Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-47405

Summary
Assigner-qualcomm
Assigner Org ID-2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At-04 May, 2026 | 16:43
Updated At-05 May, 2026 | 03:56
Rejected At-
Credits

Untrusted Pointer Dereference in Camera

Memory corruption when processing camera sensor input/output control codes with invalid output buffers.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:qualcomm
Assigner Org ID:2cfc7d3e-20d3-47ac-8db7-1b7285aff15f
Published At:04 May, 2026 | 16:43
Updated At:05 May, 2026 | 03:56
Rejected At:
â–¼CVE Numbering Authority (CNA)
Untrusted Pointer Dereference in Camera

Memory corruption when processing camera sensor input/output control codes with invalid output buffers.

Affected Products
Vendor
Qualcomm Technologies, Inc.Qualcomm, Inc.
Product
Snapdragon
Platforms
  • Snapdragon Compute
  • Snapdragon Industrial IOT
Default Status
unaffected
Versions
Affected
  • FastConnect 6900
  • FastConnect 7800
  • IQX5121
  • IQX7181
  • QCA0000
  • SC8380XP
  • SD865 5G
  • Snapdragon XR2 5G Platform
  • Snapdragon XR2+ Gen 1 Platform
  • WCD9380
  • WCD9385
  • WSA8810
  • WSA8815
  • WSA8840
  • WSA8845
  • WSA8845H
Problem Types
TypeCWE IDDescription
CWECWE-822CWE-822 Untrusted Pointer Dereference
Type: CWE
CWE ID: CWE-822
Description: CWE-822 Untrusted Pointer Dereference
Metrics
VersionBase scoreBase severityVector
3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2026-bulletin.html
N/A
Hyperlink: https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2026-bulletin.html
Resource: N/A
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:product-security@qualcomm.com
Published At:04 May, 2026 | 17:16
Updated At:06 May, 2026 | 18:03

Memory corruption when processing camera sensor input/output control codes with invalid output buffers.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Qualcomm Technologies, Inc.
qualcomm
>>fastconnect_6900_firmware>>-
cpe:2.3:o:qualcomm:fastconnect_6900_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>fastconnect_6900>>-
cpe:2.3:h:qualcomm:fastconnect_6900:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>fastconnect_7800_firmware>>-
cpe:2.3:o:qualcomm:fastconnect_7800_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>fastconnect_7800>>-
cpe:2.3:h:qualcomm:fastconnect_7800:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>iqx5121_firmware>>-
cpe:2.3:o:qualcomm:iqx5121_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>iqx5121>>-
cpe:2.3:h:qualcomm:iqx5121:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>iqx7181_firmware>>-
cpe:2.3:o:qualcomm:iqx7181_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>iqx7181>>-
cpe:2.3:h:qualcomm:iqx7181:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca0000_firmware>>-
cpe:2.3:o:qualcomm:qca0000_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>qca0000>>-
cpe:2.3:h:qualcomm:qca0000:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sc8380xp_firmware>>-
cpe:2.3:o:qualcomm:sc8380xp_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sc8380xp>>-
cpe:2.3:h:qualcomm:sc8380xp:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd865_5g_firmware>>-
cpe:2.3:o:qualcomm:sd865_5g_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>sd865_5g>>-
cpe:2.3:h:qualcomm:sd865_5g:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>snapdragon_xr2_5g_firmware>>-
cpe:2.3:o:qualcomm:snapdragon_xr2_5g_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>snapdragon_xr2_5g>>-
cpe:2.3:h:qualcomm:snapdragon_xr2_5g:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>snapdragon_xr2\+_gen_1_firmware>>-
cpe:2.3:o:qualcomm:snapdragon_xr2\+_gen_1_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>snapdragon_xr2\+_gen_1>>-
cpe:2.3:h:qualcomm:snapdragon_xr2\+_gen_1:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wcd9380_firmware>>-
cpe:2.3:o:qualcomm:wcd9380_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wcd9380>>-
cpe:2.3:h:qualcomm:wcd9380:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wcd9385_firmware>>-
cpe:2.3:o:qualcomm:wcd9385_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wcd9385>>-
cpe:2.3:h:qualcomm:wcd9385:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wsa8810_firmware>>-
cpe:2.3:o:qualcomm:wsa8810_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wsa8810>>-
cpe:2.3:h:qualcomm:wsa8810:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wsa8815_firmware>>-
cpe:2.3:o:qualcomm:wsa8815_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wsa8815>>-
cpe:2.3:h:qualcomm:wsa8815:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wsa8840_firmware>>-
cpe:2.3:o:qualcomm:wsa8840_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wsa8840>>-
cpe:2.3:h:qualcomm:wsa8840:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wsa8845_firmware>>-
cpe:2.3:o:qualcomm:wsa8845_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wsa8845>>-
cpe:2.3:h:qualcomm:wsa8845:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wsa8845h_firmware>>-
cpe:2.3:o:qualcomm:wsa8845h_firmware:-:*:*:*:*:*:*:*
Qualcomm Technologies, Inc.
qualcomm
>>wsa8845h>>-
cpe:2.3:h:qualcomm:wsa8845h:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-822Primaryproduct-security@qualcomm.com
CWE-119Primarynvd@nist.gov
CWE ID: CWE-822
Type: Primary
Source: product-security@qualcomm.com
CWE ID: CWE-119
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2026-bulletin.htmlproduct-security@qualcomm.com
Vendor Advisory
Hyperlink: https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2026-bulletin.html
Source: product-security@qualcomm.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

1565Records found
CVE-2021-35129
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.07%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 10:11
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption in BT controller due to improper length check while processing vendor specific commands in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-ipq5018_firmwaresd_8cx_gen3_firmwareqca2066wsa8830qcn9070qca8337_firmwarewcd9380_firmwareqcn9000qca8337wcn6856_firmwareqcn9012sd888sdx65qcn9072qcn6122_firmwarewsa8835wcd9380ipq5028_firmwaresd888_5gqca2064_firmwareqca2062wcd9370wcn6855_firmwareqcn6132_firmwareqcn9000_firmwareqcn9012_firmwareipq5018wcn6750wcd9385_firmwareqcn6024_firmwaresd_8_gen1_5g_firmwarewcn6850qca2065qcn6112qcn6100_firmwareqcn6102_firmwareqcn9024wcd9375_firmwareqca8081_firmwareqcn6023_firmwareqca6391ipq5010qca2062_firmwareqcn6102qcn9100sdx65_firmwareqcs6490qcm6490_firmwareipq5028qcn9070_firmwarewcn6851_firmwareqcn6112_firmwareqcn9074qcn9024_firmwareqcn6132wcn6855wcn6851qca8081wcn6856qcn6023wcd9385qcn6122qcc710qca2066_firmwareqca2065_firmwareqcs6490_firmwaresd_8cx_gen3qca6391_firmwarear8035wcd9375qca2064wcd9370_firmwaresd888_firmwareqcc710_firmwareqcn9100_firmwareqcn9022_firmwarewsa8830_firmwareqcn6024qcn9022ipq5010_firmwareqcm6490sd888_5g_firmwarewcn6850_firmwarewsa8835_firmwareqcn6100qcn9072_firmwareqcn9074_firmwaresm8475wcn6750_firmwarear8035_firmwareSnapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-53029
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.74%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in Automotive OS Platform

