6851qcs4290_firmwarewcd9385qcs6490_firmwaresd750gsd870_firmwareqca6390wcd9375sd750g_firmwareaqt1000wcn3910_firmwaresm6250_firmwaremsm8953_firmwarewsa8830_firmwaremsm8917_firmwaresd855_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewsa8835_firmwareapq8017wcn6750_firmwareqcm6125_firmwareqcm2290_firmwarewcn3991wcd9380_firmwaresd_675sd780gsd865_5gsdx55m_firmwarewcn6856_firmwaresd888wsa8835sd632_firmwaresd665_firmwarewcd9380sd888_5gqualcomm215sd690_5g_firmwaresdx50m_firmwarewcn6855_firmwaresm7325qca6430_firmwarewcn6750sd439_firmwareqcs605sd855sm4125_firmwarewcn6850sd665wcn3910sd765qca6426_firmwarewcn3660b_firmwarewcn3680sd768g_firmwaresd730sd460qca6391sdx55msdxr1_firmwareaqt1000_firmwarewcn6740_firmwaremsm8953sd678_firmwareqcm4290qcm6490_firmwaresdx50mwcn3680_firmwaresd480_firmwarewcn6851_firmwaresd_636_firmwareqcm6125qcm4290_firmwaresd480sd870wcn6855wcn6856wcn3680bsdxr1sd768gwcn6740sdm630_firmwareqca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55sd888_firmwareapq8053sd675sd439sd720g_firmwareqcm2290sm7325_firmwareSnapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-22065
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.37% / 58.38%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 09:51
Updated-03 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound read in WLAN HOST due to improper length check can lead to DOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaremdm9640_firmwaresm6250p_firmwareqcs610qca8337wcd9360_firmwaresdx65wcn3950_firmwareqcs2290qca6595au_firmwaresa6155qca6335msm8917csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwaresd632sa415mwcn3998wcd9371_firmwarewcn3950sm4125sd720gmdm9628mdm9206_firmwaresd_8_gen1_5g_firmwarewcn3660bsd450_firmwaresd710_firmwaresd460_firmwareqca4020sm7315_firmwarewcn7850qca6574au_firmwarewcd9375_firmwarewcn3998_firmwareqca8081_firmwaresa6155_firmwaresdx12_firmwaremsm8909wapq8009w_firmwareqca6420apq8053_firmwarewcd9360sd680_firmwareqca9367_firmwarewcn3999qrb5165_firmwareqrb5165m_firmwaresa8155_firmwaresd662_firmwareqcs405qca6430wcd9340sd765gqualcomm215_firmwaresw5100sd680qca4020_firmwareqca6436wcn6851sa6155pqcs603_firmwarewcn7851_firmwaremdm9250_firmwarewcn3660_firmwarewcd9341qca6696_firmwarewcd9371sd870_firmwaresd750gwcn3910_firmwarewsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwarewcn3988sd660_firmwarewcn7850_firmwaresa8195p_firmwaresm8475qcn7606_firmwarewcn6750_firmwaresd450wcn3610mdm9640wcn3991qca8337_firmwarewcd9380_firmwaresdm429wsw5100pmsm8996au_firmwarewcd9330qca6564ausdx55m_firmwarewcn6856_firmwaresd670_firmwareqca6574sd632_firmwarewcd9380qualcomm215qcs410sd690_5g_firmwaresdx50m_firmwareqca9379_firmwaresdx24_firmwareqca6430_firmwarewcd9335_firmwarewcn3980sd439_firmwareqca6335_firmwareqcs605wcd9340_firmwarewsa8815wcn6850wcn3910qca6320qca6584_firmwaremdm9650_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680sd695sd835wcn3980_firmwaresd730wcd9330_firmwaresdx55mwcn6740_firmwaremsm8953sd678_firmwarear8031_firmwarewcn3680_firmwareqrb5165wcn6851_firmwareqcs603sd670sd_636_firmwareqca6564a_firmwareapq8009wqcm4290_firmwaresd480sd870wcn6855qcn7605_firmwaresw5100p_firmwareqcs610_firmwaresa6145psd695_firmwaresdxr1ar8031apq8096auqca6595_firmwareqcs405_firmwaresdm630_firmwareqca6391_firmwarewcd9370_firmwaresd780g_firmwaresdx55sd888_firmwareapq8053sa8155pcsra6640sd675sd439wcn3660qca9379ar8035_firmwareqcm2290qcn7606wcn3991_firmwaremdm9150_firmwarewsa8830sd678qcs2290_firmwarecsrb31024mdm9628_firmwaremdm9650sd_636csra6620qcs4290mdm9250sd765g_firmwareqca6420_firmwareqca6390_firmwareapq8009_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwareqca6564qca6426wcn3990_firmwareqrb5165n_firmwareqca9377sdw2500_firmwarewcd9385_firmwaresdxr2_5g_firmwareqcn7605wcd9326_firmwarewcn3615_firmwaresd662sa8155qca6320_firmwareqca6584wcn3680b_firmwaresdx55_firmwarewcn3615qca6595auwcn3999_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwareqrb5165nqca6564au_firmwaresd778gsa6155p_firmwareqca6310wcn7851sd429sa515m_firmwareqcs6490sdxr2_5gqca9367sdm630mdm9607_firmwaresa415m_firmwarewcn3988_firmwaresd429_firmwaresa6145p_firmwaresm6250sd778g_firmwaresa8195papq8017_firmwarewsa8810_firmwaresd765_firmwarewcd9326wcd9335qca8081qca6174a_firmwareqcs4290_firmwarewcd9385qcs6490_firmwareqca6390wcd9375sd750g_firmwareaqt1000ar8035sm6250_firmwaremsm8953_firmwaremsm8917_firmwarewcn3620_firmwaresdx20_firmwarewsa8815_firmwaresd888_5g_firmwareqcm6490wcn6850_firmwarewsa8835_firmwarewcn3620apq8017qca6564aqcm2290_firmwarewcn3990sd_675sd780gsd865_5gqca6595sdx24sd888msm8909w_firmwarewsa8835msm8996ausdm429w_firmwaresd665_firmwaresd888_5gsm6250pqca6574amdm9206wcn6855_firmwareqca6174asm7325pqca6310_firmwarewcn6750sa515mqca6574_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665qca6175asd765qca6574a_firmwaresd768g_firmwareqrb5165msm7315apq8009sd460qca6391sdxr1_firmwareaqt1000_firmwaresdx65_firmwaremdm9626qcm4290csrb31024_firmwareqcm6490_firmwaresdx50msdx20sd480_firmwaremdm9626_firmwareqca6574ausd710sa8155p_firmwaremdm9607wcd9341_firmwarewsa8810mdm9150wcn6856wcn3680bsd835_firmwareqca6564_firmwaresd768gwcn6740qca6696sd845_firmwaresdw2500apq8096au_firmwaresd845sm7250psd720g_firmwaresdx12sw5100_firmwareqcs410_firmwareqca6175a_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-14020
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.24% / 46.62%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple Read overflows issue due to improper length check while decoding dedicated_eps_bearer_req/ act_def_context_req/ cs_serv_notification/ emm_info/ guti_realloc_cmd in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8076, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9635m_firmwareapq8096_firmwaremdm9640_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632apq8096sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996aumdm9645sdm429w_firmwaresm7150msm8917sdm670qcs605_firmwareapq8076sc8180xmdm9206sdm670_firmwaresdx24_firmwareapq8076_firmwaresdm636sda845_firmwaremdm9635mapq8098mdm9615mdm9205mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wmsm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresdm660mdm9655_firmwaresc8180x_firmwaresdm710qm215sc7180_firmwaremdm9607mdm9645_firmwaremdm9625_firmwaresdm710_firmwaremdm9150msm8937msm8905sm8150_firmwaremsm8909mdm9655apq8096ausdm439_firmwarerennellsc7180sdm630_firmwaremdm9205_firmwaresda660_firmwaremdm9625rennell_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaremdm9615_firmwaremsm8998sm8150sdx20_firmwaresdm850nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-14134
