Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-27071

Summary
Assigner-qualcomm
Assigner Org ID-2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At-06 Aug, 2025 | 07:26
Updated At-06 Aug, 2025 | 13:35
Rejected At-
Credits

Buffer Copy Without Checking Size of Input in Powerline Communication Firmware

Memory corruption while processing specific files in Powerline Communication Firmware.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:qualcomm
Assigner Org ID:2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At:06 Aug, 2025 | 07:26
Updated At:06 Aug, 2025 | 13:35
Rejected At:
â–¼CVE Numbering Authority (CNA)
Buffer Copy Without Checking Size of Input in Powerline Communication Firmware

Memory corruption while processing specific files in Powerline Communication Firmware.

Affected Products
Vendor
Qualcomm Technologies, Inc.Qualcomm, Inc.
Product
Snapdragon
Platforms
  • Snapdragon Compute
  • Snapdragon Mobile
  • Snapdragon Wearables
Default Status
unaffected
Versions
Affected
  • FastConnect 6800
  • FastConnect 6900
  • FastConnect 7800
  • QCA6391
  • QCA6426
  • QCA6436
  • QSM8250
  • SD865 5G
  • SDM429W
  • SDX55
  • Snapdragon 429 Mobile Platform
  • Snapdragon 8 Gen 1 Mobile Platform
  • Snapdragon 865 5G Mobile Platform
  • Snapdragon 865+ 5G Mobile Platform (SM8250-AB)
  • Snapdragon 870 5G Mobile Platform (SM8250-AC)
  • Snapdragon W5+ Gen 1 Wearable Platform
  • Snapdragon X55 5G Modem-RF System
  • Snapdragon XR2 5G Platform
  • SW5100
  • SW5100P
  • SXR2130
  • SXR2230P
  • SXR2250P
  • WCD9380
  • WCD9385
  • WCN3620
  • WCN3660B
  • WCN3980
  • WCN3988
  • WSA8810
  • WSA8815
  • WSA8830
  • WSA8832
  • WSA8835
Problem Types
TypeCWE IDDescription
CWECWE-120CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')
Type: CWE
CWE ID: CWE-120
Description: CWE-120 Buffer Copy Without Checking Size of Input ('Classic Buffer Overflow')
Metrics
VersionBase scoreBase severityVector
3.17.3HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Version: 3.1
Base score: 7.3
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2025-bulletin.html
N/A
Hyperlink: https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2025-bulletin.html
Resource: N/A
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:product-security@qualcomm.com
Published At:06 Aug, 2025 | 08:15
Updated At:19 Aug, 2025 | 13:12

Memory corruption while processing specific files in Powerline Communication Firmware.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.3HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Primary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 7.3
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Type: Primary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Qualcomm Technologies, Inc.
qualcomm
>>fastconnect_6800_firmware>>-
cpe:2.3:o:qualcomm:fastconnect_6800_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>fastconnect_6800>>-
cpe:2.3:h:qualcomm:fastconnect_6800:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>fastconnect_6900_firmware>>-
cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>fastconnect_6900>>-
cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>fastconnect_7800_firmware>>-
cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>fastconnect_7800>>-
cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6391_firmware>>-
cpe:2.3:o:qualcomm:qca6391_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6391>>-
cpe:2.3:h:qualcomm:qca6391:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6426_firmware>>-
cpe:2.3:o:qualcomm:qca6426_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6426>>-
cpe:2.3:h:qualcomm:qca6426:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6436_firmware>>-
cpe:2.3:o:qualcomm:qca6436_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca6436>>-
cpe:2.3:h:qualcomm:qca6436:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qsm8250_firmware>>-
cpe:2.3:o:qualcomm:qsm8250_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qsm8250>>-
cpe:2.3:h:qualcomm:qsm8250:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd865_5g_firmware>>-
cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd865_5g>>-
cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm429w_firmware>>-
cpe:2.3:o:qualcomm:sdm429w_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdm429w>>-
cpe:2.3:h:qualcomm:sdm429w:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdx55_firmware>>-
cpe:2.3:o:qualcomm:sdx55_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sdx55>>-
cpe:2.3:h:qualcomm:sdx55:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>snapdragon_429_mobile_platform_firmware>>-
cpe:2.3:o:qualcomm:snapdragon_429_mobile_platform_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>snapdragon_429_mobile_platform>>-
cpe:2.3:h:qualcomm:snapdragon_429_mobile_platform:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>snapdragon_8_gen_1_mobile_platform_firmware>>-
cpe:2.3:o:qualcomm:snapdragon_8_gen_1_mobile_platform_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>snapdragon_8_gen_1_mobile_platform>>-
cpe:2.3:h:qualcomm:snapdragon_8_gen_1_mobile_platform:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>snapdragon_865_5g_mobile_platform_firmware>>-
cpe:2.3:o:qualcomm:snapdragon_865_5g_mobile_platform_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>snapdragon_865_5g_mobile_platform>>-
cpe:2.3:h:qualcomm:snapdragon_865_5g_mobile_platform:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>snapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)_firmware>>-
cpe:2.3:o:qualcomm:snapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>snapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)>>-
cpe:2.3:h:qualcomm:snapdragon_865\+_5g_mobile_platform_\(sm8250-ab\):-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>snapdragon_870_5g_mobile_platform_\(sm8250-ac\)_firmware>>-
cpe:2.3:o:qualcomm:snapdragon_870_5g_mobile_platform_\(sm8250-ac\)_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>snapdragon_870_5g_mobile_platform_\(sm8250-ac\)>>-
cpe:2.3:h:qualcomm:snapdragon_870_5g_mobile_platform_\(sm8250-ac\):-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>snapdragon_w5\+_gen_1_wearable_platform_firmware>>-
cpe:2.3:o:qualcomm:snapdragon_w5\+_gen_1_wearable_platform_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>snapdragon_w5\+_gen_1_wearable_platform>>-
cpe:2.3:h:qualcomm:snapdragon_w5\+_gen_1_wearable_platform:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>snapdragon_x55_5g_modem-rf_system_firmware>>-
cpe:2.3:o:qualcomm:snapdragon_x55_5g_modem-rf_system_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>snapdragon_x55_5g_modem-rf_system>>-
cpe:2.3:h:qualcomm:snapdragon_x55_5g_modem-rf_system:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>snapdragon_xr2_5g_platform_firmware>>-
cpe:2.3:o:qualcomm:snapdragon_xr2_5g_platform_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>snapdragon_xr2_5g_platform>>-
cpe:2.3:h:qualcomm:snapdragon_xr2_5g_platform:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sw5100_firmware>>-
cpe:2.3:o:qualcomm:sw5100_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sw5100>>-
cpe:2.3:h:qualcomm:sw5100:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sw5100p_firmware>>-
cpe:2.3:o:qualcomm:sw5100p_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sw5100p>>-
cpe:2.3:h:qualcomm:sw5100p:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sxr2130_firmware>>-
cpe:2.3:o:qualcomm:sxr2130_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sxr2130>>-
cpe:2.3:h:qualcomm:sxr2130:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sxr2230p_firmware>>-
cpe:2.3:o:qualcomm:sxr2230p_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sxr2230p>>-
cpe:2.3:h:qualcomm:sxr2230p:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sxr2250p_firmware>>-
cpe:2.3:o:qualcomm:sxr2250p_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sxr2250p>>-
cpe:2.3:h:qualcomm:sxr2250p:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wcd9380_firmware>>-
cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wcd9380>>-
cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wcd9385_firmware>>-
cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wcd9385>>-
cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-120Primaryproduct-security@qualcomm.com
CWE ID: CWE-120
Type: Primary
Source: product-security@qualcomm.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2025-bulletin.htmlproduct-security@qualcomm.com
Vendor Advisory
Hyperlink: https://docs.qualcomm.com/product/publicresources/securitybulletin/august-2025-bulletin.html
Source: product-security@qualcomm.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

1404Records found
CVE-2019-14006
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.36% / 57.38%
||
7 Day CHG~0.00%
Published-21 Jan, 2020 | 06:30
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow occur while playing the clip which is nonstandard due to lack of offset length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, Nicobar, QCS605, QM215, Rennell, SA6155P, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdm439sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaremdm9206sdm670_firmwaresdm636sda845_firmwareapq8098mdm9206_firmwaremsm8939qcs605msm8937_firmwaresdm429_firmwaremsm8905_firmwaresda660apq8064_firmwaremsm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarsa6155p_firmwaremsm8920msm8953sdm450sdm636_firmwareapq8064apq8098_firmwaresdx20sdm660msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwaresdm710qm215mdm9607apq8017_firmwaresdm710_firmwaremsm8939_firmwaresa6155pmsm8937mdm9207c_firmwaremsm8996_firmwaremsm8905mdm9207csm8150_firmwaremsm8909sxr2130_firmwareapq8096ausdm439_firmwarerennellsdm630_firmwaresda660_firmwarerennell_firmwareqm215_firmwaremsm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250sm8150sdx20_firmwareapq8017msm8996nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-11076
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.8||HIGH
EPSS-0.21% / 42.93%
||
7 Day CHG~0.00%
Published-26 Nov, 2024 | 08:55
Updated-09 Jan, 2025 | 21:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use of Out-of-range Pointer Offset in Video

On some hardware revisions where VP9 decoding is hardware-accelerated, the frame size is not programmed correctly into the decoder hardware which can lead to an invalid memory access by the decoder.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_615sd_820sdm632_firmwaremsm8909w_firmwaresd_210_firmwaresd_625sd_616_firmwaresdm632sd_810sdm636_firmwaresdm710_firmwaresd_450sd_820asd_425sd_210sdm439_firmwaresd_625_firmwaresd_415_firmwaresd_205msm8996au_firmwaresdm660_firmwaresnapdragon_high_med_2016_firmwaresd_435_firmwaresd_427_firmwaresdm710sd_820_firmwaresd_835sdm429sd_616sd_810_firmwaresdm630sd_845sd_435sd_212_firmwaresnapdragon_high_med_2016sdm429_firmwaresd_820a_firmwaresd_835_firmwaresd_450_firmwaresd_427sdm660sd_205_firmwaremsm8996ausd_212sd_425_firmwaresdm630_firmwaremsm8909wsdm439sd_415sdm636sd_430sd_615_firmwaresd_430_firmwaresd_845_firmwareSnapdragon
CWE ID-CWE-823
Use of Out-of-range Pointer Offset
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2019-10572
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.36% / 57.84%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 05:25
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper check in video driver while processing data from video firmware can lead to integer overflow and then buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCS405, QCS605, QM215, SA6155P, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausm7150apq8009_firmwaremsm8917sdm670qcs605_firmwaremdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwareapq8098mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009apq8053_firmwaresda845nicobarsa6155p_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660msm8920_firmwaresdm630mdm9607_firmwareqcs405sdm710qm215mdm9607apq8017_firmwaresdm710_firmwaresa6155pmsm8937mdm9207c_firmwaremsm8905mdm9207csm8150_firmwareapq8096ausdm439_firmwareqcs405_firmwaresdm630_firmwaresda660_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaremsm8998sm8150sdx20_firmwareapq8017nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-10612
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.36% / 57.38%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-04 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

UTCB object has a function pointer called by the reaper to deallocate its memory resources and this address can potentially be corrupted by stack overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in MDM9205, MDM9650, QCS605, SA6155P, SC8180X, SDA845, SDM670, SDM710, SDM845, SDM850, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm850_firmwaresa6155p_firmwaresdm845sm8250_firmwaremdm9650sc8180x_firmwaresm7150_firmwaresdm710sm6150sdm710_firmwaresm7150sa6155psdm670sxr2130sc8180xqcs605_firmwaresdm670_firmwaresm8150_firmwaresxr2130_firmwaresda845_firmwaremdm9205_firmwaremdm9205qcs605sdx55sm6150_firmwaresm8250mdm9650_firmwaresm8150sdm850sxr1130_firmwaresdx55_firmwaresxr1130sda845sdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-10587
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.36% / 57.38%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible Stack overflow can occur when processing a large SDP body or non standard SDP body without right delimiters in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9635m_firmwareapq8096_firmwaremdm9640_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632apq8096sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996aumdm9645sdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670qcs605_firmwaresc8180xmdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwaremdm9635mapq8098mdm9615mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresdm660mdm9655_firmwaresc8180x_firmwaresdm710qm215mdm9607mdm9645_firmwareapq8017_firmwaremdm9625_firmwaresdm710_firmwaremdm9150msm8937msm8905sm8150_firmwaremsm8909mdm9655apq8096ausdm439_firmwarerennellsdm630_firmwaresda660_firmwaremdm9625rennell_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaremdm9615_firmwaremsm8998sm8150sdx20_firmwaresdm850apq8017nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-22088
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.89% / 75.00%
||
7 Day CHG+0.11%
Published-06 Jan, 2023 | 04:42
Updated-09 Apr, 2025 | 19:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Integer Overflow to Buffer Overflow in Bluetooth HOST

Memory corruption in Bluetooth HOST due to buffer overflow while parsing the command response received from remote