Memory corruption while reading a value from a buffer controlled by the Guest Virtual Machine.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-Snapdragon
CWE ID-CWE-20
Improper Input Validation
CVE-2021-35106
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 26.05%
||
7 Day CHG~0.00%
Published-01 Apr, 2022 | 04:40
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound read due to improper length calculation of WMI message. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055wcn3991_firmwarewsa8830sd678sa6150p_firmwaresa8145p_firmwareqcs610qcs2290_firmwarefsm10056qca8337csrb31024wcd9360_firmwaresdx65csra6620fsm10055_firmwareqcs4290wcn3950_firmwaresa8150p_firmwaresd765g_firmwareqcs2290qca6595au_firmwareqca6390_firmwaresa6155sd690_5gsd730_firmwarewcd9370csra6620_firmwaresd_675_firmwaresd675_firmwarecsra6640_firmwareqcs6125_firmwareqca6426qca6584au_firmwarewcn3990_firmwareqrb5165n_firmwaresa415mwcn3998qca6554a_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcn3950wcd9326_firmwaresd720gsd_8_gen1_5g_firmwaresm6375_firmwaresd662sd460_firmwaresa8155sm7315_firmwareqca6574au_firmwaresdx55_firmwareqca6595auqca8081_firmwaresa6155_firmwarewcd9375_firmwaresm7250p_firmwarewcn3998_firmwarewcn3999_firmwarewcd9360qca6436_firmwareqrb5165nqca6564au_firmwareqca6584ausa6155p_firmwaresd778gsm6225wcn3999sa515m_firmwareqcs6490qrb5165m_firmwareqrb5165_firmwaresdxr2_5gsa4155p_firmwareqcs6125sa8155_firmwaresd662_firmwaresa415m_firmwareqcs405wcn3988_firmwaresa6145p_firmwaresm6250sd778g_firmwaresa8195pwsa8810_firmwaresd765gsw5100sd765_firmwarefsm10056_firmwareqca6436wcd9326wcd9335sa6155pwcn6851qca8081qcs4290_firmwarewcd9385wcd9341qca6696_firmwareqcs6490_firmwaresd750gsd870_firmwarear8035qca6390sd750g_firmwareaqt1000sa8150pwcd9375sm6250_firmwarewcn3910_firmwarewsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988sd660_firmwarewcn6850_firmwarewsa8815_firmwaresa8195p_firmwarewsa8835_firmwaresm8475qca6564awcn6750_firmwaresa4150pqcm6125_firmwareqcm2290_firmwaresm6375wcn3991qca8337_firmwarewcd9380_firmwarewcn3990sd_675sw5100psd780gqca6554asd865_5gqca6595qca6564ausdx55m_firmwarewcn6856_firmwaresd888wsa8835qca6574wcd9380sd888_5gqca6574asd690_5g_firmwarewcn6855_firmwaresm7325pwcd9335_firmwarewcn3980wcn6750sa515mqca6574_firmwaresd855wsa8815sm7325p_firmwarewcn6850wcn3910qca6175asd765qca6426_firmwareqca6574a_firmwaresd768g_firmwareqrb5165mwcn3980_firmwaresm7315sd460qca6391sd730sdx55msdxr1_firmwareaqt1000_firmwarewcn6740_firmwaresdx65_firmwaresd678_firmwarear8031_firmwarecsrb31024_firmwareqcm4290qcm6490_firmwareqrb5165sd480_firmwarewcn6851_firmwaresm6225_firmwareqca6574ausa8155p_firmwareqca6564a_firmwarewcd9341_firmwareqcm6125qcm4290_firmwaresd480sd870wcn6855wsa8810sw5100p_firmwareqcs610_firmwarewcn6856sa6145psdxr1sd768gar8031qca6595_firmwareqcs405_firmwaresa8145pwcn6740qca6696qca6391_firmwaresa4150p_firmwaresd780g_firmwarewcd9370_firmwaresa6150psd888_firmwaresdx55sa8155pcsra6640sd675sm7250psd720g_firmwaresw5100_firmwaresa4155pqca6175a_firmwarear8035_firmwareqcm2290Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-53023
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.74%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use After Free in Automotive Android OS