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.31% / 53.95%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound access in WLAN handler when the received value of length in rx path is shorter than the expected value of country IE in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ8074, QCA8081, QCS605, SDA845, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm850_firmwaresdm670_firmwaresm8150_firmwareipq8074sda845_firmwaresdm845qcs605sm7150_firmwareipq8074_firmwaresm6150_firmwaresdm710sm6150sm8150sdm850sdm710_firmwaresxr1130_firmwaresm7150qca8081_firmwaresxr1130sdm670qca8081qcs605_firmwaresda845sdm845_firmwareSnapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-14019
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.24% / 46.62%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple Read overflows issue due to improper length check while decoding RAU accept/PDN disconnect Rej/Modify EPS ctxt req/bearer resource alloc Rej/Deact EPs bearer REq in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8076, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9207C, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9635m_firmwareapq8096_firmwaremdm9640_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632apq8096sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996aumdm9645sdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670qcs605_firmwareapq8076sc8180xmdm9206sdm670_firmwaresdx24_firmwareapq8076_firmwaresdm636sda845_firmwaremdm9635mapq8098mdm9615mdm9205mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresdm660mdm9655_firmwaresc8180x_firmwaresdm710qm215sc7180_firmwaremdm9607mdm9645_firmwaremdm9625_firmwaresdm710_firmwaremdm9150msm8937mdm9207c_firmwaremsm8905mdm9207csm8150_firmwaremsm8909mdm9655apq8096ausdm439_firmwarerennellsc7180sdm630_firmwaremdm9205_firmwaresda660_firmwaremdm9625rennell_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaremdm9615_firmwaremsm8998sm8150sdx20_firmwaresdm850nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-10507
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.64%
||
7 Day CHG~0.00%
Published-30 Sep, 2019 | 15:40
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of check of extscan change results received from firmware can lead to an out of buffer read in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS605, SD 210/SD 212/SD 205, SD 425, SD 430, SD 600, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresd_850mdm9150_firmwaremdm9640_firmwaresd_820asd_675msm8996au_firmwaresd_670_firmwaresdx24mdm9650sd_636msm8996ausd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206qca9379_firmwareqca6174asd_425_firmwaresd_665sdx24_firmwaresd_625_firmwareqca9377sd_845mdm9206_firmwareqcs605mdm9640sd_835_firmwaremdm9650_firmwaresd_835qca6574au_firmwaresda660sd_210_firmwaresd_600sd_665_firmwaresd_205_firmwaresd_212sd_712sd_855sd_730_firmwaresdx20sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_710_firmwaresdm630sd_625qca6574ausd_210mdm9607sd_636_firmwaremdm9150qca6174a_firmwaresd_730sd_212_firmwaresd_850_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_430sd_670sd_710sdx20_firmwaresd_600_firmwaresd_205qca9379sdm660_firmwaresd_855_firmwareSnapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-14082
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.24% / 46.62%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Potential buffer over-read due to lack of bound check of memory offset passed in WLAN firmware in Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9206, MDM9207C, MDM9607, QCN7605, SM8150

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9206ipq8074_firmwaremdm9207cmdm9607sm8150_firmwaresm8150ipq8074qcn7605qcn7605_firmwaremdm9206_firmwaremdm9607_firmwaremdm9207c_firmwareSnapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
CVE-2019-14123
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.12% / 31.66%
||
7 Day CHG~0.00%
Published-30 Jul, 2020 | 11:40
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow and over read possible due to missing bounds checks for fixed limits if we consider widevine HLOS client as non-trustable in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-kamorta_firmwareqcs404sxr2130_firmwarerennellsc7180rennell_firmwareqcs404_firmwaresm8250_firmwaresdx55sm7150_firmwaresm6150_firmwaresm8250sm6150sc7180_firmwarekamortasdx55_firmwaresm7150sxr2130Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
CVE-2019-14042
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.1||HIGH
EPSS-0.04% / 12.82%
||
7 Day CHG~0.00%
Published-02 Jun, 2020 | 15:05
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound read in in fingerprint application due to requested data assigned to a local buffer without length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Kamorta, MDM9205, Nicobar, QCS404, QCS405, QCS605, Rennell, SA415M, SA6155P, SC7180, SC8180X, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm850_firmwarekamorta_firmwaresa6155p_firmwaresdm845sdx24qcs404_firmwaresm8250_firmwaresc8180x_firmwaresa415m_firmwareqcs405sm7150_firmwaresdm710sc7180_firmwaresm6150sdm710_firmwaresm7150sa6155psdm670sxr2130qcs605_firmwaresc8180xsdm670_firmwareqcs404sdx24_firmwaresm8150_firmwaresxr2130_firmwareqcs405_firmwarerennellsa415msc7180mdm9205_firmwarerennell_firmwaremdm9205qcs605sdx55sm6150_firmwaresm8250sm8150sdm850sxr1130_firmwarekamortasdx55_firmwarenicobar_firmwaresxr1130nicobarsdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-14033