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa6150p_firmwaresm6250p_firmwareqcs610qca6431_firmwarewcn3950_firmwaresa8150p_firmwareqcs2290qca6595au_firmwaresa6155qca6335csra6620_firmwareapq8076sd_675_firmwarecsra6640_firmwareqcs6125_firmwaremsm8108sm4375wcn3998msm8108_firmwarewcn3950sm4125sd720gsd_8_gen1_5g_firmwarewcn3660bsd460_firmwaresm7315_firmwarewcn7850qca6574au_firmwarewcd9375_firmwarewcn3998_firmwaresa6155_firmwaremsm8909wapq8009w_firmwareqca6420sd680_firmwareqrb5165_firmwareqrb5165m_firmwareqcs6125apq8056_firmwaresa8155_firmwaresd662_firmwareqcs405qca6430wcd9340sd626_firmwarequalcomm215_firmwaresd765gsw5100qca6436sd680wcn6851sa6155pwcn7851_firmwareapq8052msm8209_firmwarewcd9341qca6431qca6696_firmwaresd750gsd870_firmwarewcn3910_firmwaresxr2150p_firmwaresa8150pwsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwarewcn3988sd660_firmwarewcn7850_firmwaresa8195p_firmwaremsm8208_firmwaresm8475qcn7606_firmwarewcn6750_firmwarewcn3610msm8608wcn3991wcd9380_firmwaresdm429wmsm8996au_firmwaresw5100psd625_firmwareqca6564ausdx55m_firmwarewcn6856_firmwaremsm8976_firmwareqca6574wcd9380qualcomm215qcs410sd690_5g_firmwaresdx50m_firmwareqca6430_firmwareqcn9012_firmwaresd626wcd9335_firmwarewcn3980qca6335_firmwarewcd9340_firmwarewsa8815wcn6850wcn3910msm8956_firmwareqca6320qca6426_firmwarewcn3660b_firmwarewcn3680sd695sd835wcn3980_firmwaresd730sdx55mqcc5100_firmwareqca6421_firmwarewcn6740_firmwaresd678_firmwarear8031_firmwarewcn3680_firmwareqrb5165wcn6851_firmwareqca6564a_firmwareapq8009wmsm8976sg_firmwareqcm4290_firmwaresd480sd870wcn6855sw5100p_firmwaresd210_firmwareqcs610_firmwaresa6145psd695_firmwaresdxr1apq8096auar8031qcs405_firmwaresa8145pqca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55sd888_firmwaresa8155pcsra6640sd675sxr2150pqcm2290qcn7606wcn3991_firmwarewsa8830sd678sa8145p_firmwareqcs2290_firmwarecsra6620qcs4290sd765g_firmwareqca6420_firmwareqca6390_firmwareapq8009_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwaresd625qca6426qca6584au_firmwareapq8076_firmwareqrb5165n_firmwarewcn3990_firmwaresdw2500_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwaresd662qcn9011_firmwaresa8155qca6320_firmwarewcn3680b_firmwaresdx55_firmwareqca6595auwcn3615sm7250p_firmwarewcn3610_firmwareqca6436_firmwareqrb5165nqca6564au_firmwareqca6584ausa6155p_firmwareqca6310msm8208sd778gwcn7851qcs6490sd429sdxr2_5gmsm8976sgwcn3988_firmwareqcn9074sa6145p_firmwaresd205qca6421sd429_firmwaresd778g_firmwaresm6250sa8195pwsa8810_firmwaresm4375_firmwaresd765_firmwarewcd9326wcd9335qcs4290_firmwarewcd9385qcs6490_firmwareqca6390wcd9375sd750g_firmwareaqt1000msm8956msm8976sm6250_firmwaremsm8952apq8056sd210wcn3620_firmwareqcm6490sd888_5g_firmwarewcn6850_firmwarewcn3620wsa8815_firmwarewsa8835_firmwareqca6564aqcm6125_firmwareqcm2290_firmwarewcn3990sd_675sd780gsd865_5gqcc5100qcn9012sd888msm8952_firmwaremsm8909w_firmwarewsa8835msm8996ausdm429w_firmwaresd665_firmwaresd888_5gsm6250pqca6574awcn6855_firmwaresm7325pqca6310_firmwarewcn6750apq8052_firmwareqca6574_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665sd765qca6574a_firmwaresd768g_firmwaremsm8209qrb5165msm7315apq8009qca6391sd460sdxr1_firmwareaqt1000_firmwareqcm4290qcm6490_firmwaresdx50msd480_firmwareqcn9011qca6574ausa8155p_firmwaresd205_firmwarewcd9341_firmwareqcm6125wsa8810wcn6856wcn3680bsd835_firmwaresd768gwcn6740qca6696sd845_firmwaremsm8608_firmwaresa6150psdw2500apq8096au_firmwaresd845sm7250psd720g_firmwaresw5100_firmwareqcn9074_firmwareqcs410_firmwareSnapdragon
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-10611
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.43% / 61.86%
||
7 Day CHG~0.00%
Published-21 Jan, 2020 | 06:30
Updated-04 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow can occur while processing clip due to lack of check of object size before parsing in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, Nicobar, QCS605, QM215, SA6155P, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm429wsdm632_firmwaresdm845sdm450_firmwaresdm632sdm439sdm429msm8940_firmwaresm6150msm8909w_firmwaresdm429w_firmwareapq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaremdm9206sdm670_firmwaresda845_firmwareapq8098mdm9206_firmwaremsm8939qcs605msm8937_firmwaresdm429_firmwaremsm8905_firmwaresda660sxr1130_firmwareapq8064_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarsa6155p_firmwaremsm8920msm8953sdm450apq8064apq8098_firmwaresdx20sdm660msm8920_firmwaremdm9607_firmwaresm8250_firmwaresdm710qm215mdm9607apq8017_firmwaresdm710_firmwaremsm8939_firmwaresa6155pmsm8937mdm9207c_firmwaremsm8996_firmwaremsm8905mdm9207csm8150_firmwaremsm8909sxr2130_firmwareapq8096ausdm439_firmwaresda660_firmwareqm215_firmwaremsm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250sm8150sdx20_firmwareapq8017msm8996nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2019-10614
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.29% / 52.34%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 05:25
Updated-04 Aug, 2024 | 22:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of boundary access is possible as there is no validation of data accessed against the received size of the packet in case of malicious firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCN7605, QCS405, QCS605, QM215, SA6155P, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaremdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwareapq8098qcn7605mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009apq8053_firmwaresda845nicobarsa6155p_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwareqcs405sdm710qm215mdm9607apq8017_firmwaresdm710_firmwareqcn7605_firmwaresa6155pmsm8937mdm9207c_firmwaremdm9207csm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwaresdm630_firmwaresda660_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250msm8998sm8150sdx20_firmwareapq8017nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-10559
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.32% / 54.34%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 08:30
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Accessing data buffer beyond the available data while parsing ogg clip can lead to null-pointer dereference and then memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8939, MSM8953, MSM8996, MSM8996AU, Nicobar, QCS405, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-msm891_firmwaresdm632_firmwaremsm8996au_firmwaresdm450_firmwaresdm632sdm439sdm429sm7150_firmwaresm6150msm8909w_firmwaremsm8996ausm7150apq8009_firmwaresxr2130qcs605_firmwaremdm9206sdm636sda845_firmwareapq8098mdm9206_firmwaremsm8939qcs605sdm429_firmwaremsm8905_firmwaresda660sxr1130_firmwareapq8064_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarmsm8953sdm450apq8064sdm636_firmwareapq8098_firmwaresdx20sdm660sdm630mdm9607_firmwaresm8250_firmwareqcs405qm215mdm9607apq8017_firmwaremsm8939_firmwaremdm9207c_firmwaremsm8996_firmwaremsm8905mdm9207csm8150_firmwaremsm8909sxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwaresdm630_firmwaresda660_firmwareqm215_firmwaremsm8953_firmwareapq8053apq8096au_firmwaresm6150_firmwaresm8250sm8150sdx20_firmwareapq8017msm8996nicobar_firmwaresdm660_firmwaremsm891Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2019-10581
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.39% / 59.32%
||
7 Day CHG~0.00%
Published-21 Jan, 2020 | 06:30
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NULL is assigned to local instance of audio device pointer after free instead of global static pointer and can lead to use after free issue in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, MDM9206, MDM9207C, MDM9607, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8998, Nicobar, QCS605, Rennell, SA6155P, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-msm8920sa6155p_firmwaresdm636_firmwaresdm845msm8998_firmwaresdm660msm8920_firmwaresdm630mdm9607_firmwaresdx24sm8250_firmwaremsm8940_firmwaresm7150_firmwaresdm710msm8909w_firmwaremdm9607sm6150sdm710_firmwareapq8009sm7150apq8009_firmwaremsm8917sa6155psdm670sxr2130msm8937mdm9207c_firmwareqcs605_firmwaremdm9206mdm9207csdm670_firmwaresm8150_firmwaresdx24_firmwaresxr2130_firmwaresdm636rennellsdm630_firmwarerennell_firmwaremdm9206_firmwareqcs605sdx55msm8940apq8053sm6150_firmwaresm8250msm8917_firmwaremsm8937_firmwaremsm8998sm8150sdx55_firmwarenicobar_firmwaremsm8909wapq8053_firmwaresdm660_firmwarenicobarsdm845_firmwareSnapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2019-10557
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 55.48%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 05:25
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bound read in the wireless driver in the Linux kernel due to lack of check of buffer length. in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8009, APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDX20, SDX55, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresdm636_firmwaremsm8996au_firmwaresdx20sdm660sdm630mdm9607_firmwaremdm9650qca6574aumdm9607msm8996auapq8017_firmwareapq8009_firmwareqcn7605_firmwareqcs605_firmwaremdm9207c_firmwaremdm9206mdm9207cqca6174a_firmwareqca6174aqca9379_firmwareapq8096ausdm636sda845_firmwareqca9377sdm630_firmwaresda660_firmwareqcn7605mdm9206_firmwareqcs605sdx55apq8053apq8096au_firmwaremdm9650_firmwaresdx20_firmwareqca6574au_firmwaresda660sdx55_firmwaresxr1130_firmwareapq8017sxr1130apq8009qca9379apq8053_firmwaresdm660_firmwaresda845Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-10594
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.36% / 57.38%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack overflow can occur when SDP is received with multiple payload types in the FMTP attribute of a video M line in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8076, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9635m_firmwareapq8096_firmwaremdm9640_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632apq8096sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996aumdm9645sdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670qcs605_firmwareapq8076sc8180xmdm9206sdm670_firmwaresdx24_firmwareapq8076_firmwaresdm636sda845_firmwaremdm9635mapq8098mdm9615mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresdm660mdm9655_firmwaresc8180x_firmwaresdm710qm215mdm9607mdm9645_firmwareapq8017_firmwaremdm9625_firmwaresdm710_firmwaremdm9150msm8937msm8905sm8150_firmwaremsm8909mdm9655apq8096ausdm439_firmwarerennellsdm630_firmwaresda660_firmwaremdm9625rennell_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaremdm9615_firmwaremsm8998sm8150sdx20_firmwaresdm850apq8017nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-129
Improper Validation of Array Index
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-10609
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.31% / 53.96%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-04 Aug, 2024 | 22:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound write can happen due to lack of check of array index value while calculating it. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8076, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9635m_firmwareapq8096_firmwaremdm9640_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632apq8096sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996aumdm9645sdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670qcs605_firmwareapq8076sc8180xmdm9206sdm670_firmwaresdx24_firmwareapq8076_firmwaresdm636sda845_firmwaremdm9635mapq8098mdm9615mdm9205mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresdm660mdm9655_firmwaresc8180x_firmwaresdm710qm215sc7180_firmwaremdm9607mdm9645_firmwareapq8017_firmwaresdm710_firmwaremdm9150msm8937msm8905sm8150_firmwaremsm8909mdm9655apq8096ausdm439_firmwarerennellsc7180sdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaremdm9615_firmwaremsm8998sm8150sdx20_firmwaresdm850apq8017nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-10565
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.32% / 54.81%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 17:11
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Double free issue can happen when sensor power settings is freed by some thread while another thread try to access. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8053, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909, MSM8909W, QCN7605, QCS405, QCS605, SDM845, SDX24, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9206msm8905mdm9207cmsm8909sdx24_firmwareqcs405_firmwaresdm845qcn7605sdx24mdm9206_firmwaremdm9607_firmwareqcs605qcs405apq8053msm8909w_firmwaremdm9607msm8905_firmwaresxr1130_firmwareqcn7605_firmwaresxr1130msm8909wmsm8909_firmwareapq8053_firmwareqcs605_firmwaremdm9207c_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-415
Double Free
CVE-2019-10588
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.36% / 57.38%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Copying RTCP messages into the output buffer without checking the destination buffer size which could lead to a remote stack overflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8076, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, QCM2150, QCS605, QM215, Rennell, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9635m_firmwareapq8096_firmwaremdm9640_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632apq8096sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996aumdm9645sdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670qcs605_firmwareapq8076sc8180xmdm9206sdm670_firmwaresdx24_firmwareapq8076_firmwaresdm636sda845_firmwaremdm9635mapq8098mdm9615mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845sdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresdm660mdm9655_firmwaresc8180x_firmwaresdm710qm215sc7180_firmwaremdm9607mdm9645_firmwareapq8017_firmwaremdm9625_firmwaresdm710_firmwaremdm9150msm8937msm8905sm8150_firmwaremsm8909mdm9655apq8096ausdm439_firmwarerennellsc7180sdm630_firmwaresda660_firmwaremdm9625rennell_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaremdm9615_firmwaremsm8998sm8150sdx20_firmwaresdm850apq8017sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-10590
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.40% / 59.83%
||
7 Day CHG~0.00%
Published-07 Feb, 2020 | 05:00
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound access while parsing dts atom, which is non-standard as it does not have valid number of tracks in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCS405, QCS605, QM215, Rennell, SA6155P, Saipan, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdm439sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaremdm9206sdm670_firmwaresdm636sda845_firmwareapq8098mdm9206_firmwaremsm8939qcs605msm8937_firmwaresdm429_firmwaremsm8905_firmwaresda660sxr1130_firmwareapq8064_firmwaresxr1130msm8909wapq8009apq8053_firmwaresda845nicobarsa6155p_firmwaremsm8920msm8953sdm450sdm636_firmwareapq8064apq8098_firmwaresdx20msm8998_firmwaresdm660msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwareqcs405sdm710qm215mdm9607apq8017_firmwaresdm710_firmwaremsm8939_firmwaresa6155pmsm8937mdm9207c_firmwaremsm8996_firmwaremsm8905mdm9207csm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwarerennellsdm630_firmwaresda660_firmwarerennell_firmwareqm215_firmwaremsm8953_firmwaremsm8940saipan_firmwaresm6150_firmwareapq8053msm8917_firmwareapq8096au_firmwaremsm8998sm8150sdx20_firmwaresm8250apq8017msm8996saipannicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2019-10541
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.30% / 53.01%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 17:11
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dereference on uninitialized buffer can happen when parsing FLV clip with corrupted codec specific data in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MSM8909W, MSM8996AU, QCA6574AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 600, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_632sd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdm439sd_636msm8909w_firmwaremsm8996ausd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_425_firmwaresd_665sd_625_firmwaresd_450sd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaresd_835qca6574au_firmwaresda660sd_210_firmwaresd_600msm8909wsd_665_firmwaresd_205_firmwaresd_212sd_712sd_855sd_730_firmwarequalcomm_215sdx20sd_425sdm660sdm630mdm9607_firmwaresd_710_firmwareqcs405sd_625qca6574ausd_210mdm9607sd_636_firmwaresd_820_firmwaresd_439_firmwarequalcomm_215_firmwaresd_429_firmwaresd_730sd_212_firmwaresd_850_firmwaresdm439_firmwareqcs405_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_670sd_710sdx20_firmwaresd_600_firmwaresd_205sdm660_firmwaresd_855_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-908
Use of Uninitialized Resource
CVE-2019-10500
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.36% / 57.38%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 05:25
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While processing MT Secondary PDP request, Buffer overflow will happen due to incorrect calculation of buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9635m_firmwareapq8096_firmwaremdm9640_firmwareqcm2150_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632apq8096sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996aumdm9645sm7150apq8009_firmwaremsm8917sdm670qcs605_firmwaresc8180xmdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwaremdm9635mapq8098mdm9205mdm9206_firmwaremsm8939qcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresdm660mdm9655_firmwaresc8180x_firmwaresdm710qm215mdm9607mdm9645_firmwareapq8017_firmwaremdm9625_firmwaresdm710_firmwaremsm8939_firmwaremdm9150msm8937msm8905sm8150_firmwaremsm8909mdm9655apq8096ausdm439_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwaremdm9625qm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaremsm8998sm8150sdx20_firmwaresdm850apq8017nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-131
Incorrect Calculation of Buffer Size
CVE-2019-10533
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.25% / 48.14%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 17:11
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound access due to improper validation of array index cause the index table entry to get corrupt in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MSM8909W, MSM8996AU, QCA6574AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_632sd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdm439sd_636msm8909w_firmwaremsm8996ausd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_425_firmwaresd_665sd_625_firmwaresd_450sd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaresd_835qca6574au_firmwaresda660sd_210_firmwaresd_600msm8909wsd_665_firmwaresd_205_firmwaresd_212sd_427_firmwaresd_712sd_855sd_730_firmwarequalcomm_215sdx20sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_710_firmwaresdm630qcs405sd_625qca6574ausd_820_firmwaresd_210mdm9607sd_636_firmwaresd_439_firmwarequalcomm_215_firmwaresd_429_firmwaresd_730sd_212_firmwaresd_850_firmwaresdm439_firmwareqcs405_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_430sd_427sd_670sd_435_firmwaresdx20_firmwaresd_710sd_600_firmwaresd_205sdm660_firmwaresd_855_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2019-10526
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.31% / 53.96%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound write in WLAN driver due to NULL character not properly placed after SSID name in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8009, APQ8017, APQ8053, APQ8096AU, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS405, QCS605, SC8180X, SDA845, SDM450, SDX20, SDX24, SDX55, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaremdm9150_firmwaremsm8920mdm9640_firmwaremsm8953sdm450msm8996au_firmwaresdm450_firmwaresdx20sdx24msm8920_firmwaremdm9607_firmwaremdm9650sc8180x_firmwaremsm8940_firmwareqcs405qca6574aumdm9607msm8996auapq8017_firmwareapq8009_firmwareqcn7605_firmwaremsm8917mdm9150msm8937mdm9207c_firmwareqcs605_firmwaresc8180xmdm9206mdm9207cqca6174a_firmwareqca6174aqca9379_firmwaresdx24_firmwareapq8096auqcs405_firmwareqca9377sda845_firmwareqcn7605mdm9206_firmwareqcs605sdx55msm8940apq8053apq8096au_firmwaremsm8953_firmwaremsm8917_firmwaremsm8937_firmwaremdm9650_firmwaresdx20_firmwareqca6574au_firmwaresdx55_firmwaresxr1130_firmwareapq8017sxr1130apq8009qca9379apq8053_firmwaresda845mdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-10509
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.27% / 49.72%
||
7 Day CHG~0.00%
Published-30 Sep, 2019 | 15:40
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Device record of the pairing device used after free during ACL disconnection in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, MSM8996AU, QCA6574AU, QCS405, QCS605, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_632sd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdm439sd_636snapdragon_high_med_2016_firmwaremsm8909w_firmwaremsm8996ausd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaresd_425_firmwaresd_665sd_625_firmwaresd_450sd_845qcs605sd_632_firmwaresd_835_firmwaresd_835qca6574au_firmwaresda660msm8909wsd_665_firmwaresd_427_firmwaresd_712sd_855sd_730_firmwaresd_425sdm660sd_430_firmwaresd_710_firmwaresd_435sdm630qcs405sd_625qca6574ausd_820_firmwaresd_636_firmwaresd_439_firmwaresd_429_firmwaresd_730snapdragon_high_med_2016sd_850_firmwaresdm439_firmwareqcs405_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_427sd_430sd_670sd_435_firmwaresd_710sdm660_firmwaresd_855_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2019-10487
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.40% / 59.83%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 05:25
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer over read can happen while parsing SMS OTA messages at transport layer if network sends un-intended values in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9635m_firmwareapq8096_firmwaremdm9640_firmwareqcm2150_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632apq8096sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996aumdm9645sm7150apq8009_firmwaremsm8917sdm670qcs605_firmwaresc8180xmdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwaremdm9635mapq8098mdm9615mdm9205mdm9206_firmwaremsm8939qcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresdm660mdm9655_firmwaresc8180x_firmwaresdm710qm215mdm9607mdm9645_firmwareapq8017_firmwaremdm9625_firmwaresdm710_firmwaremsm8939_firmwaremdm9150msm8937msm8905sm8150_firmwaremsm8909mdm9655apq8096ausdm439_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwaremdm9625qm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaremdm9615_firmwaremsm8998sm8150sdx20_firmwaresdm850apq8017nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-10542
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.34% / 56.01%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 17:11
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer over-read may occur when downloading a corrupted firmware file that has chunk length in header which doesn`t match the contents in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9615, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 625, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 845 / SD 850, SDX20