Memory corruption may occur while accessing a variable during extended back to back tests.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1010_firmwareqca6678aq_firmwareqcm8550_firmwaresdm429w_firmwaresw5100pwsa8832wsa8845_firmwareqca6595srv1lwcd9335srv1mqca6678aqqca8081_firmwarewcd9370ar8035_firmwareqca6696qam8620p_firmwarewsa8830_firmwarewcd9340_firmwarewcd9341_firmwarewcd9395_firmwareqcc710_firmwaresnapdragon_685_4g_mobilewsa8832_firmwaresa8195p_firmwareqca8337_firmwareqca8337qdu1110wcd9395qca6574au_firmwareqam8295pwcd9341qca6574auqru1032vision_intelligence_400_firmwaresa8620p_firmwarewcd9390wcn3950wsa8810_firmwarewsa8845h_firmwaresa9000p_firmwaresrv1hqca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwarewcn3660b_firmwaresa8295p_firmwaresa8770pqca6584auqcn6274_firmwareqcc710qru1062_firmwaresw5100_firmwaresa8540pqru1062qfw7114_firmwareqca6595_firmwareqcs7230fastconnect_6900fastconnect_7800_firmwaresnapdragon_w5\+_gen_1_wearable_firmwaresnapdragon_x72_5gqru1032_firmwareqep8111sa7255pqfw7114wcd9385_firmwarefastconnect_6900_firmwareqam8255p_firmwarewcd9380qam8255psxr2230psnapdragon_680_4g_mobilewsa8845sa6155psnapdragon_429_mobile_firmwarewsa8810qam8650pqdu1000_firmwarevideo_collaboration_vc5_platform_firmwaresa9000psrv1h_firmwaresw5100qca6595ausxr2250p_firmwareqdu1010snapdragon_662_mobile_firmwaresa6155p_firmwaresnapdragon_685_4g_mobile_firmwarewsa8840qca6688aqqam8295p_firmwaresrv1m_firmwareqcs8550_firmwareqdu1210_firmwarewcn3990_firmwaresnapdragon_8_gen_2_mobile_firmwareqfw7124_firmwareqca6698aq_firmwarewcd9385snapdragon_x35_5g_firmwaresnapdragon_680_4g_mobile_firmwaresa8255pqcs7230_firmwarewcd9390_firmwaresnapdragon_460_mobilesnapdragon_8_gen_2_mobileqep8111_firmwarewcd9370_firmwareqdx1011_firmwareqdu1110_firmwareqdu1000sa7255p_firmwareqca6574asnapdragon_8\+_gen_2_mobileqru1052wcn3620_firmwarewcn3660bqca6174asa8195pwcd9340qcs8250_firmwareqdu1210qamsrv1msnapdragon_auto_5g_modem-rf_gen_2qca6174a_firmwaresa8540p_firmwareqam8650p_firmwarevideo_collaboration_vc5_platformsm8550p_firmwaresxr2250pqcm8550wcn3988snapdragon_662_mobilesdm429wqam8620pqca6584au_firmwareqcn6274qca6574qfw7124sa8775psnapdragon_w5\+_gen_1_wearableqca6595au_firmwareqca6391_firmwaresxr2230p_firmwarewsa8835wsa8840_firmwareqdu1010_firmwaresw5100p_firmwaresa8775p_firmwareqamsrv1hqca6696_firmwarewsa8845hwcd9380_firmwareqca6574_firmwaresa8155p_firmwareqca8081sg4150psa8155pwcd9335_firmwarewsa8830qam8775pqca6797aqsm8550psnapdragon_x35_5gqcm4325_firmwaresa8620psa8255p_firmwaresnapdragon_x75_5gar8035qca6574a_firmwareqamsrv1m_firmwaresa8650p_firmwarewcn3620qcm4325snapdragon_x72_5g_firmwarewcd9375_firmwaresa7775pqca6391snapdragon_x75_5g_firmwaresrv1l_firmwareqcn6224snapdragon_429_mobileqca6698aqsa7775p_firmwaresg4150p_firmwareqru1052_firmwaresa8770p_firmwaresa8295pwcn3950_firmwareqcs8550fastconnect_7800sa8650pqam8775p_firmwaresnapdragon_8\+_gen_2_mobile_firmwareqca6688aq_firmwareqdx1011wcd9375wcn3988_firmwareqamsrv1h_firmwarewcn3990vision_intelligence_400wsa8835_firmwareqcs8250qdx1010snapdragon_460_mobile_firmwareqcn6224_firmwareSnapdragon
CWE ID-CWE-416
Use After Free
CVE-2021-35069
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.07%
||
7 Day CHG~0.00%
Published-11 Feb, 2022 | 10:40
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper validation of data length received from DMA buffer can lead to memory corruption. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055sa6150p_firmwaresm6250p_firmwareqcs610ipq4028_firmwareqcn5550qca8337ar9380ipq8173_firmwarewcd9360_firmwaresdx65qcn5124qca4024_firmwarewcn3950_firmwareipq8078aipq5028_firmwaresa8150p_firmwareqcs2290qca6595au_firmwaresa6155qcn5064csra6620_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaresa415mwcn3998qca6554a_firmwarewcn3950qcn6024_firmwaresd720gipq8076asd_8_gen1_5g_firmwaresm6375_firmwaresd460_firmwaresm7315_firmwareqca6428qca6574au_firmwareqcn5164_firmwareipq8071wcd9375_firmwareqca8081_firmwarewcn3998_firmwaresa6155_firmwarewcd9360qca6438_firmwareipq8070_firmwareipq8065ipq8078a_firmwarewcn3999qrb5165_firmwareipq5028qca7500ipq8072_firmwareipq4029_firmwareqcs6125qrb5165m_firmwaresa8155_firmwareipq6010sd662_firmwareipq8068qcs405qcn6132sd765gfsm10056_firmwareqca6436wcn6851sa6155pqca9888_firmwareqcn6122wcd9341ipq8068_firmwareqca6696_firmwaresd870_firmwaresd750gqcn5154_firmwarewcn3910_firmwaresa8150pwsa8830_firmwareqca9992_firmwaresd660sd865_5g_firmwaresd855_firmwarewcn3988qca6438sd660_firmwaresa8195p_firmwaresm8475qcn5022_firmwarewcn6750_firmwareqca9898ipq4028qca6428_firmwareipq5018_firmwaresm6375qca9985_firmwarewcn3991ipq4018_firmwareqca8337_firmwarewcd9380_firmwareipq8072aqca7500_firmwareqca9980_firmwaremsm8996au_firmwareipq8076a_firmwareipq8078qca6564ausdx55m_firmwareipq8173wcn6856_firmwareqcn5164qca6574csr8811_firmwarewcd9380qcn5054_firmwareqcs410qcn5024sd690_5g_firmwareipq4019_firmwareqca8072_firmwareqca9985qcn9012_firmwarewcd9335_firmwareqcn5052_firmwarewcn3980ipq6018_firmwarewsa8815wcn6850pmp8074_firmwareqcn6112wcn3910qca6426_firmwareqca9984ipq6028ipq8064qcn9024pmp8074wcn3980_firmwaresd730qcn5550_firmwaresdx55mipq8064_firmwarewcn6740_firmwareqcn5064_firmwaresd678_firmwarear8031_firmwareipq8078_firmwareqcn5054qrb5165wcn6851_firmwareipq8070qca9994qca9980qcn9024_firmwareipq8174_firmwareqca6564a_firmwareqca9880qcm4290_firmwaresd480sd870wcn6855qcs610_firmwaresa6145pipq6018qca9886_firmwaresdxr1ar8031apq8096auqca6595_firmwareqcs405_firmwaresa8145pqca6391_firmwareqca4024wcd9370_firmwaresd780g_firmwaresdx55sd888_firmwareqcn5021_firmwaresd675csra6640sa8155par8035_firmwareqcm2290qcn5024_firmwarewcn3991_firmwarewsa8830sd678qcn9070sa8145p_firmwareqcs2290_firmwarefsm10056csrb31024csra6620fsm10055_firmwareqcn9072qca9880_firmwareqca9992qcs4290sd765g_firmwareqca6390_firmwaresd690_5gipq6000sd730_firmwarewcd9370sd675_firmwareipq8072qcn5152_firmwareqca6564qca6426qca6584au_firmwarewcn3990_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwareipq5018wcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwareipq8074asd662qcn5124_firmwareqcn6102_firmwareqcn9011_firmwareqcn6100_firmwaresa8155qcn5122_firmwaresdx55_firmwareqca6595auqcn6023_firmwarewcn3999_firmwaresm7250p_firmwareqca6436_firmwareqrb5165nipq5010qca6564au_firmwareqca6584ausd778gsa6155p_firmwaresm6225ipq8174sa515m_firmwareqca9990qcs6490sdxr2_5gqcn5052qcn6112_firmwaresa415m_firmwarewcn3988_firmwareqcn9074sa6145p_firmwaresm6250sd778g_firmwaresa8195pwsa8810_firmwaresd765_firmwarewcd9326wcd9335qca8081qcn6023ipq8071aipq8071a_firmwareqcs4290_firmwarewcd9385qcs6490_firmwareqca6390qca9898_firmwaresd750g_firmwareaqt1000wcd9375ar8035sm6250_firmwarecsr8811ipq4019qcn9100_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwarewsa8815_firmwareqcm6490wcn6850_firmwarewsa8835_firmwareqcx315qca6564aqcm6125_firmwareqca8072qcm2290_firmwarewcn3990qcn9000sd_675sd780gqca6554asd865_5gqca6595ar9380_firmwareqcn9012sd888qcn6122_firmwareipq8065_firmwareqcx315_firmwarewsa8835msm8996ausd665_firmwaresd888_5gsm6250pqcn5154qca8075_firmwareipq4018qca6574awcn6855_firmwareqca9889sm7325pqcn6132_firmwareqca9888ipq8074qca9994_firmwarewcn6750ipq8070a_firmwareipq8076_firmwaresa515mqca6574_firmwareqca9886sd855sm7325p_firmwaresd665ipq8076qca6175asd765qca6574a_firmwareqcn5021qcn5152sd768g_firmwareqrb5165msm7315sd460qca6391sdxr1_firmwareaqt1000_firmwareqcn6102qcn9100sdx65_firmwareqcm4290csrb31024_firmwareqcm6490_firmwareqcn9070_firmwaresd480_firmwareipq6028_firmwareipq8072a_firmwareqcn9011sm6225_firmwareipq8074_firmwareqca6574auqca9889_firmwaresa8155p_firmwareqcn5122wcd9341_firmwareqcm6125wsa8810wcn6856qcn5022qca6564_firmwaresd768gipq6010_firmwarewcn6740qca6696sa6150pqca8075qcn9022_firmwareapq8096au_firmwareqcn6024qcn9022qca9990_firmwareipq8070aqcn6100qcn9072_firmwaresm7250pipq6000_firmwaresd720g_firmwareipq8071_firmwareqcn9074_firmwareqcs410_firmwareipq4029qca6175a_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-35102
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.10% / 26.66%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 09:40
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow due to lack of validation for the length of NAI string read from EFS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830sd678sm6250p_firmwareqca8337qca6431_firmwarewcd9360_firmwaresdx65wcn3950_firmwaresd765g_firmwareqca6595au_firmwareqca6390_firmwaresd690_5gsd730_firmwarewcd9370sd_675_firmwaresd675_firmwareqca6426wcn3990_firmwarewcn3998wcd9385_firmwaresdxr2_5g_firmwarewcn3950sd720gsd_8_gen1_5g_firmwaresm7315_firmwareqca6574au_firmwaresdx55_firmwareqca6595auqca8081_firmwarewcd9375_firmwarewcn3998_firmwaresm7250p_firmwarewcd9360qca6436_firmwaresm7450_firmwaresd778gsa515m_firmwarewcn7851sdxr2_5gwcn3988_firmwareqca6421sd778g_firmwaresm6250wsa8810_firmwaresd765gsd765_firmwareqca6436wcn6851qca8081wcn7851_firmwarewcd9385wcd9341qca6431qca6696_firmwaresd750gsd870_firmwareqca6390ar8035sd750g_firmwarewcd9375sm6250_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwarewsa8815_firmwaresm7450sm8475wcn6750_firmwarewcn3991qca8337_firmwarewcd9380_firmwarewcn3990sd_675sd780gsd865_5gsdx55m_firmwarewcn6856_firmwaresd888wcd9380sd888_5gsm6250pqca6574asd690_5g_firmwarewcn6855_firmwarewcn3980wcn6750sa515msd855wsa8815wcn6850sd765qca6426_firmwareqca6574a_firmwaresd695sd768g_firmwarewcn3980_firmwaresm7315sd730qca6391sdx55mqca6421_firmwaresm8475_firmwarewcn6740_firmwaresdx65_firmwaresd678_firmwarewsa8832_firmwaresd480_firmwarewcn6851_firmwareqca6574auwcd9341_firmwaresd480sd870wsa8810wcn6855wsa8832wcn6856sd695_firmwaresd768gwcn6740qca6696qca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55sd888_firmwaresd675sm7250psd720g_firmwaresm8475p_firmwarear8035_firmwaresm8475pSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-35091
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.09% / 26.05%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 10:11
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bounds read due to improper typecasting while handling page fault for global memory in Snapdragon Connectivity, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn6855_firmwarewsa8830_firmwarewcd9380_firmwarewsa8830wsa8835wcn6856wsa8835_firmwarewcd9380wcn6855sm8475wcn6856_firmwaresd_8_gen1_5g_firmwareSnapdragon Connectivity, Snapdragon Mobile
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2021-35094
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.08% / 23.86%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 09:51
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper verification of timeout-based authentication in identity credential can lead to invalid authorization in HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwaresd_8cx_gen3_firmwarewsa8830sd678qcs2290_firmwareqca6431_firmwareqcs4290wcn3950_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqcs2290qca6390_firmwaresa6155sd690_5gsd730_firmwarewcd9370sd_675_firmwaresd675_firmwareqca6426wcn3998wcd9385_firmwaresdxr2_5g_firmwarewcn3950sm4125sd720gqsm8350_firmwaresd662qsm8350sd460_firmwaresa8155sa9000p_firmwarewcn7850qca6574au_firmwareqca6595ausa6155_firmwarewcd9375_firmwarewcn3998_firmwaresm7250p_firmwareqca6420qca6436_firmwaresd680_firmwaresd778gsa6155p_firmwarewcn7851qcs6490sdxr2_5gsa8155_firmwaresd662_firmwarewcn3988_firmwareqca6430qca6421sd778g_firmwaresm6250sa8195pwsa8810_firmwaresd765gsd765_firmwareqca6436sd680wcn6851sa6155pwcn7851_firmwareqcs4290_firmwarewcd9385wcd9341qca6431qca6696_firmwareqcs6490_firmwaresd750gsd870_firmwaresd_8cx_gen3qca6390wcd9375sd750g_firmwareaqt1000wcn3910_firmwaresm6250_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewcn7850_firmwarewsa8815_firmwaresa8195p_firmwarewsa8835_firmwarewcn6750_firmwareqcm2290_firmwarewcn3991wcd9380_firmwaresd_675sd780gsd865_5gsdx55m_firmwarewcn6856_firmwarewsa8835qca6574sd665_firmwaresa8540p_firmwarewcd9380sd888_5gqca6574asd690_5g_firmwaresdx50m_firmwarewcn6855_firmwaresm7325pqca6430_firmwarewcn3980wcn6750sa9000pqca6574_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665wcn3910wcn6850wsa8815sd765qca6426_firmwareqca6574a_firmwaresd695sd768g_firmwarewcn3980_firmwaresd460qca6391sd730sdx55mqca6421_firmwareaqt1000_firmwarewcn6740_firmwaresd678_firmwareqcm4290qcm6490_firmwaresdx50msd480_firmwarewcn6851_firmwareqca6574ausa8155p_firmwarewcd9341_firmwareqcm4290_firmwaresd480sd870wcn6855wsa8810sa8540pwcn6856sd695_firmwaresd768gwcn6740qca6696qca6391_firmwaresd780g_firmwarewcd9370_firmwaresa8155psd675sm7250psd720g_firmwareqcm2290Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-287
Improper Authentication
CVE-2021-35089
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.10% / 28.05%
||
7 Day CHG~0.00%
Published-01 Apr, 2022 | 04:40
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow due to lack of input IB amount validation while processing the user command in Snapdragon Auto