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.24% / 46.62%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple Read overflows issue due to improper length check while decoding tau reject/tau accept/detach request/attach reject/attach accept in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9635m_firmwareapq8096_firmwaremdm9640_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632apq8096sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996aumdm9645sdm429w_firmwaresm7150msm8917sdm670qcs605_firmwaresc8180xmdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwaremdm9635mapq8098mdm9615mdm9205mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wmsm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresdm660mdm9655_firmwaresc8180x_firmwaresdm710qm215sc7180_firmwaremdm9607mdm9645_firmwaremdm9625_firmwaresdm710_firmwaremdm9150msm8937msm8905sm8150_firmwaremsm8909mdm9655apq8096ausdm439_firmwarerennellsc7180sdm630_firmwaremdm9205_firmwaresda660_firmwaremdm9625rennell_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaremdm9615_firmwaremsm8998sm8150sdx20_firmwaresdm850nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-14053
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.1||HIGH
EPSS-0.04% / 12.82%
||
7 Day CHG~0.00%
Published-02 Jun, 2020 | 15:05
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When attempting to create a new XFRM policy, a stack out-of-bounds read will occur if the user provides a template where the mode is set to a value that does not resolve to a valid XFRM mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8953, MSM8996AU, QCA4531, QCN7605, QCS605, QM215, SA415M, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca4531_firmwaremdm9640_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429sm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150apq8009_firmwaremsm8917sxr2130qcs605_firmwaresc8180xipq4019_firmwaremdm9206sdx24_firmwareipq8074sdm636sda845_firmwaresa415mqca4531apq8098qcn7605mdm9206_firmwareqcs605sdm429_firmwaremdm9650_firmwaremsm8905_firmwaresda660sdx55_firmwaremsm8909wapq8009apq8053_firmwaresda845msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20sdm660sdm630mdm9607_firmwaresm8250_firmwaresc8180x_firmwaresa415m_firmwareipq8074_firmwareqm215mdm9607qcn7605_firmwaremdm9207c_firmwaremsm8905mdm9207csm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwaresdm630_firmwaresda660_firmwareqm215_firmwareipq4019sdx55msm8953_firmwareapq8053sm6150_firmwareapq8096au_firmwaresm8250msm8917_firmwaresm8150sdx20_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-14104
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.1||HIGH
EPSS-0.03% / 9.20%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Slab-out-of-bounds access can occur if the context pointer is invalid due to lack of null check on pointer before accessing it in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile in APQ8053, SC8180X, SDX55, SM8150

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-apq8053sdx55sm8150_firmwaresm8150sdx55_firmwareapq8053_firmwaresc8180xsc8180x_firmwareSnapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-14057
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.29% / 51.61%
||
7 Day CHG~0.00%
Published-07 Feb, 2020 | 05:00
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Over read of codec private data while parsing an mkv file due to lack of check of buffer size before read in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA6574AU, QCS405, QCS605, QM215, Rennell, SA6155P, Saipan, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdm439sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaremdm9206sdm670_firmwaresdm636sda845_firmwareapq8098mdm9206_firmwaremsm8939qcs605msm8937_firmwaresdm429_firmwaremsm8905_firmwareqca6574au_firmwaresda660sxr1130_firmwareapq8064_firmwaresxr1130msm8909wapq8009apq8053_firmwaresda845nicobarsa6155p_firmwaremsm8920msm8953sdm450sdm636_firmwareapq8064apq8098_firmwaresdx20msm8998_firmwaresdm660msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwareqcs405qca6574ausdm710qm215mdm9607apq8017_firmwaresdm710_firmwaremsm8939_firmwaresa6155pmsm8937mdm9207c_firmwaremsm8996_firmwaremsm8905mdm9207csm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwarerennellsdm630_firmwaresda660_firmwarerennell_firmwareqm215_firmwaremsm8953_firmwaremsm8940saipan_firmwaresm6150_firmwareapq8053msm8917_firmwareapq8096au_firmwaremsm8998sm8150sdx20_firmwaresm8250apq8017msm8996saipannicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-14011
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.24% / 46.62%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple Read overflows issue due to improper length check while decoding 3G attach accept/ SMS/ pdn connection reject/ esm data transport/ bearer modify context reject in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9207C, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9635m_firmwareapq8096_firmwaremdm9640_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632apq8096sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996aumdm9645sdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670qcs605_firmwaresc8180xmdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwaremdm9635mapq8098mdm9205mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresdm660mdm9655_firmwaresc8180x_firmwaresdm710qm215sc7180_firmwaremdm9607mdm9645_firmwaremdm9625_firmwaresdm710_firmwaremdm9150msm8937mdm9207c_firmwaremsm8905mdm9207csm8150_firmwaremsm8909mdm9655apq8096ausdm439_firmwarerennellsc7180sdm630_firmwaremdm9205_firmwaresda660_firmwaremdm9625rennell_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaremsm8998sm8150sdx20_firmwaresdm850nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-14038
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.1||HIGH