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_427_firmwaresd_712qca9377_firmwaresd_850mdm9150_firmwaremdm9640_firmwaresd_820amsm8996au_firmwaresdx20sd_670_firmwaresd_425sd_430_firmwaremdm9607_firmwaresd_435mdm9650sd_710_firmwaresd_625qca6574ausd_210mdm9607msm8996ausd_820_firmwaresd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwaremdm9150mdm9206qca6174a_firmwareqca6174aqca9379_firmwaresd_212_firmwaresd_425_firmwaresd_850_firmwaresd_625_firmwaresd_450qca9377sd_712_firmwaremdm9615sd_845mdm9206_firmwaresd_427sd_430sd_670sd_435_firmwaremdm9615_firmwaremdm9650_firmwaresd_710sdx20_firmwaresd_600_firmwaresd_205qca6574au_firmwaresd_210_firmwaresd_600qca9379sd_205_firmwaresd_212mdm9640Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-10532
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 55.48%
||
7 Day CHG~0.00%
Published-21 Jan, 2020 | 06:30
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Null-pointer dereference issue can occur while calculating string length when source string length is zero in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, Nicobar, QCS605, QM215, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm429wsdm632_firmwaresdm845sdm450_firmwaresdm632sdm439sdm429msm8940_firmwaresm6150msm8909w_firmwaresdm429w_firmwareapq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaremdm9206sdm670_firmwaresdm636sda845_firmwareapq8098mdm9206_firmwaremsm8939qcs605msm8937_firmwaresdm429_firmwaremsm8905_firmwaresda660sxr1130_firmwareapq8064_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarmsm8920msm8953sdm450sdm636_firmwareapq8064apq8098_firmwaresdx20sdm660msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwaresdm710qm215mdm9607apq8017_firmwaresdm710_firmwaremsm8939_firmwaremsm8937mdm9207c_firmwaremsm8996_firmwaremsm8905mdm9207csm8150_firmwaremsm8909sxr2130_firmwareapq8096ausdm439_firmwaresdm630_firmwaresda660_firmwareqm215_firmwaremsm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250sm8150sdx20_firmwareapq8017msm8996nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-10525
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.36% / 57.38%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 05:25
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow during SIB read when network configures complete sib list along with first and last segment of other SIB in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9635m_firmwareapq8096_firmwaremdm9640_firmwareqcm2150_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632apq8096sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996aumdm9645sm7150apq8009_firmwaremsm8917sdm670qcs605_firmwaresc8180xmdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwaremdm9635mapq8098mdm9615mdm9206_firmwaremsm8939qcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresdm660mdm9655_firmwaresc8180x_firmwaresdm710qm215mdm9607mdm9645_firmwareapq8017_firmwaremdm9625_firmwaresdm710_firmwaremsm8939_firmwaremdm9150msm8937msm8905sm8150_firmwaremsm8909mdm9655apq8096ausdm439_firmwaresdm630_firmwaresda660_firmwaremdm9625qm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaremdm9615_firmwaremsm8998sm8150sdx20_firmwaresdm850apq8017nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-10505
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.32% / 54.81%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 17:11
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound access while processing a non-standard IE measurement request with length crossing past the size of frame in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS405, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresd_850mdm9150_firmwaresd_632mdm9640_firmwaresd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdx24sdm439mdm9650sd_636sd_615_firmwaremsm8909w_firmwaremsm8996ausd_650sd_450_firmwaresd_845_firmwaresd_820a_firmwaresd_675_firmwaremdm9206sd_652sd_425_firmwareqca9379_firmwareqca6174asd_665sdx24_firmwaresd_625_firmwaresd_450qca9377sd_845mdm9206_firmwaresd_632_firmwaresd_835_firmwaremdm9650_firmwaresd_835qca6574au_firmwaresda660sd_210_firmwaresd_415_firmwaresd_652_firmwaremsm8909wsd_665_firmwaresd_616_firmwaresd_205_firmwaresd_415sd_212sd_650_firmwaresd_712sd_855sd_730_firmwaresdx20sd_616sd_425sdm660sdm630mdm9607_firmwaresd_615sd_710_firmwareqcs405sd_625qca6574ausd_210mdm9607sd_636_firmwaresd_439_firmwaremdm9150sd_429_firmwareqca6174a_firmwaresd_730sd_212_firmwaresd_850_firmwaresd_855_firmwaresdm439_firmwareqcs405_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_670sdx20_firmwaresd_710sd_205qca9379sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-10511
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.31% / 53.96%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 08:30
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possibility of memory overflow while decoding GSNDCP compressed mode PDU in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9635m_firmwareqcm2150_firmwaremdm9640_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresnapdragon_high_med_2016_firmwaresm6150msm8909w_firmwaremsm8976_firmwaremsm8996ausm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaresc8180xmdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwaremdm9635mapq8098mdm9615mdm9205mdm9206_firmwaremsm8939qcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwaremdm9655_firmwaresdm660sc8180x_firmwaresdm710qm215mdm9607apq8017_firmwaremdm9625_firmwaresdm710_firmwaremsm8939_firmwaremdm9150msm8937msm8905snapdragon_high_med_2016sm8150_firmwaremsm8909sxr2130_firmwaremdm9655apq8096ausdm439_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwaremdm9625qm215_firmwaremsm8976sdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250msm8998sm8150sdx20_firmwaresdm850mdm9615_firmwareapq8017nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2019-10534
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.22% / 43.91%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 17:11
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Null-pointer dereference can occur while accessing the super index entry when it is not been allocated in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MSM8909W, MSM8996AU, QCA6574AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_850sd_632sd_820asd_675msm8996au_firmwaresd_439sd_670_firmwaresd_429sdm439sd_636msm8909w_firmwaremsm8996ausd_820sd_450_firmwaresd_845_firmwaresd_820a_firmwareqcs605_firmwaresd_675_firmwaremdm9206sd_425_firmwaresd_665sd_625_firmwaresd_450sd_845mdm9206_firmwareqcs605sd_632_firmwaresd_835_firmwaresd_835qca6574au_firmwaresda660sd_210_firmwaresd_600msm8909wsd_665_firmwaresd_205_firmwaresd_212sd_427_firmwaresd_712sd_855sd_730_firmwarequalcomm_215sdx20sd_425sdm660sd_430_firmwaremdm9607_firmwaresd_435sd_710_firmwaresdm630qcs405sd_625qca6574ausd_820_firmwaresd_210mdm9607sd_636_firmwaresd_439_firmwarequalcomm_215_firmwaresd_429_firmwaresd_730sd_212_firmwaresd_850_firmwaresdm439_firmwareqcs405_firmwaresd_712_firmwaresdm630_firmwaresda660_firmwaresd_430sd_427sd_670sd_435_firmwaresdx20_firmwaresd_710sd_600_firmwaresd_205sdm660_firmwaresd_855_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2019-10528
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.40% / 59.81%
||
7 Day CHG~0.00%
Published-06 Nov, 2019 | 17:11
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free issue in kernel while accessing freed mdlog session info and its attributes after closing the session in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 675, SD 730, SD 820, SD 820A, SD 835, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sd_427_firmwaresd_855sd_730_firmwaremdm9640_firmwaresd_820asd_675msm8996au_firmwaresdx20sd_425sdm660sdx24sd_430_firmwaremdm9607_firmwaresd_435mdm9650sd_636sdm630qcs405sd_625msm8909w_firmwaremdm9607msm8996ausd_210sd_636_firmwaresd_820_firmwaresd_820sd_450_firmwaresd_820a_firmwaresd_675_firmwaremdm9206sd_425_firmwaresd_730sd_212_firmwaresdx24_firmwaresd_625_firmwaresd_450sd_855_firmwareqcs405_firmwaresdm630_firmwaresda660_firmwaremdm9206_firmwaresd_427sd_430sd_435_firmwaresd_835_firmwaremdm9650_firmwaresdx20_firmwaresd_835sd_205sda660sd_210_firmwaremsm8909wsd_205_firmwaresdm660_firmwaresd_212mdm9640Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2020-3641
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.31% / 53.96%
||
7 Day CHG~0.00%
Published-02 Jun, 2020 | 15:05
Updated-04 Aug, 2024 | 07:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow may occur if atom size is less than atom offset as there is improper validation of atom size in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, APQ8098, Kamorta, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909W, MSM8917, MSM8953, MSM8996AU, MSM8998, QCA6574AU, QCM2150, QCS405, QCS605, QM215, Rennell, SA6155P, Saipan, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-kamorta_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdm439sdm429sm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150apq8009_firmwaremsm8917sxr2130qcs605_firmwaremdm9206sdm636apq8098mdm9206_firmwareqcs605sdm429_firmwaremsm8905_firmwareqca6574au_firmwaresda660msm8909wapq8009apq8053_firmwaresa6155p_firmwaremsm8953sdm450sdm636_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150sdm660sdm630mdm9607_firmwaresm8250_firmwareqcs405qca6574auqm215mdm9607sa6155pmdm9207c_firmwaremsm8905mdm9207csm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwareqcs405_firmwarerennellsdm630_firmwaresda660_firmwarerennell_firmwareqm215_firmwaremsm8953_firmwareapq8053apq8096au_firmwaresaipan_firmwaresm6150_firmwaremsm8917_firmwaresm8250msm8998sm8150sdx20_firmwarekamortasaipansdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2018-21055
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.19% / 41.31%
||
7 Day CHG~0.00%
Published-08 Apr, 2020 | 17:51
Updated-05 Aug, 2024 | 12:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung mobile devices with N(7.0) (Qualcomm models using MSM8996 chipsets) software. A device can be rooted with a custom image to execute arbitrary scripts in the INIT context. The Samsung ID is SVE-2018-11940 (September 2018).

Action-Not Available
Vendor-n/aQualcomm Technologies, Inc.Google LLC
Product-androidmsm8996n/a
CWE ID-CWE-20
Improper Input Validation
CVE-1999-0006
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-6.78% / 91.12%
||
7 Day CHG-1.46%
Published-29 Sep, 1999 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in POP servers based on BSD/Qualcomm's qpopper allows remote attackers to gain root access using a long PASS command.

Action-Not Available
Vendor-n/aQualcomm Technologies, Inc.
Product-qpoppern/aqpopper
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-21054
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-0.16% / 36.83%
||
7 Day CHG~0.00%
Published-08 Apr, 2020 | 17:50
Updated-05 Aug, 2024 | 12:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered on Samsung mobile devices with M(6.0), N(7.x) and O(8.x) except exynos9610/9820 in all Platforms, M(6.0) except MSM8909 SC77xx/9830 exynos3470/5420, N(7.0) except MSM8939, N(7.1) except MSM8996 SDM6xx/M6737T software. There is an integer underflow with a resultant buffer overflow in eCryptFS. The Samsung ID is SVE-2017-11857 (September 2018).

Action-Not Available
Vendor-n/aMediaTek Inc.SamsungGoogle LLCQualcomm Technologies, Inc.Unisoc (Shanghai) Technologies Co., Ltd.
Product-exynos_9610m6737texynos_3470msm8909androidsc7715sdm6xxexynos_5420sc7730msm9830sc7731msm8996msm8939exynos_9820n/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-40510
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.12% / 31.81%
||
7 Day CHG~0.00%
Published-08 Aug, 2023 | 09:14
Updated-03 Aug, 2024 | 12:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer copy without checking size of input in Audio.

Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresd_8cx_gen3_firmwaremdm9640_firmwaresm6250p_firmwareqcs610qca8337qca6431_firmwarewcd9360_firmwaresdx65wcn3950_firmwaresc8180x\+sdx55sa8150p_firmwareqcs2290qca6595au_firmwaresa6155qca6335msm8917sd_455_firmwarecsra6620_firmwareqcs605_firmwareapq8076sd_675_firmwarecsra6640_firmwareqcs6125_firmwaresd632msm8108sa415msm4375wcn3998wcd9371_firmwaremsm8108_firmwareqam8295pwcn3950qcn6024_firmwaresd720gsm4125mdm9206_firmwaresd_8cx_gen2_firmwaremdm9628sd_8_gen1_5g_firmwarewcn3660bsd450_firmwaresd710_firmwaresd460_firmwareqca4020wcn7850qca6574au_firmwarewcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwaresdx12_firmwaremsm8909wapq8009w_firmwareqca6420wcd9360sd680_firmwareqca9367_firmwaremdm8207wcn3999sd_8cx_gen2qrb5165_firmwareqrb5165m_firmwareqcs6125sa8155_firmwaresd662_firmwareqcs405qca6430wcd9306_firmwarewcd9340sd626_firmwaresd765gsw5100sd680qca4020_firmwareqca6436wcn6851sa6155pqcs603_firmwarewcn7851_firmwaremsm8937msm8209_firmwaremdm9250_firmwarewcn3660_firmwarewcd9341pm8937_firmwareqca6696_firmwareqca6431wcd9371sd870_firmwaresd750gwcn3910_firmwaresxr2150p_firmwaresd_8cxsa8150pmdm9207_firmwarewsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwaresd712wcn3988sd660_firmwarewcn7850_firmwaresa8195p_firmwaremsm8208_firmwarewcn6750_firmwaresa8295p_firmwaresd450wcn3610msm8608mdm9640wcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwaresdm429wsw5100pmsm8996au_firmwarewcd9330sd625_firmwareqca6564ausdx55m_firmwarewcn6856_firmwaremsm8940_firmwaresd670_firmwareqca6574sd632_firmwarewcd9380qcs410sd690_5g_firmwaresdx50m_firmwareqca9379_firmwaresdx24_firmwareqcn9012_firmwaresd626qca6430_firmwaresd439_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqcs605wcd9340_firmwarewsa8815wcn6850sd7cwcn3910qca6320msm8937_firmwaremdm9650_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680sd695qca9984sd835qcn9024wcn3980_firmwaresd730wcd9330_firmwaresdx55mqcc5100_firmwaresa8295pqca6421_firmwarewcn6740_firmwaresd678_firmwareapq8064au_firmwarear8031_firmwarewcn3680_firmwareqrb5165wcn6851_firmwareqcs603sd670sd_636_firmwareqcn9024_firmwareqca6564a_firmwareapq8009wqcm4290_firmwaresd480sd870wcn6855sw5100p_firmwaresd210_firmwareqcs610_firmwareqsm8250sa6145psd695_firmwaresdxr1ar8031apq8096auqca6595_firmwareqcs405_firmwaremdm8207_firmwaresdm630_firmwaresd820_firmwareqca6391_firmwarewcd9370_firmwareqm215_firmwaresd780g_firmwaresdx55sa8155pcsra6640sd675sd439wcn3660qca9379sxr2150par8035_firmwareqsm8250_firmwareqcm2290wcn3991_firmwaremdm9150_firmwarewsa8830sd678qcs2290_firmwaresd7c_firmwarecsrb31024mdm9628_firmwaremdm9650sd_636csra6620qcs4290mdm9250sd765g_firmwareqca6420_firmwareqca6390_firmwareapq8009_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwaresd625qca6426qca6584au_firmwarewcn3990_firmwareqrb5165n_firmwareapq8076_firmwareqca9984_firmwareqca9377sdw2500_firmwaresd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwaresd662qam8295p_firmwareapq8037qcn9011_firmwaresa8155qca6320_firmwarewcn3680b_firmwaresdx55_firmwarewcn3615qca6595auwcn3999_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwareqrb5165nmdm9207wcd9306qca6584ausd778gqca6564au_firmwaremsm8208sa6155p_firmwareqca6310pm8937wcn7851sd429sa515m_firmwareqcs6490sdxr2_5gqca9367sdm630mdm9607_firmwaresa415m_firmwarewcn3988_firmwareqcn9074sd205qm215qca6421sd429_firmwaresd778g_firmwaresa6145p_firmwaresa8195psm6250sd712_firmwareapq8017_firmwarewsa8810_firmwaresm4375_firmwaresd765_firmwarewcd9326wcd9335qca8081qca6174a_firmwareqcs4290_firmwarewcd9385qcs6490_firmwaresd_8cx_gen3qca6390wcd9375sd750g_firmwareaqt1000ar8035apq8064ausc8180x\+sdx55_firmwaresm6250_firmwaresda429wmsm8917_firmwaresd210wcn3620_firmwaresdx20_firmwarewsa8815_firmwaresd888_5g_firmwaresd820qcm6490wcn6850_firmwarewsa8835_firmwarewcn3620apq8017qcx315qca6564aqcm6125_firmwareqcm2290_firmwarewcn3990sd_675sd780gsd865_5gqca6595qcc5100sdx24qcn9012msm8909w_firmwareqcx315_firmwarewsa8835msm8996ausdm429w_firmwaresd665_firmwaresd_8_gen1_5gsd888_5gsm6250pqca6574amdm9206wcn6855_firmwareqca6174asm7325pqca6310_firmwarewcn6750sa515mqca6574_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665sd765qca6574a_firmwaresd768g_firmwaremsm8209qrb5165msd850_firmwareapq8009sd460qca6391sdxr1_firmwareaqt1000_firmwaremsm8920sdx65_firmwareqcm4290csrb31024_firmwareqcm6490_firmwaresdx50msdx20sd480_firmwaremsm8920_firmwareqcn9011sd_455qca6574ausd710sa8155p_firmwaremdm9607sd205_firmwarewcd9341_firmwareqcm6125wsa8810mdm9150wcn6856wcn3680bsd835_firmwaresd768gwcn6740qca6696sd845_firmwaremsm8608_firmwaresdw2500msm8940apq8096au_firmwareqcn6024sd845apq8037_firmwaresm7250psd720g_firmwaresdx12sw5100_firmwareqcs410_firmwareqcn9074_firmwaresd850Snapdragonqca9377_firmwaresd_8cx_gen3_firmwaremdm9150_firmwarewcn3991_firmwaremdm9640_firmwaresm6250p_firmwareqcs2290_firmwareqca6431_firmwaresd7c_firmwaremdm9628_firmwarewcd9360_firmwarewcn3950_firmwaresa8150p_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqca6390_firmwareapq8009_firmwaresd730_firmwaresd_455_firmwarecsra6620_firmwareqcs605_firmwaresd_675_firmwaresd675_firmwarecsra6640_firmwareqcs6125_firmwareqca6584au_firmwareapq8076_firmwareqrb5165n_firmwarewcn3990_firmwareqca9984_firmwaresdw2500_firmwaresd_8cx_firmwaremsm8108_firmwaresdxr2_5g_firmwaresd_8cx_gen2_firmwareqcn6024_firmwarewcd9326_firmwarewcd9371_firmwaremdm9206_firmwarewcd9385_firmwaresd_8_gen1_5g_firmwarewcn3615_firmwaresd450_firmwaresd710_firmwaresd460_firmwareqam8295p_firmwareqcn9011_firmwareqca6320_firmwareqca6574au_firmwaresdx55_firmwarewcn3680b_firmwarewcd9375_firmwareqca8081_firmwaresa6155_firmwaresdx12_firmwaresm7250p_firmwarewcn3998_firmwareapq8009w_firmwarewcn3610_firmwareqca6436_firmwarewcn3999_firmwareqca6564au_firmwaresd680_firmwaresa6155p_firmwareqca9367_firmwaresa515m_firmwareqrb5165_firmwareqrb5165m_firmwaresa8155_firmwaresd662_firmwaremdm9607_firmwaresa415m_firmwarewcn3988_firmwaresa6145p_firmwaresd429_firmwarewcd9306_firmwaresd712_firmwaresd778g_firmwareapq8017_firmwaresd626_firmwarewsa8810_firmwarequalcomm215_firmwaresm4375_firmwaresd765_firmwareqca4020_firmwareqcs603_firmwarewcn7851_firmwaremsm8209_firmwareqca6174a_firmwaremdm9250_firmwareqcs4290_firmwarewcn3660_firmwarepm8937_firmwareqca6696_firmwareqcs6490_firmwaresd870_firmwarewcn3910_firmwaresxr2150p_firmwaresd750g_firmwaresm6250_firmwaremdm9207_firmwarewsa8830_firmwaremsm8917_firmwaresd855_firmwaresd865_5g_firmwarewcn3620_firmwaresdx20_firmwarewsa8815_firmwaresd888_5g_firmwarewcn6850_firmwaresd660_firmwarewcn7850_firmwarewsa8835_firmwaresa8195p_firmwaremsm8208_firmwaresa8295p_firmwarewcn6750_firmwareqcm6125_firmwareqcm2290_firmwareqca8337_firmwaresda429w_firmwarewcd9380_firmwaremsm8996au_firmwaresd625_firmwaresdx55m_firmwarewcn6856_firmwaremsm8940_firmwaremsm8909w_firmwareqcx315_firmwaresd632_firmwaresd670_firmwaresdm429w_firmwaresd665_firmwaresd690_5g_firmwaresdx50m_firmwarewcn6855_firmwareqca9379_firmwaresdx24_firmwareqca6310_firmwareqca6430_firmwareqcn9012_firmwarewcd9335_firmwaresd439_firmwareqca6335_firmwareqca6574_firmwarewcd9340_firmwaresm4125_firmwaresm7325p_firmwaremsm8937_firmwaremdm9650_firmwareqca6426_firmwarewcn3660b_firmwareqca6574a_firmwaresd768g_firmwaresd850_firmwarewcn3980_firmwaresdxr1_firmwarewcd9330_firmwareqcc5100_firmwareqca6421_firmwareaqt1000_firmwarewcn6740_firmwaresdx65_firmwaresd678_firmwareapq8064au_firmwarear8031_firmwarecsrb31024_firmwareqcm6490_firmwarewcn3680_firmwaresd480_firmwarewcn6851_firmwaremsm8920_firmwaresa8155p_firmwaresd_636_firmwaresd205_firmwareqca6564a_firmwareqcn9024_firmwarewcd9341_firmwareqcm4290_firmwaresw5100p_firmwaresd210_firmwareqcs610_firmwaresd835_firmwaresd695_firmwareqcs405_firmwareqca6595_firmwaremdm8207_firmwaresdm630_firmwaresd820_firmwareqca6391_firmwaresd845_firmwaremsm8608_firmwaresd780g_firmwarewcd9370_firmwareapq8096au_firmwareapq8037_firmwaresd720g_firmwaresw5100_firmwareqcn9074_firmwareqcs410_firmwarear8035_firmwareqsm8250_firmware
CWE ID-CWE-457
Use of Uninitialized Variable
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-40537
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.3||HIGH
EPSS-0.10% / 26.56%
||
7 Day CHG~0.00%
Published-07 Mar, 2023 | 04:43
Updated-03 Aug, 2024 | 12:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Validation of Array Index in Bluetooth HOST

Memory corruption in Bluetooth HOST while processing the AVRC_PDU_GET_PLAYER_APP_VALUE_TEXT AVRCP response.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresa6150p_firmwareqcs610qca8337wcn3950_firmwaresa8150p_firmwareqcs2290qca6595au_firmwareqca6335msm8917csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaresd632msm8108wcn3998msm8108_firmwarewcn3950sm4125sd720gmdm9628sd_8_gen1_5g_firmwarewcn3660bsd450_firmwaresd710_firmwaresd460_firmwaresm7315_firmwarewcn7850qca6574au_firmwarewcd9375_firmwarewcn3998_firmwaremsm8909wapq8009w_firmwareqca6420sdx20msd680_firmwareqrb5165_firmwareqrb5165m_firmwareqcs6125sa8155_firmwaresd662_firmwareqcs405qca6430wcd9340sd626_firmwaresd765gqualcomm215_firmwaresw5100sd680qca6436wcn6851sa6155pwcn7851_firmwaremsm8209_firmwaremdm9250_firmwarewcn3660_firmwarewcd9341qca6696_firmwaresd870_firmwaresd750gwcn3910_firmwaresxr2150p_firmwaresa8150pwsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwaresnapdragon_4_gen_1wcn3988sd660_firmwarewcn7850_firmwaresa8195p_firmwaresm8475msm8208_firmwareqcn7606_firmwarewcn6750_firmwaresd450wcn3610msm8608wcn3991qca8337_firmwarewcd9380_firmwaresdm429wsw5100pmsm8996au_firmwaresd625_firmwareqca6564ausdx55m_firmwarewcn6856_firmwaresd670_firmwareqca6574sd632_firmwarewcd9380qualcomm215qcs410sd690_5g_firmwaresdx50m_firmwaresdx24_firmwareqcn9012_firmwaresd626qca6430_firmwaresd439_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqcs605wcd9340_firmwarewsa8815wcn6850wcn3910qca6320mdm9650_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680sd695sd835wcn3980_firmwaresd730sdx55mqcc5100_firmwarewcn6740_firmwaresd678_firmwareapq8064au_firmwarear8031_firmwarewcn3680_firmwareqrb5165wcn6851_firmwaresd670sd_636_firmwareqca6564a_firmwareapq8009wqcm4290_firmwaresd480sd870wcn6855sw5100p_firmwaresd210_firmwareqcs610_firmwaresa6145psd695_firmwaresdxr1ar8031apq8096auqcs405_firmwaresa8145psdm630_firmwareqca6391_firmwarewcd9370_firmwaresd780g_firmwaresdx55sd888_firmwaresa8155pcsra6640sd675sd439wcn3660sxr2150pqcm2290qcn7606wcn3991_firmwaremdm9150_firmwarewsa8830sd678sa8145p_firmwareqcs2290_firmwaremdm9628_firmwaresnapdragon_4_gen_1_firmwaremdm9650sd_636csra6620qcs4290mdm9250sd765g_firmwareqca6420_firmwareqca6390_firmwareapq8009_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwaresd625qca6426qca6584au_firmwarewcn3990_firmwareqrb5165n_firmwareqca9377sdw2500_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwaresd662qcn9011_firmwaresa8155qca6320_firmwarewcn3680b_firmwaresdx55_firmwarewcn3615qca6595ausm7250p_firmwarewcn3610_firmwareqca6436_firmwareqrb5165nqca6564au_firmwareqca6584ausd778gsa6155p_firmwaremsm8208qca6310wcn7851sd429qcs6490sdxr2_5gsdm630mdm9607_firmwarewcn3988_firmwareqcn9074sd205sd429_firmwaresa6145p_firmwaresd778g_firmwaresm6250sa8195papq8017_firmwarewsa8810_firmwaresd765_firmwarewcd9326wcd9335qca6174a_firmwareqcs4290_firmwarewcd9385qcs6490_firmwareqca6390wcd9375sd750g_firmwareaqt1000apq8064ausm6250_firmwaremsm8917_firmwaresd210wcn3620_firmwaresdx20_firmwarewsa8815_firmwaresd888_5g_firmwareqcm6490wcn6850_firmwarewsa8835_firmwarewcn3620apq8017qca6564aqcm6125_firmwareqcm2290_firmwarewcn3990sd_675sd780gsd865_5gqcc5100sdx24qcn9012sd888msm8909w_firmwarewsa8835msm8996ausdm429w_firmwaresd665_firmwaresd888_5gqca6574awcn6855_firmwareqca6174asm7325pqca6310_firmwarewcn6750qca6574_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665sd765qca6574a_firmwaresd768g_firmwaremsm8209qrb5165msm7315apq8009sd460qca6391sdxr1_firmwareaqt1000_firmwareqcm4290qcm6490_firmwaresdx50msdx20sd480_firmwareqcn9011qca6574ausd710sa8155p_firmwaremdm9607sd205_firmwarewcd9341_firmwaresdx20m_firmwareqcm6125wsa8810mdm9150wcn6856wcn3680bsd835_firmwaresd768gwcn6740qca6696sd845_firmwaremsm8608_firmwaresdw2500sa6150papq8096au_firmwaresd845sm7250psd720g_firmwaresw5100_firmwareqcn9074_firmwareqcs410_firmwareSnapdragon
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2024-33066
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.25% / 47.66%
||
7 Day CHG~0.00%
Published-07 Oct, 2024 | 12:58
Updated-16 Oct, 2024 | 19:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in WLAN Resource Manager