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6574ausa8155psa8155p_firmwareqca6696_firmwareqca6574au_firmwareqca6696Snapdragon Auto
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-35075
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.09% / 26.05%
||
7 Day CHG~0.00%
Published-11 Feb, 2022 | 10:40
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible null pointer dereference due to lack of WDOG structure validation during registration in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwaresm6375wsa8830wcn3991sa6150p_firmwareqca8337_firmwaresa8145p_firmwarewcd9380_firmwaresd780gqca8337wcn6856_firmwaresd888sdx65wsa8835qca6574wcd9380sa8150p_firmwaresd888_5gqca6595au_firmwarewcd9370qca6574awcn6855_firmwareqca6174asm7325pwcd9335_firmwareqca9377wcn6750wcn3998wcd9385_firmwareqca6574_firmwaresd_8_gen1_5g_firmwaresm6375_firmwarewsa8815sm7325p_firmwarewcn6850sm7315_firmwareqca6574a_firmwareqca6574au_firmwareqca6595auqca8081_firmwaresdx12_firmwarewcd9375_firmwarewcn3998_firmwaresm7315qca6391wcn6740_firmwaresd778gsa6155p_firmwaresdx65_firmwareqcs6490qcm6490_firmwaresd480_firmwarewcn6851_firmwarewcn3988_firmwareqca6574ausa6145p_firmwaresa8155p_firmwaresd778g_firmwaresa8195pwsa8810_firmwaresd480wsa8810wcn6855wcn6851wcd9335sa6155pqca8081wcn6856sa6145pqca6174a_firmwarewcd9385qca6696_firmwareqcs6490_firmwaresa8145pwcn6740qca6696qca6391_firmwarear8035wcd9375sd780g_firmwarewcd9370_firmwaresa8150psa6150psd888_firmwaresa8155pwsa8830_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresdx12sm8475wcn6750_firmwarear8035_firmwareSnapdragon Auto, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-53031
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.74%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in Automotive OS Platform