EPSS-0.04% / 12.82%
||
7 Day CHG~0.00%
Published-02 Jun, 2020 | 15:05
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer over-read in ADSP parse function due to lack of check for availability of sufficient data payload received in command response in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8953, QCS605, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM670, SDM710, SDM845, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaremsm8953sdm845_firmwaresdm429wapq8098_firmwaresdm845sdx20sdx24sdm439mdm9607_firmwaremdm9650sdm429sdm710msm8909w_firmwaremdm9607sdm429w_firmwaresdm710_firmwareapq8009_firmwaremsm8909wmsm8917sdm670qcs605_firmwaremdm9207c_firmwaremdm9206msm8905mdm9207csdm670_firmwaresdx24_firmwaresdm439_firmwaresda845_firmwareapq8098sda660_firmwaremdm9206_firmwareqcs605msm8953_firmwareapq8053msm8917_firmwaresdm429_firmwaremdm9650_firmwaresdx20_firmwaremsm8905_firmwaresda660apq8009apq8053_firmwaresda845mdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
CVE-2019-14063
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.24% / 46.62%
||
7 Day CHG~0.00%
Published-07 Feb, 2020 | 05:00
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound access due to Invalid inputs to dapm mux settings which results into kernel failure in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9607, Nicobar, QCS405, Rennell, SA6155P, Saipan, SC8180X, SDM630, SDM636, SDM660, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa6155p_firmwaresdm636_firmwaresdm660sdm630mdm9607_firmwaresm8250_firmwaresc8180x_firmwareqcs405sm7150_firmwareipq8074_firmwaresm6150mdm9607sm7150sa6155psxr2130sc8180xipq4019_firmwareipq6018sm8150_firmwaresxr2130_firmwareipq8074sdm636qcs405_firmwarerennellsdm660_firmwaresdm630_firmwarerennell_firmwareipq6018_firmwareipq4019sdx55saipan_firmwaresm6150_firmwaresm8250sm8150ipq8064sdx55_firmwarenicobar_firmwaresaipanipq8064_firmwarenicobarSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-14039
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.1||HIGH
EPSS-0.04% / 12.82%
||
7 Day CHG~0.00%
Published-02 Jun, 2020 | 15:05
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound read in adm call back function due to incorrect boundary check for payload in command response in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8053, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8953, QCS605, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM670, SDM710, SDM845, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaremsm8953sdm845_firmwaresdm429wapq8098_firmwaresdm845sdx20sdx24sdm439mdm9607_firmwaremdm9650sdm429sdm710msm8909w_firmwaremdm9607sdm429w_firmwaresdm710_firmwaremsm8917sdm670qcs605_firmwaremdm9207c_firmwaremdm9206msm8905mdm9207csdm670_firmwaresdx24_firmwaresdm439_firmwaresda845_firmwareapq8098sda660_firmwaremdm9206_firmwareqcs605msm8953_firmwareapq8053msm8917_firmwaresdm429_firmwaremdm9650_firmwaresdx20_firmwaremsm8905_firmwaresda660msm8909wapq8053_firmwaresda845mdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-2301
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.64%
||
7 Day CHG~0.00%
Published-25 Jul, 2019 | 16:33
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possibility of out-of-bound read if id received from SPI is not in range of FIFO in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9980, QCS605, Qualcomm 215, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 712 / SD 710 / SD 670, SD 820A, SD 845 / SD 850, SD 855, SDM439, SDM660, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_712sd_850sd_632sd_855sd_820aqualcomm_215qca9980_firmwaremsm8996au_firmwaresd_439sd_670_firmwaresd_425sd_429sdm660sdm439sd_710_firmwaresdx24sd_636sd_625msm8909w_firmwaremsm8996auqca9980sd_636_firmwaresd_450_firmwaresd_845_firmwaresd_439_firmwaresd_820a_firmwarequalcomm_215_firmwaresd_429_firmwareqcs605_firmwareipq4019_firmwaresd_425_firmwaresd_850_firmwaresdx24_firmwaresd_625_firmwaresd_450sdm439_firmwaresdm660_firmwaresd_712_firmwaresd_845qcs605ipq4019sd_670sd_632_firmwaresd_710ipq8064msm8909wipq8064_firmwaresd_855_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-2318
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.11% / 29.00%
||
7 Day CHG~0.00%
Published-21 Nov, 2019 | 14:38
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Non Secure Kernel can cause Trustzone to do an arbitrary memory read which will result into DOS in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8017, APQ8053, APQ8096, APQ8096AU, IPQ8074, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, QCA8081, QM215, SDM429, SDM439, SDM450, SDM632, Snapdragon_High_Med_2016

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-msm8920apq8096_firmwaremsm8953sdm450sdm632_firmwaremsm8996au_firmwareapq8096sdm450_firmwaresdm632msm8920_firmwaresdm439sdm429msm8940_firmwareipq8074_firmwaresnapdragon_high_med_2016_firmwareqm215msm8996auapq8017_firmwaremsm8917qca8081msm8937msm8996_firmwaresnapdragon_high_med_2016ipq8074apq8096ausdm439_firmwareqm215_firmwaremsm8940apq8053apq8096au_firmwaremsm8953_firmwaremsm8917_firmwaremsm8937_firmwaresdm429_firmwareapq8017msm8996qca8081_firmwareapq8053_firmwareSnapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-2306
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.20%
||
7 Day CHG~0.00%
Published-25 Jul, 2019 | 16:33
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper casting of structure while handling the buffer leads to out of bound read in display in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632sd_820asd_675msm8996au_firmwaresd_670_firmwaresdm439mdm9650sd_636sd_615_firmwaremsm8909w_firmwaremsm8996ausd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_425_firmwaresd_665sd_625_firmwaresd_450sd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sd_210_firmwaresd_415_firmwaremsm8909wsd_665_firmwaresd_616_firmwaresd_205_firmwaresd_415sd_212sd_427_firmwaresd_712sd_855sd_730_firmwarequalcomm_215sdx20sd_616sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_615sd_710_firmwaresdm630qcs405sd_625sd_820_firmwaresd_210mdm9607sd_636_firmwarequalcomm_215_firmwaremdm9150sd_730sd_212_firmwaresd_850_firmwaresdm439_firmwareqcs405_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_430sd_427sd_670sd_435_firmwaresdx20_firmwaresd_710sd_205sdm660_firmwaresd_855_firmwareSnapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2019-2307