Memory corruption while redirecting log file to any file location with any file name.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn5024_firmwareqcn9070ipq8173_firmwareqcf8001qcn5124qca4024_firmwareqcn9072qca8082qca8386immersive_home_318_platform_firmwareqxm8083ipq8078aipq5028_firmwareipq6000qcn5152_firmwareqcn9000_firmwareqcn9160ipq9554qcn6024_firmwareqca8386_firmwareipq8076aimmersive_home_316_platform_firmwareimmersive_home_316_platformimmersive_home_216_platformqca8084_firmwareipq8074aimmersive_home_318_platformqcn6412qcn5124_firmwareqca8082_firmwareqcn5164_firmwaresdx55_firmwareqcn5122_firmwareqcn6422_firmwareqcn6023_firmwareqca8081_firmwareipq5010snapdragon_x65_5g_modem-rf_system_firmwareqcn9274ipq8078a_firmwareipq8174ipq5028qcn5052qcf8001_firmwareipq6010qcn6112_firmwareqcn9074qca8085sdx65mqcn6132qcf8000qca8081qcn6023sdx65m_firmwareipq8071aipq5312ipq8071a_firmwareimmersive_home_3210_platformqcn6122qca9888_firmwareqca8085_firmwareipq5300ipq9008_firmwareqcn5154_firmwarecsr8811qcn9100_firmwareipq5010_firmwareipq8074a_firmwareqcn5022_firmwareimmersive_home_216_platform_firmwareqcn9000ipq8072aqcf8000_firmwareipq8076a_firmwareqca8084ipq8078ipq8173ipq9008qcn5164immersive_home_326_platform_firmwareqcn6122_firmwareqcn6402_firmwarecsr8811_firmwareqcn6422ipq9554_firmwareqcn5154qca8075_firmwareqcn5024qca9889qcn6132_firmwareqca9888qcn5052_firmwareqcn9274_firmwareipq8070a_firmwareipq8076_firmwareipq6018_firmwareqcn6112ipq8076qcn9160_firmwareqxm8083_firmwareqcn5152ipq6028qcn9024ipq9574_firmwareimmersive_home_3210_platform_firmwareipq5302qcn9100snapdragon_x65_5g_modem-rf_systemipq5300_firmwareipq8078_firmwareqcn9070_firmwareipq8072a_firmwareipq6028_firmwareqcn6432_firmwareipq5312_firmwareqca9889_firmwareqcn5122ipq9574qcn9024_firmwareipq8174_firmwareqcn6412_firmwareipq5332_firmwareipq5332ipq5302_firmwareimmersive_home_326_platformqcn5022ipq6018ipq6010_firmwareimmersive_home_214_platformimmersive_home_214_platform_firmwareqca4024sdx55qcn9022_firmwareqcn6402qca8075qcn9022qcn6024ipq8070aqcn9072_firmwareipq6000_firmwareqcn9074_firmwareqcn6432Snapdragonqcn5024_firmwareqcf8000_firmwareipq8076a_firmwareipq8173_firmwareimmersive_home_326_platform_firmwareqca4024_firmwareqcn6122_firmwareqcn6402_firmwareimmersive_home_318_platform_firmwarecsr8811_firmwareipq5028_firmwareipq9554_firmwareqca8075_firmwareqcn5152_firmwareqcn6132_firmwareqcn9000_firmwareqcn5052_firmwareqcn9274_firmwareipq8070a_firmwareqcn6024_firmwareipq6018_firmwareipq8076_firmwareimmersive_home_316_platform_firmwareqca8386_firmwareqca8084_firmwareqcn5124_firmwareqcn9160_firmwareqxm8083_firmwareqca8082_firmwareqcn5164_firmwareqcn5122_firmwaresdx55_firmwareqcn6422_firmwareipq9574_firmwareqca8081_firmwareqcn6023_firmwareimmersive_home_3210_platform_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareipq8078a_firmwareipq5300_firmwareipq8078_firmwareqcn9070_firmwareqcf8001_firmwareipq6028_firmwareipq8072a_firmwareqcn6112_firmwareqcn6432_firmwareipq5312_firmwareqca9889_firmwareqcn9024_firmwareipq8174_firmwareqcn6412_firmwareipq5332_firmwareipq5302_firmwaresdx65m_firmwareipq8071a_firmwareqca8085_firmwareqca9888_firmwareipq6010_firmwareipq9008_firmwareqcn5154_firmwareimmersive_home_214_platform_firmwareqcn9022_firmwareqcn9100_firmwareipq5010_firmwareipq8074a_firmwareqcn9072_firmwareipq6000_firmwareqcn9074_firmwareqcn5022_firmwareimmersive_home_216_platform_firmware
CWE ID-CWE-20
Improper Input Validation
CVE-2020-11140
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 55.48%
||
7 Day CHG~0.00%
Published-21 Jan, 2021 | 09:41
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound memory access during music playback with ALAC modified content due to improper validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100qfs2580qfe2550qcs610pmi8996qdm5579qfe1045qdm2307qfs2530qpa8802qln1030pm6125qat3519mdm9645pm8150asc8180x\+sdx55qtc800hqdm5670qcs2290sa6155qca6335msm8917pm7150lqpa8821qln1020apq8076wtr3905qdm5671pmc1000hqfe2330qat3518sd632sd8cwcn3998wcn3950sm4125sd720gwtr2605qpa5460wcn3660bwtr2655qfe4320qcc112qca4020qdm5652sd6905gmdm9630qpm8870qpm5679qbt2000pm855pqca6420wcd9360pm6150awtr1625lsdr735gwcn3999pm8150bqsm7250pm8996qcs6125qfe2101smb1360qca6430qcs405qat3522qfe4455fcpmr735awtr1625wfr2600wcd9340sd765gqfe3440fcwcd9320sdr660qca6436wcn6851sa6155pqpa6560qfe3345apq8052msm8937sdr865smb1358wcd9341pmi8952smr545mdm9655qca6431qln5020wcd9371smb1350sd750gqdm3302wtr3950sa8150pqpm5657pm6350qdm5621qfe3340qtc800smsm8226sd660qdm5650sd712wcn3988wtr3925qfe2080fcsdr052smb1390pm6150lsd450sd8885gqet4100wcn3610mdm9640qpm6585qtc410swcn3991smb1355qln4650qpa8801sdm429wwcd9330wgr7640qat5568qet5100sd636qca6564ausdxr25gpm6150qca6574pm7250bqfs2630qpa8842pmm8996auwcd9380qualcomm215mdm9230qln4640qcs410smb1381sdr735pm7250wtr4905smb1395pm660lqpa8803ar8151smr526wtr5975qca6174pmk8003wcn3980pmd9645qdm2301qsw8573qcs605wsa8815wcn6850qbt1000wcn3910qca6320smb1394wcn3680qca9984qfe4309sd835qca1990pm8009qpa8675sd730sdx55mpm670aqfe4373fcpm8008qsw8574msm8953pmi8998mdm9225qfe2520pme605mdm9225mpm855lqcs603rsw8577pmd9635sd8655gqfe4302qpm5621qpm6582sd670qfe4303pm670pm8150lqdm5677pm8005qsm8250sa6145ppm215qdm2302msm8626pmm6155ausdxr1ar8031apq8096auwtr2965pm8150qpm5875sdx55qet5100mapq8053sa8155pcsra6640pm8350bhssd675sd439qet4101pm8952pmi8994qat3516pm670lpm8226wcn3660qpm5658qca9379pm855bsmb2351qln1031qcm2290qpm5870qfe1040wsa8830qfe4465fcpm660sdr051qln5030pm4125qbt1500qpa5581pmi632pm456mdm9650csra6620qpa5373qpm4621pmk8001qcs4290qet6100pmm855ausdr660gqfe2340sd455qpa8686pm8110smb1396pm7150awcd9370pm8350qca6564sdr425qca6426qpm5641whs9410qat5516wtr2955qdm5620qln1021aqsd662smb1380qfe4308pm8350bhmdm8635mapq8037pm3003asa8155qat5533wcn3615qca6595auwtr2100sm7350qtc800tpm8940qpm6670smb1354wcd9306qca6584auqdm2305qca6310qpm8820qpm4641pm8937qpm2630qfe2081fcpm855sd429pm8250msm8962smb1398apq8084sdm630sd821apq8062qdm4643msm8976sgpmx55sdr675qca6421sm6250qdm3301sa8195ppm8953qat5515qca6694qpm5677qat3514wcd9326wcd9335wcn3660aqet4200aqwcd9385pm439qpm5620pmm8155aumdm9625qpm4630qca6390wcd9375ar8035aqt1000msm8956msm8976apq8064aupmm8195auqpa8673qdm2310qln4642qca6694auapq8056msm8952sda429wsd820mdm9625mpmi8937pm8998pmk7350wcn3620apq8017qca6564amdm9235msmr546qet6110qfe1055qln5040qpm8895sdr845qpm5670wcn3990pm8019qca6595pmk8350qpm8830pm8350bqat5522wsa8835msm8996aupm8150cpmr735bpmi8940sm6250prgr7640auqpa4360qln1035bdpm855aqpa4361qca6574aqca6174apm8350csmr525qpm4640wcn6750mdm9635mpmr525pm7350cqpm4650qtm525wtr6955qfe3335sd855sd8cxsd665qfe4305qca6175asd765pm640pqat3555sd460qca6391smb1351qpa5461qfe2082fcmsm8920msm8610pm660aqpa4340qcm4290sdx50mpm640asdr8150qfs2608pm8916qln1036aqqtc801sqdm4650pmd9655qca6574auqfe3320sd710qsw6310qcm6125qpm6621wsa8810qdm2308pmw3100pmx50qat3550wcn6856qdm5679wcn3680bsdr8250sd768gwcn6740qca6696qfe4301pm8004pm640lmsm8940pmk8002qpa2625sa6150psd845sm7250psdm830smb1357mdm9330pm8956sd850pm6250qpa5580Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-11138
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 55.48%
||
7 Day CHG~0.00%
Published-21 Jan, 2021 | 09:41
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uninitialized pointers accessed during music play back with incorrect bit stream due to an uninitialized heap memory result in instability in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100qfs2580qfe2550msm8960qcs610pmi8996qdm5579qfe1045qdm2307qfs2530qpa8802qln1030pm6125qat3519mdm9645pm8917pm8150asc8180x\+sdx55qtc800hqdm5670qcs2290sa6155qca6335msm8917pm7150lqpa8821mdm8215qln1020apq8076wtr3905qdm5671pmc1000hqfe2330msm8630qat3518sd632sd8cmsm8108sa415mwcn3998wcn3950sm4125sd720gwtr1605wtr2605mdm9628qpa5460wcn3660bwtr2655qfe4320qcc112qca4020mdm8215mqdm5652mdm9630qpm8870qpm5679qbt2000msm8909wpm855pqca6420wcd9360pm6150awtr1625lmsm8627sdr735gwcn3999pm8150bqsm7250pm8996qcs6125qfe2101mdm9615mqca6430qcc1110qat3522qfe4455fcpmr735awtr1625qcs405smb1360wcd9340wfr2600sd765gqfe3440fcwcd9320sdr660qca6436wcn6851sa6155pqpa6560qfe3345apq8052sdr865smb1358wcd9341pmi8952smr545mdm9655qca6431qln5020wcd9371smb1350sd750gqdm3302wtr3950sa8150pqpm5657pm6350qdm5621qfe3340qtc800smsm8226sd660qdm5650sd712wcn3988wtr3925qfe2080fcsdr052smb1390pm6150lsd450qet4100wcn3610msm8608mdm9640qpm6585qtc410swcn3991smb1355qln4650qpa8801sdm429wwcd9330wgr7640qat5568qet5100sd636qca6564aumsm8230pm6150qca6574pm7250bqfs2630qpa8842pmm8996auwcd9380qualcomm215mdm9230qln4640qcs410smb1381sdr735pm7250wtr4905smb1395pm660lqpa8803ar8151smr526wtr5975qca6174pmk8003wcn3980pmd9645qdm2301qsw8573qcs605wsa8815wcn6850wcn3910qca6320smb1394wcn3680qca9984pm8921sd835qfe4309qca1990pm8009qpa8675sd730sdx55mpm670aqfe4373fcpm8008msm8953qsw8574pmi8998mdm9225qfe2520apq8064pme605mdm9225mpm855lqcs603rsw8577pmd9635qfe4302qpm5621qpm6582sd670apq8009wqfe4303pm670pm8150lwtr1605lqdm5677pm8005qsm8250sa6145ppm215qdm2302pmm6155ausdxr1ar8031apq8096auwtr2965wfr1620pm8150qpm5875sdx55qet5100mapq8053sa8155pcsra6640pm8350bhssd675wtr4605sd439qet4101pm8952pmi8994qat3516pm670lwcd9310pm8226wcn3660qpm5658qca9379pm855bsmb2351qln1031qcm2290qpm5870pm8909qfe1040wsa8830qfe4465fcpm660sdr051msm8960sgqln5030msm8930pm4125qbt1500qpa5581pmi632pm456csrb31024mdm9650csra6620qpa5373qpm4621pmk8001qcs4290qet6100pmm855ausdr660gqfe2340sd455qpa8686pm8110sd690_5gsmb1396wcd9370pm8350qca6564sdr425qca6426qpm5641whs9410qat5516wtr2955qdm5620qln1021aqsd662smb1380qfe4308pm8350bhmdm8635mapq8037pm3003asa8155qat5533wcn3615qca6595aumsm8227wtr2100sm7350qtc800tpm8940qpm6670smb1354wcd9306qca6584auqdm2305qca6310msm8208qpm8820qpm4641pm8937qpm2630qfe2081fcpm855sd429sdxr2_5gpm8250msm8962mpq8064smb1398apq8084sdm630sd821apq8062qdm4643msm8976sgpmx55sd205sdr675sm6250qdm3301sa8195ppm8953qat5515qca6694qpm5677smb231qfe1100qat3514wcd9326wcd9335wcn3660aqet4200aqwcd9385mdm8615mpm439qpm5620pmm8155aumdm9625qpm4630qca6390wcd9375ar8035aqt1000msm8956msm8976apq8064aupmm8195auqpa8673qdm2310qln4642qca6694auapq8056msm8952sda429wsd210sd820mdm9625mpmi8937pm8998pmk7350sdw3100wcn3620apq8017ar6003mdm9235mqca6564asmr546pmx24qet6110qfe1055qln5040qpm8895sdr845qpm5670wcn3990apq8030sd865_5gpm8019qca6595pmk8350qpm8830pm8350bqat5522wsa8835msm8996aupm8150cpmr735bpmi8940sd888_5gsm6250prgr7640auqpa4360qln1035bdpm855aqpa4361qca6574aqca6174apm8350csmr525qpm4640wcn6750mdm9635mpmr525mdm9615pm7350cqpm4650qtm525wtr6955qfe3335pm8821sd855sd665sd8cxqfe4305qca6175asd765pm640ppmd9607msm8209qat3555apq8009sd460qca6391smb1351qpa5461mdm9310qfe2082fcmsm8920msm8610pm660aqpa4340qcm4290sdx50mpm640asdr8150qfs2608pm8916qln1036aqqtc801sqdm4650mdm9215pmd9655qca6574auqfe3320sd710mdm9607qsw6310qcm6125qpm6621wsa8810qdm2308pmw3100pmx50pm8018qat3550wcn6856qdm5679wcn3680bsdr8250sd768gwcn6740qca6696qfe4301pm8004pm640lmsm8940pmk8002qpa2625sa6150ppm7150a_sd845sm7250psdm830smb1357mdm9330sd850pm6250qpa5580Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-824
Access of Uninitialized Pointer
CVE-2021-1976
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.39% / 59.32%
||
7 Day CHG~0.00%
Published-17 Sep, 2021 | 07:05
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use after free can occur due to improper validation of P2P device address in PD Request frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarefsm10055sm7250mdm9640_firmwaresm6250p_firmwaresa6150p_firmwareqcs610ipq4028_firmwareqcn5550qca8337ar9380ipq8173_firmwareqca9561_firmwareqcn5124qca4024_firmwarewcn3950_firmwareipq8078aipq5028_firmwaresa8150p_firmwareqcs2290qca6595au_firmwaresa6155qca6335msm8917qcn5064sd_455_firmwarecsra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwareqca9987_firmwaresd632sa415mwcn3998wcd9371_firmwarewcn3950qcn6024_firmwaresd720gsm4125mdm9206_firmwareipq8076amdm9628wcn3660bsd450_firmwaresd460_firmwareqca6428qca6574au_firmwareqcn5164_firmwareipq8071wcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwaresdx12_firmwaremsm8909wapq8009w_firmwareqca6420apq8053_firmwaresdx20mqca6438_firmwareqca9986ipq8070_firmwareqca9367_firmwareipq8065ipq8078a_firmwarewcn3999qrb5165_firmwareipq5028qca7500ipq8072_firmwareipq4029_firmwareqcs6125sa8155_firmwareipq6010sd662_firmwareipq8068qcs405qca6430wcd9340sdm830_firmwaresd765gqualcomm215_firmwarefsm10056_firmwareqca6436wcn6851qcn3018_firmwaresa6155pqcs603_firmwaremdm9250_firmwarewcn3660_firmwareqca9888_firmwareqcn6122ipq8068_firmwareqca6696_firmwarewcd9371sd870_firmwaresd750gqca9988_firmwareqcn5154_firmwarewcn3910_firmwaresa8150par7420_firmwarewsa8830_firmwareqca9992_firmwaresd865_5g_firmwaresd855_firmwarewcn3988qca6438sa8195p_firmwareqcn5121qcn5022_firmwarewcn6750_firmwareqca9898sd450ipq4028wcn3610mdm9640qca6428_firmwareipq5018_firmwareqca9985_firmwarewcn3991ipq4018_firmwareqca8337_firmwarewcd9380_firmwareipq8072aqca7500_firmwareqca9980_firmwaresdm429wwcd9330msm8996au_firmwareipq8076a_firmwareqca7550_firmwareipq8078qca6564ausdx55m_firmwareipq8173wcn6856_firmwareqcn5164qca9558sd670_firmwareqca6574sd632_firmwarecsr8811_firmwareqca7520_firmwarewcd9380qualcomm215qcn5054_firmwareqcs410qcn5024sd690_5g_firmwareipq4019_firmwaresdx50m_firmwaresdx24_firmwareqca8072_firmwareqca9985qcn9012_firmwareqca6174qca6430_firmwaresd439_firmwareqcn5052_firmwareqca6335_firmwareipq6018_firmwareqcs605wcd9340_firmwarewsa8815wcn6850pmp8074_firmwarewcn3910qca6320mdm9650_firmwareqca9986_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680qca9984ipq6028ipq8064sd835pmp8074qcn9024sd730qcn5550_firmwarewcd9330_firmwaresdx55mipq8064_firmwarewcn6740_firmwaremsm8953qcn5064_firmwaresd678_firmwareapq8064au_firmwarear8031_firmwarewcn3680_firmwareipq8078_firmwareqcn5054qrb5165wcn6851_firmwareqcs603ipq8070qca9896qcn5502qca9994qca9887_firmwareqca9980sd670qcn9024_firmwareipq8174_firmwareapq8009wsd_636_firmwareqca6564a_firmwareqca9880qcm4290_firmwaresd480sd870qcn5121_firmwaresd210_firmwareqcs610_firmwaresa6145pipq6018qcn3018qca9886_firmwaresdxr1ar8031apq8096auqca6595_firmwareqcs405_firmwaresa8145psdm630_firmwareqca6391_firmwareqca4024wcd9370_firmwaresd780g_firmwaresdx55sd888_firmwareapq8053qcn5021_firmwarecsra6640sa8155psd675sd439qca9531_firmwarewcn3660ar8035_firmwareqcm2290qcn5024_firmwarewcn3991_firmwaremdm9150_firmwareqcn5500wsa8830qca9561sd678qcn9070sa8145p_firmwareqca7520qcs2290_firmwarefsm10056sm7250_firmwarecsrb31024qca9563_firmwaremdm9628_firmwaremdm9650sd_636csra6620fsm10055_firmwareqca9987qcn9072qca9880_firmwareqca9992qcs4290mdm9250sd765g_firmwareqca6420_firmwareipq8069_firmwareapq8009_firmwareqca6390_firmwaresd690_5gipq6000qca6174_firmwaresd730_firmwarewcd9370sd675_firmwareipq8072qcn5152_firmwareqca6564qca6426qca6584au_firmwareqcn9000_firmwareqca9984_firmwareqca9377ipq5018sdw2500_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcn3615_firmwareqca9563ipq8074asd662qcn5124_firmwareqca9982sa8155qca6320_firmwarewcn3680b_firmwareqcn5122_firmwaresdx55_firmwarewcn3615qcn6023_firmwareqca6595auwcn3999_firmwarewcn3610_firmwareqca6436_firmwareipq5010qca6564au_firmwareqca6584ausd778gsa6155p_firmwareqca6310ipq8174sd429sa515m_firmwareqca9990sdxr2_5gqcn5052qca9367sdm630mdm9607_firmwaresa415m_firmwarewcn3988_firmwareqcn9074sd205sd429_firmwaresa6145p_firmwaresd778g_firmwaresm6250sa8195papq8017_firmwarewsa8810_firmwareqca6694qca7550sd765_firmwareqca8081qca9982_firmwareqcn6023ipq8071aqca6174a_firmwareipq8071a_firmwareqcs4290_firmwarewcd9385qca6390qca9898_firmwaresd750g_firmwareaqt1000wcd9375ar8035sm6250_firmwarecsr8811apq8064auipq4019qca6694_firmwaremsm8953_firmwareqcn9100_firmwaremsm8917_firmwaresd210wcn3620_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwaresdx20_firmwarewsa8815_firmwarewcn6850_firmwarewsa8835_firmwarewcn3620apq8017qcx315qca6564aqca9988qcm6125_firmwareqca9882qca8072qcm2290_firmwareqcn9000sd_675sd780gsd865_5gqca6595ar9380_firmwaresdx24qcn9012sd888qca9558_firmwareqca9896_firmwaremsm8909w_firmwareipq8065_firmwareqcx315_firmwareqcn6122_firmwaremsm8996ausd665_firmwaresdm429w_firmwarewsa8835sd888_5gsm6250pqcn5154qca8075_firmwareipq4018qca6574aipq6005_firmwaremdm9206qca9889qca6174aqca9888qca6310_firmwaresm7325ipq8074qca9994_firmwarewcn6750ipq8070a_firmwareipq8076_firmwaresa515mqca6574_firmwareqca9886qcn5502_firmwarear7420sd855sm4125_firmwaresd665ipq8076sd765qca9887qca6574a_firmwareqcn5021ipq8069qcn5152sd768g_firmwareapq8009sd460qca6391sdxr1_firmwareipq6005aqt1000_firmwareqcn9100mdm9626qcm4290csrb31024_firmwaresdx50mqca9882_firmwareqcn9070_firmwaresdx20sd480_firmwareipq6028_firmwareipq8072a_firmwaresd_455mdm9626_firmwareqca9531ipq8074_firmwareqca6574auqca9889_firmwaresa8155p_firmwaremdm9607qcn5122sd205_firmwaresdx20m_firmwareqcm6125wsa8810qcn5500_firmwaremdm9150wcn6856qcn5022wcn3680bsd835_firmwareqca6564_firmwaresd768gipq6010_firmwarewcn6740qca6696sd845_firmwaresdw2500sa6150pqca8075qcn9022_firmwareapq8096au_firmwareqcn6024qcn9022sd845qca9990_firmwareipq8070aqcn9072_firmwaresdm830ipq6000_firmwaresd720g_firmwaresdx12ipq8071_firmwareqcs410_firmwareqcn9074_firmwareipq4029sm7325_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-416
Use After Free
CVE-2020-11184
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.43% / 61.86%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 10:00
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Possible buffer overflow will occur in video while parsing mp4 clip with crafted esds atom size.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile in QCM4290, QCS4290, QM215, QSM8350, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6250, SM6350, SM7125, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm6350sm7125sm4250p_firmwaresa6155p_firmwaresm6115_firmwaresm7250sxr2130p_firmwaresm6125qcm4290sm7250_firmwaresm8350_firmwaresa8155_firmwaresdx55m_firmwaresm8250_firmwaresm6115p_firmwaresm6350_firmwaresa6145p_firmwareqm215sa8155p_firmwaresm4250_firmwaresm6250qcs4290qcm4290_firmwaresa6155sa6155psm8350sxr2130sa6145psm6115sm8350p_firmwareqcs4290_firmwaresm8350psm4250psm8150_firmwaresxr2130_firmwaresxr2130psm4250sm7225qm215_firmwaresm6115psm7125_firmwaresdx55sm6250_firmwareqsm8350_firmwaresa8155psm8250qsm8350sm8150p_firmwaresm7225_firmwaresm8150sa8155sm7250psdx55_firmwaresa6155_firmwaresm7250p_firmwaresm6125_firmwaresdx55msm8150pSnapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-11227
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.37% / 58.30%
||
7 Day CHG~0.00%
Published-17 Mar, 2021 | 06:00
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound write while parsing RTT/TTY packet parsing due to lack of check of buffer size before copying into buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100qfe2080fc_firmwareqca9377_firmwareqfs2580qpm5679_firmwaremdm9640_firmwaresm6250p_firmwarepmd9607_firmwareqfe4455fc_firmwareqca8337qfs2530qpm8870_firmwareqln1030pm6125qat5522_firmwaremdm9645wcn3950_firmwarepm8150aqdm5670qca6595au_firmwareqpm5541_firmwarepm7150lqcc1110_firmwarepm8998_firmwareqpa8821sd_455_firmwarewtr5975_firmwareqcs6125_firmwarepm456_firmwareqpa5580_firmwaremsm8108sa415mwcn3998wcd9371_firmwaremsm8108_firmwarewcn3950sm4125sd720gmdm9206_firmwareqsw8573_firmwarewcn3660bsd450_firmwareqfe4320qsw8574_firmwaresd460_firmwaremdm9230_firmwaresmb2351_firmwarepm8953_firmwareqpa4360_firmwarewcn3998_firmwareqfe2520_firmwareapq8009w_firmwarepm855papq8053_firmwareqca6420pm6150awtr4605_firmwareqca9367_firmwaremdm8207pm660_firmwarepm8150bsa8155_firmwareqca4004_firmwareqfe2101qca6430qat3522qfe4455fcpmr735awcd9306_firmwarewcd9340sd765gsdr660qfe1045_firmwareqfe3345msm8209_firmwaresdr865mdm9250_firmwareqdm5620_firmwaresmb1358qca6696_firmwareqln5020wcd9371sd870_firmwarepmm855au_firmwaresd_8cxwtr3950qfe3340qdm5621qtc800sqca4004qat3514_firmwaremdm9330_firmwaresd660sd865_5g_firmwaresd712pm640p_firmwaresd660_firmwarewcn6750_firmwareqat5516_firmwarepm6150lsd450pm855l_firmwareqtc410swcn3991qfe3335_firmwareqpa8801sdm429wpm8150l_firmwareqat5533_firmwaresdx55m_firmwareqpa8673_firmwarepm6150smb1354_firmwaremsm8976_firmwareqca6574sd632_firmwaresd670_firmwareqpa8842sdr052_firmwarepmm8996auwcd9380qualcomm215qln4640qcs410qpm5579_firmwaresmb1380_firmwareqfe4309_firmwaresmb1381pm855p_firmwareqfe3100_firmwarepm7250qca9379_firmwarewtr4905qpa8803sdx24_firmwaresd439_firmwarepmd9645qdm2301wcd9340_firmwarewsa8815wcn6850qfe2101_firmwareqca6584_firmwareqdm2301_firmwaremsm8937_firmwareqdm5621_firmwareqpm6375sd_8c_firmwaresd835wcn3980_firmwaresd730qfe3320_firmwarepm660l_firmwarepm6250_firmwarepm8008qtm525_firmwarepme605_firmwarepme605sd678_firmwareqpm5621_firmwareqln1021aq_firmwareqcs603rsw8577qpa6560_firmwareqpa8802_firmwareqln4640_firmwareqfe4308_firmwareqpm5621qpm6582sd670pm8009_firmwareapq8009wqfe4303qfs2580_firmwareqcm4290_firmwarepm8150lpmi8998_firmwareqcs610_firmwareapq8084_firmwaresdr105pm660a_firmwarepm215pm4250qpm5577mdm8207_firmwaresdm630_firmwarewtr2965mdm9205_firmwareqca6391_firmwaresa2150ppmx20_firmwaresd820_firmwarepm8150pmi8937_firmwarewcd9370_firmwareqat3516_firmwaresdx55apq8053qat3555_firmwarepmi8994qpa8803_firmwarewcn3660qca9379pm855bsmb2351qln1031pm8909mdm9150_firmwareqfe1040pm660qet6110_firmwareqpm6325pm6125_firmwareqbt1500qfe1040_firmwarecsrb31024mdm9628_firmwareqfe2340_firmwaremdm9650sd_636pmx24_firmwareqbt1500_firmwarepmk8001qcs4290pmm855aumdm9250qca6420_firmwarepmd9635_firmwareapq8009_firmwarepm7150asd675_firmwareqpa4361_firmwareqca6426wcn3990_firmwareqca9377qpa5373_firmwaresdw2500_firmwarewcd9385_firmwareqdm5650_firmwareqpa4340_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwarewhs9410rgr7640au_firmwarewtr2955pm7250_firmwaresdr845_firmwareqdm5620qln1021aqsmb1380pmk8002_firmwareqsw6310_firmwaresa8155qca6584qln1031_firmwaresdx55_firmwareqat5533wcn3615sm7250p_firmwarewcn3610_firmwarepm8940mdm9207qsm7250_firmwarepm7150l_firmwarewcd9306qca6584aumsm8208qat5515_firmwarepm855qpm8830_firmwaresd429pm8250qca9367qfe2082fc_firmwaresdm630mdm9607_firmwaremdm9655_firmwaremsm8976sgqfs2530_firmwarepmx55sa415m_firmwarewcn3988_firmwaresd205sd429_firmwarepm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwarepm8953qat5515qca6694qpm5677qat3514wcd9326wcd9335pm8004_firmwaresdr8150_firmwareqcs4290_firmwarepm439qtc800h_firmwareqca6390wcd9375aqt1000msm8976sm6250_firmwareqln4642msm8917_firmwareqpm5677_firmwaresdx20_firmwarewsa8815_firmwarewtr3925_firmwarepmi8937pm8998sdw3100smr525_firmwareqpm8820_firmwareqfe4301_firmwareapq8017qln1020_firmwaremdm9630_firmwareqcm6125_firmwarepmx55_firmwarewtr2955_firmwareqbt1000_firmwareqfe4373fc_firmwaresd865_5gqca6595pm8150_firmwareqpm8830pmm8996au_firmwareqat5522pm8150csd665_firmwareqpa4360sc8180xqpa4361mdm9206qpm5577_firmwareqdm5679_firmwaresmr525qca6310_firmwareqfe4305_firmwarepm6150l_firmwarepmr525pm8150a_firmwareqca6574_firmwarewtr3950_firmwareqln1036aq_firmwaresd665pm6150a_firmwarepm6150_firmwaresd765pmx20pmd9607qca6574a_firmwareqat3555sd850_firmwareapq8009qfe2082fcwtr2965_firmwarepm670_firmwarecsrb31024_firmwareqln1036aqqtc801spmi8940_firmwaresc8180x_firmwareqfe3320sd710mdm9607mdm9645_firmwarepm8008_firmwareqln1035bd_firmwarepmr735a_firmwarepmw3100pmx50qfe3345_firmwaresdr8250sd768gqln1030_firmwarepmw3100_firmwarepm8004pm640lmsm8940pmk8002apq8096au_firmwaresdw2500sd845smb1357pmd9655au_firmwareqca617_firmwareqcs410_firmwaremdm9330qpa5580qpm5579qfe2550qcs610pmi8996qfe1045qdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqat3519qbt2000_firmwarepm855a_firmwareqtc800hsdr8250_firmwareqcs2290qca6335msm8917qln1020qcs605_firmwaresd_675_firmwarewtr3905qdm5671pmc1000hqpm4650_firmwareqat3518sd632sdr425_firmwaresmr526_firmwaremdm9628pm640a_firmwareqpa5460wgr7640_firmwareqdm2305_firmwareqpm5670_firmwaresd710_firmwareqca4020qdm5652qca6574au_firmwaremdm9630qpm8870wcd9375_firmwareqpm5679qbt2000msm8909wwcd9360pmx50_firmwareqpa8675_firmwarewhs9410_firmwareqpa5460_firmwarepm8940_firmwareqdm3301_firmwarepm8996qsm7250qcs6125sd662_firmwareqcc1110smb1360qualcomm215_firmwareqfe3440fcqdm2308_firmwarersw8577_firmwarepm439_firmwareqca4020_firmwareqca6436wcn6851qcs603_firmwareqpa6560msm8937sdr675_firmwarewcn3660_firmwarewcd9341pmi8952mdm9655pm8937_firmwareqca6431qet4100_firmwareqfe4320_firmwarewcn3910_firmwaremdm9207_firmwaresd855_firmwareqdm5650wcn3988wtr3925qfe2080fcsdr052smb1390sdw3100_firmwaremsm8208_firmwareqet4100wcn3610msm8608mdm9640qpa8686_firmwareqpm6585qca8337_firmwaresda429w_firmwarewcd9380_firmwaresmb1355qln4650qtc800t_firmwarewcd9330msm8996au_firmwarewgr7640csr6030qet5100qdm5671_firmwareqpa8801_firmwareqca6564auqtm527_firmwarepm8005_firmwaremsm8940_firmwareqet4101_firmwarepm7250bqln4642_firmwarepmk8001_firmwaresmb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwaremdm9230pm8996_firmwareqet4200aq_firmwaresdx50m_firmwaresmb1395smb358spm660lsmb358s_firmwarear8151smr526wtr5975qca6430_firmwarewcd9335_firmwareqtc801s_firmwarewcn3980qat3522_firmwareqca6335_firmwareqsw8573qcs605qbt1000wcn3910qca6320mdm9650_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680qfe4309pm8009qpa8675sdr051_firmwarewcd9330_firmwaresdx55mqca6421_firmwarewtr3905_firmwareqfe4373fcmsm8953qat3518_firmwarepmi8998qfe2520qsw8574sd821_firmwarewcn3680_firmwareqca617pm855lwcn6851_firmwareqdm5670_firmwarepmd9635pm7150a_firmwarepm8150b_firmwareqfe4302sd_636_firmwarepmc1000h_firmwareqca6564a_firmwareqdm2310_firmwareqca6694au_firmwarepm4250_firmwaremsm8976sg_firmwaresdr105_firmwarepmd9645_firmwaresd870pm670sd210_firmwareqdm5677pm8005pm855_firmwareqdm2302sdxr1pm855b_firmwareapq8096auqca6595_firmwareqpm6582_firmwareqpm6375_firmwarepm640l_firmwarepmi8996_firmwareqln4650_firmwareqet5100msa8155psd675wtr4605sd439qet4101pm8952qat3516pm670lqpm5658ar8035_firmwareqcm2290qpm5658_firmwarewcn3991_firmwareqdm5652_firmwareqfe4465fcsd678sdr051qln5030qcs2290_firmwarepm4125pmi632qpa2625_firmwarepm456qfe2081fc_firmwaresmb1360_firmwareqet5100_firmwareqpa5373pm670l_firmwaresdr660gqfe2340sd765g_firmwareqpa8686smb1358_firmwareqca6390_firmwaresd730_firmwarewcd9370sdr425pmr525_firmwareqca6584au_firmwareqfe3340_firmwarear8151_firmwarepmi632_firmwaresd_8cx_firmwareqpm5541qat5516smb358_firmwaresd662qpa8821_firmwareqfe4308sdr660g_firmwareapq8037pm3003aqca6320_firmwarewcn3680b_firmwareqca6595auqca6436_firmwareqtc800tsmb1354qca6564au_firmwareqdm2305qca6310qpm8820pm8937qpm2630qfe2081fcqln5020_firmwaresa515m_firmwaresdxr2_5gapq8084sd821sdr675sm6250sd712_firmwareapq8017_firmwarewsa8810_firmwaresmb231sd765_firmwareqdm5677_firmwareqet4200aqqca6174a_firmwarewcd9385qpm6325_firmwareqdm2302_firmwareqat3550_firmwareqln5040_firmwarepm4125_firmwarear8035qpa8673qca6694_firmwareqdm2310qfe2550_firmwaremsm8953_firmwareqln5030_firmwareqca6694aupm8952_firmwaresda429wsd210wcn3620_firmwareqfe4302_firmwaresd820wcn6850_firmwarewcn3620smb358csr6030_firmwareqca6564apmx24qet6110pmi8952_firmwareqcm2290_firmwareqln5040qpm8895sdr845qpm5670wcn3990sd_675qtm527qfe3440fc_firmwaresdx24pmi8994_firmwareqdm2307_firmwaremsm8909w_firmwaremsm8996ausdm429w_firmwareqfe1035pmi8940sm6250prgr7640auqln1035bdpm855asdr660_firmwarepm8909_firmwareqca6574apm8916_firmwaresmb1390_firmwareqca6174aqfe4303_firmwarewcn6750pm8956_firmwareqet5100m_firmwareqpm4650mdm9205qtm525sa515msa2150p_firmwarewtr6955qfe3335sd855sm4125_firmwareqfe4305wtr6955_firmwarepm640psd768g_firmwaresdr865_firmwaremsm8209qfe4465fc_firmwarepm8250_firmwaresd460qca6391sdxr1_firmwaresmb1351smb1357_firmwareaqt1000_firmwarepm215_firmwaremsm8920qpm8895_firmwarepm660aqpa4340qfe1035_firmwareqcm4290sdx50mpm640asdr8150sdx20pm8916pmd9655aumsm8920_firmwaresmb1395_firmwaresd_455pmd9655qca6574ausa8155p_firmwaresd205_firmwareqsw6310wcd9341_firmwareqcm6125wsa8810qtc410s_firmwareqpm2630_firmwaresmb231_firmwareqdm2308wtr4905_firmwareqat3550mdm9150qdm5679sd_8cwcn3680bsd835_firmwarepm3003a_firmwareqca6696qfe4301qtc800s_firmwaresmb1381_firmwaresd845_firmwaremsm8608_firmwareqpa2625apq8037_firmwaresm7250psd720g_firmwarepm8956sd850pm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-129
Improper Validation of Array Index
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-33234
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.3||HIGH
EPSS-0.27% / 50.32%
||
7 Day CHG~0.00%
Published-15 Nov, 2022 | 00:00
Updated-22 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption in video due to configuration weakness. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwarewcd9340_firmwareqca6595au_firmwareqca6310sd429_firmwaresd730qcn7606_firmwaresd_675_firmwaresd855_firmwaresd662_firmwarewcd9371sdx50mqcs6490sdx55sd460_firmwareqca6696qca6421sa6155qsm8250_firmwareqca6564auqca6426_firmwareqcm4290_firmwarewcn3660bsd720gsm4375wcn3660b_firmwaresa6150psd460sd665_firmwaresd710_firmwaresa6145p_firmwarewsa8830sd768gsm4125wcn6740_firmwarewcn6856qca6390wsa8815sdx50m_firmwaresa6155psa8150p_firmwaresd480qca6430sa8145p_firmwarewcn3620_firmwaresd855qcs6490_firmwarewcd9340wcn6850sa8145psdx55_firmwarewcn3950sxr2150p_firmwaresdxr2_5g_firmwareqcm6490wcd9335sd670_firmwaresd765g_firmwareqca6574aqca6595_firmwaresd865_5g_firmwareqca6421_firmwareqcm6125_firmwareqca6574au_firmwaresd662sdm429w_firmwareqca6564_firmwarewcn6750qcs610_firmwaresm7325psd695_firmwareqcm2290_firmwarewcd9380sd_675qca6335qcm4290qca6595qca6431_firmwaresd695sd730_firmwaresd480_firmwareqca6430_firmwaresa6150p_firmwaresd888wcd9375_firmwaresm7315_firmwaresm7325p_firmwarewcn6856_firmwaresd870aqt1000qca6390_firmwarewcn6855_firmwareqsm8250qca6420sa6155_firmwaresd780g_firmwarewcn6855qcm2290wcn3910sd870_firmwareqcm6490_firmwaresm6250sd845_firmwaresdxr1_firmwareqca6431qca6595auwcd9370sd888_firmwareqcs4290_firmwarewcn3990wcn3980sd429sm4125_firmwaresd690_5gsm7315sd765_firmwaresd720g_firmwaresd765gsd670wsa8835sdx55mwcn3998wcn6850_firmwaresm6250pwsa8810_firmwarewsa8815_firmwarewcn3991_firmwaresa8150pqcs2290wcn6740wcd9385qca6436sd678qca6574auwcd9385_firmwarewcn6750_firmwareqcs410_firmwaresa8155psdxr1wsa8810sd680sd888_5gaqt1000_firmwarewsa8835_firmwaresd678_firmwarewcd9335_firmwareqcs6125sm4375_firmwaresm7250p_firmwareqca6391wcn3991qca6574wcn3998_firmwareqca6574_firmwarewcn6851sd778g_firmwarewcd9370_firmwaresd675qca6420_firmwaresa8195pqca6574a_firmwaresd675_firmwaresd665sa8155_firmwaresd888_5g_firmwarewsa8830_firmwareqcm6125sm6250_firmwaresdxr2_5gwcd9341wcn3980_firmwareqcs2290_firmwarewcn6851_firmwaresdm429wwcd9326qcs610sa6155p_firmwaresd680_firmwareqca6391_firmwarewcd9326_firmwaresm7250psa8155p_firmwaresa6145pwcn3910_firmwarewcd9375sd750g_firmwareqca6696_firmwaresm6250p_firmwaresxr2150psd865_5gsd780gqca6564au_firmwareqca6426qca6335_firmwaresd690_5g_firmwareqcs6125_firmwaresdx55m_firmwaresd778gwcn3950_firmwarewcd9371_firmwarewcn3988wcn3990_firmwaresa8155sd750gwcn3620sd765sd768g_firmwareqcs605_firmwareqca6564qcs605wcn3988_firmwareqca6310_firmwareqcs4290sd710qcn7606qca6436_firmwaresa8195p_firmwaresd845wcd9341_firmwareqcs410Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-33280
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.3||HIGH
EPSS-0.11% / 29.86%
||
7 Day CHG~0.00%
Published-09 Feb, 2023 | 06:58
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Access of uninitialized pointer in Bluetooth HOST