Memory corruption while reading a type value from a buffer controlled by the Guest Virtual Machine.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa9000pqca6595au_firmwaresa8650p_firmwareqam8775psa8255pqamsrv1m_firmwareqca6595qca6688aq_firmwaresa8770psa8775psrv1h_firmwaresa8620p_firmwareqam8650p_firmwareqca6595_firmwaresrv1mqam8620psa8775p_firmwareqamsrv1msa9000p_firmwaresrv1hqca6574ausa7255psrv1m_firmwaresa8620psa7775psa8650pqam8620p_firmwaresa8540p_firmwaresa7255p_firmwareqam8775p_firmwareqam8295p_firmwareqam8255pqca6688aqqca6698aqsa7775p_firmwaresa8255p_firmwaresa8770p_firmwaresa8295p_firmwareqca6696_firmwareqam8295pqamsrv1hsrv1l_firmwareqca6574au_firmwareqamsrv1h_firmwareqca6595auqam8255p_firmwaresa8295psrv1lqca6698aq_firmwareqam8650pqca6696sa8540pSnapdragon
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-35126
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.11% / 29.07%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 10:11
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption in DSP service due to improper validation of input parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn6740_firmwaresd_8cx_gen3_firmwaresd778gwcd9380_firmwarewsa8830sd780gqcs6490qcm6490_firmwarewcn6851_firmwarewcn6856_firmwaresd888wsa8835sd778g_firmwarewcd9380sd888_5gwcn6855wcn6851wcd9370wcn6856wcn6855_firmwaresm7325pwcd9385qca6696_firmwareqcs6490_firmwarewcn6750wcn6740qca6696sd_8cx_gen3qca6391_firmwareqam8295pwcd9385_firmwarewcd9375sd780g_firmwarewcd9370_firmwaresd_8_gen1_5g_firmwarewcn6750_firmwaresd888_firmwaresm7325p_firmwarewcn6850wsa8830_firmwareqam8295p_firmwareqcm6490sd888_5g_firmwaresm7315_firmwarewcn6850_firmwarewsa8835_firmwarewcd9375_firmwaresm8475sm7315sa8295p_firmwareqca6391sa8295pSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2024-53014
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.28%
||
7 Day CHG-0.04%
Published-03 Mar, 2025 | 10:07
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Validation of Array Index in Audio

Memory corruption may occur while validating ports and channels in Audio driver.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm429w_firmwaresw5100pqcm8550_firmwaresd865_5gqcs410_firmwarewcn6650sa6150p_firmwaresm8735qca6595qcs610_firmwaresnapdragon_8\+_gen_1wcd9335wcd9370qca8081_firmwaresnapdragon_730gsnapdragon_429_firmwareqca6696qam8620p_firmwarewcn7880_firmwarewcd9340_firmwaresa8530pwcd9341_firmwaresxr2330p_firmwarewcd9395_firmwarewcn7881_firmwareqcn6024wcn7750wcn6450qcc710_firmwareqca6426snapdragon_auto_4gwcn6740_firmwaresnapdragon_720g_firmwarefastconnect_6700snapdragon_695_5gsa4150psnapdragon_888_5gwsa8832_firmwareqca8337qca6426_firmwarewcd9395snapdragon_4_gen_2_firmwareqca6574au_firmwaresm6370qca6564_firmwareqam8295psnapdragon_x12_lte_firmwarewcd9341qca6574auwcd9390sa8620p_firmwarewsa8810_firmwaresd730_firmwarewsa8845h_firmwaresnapdragon_429csra6640sa9000p_firmwaresnapdragon_690_5gsnapdragon_778g\+_5g_firmwaresnapdragon_865\+_5gsrv1hsm8650q_firmwaresnapdragon_765_5gwcn3660b_firmwaresd730snapdragon_8\+_gen_2fastconnect_6800_firmwareqcs5430wcn7860snapdragon_865\+_5g_firmwareqcn6024_firmwaresnapdragon_x65_5gqcm5430qcm5430_firmwarevideo_collaboration_vc1_platform_firmwaresnapdragon_888\+_5g_firmwaresa4155psa8770pqcm6125_firmwarec-v2x_9150ssg2115pqcc710snapdragon_x50_5gsnapdragon_xr2_5g_firmwaresa8540psnapdragon_730qsm8250_firmwaresnapdragon_765g_5g_firmware315_5g_iot_modem_firmwaresnapdragon_660_firmwaresnapdragon_4_gen_2fastconnect_6900robotics_rb2snapdragon_w5\+_gen_1_wearable_firmwaresnapdragon_8_gen_2_firmwaresnapdragon_x72_5gvideo_collaboration_vc1_platformqep8111sm8635sa7255pqfw7114wcd9385_firmware315_5g_iot_modemqam8255p_firmwaresnapdragon_778g_5gsnapdragon_678_firmwaresa8155_firmwarewcd9360sdx61qcs4490snapdragon_732g_firmwaresnapdragon_662_firmwaresnapdragon_x50_5g_firmwarewsa8845sa6155pqcm6125qca6564au_firmwarewsa8810qam8650pvideo_collaboration_vc5_platform_firmwaresnapdragon_855_firmwaresa9000psrv1h_firmwareqsm8250snapdragon_678qca6595ausxr2250p_firmwaresm7315_firmwaresnapdragon_865_5g_firmwarewcd9326_firmwaresa6155p_firmwaresnapdragon_730g_firmwaresnapdragon_ar1_gen_1wsa8840srv1m_firmwareqcs8550_firmwareqfw7124_firmwareqca6436_firmwaresm8750psnapdragon_x35_5g_firmwareqcn9012wcd9371_firmwareqcs4490_firmwarewcn3910_firmwaresnapdragon_7c\+_gen_3_compute_firmwaresnapdragon_675_firmwaresm4125_firmwaresm8635psnapdragon_680_4gqmp1000qca6420wcn3910wcd9370_firmwareqca9367robotics_rb2_firmwaresnapdragon_8_gen_2snapdragon_480\+_5g_firmwaresnapdragon_765_5g_firmwarewcn3660bqca6574asa7255p_firmwarewcn3620_firmwareqca6174asnapdragon_695_5g_firmwaresa8195psnapdragon_750g_5g_firmwarewcd9340qcs8250_firmwareqcm2290talynplusqcm6490215sa8540p_firmwaresm8550p_firmwaresnapdragon_x55_5g_firmwareqcm8550sxr2250pwcn3988sm6370_firmwareqcn9024sdm429wsa8775pqca6574sxr2230p_firmwaresd675_firmwareqca6430_firmwareqcn9011sa8775p_firmwaresnapdragon_439_firmwareqamsrv1hsmart_audio_400qcn9024_firmwarewsa8845hwcd9326sa6150psm8650qqcm2290_firmwareqcs410sa8155p_firmwareqca6564asa8155psnapdragon_855\+wsa8830snapdragon_870_5g_firmwaresm8550psnapdragon_x65_5g_firmwaresa6145pqcn9074_firmwaresm7675_firmwaresa8255p_firmwaresnapdragon_888\+_5gsnapdragon_x75_5gsnapdragon_720gar8035sm7635_firmwareqamsrv1m_firmwareqca6564wcn7750_firmwareqrb5165m_firmwaresa8650p_firmwarewcn3620wcn6450_firmwaresa6155qcm4325snapdragon_860snapdragon_x72_5g_firmwaresrv1l_firmwareqcn6224snapdragon_782gqca6698aqwcn3950_firmwaressg2125p_firmwaresm7635qrb5165nsa7775p_firmwaresa8530p_firmwaresm6250fastconnect_6200wcn3680bsm7325p_firmwaresa8145p_firmwarewcd9360_firmwarewcd9378sm8635p_firmwaresa8150p_firmwaresnapdragon_768g_5gfastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwarewcn3990snapdragon_778g_5g_firmwaresnapdragon_780g_5gqcs6490qcs8250snapdragon_778g\+_5gfastconnect_6200_firmwarear8031_firmwarewsa8830_firmwareqcn6224_firmwareqca6678aq_firmwarewsa8845_firmwaresd660_firmwarewsa8832sdx61_firmwarewcd9378_firmwaresrv1lsxr2130_firmwaresm7675psrv1mqca6678aqar8035_firmwarewcn7860_firmwareqrb5165msnapdragon_680_4g_firmwaresa4150p_firmwaresd888_firmwaresnapdragon_439qca6564auqcs6125_firmwaresm4635snapdragon_460qcn9074wsa8815_firmwaresnapdragon_865_5gsa8195p_firmwareqca8337_firmwaresnapdragon_auto_4g_firmwareqcm4290snapdragon_480_5g_firmwaresnapdragon_4_gen_1_firmwaresnapdragon_x12_ltesnapdragon_685_4gar8031qca9377_firmwaresnapdragon_x62_5gsnapdragon_xr2\+_gen_1qcm6490_firmwaresg8275p_firmwaresm7250p_firmwarewcn3680_firmwaresm4635_firmwaresa2150p_firmwaresm4125qcm4490_firmwarevision_intelligence_400_firmwarewcn3950qcs6125flight_rb5_5gsnapdragon_690_5g_firmwaresm8750qca6797aq_firmwaresnapdragon_7c\+_gen_3_computetalynplus_firmwaresmart_audio_400_firmwaresnapdragon_460_firmwaresnapdragon_855\+_firmwaresa8295p_firmwaresd_675_firmwaresa4155p_firmwaresnapdragon_auto_5g_firmwaresm7250psm6250_firmwaresa8155snapdragon_768g_5g_firmwareqca6584ausd888qcn6274_firmwarewcn6755_firmwareqcn9011_firmwaresa2150psw5100_firmwarewcn6740wcn6650_firmwaresnapdragon_732gfastconnect_6800qfw7114_firmwaresnapdragon_662qcs7230qca6595_firmwarefastconnect_7800_firmwarewcd9371sm8635_firmwarefastconnect_6900_firmwarerobotics_rb5_firmwarewcd9380sa6145p_firmwareqam8255psxr2230psa6155_firmwareqmp1000_firmwaresnapdragon_xr2_5gwcn7880sa8150psxr2330pwcn6755snapdragon_888_5g_firmware215_firmwaresnapdragon_765g_5gsnapdragon_8\+_gen_2_firmwaresxr1230pwcn7881sm6650sw5100video_collaboration_vc3_platformaqt1000qcm2150_firmwarec-v2x_9150_firmwareqca6688aqqam8295p_firmwaresd855snapdragon_8_gen_1_firmwarewcn3990_firmwaresm7315snapdragon_750g_5gqca6698aq_firmwareqcs2290qca6564a_firmwarewcd9385qcs2290_firmwaresnapdragon_xr2\+_gen_1_firmwarewcn3615qca9367_firmwarewcn3680snapdragon_8_gen_1sa8255pqcs7230_firmwareqcs4290sxr1230p_firmwarewcd9390_firmwaresnapdragon_x62_5g_firmwaresnapdragon_8_gen_3qep8111_firmwareqca6430sg8275psnapdragon_782g_firmwaresnapdragon_855sdx55_firmwaresnapdragon_x55_5gsm8750_firmwarewcn3615_firmwareflight_rb5_5g_firmwaressg2125psxr2130snapdragon_4_gen_1qcm4490snapdragon_870_5gcsra6640_firmwareqamsrv1mrobotics_rb5snapdragon_480\+_5gsm7325psnapdragon_685_4g_firmwarewcn7861qca6174a_firmwareqam8650p_firmwarevideo_collaboration_vc5_platformwcn7861_firmwareqca6420_firmwareaqt1000_firmwareqcs6490_firmwaresm6650_firmwaresnapdragon_480_5gqam8620pwcd9335_firmwareqrb5165n_firmwareqca6436wcn3980_firmwaresd855_firmwarewsa8835wsa8840_firmwareqca6391_firmwareqca6584au_firmwareqcn6274qfw7124qca6595au_firmwaresw5100p_firmwareqca6696_firmwareqcs4290_firmwarewcd9380_firmwareqca6574_firmwarecsra6620qca8081sd660mdm9628wsa8815sg4150pqam8775pqca9377snapdragon_ar2_gen_1_firmwaresnapdragon_auto_5gsd_8_gen1_5gqca6797aqsnapdragon_730_firmwaremdm9628_firmwaresnapdragon_860_firmwareqcm4325_firmwaresnapdragon_x35_5gsa8620psnapdragon_660qca6574a_firmwaresdx55qcm4290_firmwaresnapdragon_8\+_gen_1_firmwaresd675wcd9375_firmwaresnapdragon_8_gen_3_firmwaresa7775pqca6391snapdragon_ar1_gen_1_firmwaresnapdragon_x75_5g_firmwaresd_8_gen1_5g_firmwareqcn9012_firmwareqcs5430_firmwaresg4150p_firmwaresnapdragon_780g_5g_firmwaresa8770p_firmwarecsra6620_firmwaresa8295pqcs8550snapdragon_675sm8735_firmwarefastconnect_7800sa8650pqam8775p_firmwaresd865_5g_firmwaresm8750p_firmwarewcd9375qca6688aq_firmwaresnapdragon_ar2_gen_1wcn3988_firmwareqamsrv1h_firmwaresm7675sa8145psd_675vision_intelligence_400wsa8835_firmwaressg2115p_firmwarewcn3980sm7675p_firmwareqcm2150wcn3680b_firmwaresnapdragon_w5\+_gen_1_wearableqcs610Snapdragon
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2024-53024
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.28%
||
7 Day CHG-0.04%
Published-03 Mar, 2025 | 10:07
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NULL Pointer Dereference in Display