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.64% / 69.96%
||
7 Day CHG~0.00%
Published-25 Jul, 2019 | 16:33
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible integer underflow due to lack of validation before calculation of data length in 802.11 Rx management configuration in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS405, QCS605, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDM630, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresd_850mdm9150_firmwaremdm9640_firmwaresd_820asd_675msm8996au_firmwaresd_670_firmwaresdx24mdm9650sd_636msm8996ausd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_425_firmwareqca9379_firmwareqca6174asd_665sdx24_firmwaresd_625_firmwaresd_450qca9377sd_845mdm9206_firmwareqcs605sd_835_firmwaremdm9650_firmwaresd_835qca6574au_firmwaresd_210_firmwaresd_600sd_665_firmwaresd_205_firmwaresd_212sd_427_firmwaresd_712sd_855sd_730_firmwaresdx20sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_710_firmwaresdm630qcs405sd_625qca6574ausd_820_firmwaresd_210mdm9607sd_636_firmwaremdm9150qca6174a_firmwaresd_730sd_212_firmwaresd_850_firmwaresd_855_firmwareqcs405_firmwaresd_712_firmwaresdm630_firmwaresd_430sd_427sd_670sd_435_firmwaresdx20_firmwaresd_710sd_600_firmwaresd_205qca9379sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CVE-2019-2337
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.37% / 58.26%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 08:30
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While Skipping unknown IES, EMM is reading the buffer even if the no of bytes to read are more than message length which may cause device to shutdown in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwareqcm2150_firmwaremdm9640_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresnapdragon_high_med_2016_firmwaresm6150msm8909w_firmwaremsm8976_firmwaremsm8996ausm7150msm8917sdm670sxr2130qcs605_firmwaresc8180xmdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwareapq8098mdm9205mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wmsm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150msm8920_firmwaresdm630sm8250_firmwaresdm660mdm9655_firmwaresc8180x_firmwaresdm710qm215sdm710_firmwaremdm9150msm8937msm8905snapdragon_high_med_2016sm8150_firmwaremsm8909sxr2130_firmwaremdm9655apq8096ausdm439_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwareqm215_firmwaremsm8976sdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250msm8998sm8150sdx20_firmwaresdm850nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-2310
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.30% / 52.61%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 08:30
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound read would occur while trying to read action category and action ID without validating the action length of the Rx Frame body in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS605, SDA660, SDA845, SDM450, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM8150

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaremdm9640_firmwaremsm8996au_firmwaresdm845sdm450_firmwaremdm9650msm8940_firmwaremsm8996auapq8009_firmwaremsm8917sdm670qcs605_firmwaremdm9206qca9379_firmwareqca6174asdm670_firmwaresdm636sda845_firmwareqca9377apq8098qcn7605mdm9206_firmwareqcs605mdm9640msm8937_firmwaremdm9650_firmwareqca6574au_firmwaresda660apq8009msm8909_firmwareapq8053_firmwaresda845msm8920msm8953sdm450sdm636_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660msm8920_firmwaresdm630mdm9607_firmwareqca6574ausdm710mdm9607apq8017_firmwaresdm710_firmwareqcn7605_firmwaremsm8937mdm9207c_firmwaremdm9207cqca6174a_firmwaresm8150_firmwaremsm8909apq8096ausdm630_firmwaresda660_firmwaremsm8940apq8053apq8096au_firmwaremsm8953_firmwaremsm8917_firmwaremsm8998sm8150sdx20_firmwareapq8017qca9379sdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-10559
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.32% / 54.34%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 08:30
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Accessing data buffer beyond the available data while parsing ogg clip can lead to null-pointer dereference and then memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8939, MSM8953, MSM8996, MSM8996AU, Nicobar, QCS405, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-msm891_firmwaresdm632_firmwaremsm8996au_firmwaresdm450_firmwaresdm632sdm439sdm429sm7150_firmwaresm6150msm8909w_firmwaremsm8996ausm7150apq8009_firmwaresxr2130qcs605_firmwaremdm9206sdm636sda845_firmwareapq8098mdm9206_firmwaremsm8939qcs605sdm429_firmwaremsm8905_firmwaresda660sxr1130_firmwareapq8064_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarmsm8953sdm450apq8064sdm636_firmwareapq8098_firmwaresdx20sdm660sdm630mdm9607_firmwaresm8250_firmwareqcs405qm215mdm9607apq8017_firmwaremsm8939_firmwaremdm9207c_firmwaremsm8996_firmwaremsm8905mdm9207csm8150_firmwaremsm8909sxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwaresdm630_firmwaresda660_firmwareqm215_firmwaremsm8953_firmwareapq8053apq8096au_firmwaresm6150_firmwaresm8250sm8150sdx20_firmwareapq8017msm8996nicobar_firmwaresdm660_firmwaremsm891Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2019-10563
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.82%
||
7 Day CHG~0.00%
Published-21 Nov, 2019 | 14:38