Memory corruption due to access of uninitialized pointer in Bluetooth HOST while processing the AVRCP packet.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaremdm9150_firmwareqca8337_firmwarewcd9380_firmwarewcn3990qcs610sdm429wqca8337qca6564ausdx24wcn6856_firmwaremdm9628_firmwareqcn9012mdm9650sdx65csra6620sdm429w_firmwarewcn3950_firmwarewcd9380mdm9250qca6595au_firmwareqcs410wcd9370csra6620_firmwareqcs605_firmwareqca6574awcn6855_firmwarecsra6640_firmwareqca6174asdx24_firmwareqca6584au_firmwarewcn3990_firmwareqrb5165n_firmwareqcn9012_firmwareqca9377sd626wcn3998wcd9335_firmwarewcn3980wcd9385_firmwarewcn3950qcn6024_firmwaremdm9628wcd9326_firmwareqcs605wcn3660bwsa8815mdm9650_firmwareqcn9011_firmwarewcn3660b_firmwareqca6574a_firmwareqca6574au_firmwaresdx55_firmwarewcn3680b_firmwaresd835qca6595auqca8081_firmwarewcn3998_firmwareqcn9024qrb5165mwcn3980_firmwareqca6391qrb5165nsdx20mqca6564au_firmwareqca6584ausa6155p_firmwaresdx65_firmwaresd429qrb5165_firmwareqrb5165m_firmwarear8031_firmwaresdx20qrb5165qcn9011qcs405wcn3988_firmwareqca6574auqcn9074sd429_firmwaresa8155p_firmwareqca6564a_firmwaresa8195pqcn9024_firmwaresd626_firmwarewsa8810_firmwarewcd9341_firmwaresdx20m_firmwarewsa8810wcn6855wcd9326wcd9335sa6155pqca8081qcs610_firmwaremdm9150wcn6856wcn3680bsd835_firmwareqca6174a_firmwaremdm9250_firmwarewcd9385wcd9341apq8096auar8031qcs405_firmwareqca6391_firmwarear8035wcd9370_firmwaresdx55apq8096au_firmwarecsra6640qcn6024sa8155pwcn3620_firmwaresdx20_firmwarewcn3988wsa8815_firmwarewcn3620sa8195p_firmwareqcn9074_firmwareqcs410_firmwareqca6564aar8035_firmwareSnapdragon
CWE ID-CWE-824
Access of Uninitialized Pointer
CVE-2022-33256
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.12% / 31.14%
||
7 Day CHG~0.00%
Published-07 Mar, 2023 | 04:43
Updated-05 Mar, 2025 | 21:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper validation of array index in Multi-mode call processor