Memory corruption in display driver while detaching a device.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm429w_firmwareqcm8550_firmwareqcs410_firmwaresw5100pwcn6650qca6595sm8735qcs610_firmwaresnapdragon_8\+_gen_1wcd9335wcd9370qca8081_firmwaresnapdragon_429_firmwareqca6696qam8620p_firmwarewcn7880_firmwaresa8530pwcd9341_firmwaresxr2330p_firmwarewcd9395_firmwarewcn7881_firmwareqcn6024wcn7750wcn6450wcn6740_firmwarefastconnect_6700snapdragon_695_5gsnapdragon_888_5gwsa8832_firmwareqca8337wcd9395snapdragon_4_gen_2_firmwareqca6574au_firmwaresm6370qam8295pwcd9341qca6574auwcd9390sa8620p_firmwarewsa8810_firmwarewsa8845h_firmwaresnapdragon_429csra6640sa9000p_firmwaresrv1hsnapdragon_778g\+_5g_firmwaresm8650q_firmwarewcn3660b_firmwareqcs9100snapdragon_8\+_gen_2qcs5430wcn7860qcn6024_firmwaresnapdragon_x65_5gqcm5430qcm5430_firmwarevideo_collaboration_vc1_platform_firmwaresnapdragon_888\+_5g_firmwaresa8770pqcm6125_firmwaressg2115psa8540pqsm8350_firmwaresnapdragon_4_gen_2robotics_rb2fastconnect_6900snapdragon_w5\+_gen_1_wearable_firmwaresnapdragon_8_gen_2_firmwarevideo_collaboration_vc1_platformsa7255psm8635wcd9385_firmwareqam8255p_firmwaresnapdragon_778g_5gsdx61qcs4490snapdragon_662_firmwarewsa8845sa6155pqcm6125wsa8810video_collaboration_vc5_platform_firmwareqam8650psa9000psrv1h_firmwareqca6595ausxr2250p_firmwaresm7315_firmwaresa6155p_firmwarewsa8840snapdragon_ar1_gen_1srv1m_firmwareqcs8550_firmwaresm8750pqcn9012qcs4490_firmwaresnapdragon_7c\+_gen_3_compute_firmwaresm8635pqmp1000snapdragon_680_4gwcd9370_firmwarerobotics_rb2_firmwaresnapdragon_8_gen_2snapdragon_480\+_5g_firmwarewcn3660bqca6574asa7255p_firmwarewcn3620_firmwaresa8195psnapdragon_695_5g_firmwareqcs8250_firmwaretalynplussa8540p_firmwareqcm6490sm8550p_firmwaresxr2250pqcm8550wcn3988sm6370_firmwareqcn9274qcn9024sa8775pqca6574sxr2230p_firmwareqcn9011sa8775p_firmwareqamsrv1hsmart_audio_400qcn9024_firmwarewsa8845hqcs410sm8650qsa8155p_firmwaresa8155pwsa8830sm8550psnapdragon_x65_5g_firmwaresm7675_firmwaresa8255p_firmwaresnapdragon_888\+_5gar8035sm7635_firmwareqamsrv1m_firmwarewcn7750_firmwareqrb5165m_firmwaresa8650p_firmwarewcn3620wcn6450_firmwareqcm4325srv1l_firmwareqcs9100_firmwareqcs615snapdragon_782gssg2125p_firmwarewcn3950_firmwaresa7775p_firmwareqca6698aqqrb5165nsm7635sa8530p_firmwarefastconnect_6200sm7325p_firmwarewcd9378sm8635p_firmwarefastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwaresnapdragon_778g_5g_firmwaresnapdragon_780g_5gqcs6490qcs8250snapdragon_778g\+_5gfastconnect_6200_firmwarewsa8830_firmwareqca6678aq_firmwarewsa8845_firmwarewsa8832sdx61_firmwarewcd9378_firmwaresrv1lsm7675psrv1mqca6678aqar8035_firmwarewcn7860_firmwareqrb5165msnapdragon_680_4g_firmwaresd888_firmwareqcs6125_firmwaresm4635snapdragon_460wsa8815_firmwaresa8195p_firmwareqca8337_firmwaresnapdragon_480_5g_firmwaresnapdragon_4_gen_1_firmwaresnapdragon_685_4gsg8275p_firmwaresnapdragon_x62_5gqcm6490_firmwaresm4635_firmwareqcm4490_firmwarewcn3950qcs6125flight_rb5_5gsm8750qca6797aq_firmwaresnapdragon_7c\+_gen_3_computetalynplus_firmwaresa8295p_firmwaresmart_audio_400_firmwaresnapdragon_460_firmwaresd888wcn6755_firmwareqcn9011_firmwaresw5100_firmwarewcn6740wcn6650_firmwaresnapdragon_662qcs7230qca6595_firmwarefastconnect_7800_firmwaresm8635_firmwarefastconnect_6900_firmwarerobotics_rb5_firmwarewcd9380qam8255psxr2230pqmp1000_firmwarewcn7880sxr2330pwcn6755snapdragon_888_5g_firmwaresnapdragon_8\+_gen_2_firmwaresxr1230pwcn7881sm6650sw5100video_collaboration_vc3_platformqca6688aqqam8295p_firmwaresnapdragon_8_gen_1_firmwaresm7315qca6698aq_firmwarewcd9385qsm8350snapdragon_8_gen_1sa8255pqcs7230_firmwaresxr1230p_firmwarewcd9390_firmwaresnapdragon_x62_5g_firmwaresnapdragon_8_gen_3qcs615_firmwaresg8275psnapdragon_782g_firmwaresm8750_firmwareflight_rb5_5g_firmwaressg2125pqcm4490snapdragon_4_gen_1csra6640_firmwareqamsrv1mrobotics_rb5snapdragon_480\+_5gsm7325psnapdragon_685_4g_firmwarewcn7861wcn7861_firmwareqam8650p_firmwarevideo_collaboration_vc5_platformqcs6490_firmwaresm6650_firmwaresnapdragon_480_5gqam8620pwcd9335_firmwareqrb5165n_firmwarewcn3980_firmwaresdm429wwsa8835wsa8840_firmwareqca6391_firmwareqca6595au_firmwareqcs8300_firmwaresw5100p_firmwareqca6696_firmwareqcs8300wcd9380_firmwareqca6574_firmwarecsra6620qca8081wsa8815sg4150psd_8_gen1_5gqam8775psnapdragon_ar2_gen_1_firmwareqca6797aqqcm4325_firmwaresa8620pqca6574a_firmwaresnapdragon_8\+_gen_1_firmwaresd_8_gen1_5g_firmwaresnapdragon_8_gen_3_firmwaresa7775pqca6391snapdragon_ar1_gen_1_firmwarewcd9375_firmwareqcn9274_firmwareqcn9012_firmwareqcs5430_firmwaresg4150p_firmwaresnapdragon_780g_5g_firmwaresa8770p_firmwarecsra6620_firmwaresa8295pqcs8550sm8735_firmwarefastconnect_7800sa8650pqam8775p_firmwaresm8750p_firmwarewcd9375qca6688aq_firmwaresnapdragon_ar2_gen_1wcn3988_firmwareqamsrv1h_firmwaresm7675wsa8835_firmwaressg2115p_firmwarewcn3980sm7675p_firmwaresnapdragon_w5\+_gen_1_wearableqcs610Snapdragon
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-53012
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.02%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in Automotive OS Platform