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer over-read can occur in fast message handler due to improper input validation while processing a message from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, APQ8096AU, MSM8996AU, MSM8998, QCN7605, QCS405, QCS605, SDA660, SDM636, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdx24_firmwaresdm636_firmwareapq8096ausdm636msm8996au_firmwareqcs405_firmwaresdm660_firmwaresda660_firmwaresdx20msm8998_firmwareqcn7605sdm660sdx24qcs605qcs405apq8053apq8096au_firmwaremsm8996aumsm8998sdx20_firmwaresda660qcn7605_firmwareapq8053_firmwareqcs605_firmwareSnapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
CVE-2019-10550
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.24% / 46.62%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Over-read when UE is trying to process the message received form the network without zero termination in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, Nicobar, QCM2150, QCS605, QM215, Rennell, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm2150_firmwaremdm9640_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150msm8917sdm670qcs605_firmwaresc8180xmdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwaremdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wmsm8909_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwaresdx20qcm2150msm8920_firmwaresdm630mdm9607_firmwaresdm660sc8180x_firmwaresdm710qm215mdm9607sdm710_firmwaremsm8937msm8905sm8150_firmwaremsm8909sdm439_firmwarerennellsdm630_firmwaresda660_firmwarerennell_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwaremsm8917_firmwaresm8150sdx20_firmwaresdm850nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-10552
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.24% / 46.62%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple Buffer Over-read issue can happen due to improper length checks while decoding Service Reject/RAU Reject/PTMSI Realloc cmd in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9635m_firmwareapq8096_firmwaremdm9640_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632apq8096sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996aumdm9645sdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670qcs605_firmwaresc8180xmdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwaremdm9635mapq8098mdm9615mdm9205mdm9206_firmwaremsm8939qcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresdm660mdm9655_firmwaresc8180x_firmwaresdm710qm215mdm9607mdm9645_firmwareapq8017_firmwaremdm9625_firmwaresdm710_firmwaremsm8939_firmwaremdm9150msm8937msm8905sm8150_firmwaremsm8909mdm9655apq8096ausdm439_firmwarerennellsdm630_firmwaremdm9205_firmwaresda660_firmwaremdm9625rennell_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaremdm9615_firmwaremsm8998sm8150sdx20_firmwaresdm850apq8017nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
CVE-2019-10625
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.1||HIGH
EPSS-0.04% / 12.82%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-04 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound access in diag services when DCI command buffer reallocation is not done properly with required capacity in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8009, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, QCS605, Rennell, SC8180X, SDM429W, SDM710, SDX55, SM7150, SM8150

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9206mdm9207csc8180xmdm9640_firmwaresm8150_firmwareapq8096ausdm429wrennellrennell_firmwaremdm9206_firmwaremdm9607_firmwareqcs605mdm9650sc8180x_firmwaresdx55sm7150_firmwareapq8096au_firmwaresdm710mdm9607mdm9650_firmwaresdm429w_firmwaresm8150sdm710_firmwaresdx55_firmwaresm7150apq8009_firmwareapq8009qcs605_firmwaremdm9207c_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-2277
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.64%
||
7 Day CHG~0.00%
Published-22 Jul, 2019 | 13:47
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound read can happen due to lack of NULL termination on user controlled data in WLAN in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MSM8996AU, QCS405, QCS605, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_427_firmwaresd_712sd_850sd_855sd_730_firmwaresd_820asd_675msm8996au_firmwaresd_670_firmwaresd_425sdm660sdx24sd_430_firmwaresd_710_firmwaresd_435sd_636sdm630qcs405sd_625sd_210msm8996ausd_636_firmwaresd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaresd_425_firmwaresd_730sd_212_firmwaresd_665sd_850_firmwaresdx24_firmwaresd_625_firmwaresd_450qcs405_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_845sd_427qcs605sd_430sd_670sd_435_firmwaresd_835_firmwaresd_710sd_835sd_205sda660sd_210_firmwaresd_665_firmwaresd_205_firmwaresdm660_firmwaresd_212sd_855_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-10532
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 55.47%
||
7 Day CHG~0.00%
Published-21 Jan, 2020 | 06:30
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Null-pointer dereference issue can occur while calculating string length when source string length is zero in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, Nicobar, QCS605, QM215, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm429wsdm632_firmwaresdm845sdm450_firmwaresdm632sdm439sdm429msm8940_firmwaresm6150msm8909w_firmwaresdm429w_firmwareapq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaremdm9206sdm670_firmwaresdm636sda845_firmwareapq8098mdm9206_firmwaremsm8939qcs605msm8937_firmwaresdm429_firmwaremsm8905_firmwaresda660sxr1130_firmwareapq8064_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarmsm8920msm8953sdm450sdm636_firmwareapq8064apq8098_firmwaresdx20sdm660msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwaresdm710qm215mdm9607apq8017_firmwaresdm710_firmwaremsm8939_firmwaremsm8937mdm9207c_firmwaremsm8996_firmwaremsm8905mdm9207csm8150_firmwaremsm8909sxr2130_firmwareapq8096ausdm439_firmwaresdm630_firmwaresda660_firmwareqm215_firmwaremsm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250sm8150sdx20_firmwareapq8017msm8996nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-2283