Memory corruption due to improper validation of array index in Multi-mode call processor.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830qca8337qca6431_firmwaresnapdragon_4_gen_1_firmwarewcd9360_firmwaresdx65sd765g_firmwareqca6595au_firmwareqca6390_firmwaresd690_5gwcd9370qca6426wcn3998wcd9385_firmwaresdxr2_5g_firmwareqcn6024_firmwaresd_8_gen1_5g_firmwaresm7315_firmwarewcn7850qca6574au_firmwaresdx55_firmwareqca6595auqca8081_firmwarewcd9375_firmwarewcn3998_firmwaresm7250p_firmwarewcd9360qca6436_firmwaresd778gsa515m_firmwareqcs6490wcn7851sdxr2_5gwcn3988_firmwareqca6421sd778g_firmwarewsa8810_firmwaresd765gsd765_firmwareqca6436wcn6851qca8081wcn7851_firmwarewcd9385wcd9341qca6431qca6696_firmwareqcs6490_firmwaresd750gsd870_firmwaresdx70m_firmwareqca6390ar8035sd750g_firmwarewcd9375wsa8830_firmwaresd855_firmwaresd865_5g_firmwaresnapdragon_4_gen_1qcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewcn7850_firmwarewsa8815_firmwarewsa8835_firmwareqcx315sm8475wcn6750_firmwarewcn3991qca8337_firmwarewcd9380_firmwaresd780gsd865_5gsdx55m_firmwarewcn6856_firmwaresd888wsa8835qcx315_firmwarewcd9380sd888_5gqca6574asd690_5g_firmwarewcn6855_firmwaresm7325pwcn6750sa515msd855wsa8815sm7325p_firmwarewcn6850sdx57m_firmwaresd765qca6426_firmwareqca6574a_firmwaresd695sd768g_firmwareqcn9024sm7315qca6391sdx55mqca6421_firmwarewcn6740_firmwaresdx65_firmwareqcm6490_firmwaresd480_firmwarewcn6851_firmwareqca6574auqcn9024_firmwaresdx57mwcd9341_firmwaresd480sd870wsa8810wcn6855wcn6856sd695_firmwaresd768gwcn6740qca6696qca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55sd888_firmwareqcn6024sdx70msm7250par8035_firmwareSnapdragon
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2022-33279
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.22% / 44.03%
||
7 Day CHG-0.04%
Published-09 Feb, 2023 | 06:58
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Stack based buffer overflow in WLAN