Memory corruption may occur due to improper input validation in clock device.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-Snapdragon
CWE ID-CWE-20
Improper Input Validation
CVE-2021-35132
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.10% / 27.31%
||
7 Day CHG~0.00%
Published-02 Sep, 2022 | 11:31
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound write in DSP service due to improper bound check for response buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwaresd_8cx_gen3_firmwarewsa8830sd678sm6250p_firmwareqcs610qcs2290_firmwareqca8337qca6431_firmwaresd7c_firmwarewcd9360_firmwaresdx65qcs4290wcn3950_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqcs2290qca6390_firmwaresa6155sd690_5gsd730_firmwarewcd9370sd_675_firmwaresd675_firmwareqca6426wcn3990_firmwareqrb5165n_firmwarewcn3998wcd9371_firmwarewcd9385_firmwaresdxr2_5g_firmwaresd_8cx_gen2_firmwaresm4125sd720gwcd9326_firmwarewcn3950wcn3660bqsm8350_firmwaresd662sd710_firmwareqsm8350sd460_firmwaresa8155sa9000p_firmwaresm7315_firmwareqca6574au_firmwaresdx55_firmwarewcn7850qca6595auqca8081_firmwaresa6155_firmwarewcd9375_firmwaresm7250p_firmwarewcn3998_firmwareqca6420qca6436_firmwarewcd9360qrb5165nsd680_firmwaresd778gsa6155p_firmwaresd_8cx_gen2sa515m_firmwareqcs6490qrb5165_firmwareqrb5165m_firmwaresd429sdxr2_5gwcn7851sa8155_firmwaresd662_firmwarewcn3988_firmwareqca6430sd429_firmwareqca6421sd778g_firmwaresm6250wcd9340sa8195pwsa8810_firmwaresd765gsw5100sd765_firmwareqca6436sd680wcd9326sa6155pwcn6851qca8081wcn7851_firmwareqcs4290_firmwarewcd9385wcd9341qca6431qca6696_firmwareqcs6490_firmwarewcd9371sd750gsd870_firmwaresd_8cx_gen3qca6390ar8035sd750g_firmwareaqt1000wcd9375wcn3910_firmwaresm6250_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewcn3620_firmwareqcm6490sd888_5g_firmwarewcn3988wcn3620wcn6850_firmwarewcn7850_firmwaresa8195p_firmwarewsa8815_firmwarewsa8835_firmwarewcn6750_firmwareqcm2290_firmwarewcn3991qca8337_firmwarewcd9380_firmwarewcn3990sd_675sdm429wsd780gsw5100psd865_5gsdx55m_firmwarewcn6856_firmwaresd888sd670_firmwareqca6574wsa8835sdm429w_firmwaresd665_firmwaresa8540p_firmwarewcd9380sd888_5gsm6250pqcs410qca6574asd690_5g_firmwaresdx50m_firmwarewcn6855_firmwaresm7325pqca6430_firmwarewcn3980wcn6750sa515msa9000pqca6574_firmwarewcd9340_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665sd7cwcn3910wcn6850wsa8815sd765qca6426_firmwarewcn3660b_firmwareqca6574a_firmwaresd695sd768g_firmwareqrb5165mwcn3980_firmwaresm7315sd460qca6391sd730sdx55mqca6421_firmwareaqt1000_firmwarewcn6740_firmwaresdx65_firmwaresd678_firmwareqcm4290qcm6490_firmwaresdx50mqrb5165sd480_firmwarewcn6851_firmwareqca6574ausa8155p_firmwaresd710sd670wcd9341_firmwareqcm4290_firmwaresd480sd870wcn6855wsa8810sa8540psw5100p_firmwareqcs610_firmwarewcn6856sd695_firmwaresd768gwcn6740qca6696qca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55sd888_firmwaresa8155psd675sm7250psd720g_firmwaresw5100_firmwareqcs410_firmwarear8035_firmwareqcm2290Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-1284
Improper Validation of Specified Quantity in Input
CVE-2024-53028
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 24.76%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Time-of-check Time-of-use (TOCTOU) Race Condition in Automotive Vehicle Networks