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.31% / 53.95%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 17:11
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper validation of read and write index of tx and rx fifo`s before calculating pointer can lead to out-of-bound access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632mdm9640_firmwaresd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdx24sdm439mdm9650sd_636msm8909w_firmwaremsm8996ausd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_425_firmwaresdx24_firmwaresd_625_firmwaresd_450sd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sd_210_firmwaremsm8909wsd_205_firmwaresd_212sd_427_firmwaresd_712sd_855sd_730_firmwarequalcomm_215sdx20sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_710_firmwaresdm630sd_625sd_820_firmwaresd_210mdm9607sd_636_firmwaresd_439_firmwarequalcomm_215_firmwaremdm9150sd_429_firmwaresd_730sd_212_firmwaresd_850_firmwaresd_855_firmwaresdm439_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_430sd_427sd_670sd_435_firmwaresdx20_firmwaresd_710sd_205sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-2253
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.37% / 58.31%
||
7 Day CHG~0.00%
Published-25 Jul, 2019 | 16:33
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer over-read can occur while parsing an ogg file with a corrupted comment block. in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850mdm9150_firmwaresd_632sd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdm439mdm9650sd_636sd_615_firmwaremsm8909w_firmwaremsm8996ausd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_425_firmwaresd_665sd_625_firmwaresd_450sd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835sda660sd_210_firmwaresd_600sd_415_firmwaremsm8909wsd_665_firmwaresd_616_firmwaresd_205_firmwaresd_415sd_212sd_427_firmwaresd_712sd_855sd_730_firmwarequalcomm_215sdx20sd_616sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_615sd_710_firmwaresdm630qcs405sd_625sd_820_firmwaresd_210mdm9607sd_636_firmwaresd_439_firmwarequalcomm_215_firmwaremdm9150sd_429_firmwaresd_730sd_212_firmwaresd_850_firmwaresdm439_firmwareqcs405_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_430sd_427sd_670sd_435_firmwaresdx20_firmwaresd_710sd_600_firmwaresd_205sdm660_firmwaresd_855_firmwareSnapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-2273
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.24% / 47.48%
||
7 Day CHG~0.00%
Published-25 Jul, 2019 | 16:33
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IOMMU page fault while playing h265 video file leads to denial of service issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 650/52, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 845 / SD 850, SD 855, SD 8CX, SDM439, Snapdragon_High_Med_2016, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_427_firmwaresd_712sd_850sd_855sd_730_firmwarequalcomm_215sd_675sd_439sd_670_firmwaresd_425sd_429sd_430_firmwaresd_710_firmwaresd_435sd_650_firmwaresdm439sd_625snapdragon_high_med_2016_firmwaremsm8909w_firmwaresd_210sd_820_firmwaresd_820sd_650sd_450_firmwaresd_845_firmwaresd_439_firmwarequalcomm_215_firmwareqcs605_firmwaresd_429_firmwaresd_675_firmwaresd_652sd_425_firmwaresd_730sd_212_firmwaresd_665sd_850_firmwaresnapdragon_high_med_2016sd_625_firmwaresd_450sdm439_firmwaresd_712_firmwaresd_8cx_firmwaresd_845sd_8cxsd_427qcs605sd_430sd_670sd_435_firmwaresd_710sd_205sxr1130_firmwaresd_210_firmwaresd_652_firmwaresxr1130msm8909wsd_665_firmwaresd_205_firmwaresd_212sd_855_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-10622
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.18% / 38.98%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-04 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound memory access can happen while parsing ADSP message due to lack of check of size of payload received from userspace in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8096AU, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, QCN7605, QCS605, SC8180X, SDM710, SDX24, SDX55, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaresdx24mdm9607_firmwaresm8250_firmwaremdm9650sc8180x_firmwareipq8074_firmwaresdm710mdm9607sdm710_firmwareapq8009_firmwareqcn7605_firmwaresxr2130qcs605_firmwareipq4019_firmwaremdm9207c_firmwaresc8180xipq6018mdm9206mdm9207csm8150_firmwaresdx24_firmwaresxr2130_firmwareipq8074apq8096auqcn7605ipq6018_firmwaremdm9206_firmwareqcs605ipq4019sdx55apq8096au_firmwaresm8250mdm9650_firmwaresm8150ipq8064sdx55_firmwareapq8009ipq8064_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-10574
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.1||HIGH
EPSS-0.06% / 18.20%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of boundary checks for data offsets received from HLOS can lead to out-of-bound read in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8016, APQ8017, APQ8053, APQ8076, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, QCM2150, QCS605, QM215, Rennell, SC7180, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwareapq8096_firmwaremdm9640_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632apq8096sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwareapq8076mdm9206sdm670_firmwareapq8076_firmwaresdm636sda845_firmwareapq8098mdm9205mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845sdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaremsm8998_firmwareqcm2150apq8016_firmwaresdm630mdm9607_firmwaremsm8920_firmwaremdm9655_firmwaresdm660sdm710qm215sc7180_firmwaremdm9607apq8017_firmwaresdm710_firmwaremdm9150msm8937mdm9207c_firmwaremsm8996_firmwaremsm8905mdm9207csm8150_firmwaremsm8909sxr2130_firmwaremdm9655apq8096ausdm439_firmwarerennellsc7180sdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwareapq8016qm215_firmwaremsm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaremsm8998sm8150sdm850apq8017msm8996sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-10553