Memory corruption due to stack based buffer overflow in WLAN having invalid WNM frame length.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn5024_firmwareqcn9070ipq4028_firmwarear9380ipq8173_firmwareqcn5124qca4024_firmwareqcn9072qca9880_firmwareqca9992ipq8078aipq5028_firmwareipq6000qcn5152_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwareipq5018wcd9385_firmwareipq8076aqcn6024_firmwareipq8074aqcn5124_firmwareqcn6100_firmwareqcn6102_firmwareqcn9011_firmwareqcn5164_firmwareqcn5122_firmwareqca8081_firmwareqcn6023_firmwareqrb5165nipq5010ipq8065ipq8078a_firmwareqcn9274ipq8174qca9990qrb5165_firmwareipq5028qca7500ipq4029_firmwareqcn5052qrb5165m_firmwareipq6010ipq8068qcn6112_firmwareqcn9074qcn6132qca8081ipq8071aqcn6023ipq8071a_firmwarewcd9385qca9888_firmwareqcn6122ipq8068_firmwareipq9008_firmwareqcn5154_firmwareqca9898_firmwarecsr8811ipq4019qcn9100_firmwareqca9992_firmwareipq5010_firmwareipq8074a_firmwareqca9898qcn5022_firmwareipq4028qca8072ipq5018_firmwareqca9985_firmwareqcn9000ipq8072aqca7500_firmwareqca9980_firmwareipq8076a_firmwarear9380_firmwareipq8078ipq8173ipq9008qcn9012qcn5164qcn6122_firmwareipq8065_firmwarecsr8811_firmwareqcn5054_firmwareqcn5154qca8075_firmwareipq4019_firmwareqcn5024qca9889qcn6132_firmwareqca9888qca8072_firmwareqca9985qca9994_firmwareqcn5052_firmwareqcn9012_firmwareqcn9274_firmwareipq8070a_firmwareipq6018_firmwareipq8076_firmwareqca9886qcn6112ipq8076qca9984ipq6028ipq8064qcn5152qcn9024qrb5165mipq9574_firmwareqca6391ipq8064_firmwareqcn6102qcn9100ipq8078_firmwareqcn5054qcn9070_firmwareqrb5165ipq6028_firmwareipq8072a_firmwareqcn9011qca9994qca9889_firmwareipq9574qca9980qcn5122ipq8174_firmwareqcn9024_firmwareqca9880ipq6018qcn5022qca9886_firmwareipq6010_firmwareqca6391_firmwareqca4024qca8075qcn9022_firmwareqcn6024qcn9022qca9990_firmwareipq8070aqcn6100qcn9072_firmwareipq6000_firmwareqcn9074_firmwareipq4029Snapdragonqcn5024_firmwareipq5018_firmwareqca9985_firmwareipq4028_firmwareqca7500_firmwareqca9980_firmwareipq8076a_firmwarear9380_firmwareipq8173_firmwareqca4024_firmwareqcn6122_firmwareipq8065_firmwareqca9880_firmwarecsr8811_firmwareipq5028_firmwareqcn5054_firmwareqca8075_firmwareipq4019_firmwareqcn5152_firmwareqcn6132_firmwareqca8072_firmwareqcn9000_firmwareqca9984_firmwareqca9994_firmwareqcn5052_firmwareqcn9012_firmwareipq8070a_firmwareqcn9274_firmwareqrb5165n_firmwarewcd9385_firmwareqcn6024_firmwareipq6018_firmwareipq8076_firmwareqcn5124_firmwareqcn6100_firmwareqcn6102_firmwareqcn9011_firmwareqcn5164_firmwareqcn5122_firmwareipq9574_firmwareqca8081_firmwareqcn6023_firmwareipq8064_firmwareipq8078a_firmwareqrb5165_firmwareqrb5165m_firmwareipq8078_firmwareipq4029_firmwareqcn9070_firmwareipq6028_firmwareipq8072a_firmwareqcn6112_firmwareqca9889_firmwareqcn9024_firmwareipq8174_firmwareqca9886_firmwareipq8071a_firmwareqca9888_firmwareipq8068_firmwareipq6010_firmwareipq9008_firmwareqca6391_firmwareqcn5154_firmwareqca9898_firmwareqcn9022_firmwareqcn9100_firmwareqca9990_firmwareqca9992_firmwareipq5010_firmwareipq8074a_firmwareqcn9072_firmwareipq6000_firmwareqcn9074_firmwareqcn5022_firmware
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-33265
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.3||HIGH
EPSS-0.27% / 50.32%
||
7 Day CHG~0.00%
Published-06 Jan, 2023 | 05:02
Updated-09 Apr, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Information exposure in Powerline Communication Firmware

Memory corruption due to information exposure in Powerline Communication Firmware while sending different MMEs from a single, unassociated device.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca7500_firmwareqca7520_firmwareqca7550qca7520qca7500qca7550_firmwareSnapdragon
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-33211
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.16% / 37.28%
||
7 Day CHG~0.00%
Published-04 Apr, 2023 | 04:46
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in MODEM

memory corruption in modem due to improper check while calculating size of serialized CoAP message

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9206wcd9306snapdragon_wear_1300mdm8207snapdragon_wear_1200wcd9330snapdragon_x5_lte_modemsnapdragon_x5_lte_modem_firmwaremdm8207_firmwaresnapdragon_wear_1100mdm9205_firmwaremdm9205qca4004_firmwaremdm9206_firmwaremdm9207_firmwareqca4004qts110wcd9306_firmwaresnapdragon_wear_1100_firmwaresnapdragon_wear_1300_firmwarewcd9330_firmwaresnapdragon_wear_1200_firmwaremdm9207qts110_firmwareSnapdragon9205_lte_modem_firmware9206_lte_modem_firmwaresnapdragon_wear_1300_platform_firmware9207_lte_modem_firmwarewcd9306_firmwaresnapdragon_x5_lte_modem_firmwaremdm8207_firmwarewcd9330_firmwareqca4004_firmwaresnapdragon_1200_wearable_platform_firmwaresnapdragon_1100_wearable_platform_firmwareqts110_firmware
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-131
Incorrect Calculation of Buffer Size
CVE-2021-35068
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.22% / 44.26%
||
7 Day CHG~0.00%
Published-11 Feb, 2022 | 10:40
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of null check while freeing the device information buffer in the Bluetooth HFP protocol can lead to a NULL pointer dereference in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwarewsa8830sd678sa6150p_firmwaresm6250p_firmwaresa8145p_firmwareqcs610qcs2290_firmwarecsra6620qcs4290wcn3950_firmwaresa8150p_firmwaresd765g_firmwareqcs2290qca6595au_firmwareqca6390_firmwaresa6155sd690_5gsd730_firmwarewcd9370csra6620_firmwareqcs605_firmwaresd_675_firmwaresd675_firmwarecsra6640_firmwareqcs6125_firmwareqca6426qrb5165n_firmwareqca9377wcn3998sdw2500_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcn3950sd720gsd_8_gen1_5g_firmwaresm6375_firmwarewcn3660bsd662sd460_firmwareqcn9011_firmwaresa8155sm7315_firmwareqca6574au_firmwareqca6595ausa6155_firmwarewcd9375_firmwarewcn3998_firmwaremsm8909wsm7250p_firmwareapq8009w_firmwarewcn3610_firmwareqca6436_firmwarewcn3999_firmwareqrb5165nsd778gsa6155p_firmwaresm6225wcn3999qrb5165_firmwareqrb5165m_firmwaresdxr2_5gqcs6125sa8155_firmwaresd662_firmwareqcs405wcn3988_firmwaresa6145p_firmwaresm6250sd778g_firmwaresa8195pqualcomm215_firmwaresd765gsd765_firmwareqca6436wcn6851sa6155pqcs603_firmwareqca6174a_firmwareqcs4290_firmwarewcd9385qca6696_firmwaresd750gsd870_firmwareqca6390wcd9375sd750g_firmwareaqt1000sa8150pwcn3910_firmwaresm6250_firmwarewsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwaresdx20_firmwarewcn3620_firmwaresd888_5g_firmwarewcn3988sd660_firmwarewcn3620wcn6850_firmwaresa8195p_firmwarewsa8835_firmwaresm8475wcn6750_firmwarewcn3610qcm6125_firmwareqcm2290_firmwaresm6375wcn3991wcd9380_firmwaresd_675sdm429wsd780gsd865_5gsdx55m_firmwarewcn6856_firmwareqcn9012sd888msm8909w_firmwareqca6574wsa8835sdm429w_firmwaresd665_firmwarewcd9380sd888_5gsm6250pqualcomm215qcs410qca6574asd690_5g_firmwarewcn6855_firmwareqca6174asm7325pqcn9012_firmwarewcn6750qca6574_firmwareqcs605sd855sm7325p_firmwaresd665wcn3910wcn6850sd765qca6426_firmwarewcn3660b_firmwareqca6574a_firmwaresd768g_firmwareqrb5165msm7315sd460qca6391sd730sdx55msdxr1_firmwareaqt1000_firmwarewcn6740_firmwaresd678_firmwarear8031_firmwareqcm4290sdx20qrb5165sd480_firmwareqcs603wcn6851_firmwareqcn9011sm6225_firmwareqca6574ausa8155p_firmwareapq8009wqcm6125qcm4290_firmwaresd480sd870wcn6855qcs610_firmwarewcn6856sa6145psdxr1sd768gar8031qcs405_firmwaresa8145pwcn6740qca6696qca6391_firmwaresd780g_firmwarewcd9370_firmwaresa6150psd888_firmwaresdw2500sa8155pcsra6640sd675sm7250psd720g_firmwareqcs410_firmwareqcm2290Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2018-11922
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.12% / 31.77%
||
7 Day CHG~0.00%
Published-26 Nov, 2024 | 08:55
Updated-09 Jan, 2025 | 20:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Configurations in Android Build

Wrong configuration in Touch Pal application can collect user behavior data without awareness by the user.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-215sda660sd_210_firmwaresd_439sd_625sd_450mdm9640sd_425sd_210sd_429_firmwaresdm439_firmwaresd_625_firmwaresd_205sd_439_firmwaresd_429mdm9650_firmwaresd_427_firmwaresd_435_firmwaremdm9206sd_632sdx20mdm9650mdm9206_firmwaresd_845sd_435sd_212_firmwaresd_850sd_450_firmwaresd_427mdm9640_firmwaresd_850_firmwaresd_632_firmwaresd_205_firmwaresd_212sd_425_firmwaresda660_firmwaresdm439mdm9607mdm9607_firmware215_firmwaresd_430sdx20_firmwaresd_430_firmwaresd_845_firmwareSnapdragon
CVE-2019-2320
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-9.8||CRITICAL
EPSS-0.33% / 55.48%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 08:30
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bounds write in a MT SMS/SS scenario due to improper validation of array index in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8976, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, Snapdragon_High_Med_2016, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9635m_firmwareqcm2150_firmwaremdm9640_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresnapdragon_high_med_2016_firmwaresm6150msm8909w_firmwaremsm8976_firmwaremsm8996ausm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaremdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwaremdm9635mapq8098mdm9615mdm9205mdm9206_firmwaremsm8939qcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwaremdm9655_firmwaresdm660sdm710qm215mdm9607apq8017_firmwaremdm9625_firmwaresdm710_firmwaremsm8939_firmwaremdm9150msm8937msm8905snapdragon_high_med_2016sm8150_firmwaremsm8909sxr2130_firmwaremdm9655apq8096ausdm439_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwaremdm9625qm215_firmwaremsm8976sdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250msm8998sm8150sdx20_firmwaresdm850mdm9615_firmwareapq8017nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-129
Improper Validation of Array Index
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 28
  • 29
  • Next
Details not found