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.22% / 44.25%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple Read overflows due to improper length checks while decoding authentication in Cs domain/RAU Reject and TC cmd in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9635m_firmwareapq8096_firmwaremdm9640_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632apq8096sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996aumdm9645sdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670qcs605_firmwaresc8180xmdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwaremdm9635mapq8098mdm9615mdm9205mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresdm660mdm9655_firmwaresc8180x_firmwaresdm710qm215mdm9607mdm9645_firmwareapq8017_firmwaremdm9625_firmwaresdm710_firmwaremdm9150msm8937msm8905sm8150_firmwaremsm8909mdm9655apq8096ausdm439_firmwarerennellsdm630_firmwaremdm9205_firmwaresda660_firmwaremdm9625rennell_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaremdm9615_firmwaremsm8998sm8150sdx20_firmwaresdm850apq8017nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-10487
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.40% / 59.83%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 05:25
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer over read can happen while parsing SMS OTA messages at transport layer if network sends un-intended values in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9635m_firmwareapq8096_firmwaremdm9640_firmwareqcm2150_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632apq8096sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996aumdm9645sm7150apq8009_firmwaremsm8917sdm670qcs605_firmwaresc8180xmdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwaremdm9635mapq8098mdm9615mdm9205mdm9206_firmwaremsm8939qcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresdm660mdm9655_firmwaresc8180x_firmwaresdm710qm215mdm9607mdm9645_firmwareapq8017_firmwaremdm9625_firmwaresdm710_firmwaremsm8939_firmwaremdm9150msm8937msm8905sm8150_firmwaremsm8909mdm9655apq8096ausdm439_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwaremdm9625qm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaremdm9615_firmwaremsm8998sm8150sdx20_firmwaresdm850apq8017nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-10610
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.1||CRITICAL
EPSS-0.24% / 46.62%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-04 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer over read when trying to process SDP message Video media line with frame-size attribute in video Media line in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8076, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9635m_firmwareapq8096_firmwaremdm9640_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632apq8096sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996aumdm9645sdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670qcs605_firmwareapq8076sc8180xmdm9206sdm670_firmwaresdx24_firmwareapq8076_firmwaresdm636sda845_firmwaremdm9635mapq8098mdm9615mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresdm660mdm9655_firmwaresc8180x_firmwaresdm710qm215sc7180_firmwaremdm9607mdm9645_firmwareapq8017_firmwaremdm9625_firmwaresdm710_firmwaremdm9150msm8937msm8905sm8150_firmwaremsm8909mdm9655apq8096ausdm439_firmwarerennellsc7180sdm630_firmwaresda660_firmwaremdm9625rennell_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaremdm9615_firmwaremsm8998sm8150sdx20_firmwaresdm850apq8017nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-10542
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.34% / 56.00%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 17:11
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer over-read may occur when downloading a corrupted firmware file that has chunk length in header which doesn`t match the contents in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9615, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 625, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 845 / SD 850, SDX20

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_427_firmwaresd_712qca9377_firmwaresd_850mdm9150_firmwaremdm9640_firmwaresd_820amsm8996au_firmwaresdx20sd_670_firmwaresd_425sd_430_firmwaremdm9607_firmwaresd_435mdm9650sd_710_firmwaresd_625qca6574ausd_210mdm9607msm8996ausd_820_firmwaresd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwaremdm9150mdm9206qca6174a_firmwareqca6174aqca9379_firmwaresd_212_firmwaresd_425_firmwaresd_850_firmwaresd_625_firmwaresd_450qca9377sd_712_firmwaremdm9615sd_845mdm9206_firmwaresd_427sd_430sd_670sd_435_firmwaremdm9615_firmwaremdm9650_firmwaresd_710sdx20_firmwaresd_600_firmwaresd_205qca6574au_firmwaresd_210_firmwaresd_600qca9379sd_205_firmwaresd_212mdm9640Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-10584
Matching Score-6
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-6
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.82%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 05:25
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possibility of out of bound access in debug queue, if packet size field is corrupted in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCN7605, QCS405, QCS605, QM215, SA6155P, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaremdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwareapq8098qcn7605mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009apq8053_firmwaresda845nicobarsa6155p_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwareqcs405sdm710qm215mdm9607apq8017_firmwaresdm710_firmwareqcn7605_firmwaresa6155pmsm8937mdm9207c_firmwaremdm9207csm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwaresdm630_firmwaresda660_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250msm8998sm8150sdx20_firmwareapq8017nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 7
  • 8
  • Next
Details not found