Memory corruption may occur while processing message from frontend during allocation.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-Snapdragon
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2024-53010
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.00%
||
7 Day CHG~0.00%
Published-03 Jun, 2025 | 05:52
Updated-28 Nov, 2025 | 16:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Access Control in Core

Memory corruption may occur while attaching VM when the HLOS retains access to VM.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380qcs6490_firmwaresdx80msdx55snapdragon_888_5g_mobile_platform_firmwaresnapdragon_8cx_compute_platform_\(sc8180x-ab\)_firmwareqca6310_firmwareqca6688aqqam8650psd670_firmwareqca6420_firmwarewcd9340_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_x72_5g_modem-rf_systemsa6155psnapdragon_870_5g_mobile_platform_\(sm8250-ac\)qamsrv1m_firmwaresnapdragon_7c\+_gen_3_compute_firmwaresnapdragon_8\+_gen_2_mobile_platformsnapdragon_8cx_compute_platform_\(sc8180xp-ac\)_firmwareqfw7124_firmwareqcs8550snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-ab\)_firmwareaqt1000qdx1011snapdragon_8cx_compute_platform_\(sc8180x-ab\)qep8111_firmwaresnapdragon_8_gen_2_mobile_platform_firmwaresm7325p_firmwareqam8255p_firmwarevision_intelligence_400_platformsrv1l_firmwaresnapdragon_x50_5g_modem-rf_systemsa8150p_firmwareqcm8550_firmwareqamsrv1h_firmwaresm4635_firmwaresd855wcd9341_firmwaresnapdragon_auto_5g_modem-rf_gen_2sd_8_gen1_5gsnapdragon_845_mobile_platformsnapdragon_765g_5g_mobile_platform_\(sm7250-ab\)_firmwareqam8295pssg2115pwcd9385_firmwareqcm6490_firmwaresa7255p_firmwaresnapdragon_x62_5g_modem-rf_systemqep8111qca6391sa8295p_firmwareqca6335_firmwareqca6584au_firmwareqcs6490snapdragon_x72_5g_modem-rf_system_firmwaresd_675_firmwaresnapdragon_x62_5g_modem-rf_system_firmwarewsa8810sc8380xp_firmwareqcm8550snapdragon_888\+_5g_mobile_platform_\(sm8350-ac\)_firmwarewsa8815sm7315snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-af\)_firmwaresrv1hqcm4490_firmwaresnapdragon_855_mobile_platformqdu1010_firmwarewcd9326_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_\(sc8180xp-ab\)snapdragon_778g_5g_mobile_platform_firmwareqca6421_firmwaresnapdragon_x32_5g_modem-rf_system_firmwaresm8550p_firmwareqru1062_firmwarevideo_collaboration_vc3_platform_firmwaresnapdragon_4_gen_2_mobile_platform_firmwareqca6574au_firmwaresd_8_gen1_5g_firmwarewcd9378snapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)_firmwaresnapdragon_8cx_compute_platform_\(sc8180x-aa\)sa8530pqca6595au_firmwaresnapdragon_8_gen_2_mobile_platformqdx1010wcn3980qca6584auqcn6274snapdragon_778g\+_5g_mobile_platform_\(sm7325-ae\)vision_intelligence_300_platform_firmwaresa8150psnapdragon_ar1_gen_1_platform_\"luna1\"_firmwareqca6797aqqam8650p_firmwareqcn6224_firmwareqca6564asa8155psnapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-af\)snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-ac\)sa8540p_firmwarewcd9385wcd9380_firmwareqca9377_firmwareqca6574asnapdragon_675_mobile_platformwcd9340snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-ab\)qca6436wsa8845_firmwarewcd9341sa7255pqca6426_firmwarefastconnect_6200sd888sg8275p_firmwareqca8337_firmwaresnapdragon_x35_5g_modem-rf_systemwcn3988_firmwaresnapdragon_675_mobile_platform_firmwaresnapdragon_765_5g_mobile_platform_\(sm7250-aa\)_firmwaresnapdragon_8cx_compute_platform_\(sc8180x-aa\)_firmwareqca6698aqsnapdragon_8c_compute_platform_\(sc8180x-ad\)_firmwarewsa8832aqt1000_firmwaresd675_firmwareqdu1210snapdragon_ar1_gen_1_platform_firmwareqsm8350_firmwaresnapdragon_7c\+_gen_3_computeqcn6224snapdragon_ar1_gen_1_platformsnapdragon_670_mobile_platform_firmwaresdx57m_firmwaresnapdragon_x24_lte_modemwcd9370qca8081_firmwareqcc710_firmwareqca6698aq_firmwarefastconnect_6800qca6574a_firmwarewsa8832_firmwaresa8650psxr2230p_firmwareqca6678aq_firmwareqsm8350sm7250psm8550pwcd9378_firmwareqca6431_firmwareqcn9274_firmwareqcs5430ssg2115p_firmwaresm7315_firmwarewsa8845h_firmwarewcd9395_firmwaresd670snapdragon_x35_5g_modem-rf_system_firmwarefastconnect_6900_firmwareqca6678aqsa9000pwsa8835_firmwaresa8295psnapdragon_888_5g_mobile_platformwcd9390ar8035sc8380xpqdx1011_firmwaresa8775p_firmwaresdx55_firmwarewcn3988qam8775psa8540pqca6696_firmwarevision_intelligence_300_platformvision_intelligence_400_platform_firmwareqca6797aq_firmwaresnapdragon_8c_compute_platform_\(sc8180xp-ad\)_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareqca6564au_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_\(sc8180xp-ab\)_firmwaresa8650p_firmwaresnapdragon_678_mobile_platform_\(sm6150-ac\)qcn9011_firmwarerobotics_rb3_platform_firmwareqcs4490_firmwaresxr2250p_firmwaresnapdragon_780g_5g_mobile_platformsrv1mqcn9012_firmwarewcd9395sxr2250pqcn9012qcm4490qru1052sxr2330p_firmwarewsa8810_firmwaresnapdragon_x65_5g_modem-rf_system_firmwaresnapdragon_768g_5g_mobile_platform_\(sm7250-ac\)_firmwareqdu1210_firmwaresnapdragon_8cx_compute_platform_\(sc8180xp-af\)qdu1110_firmwarewsa8840snapdragon_778g_5g_mobile_platformsxr1230pqdu1110qca9377wsa8840_firmwarefastconnect_6700_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwaresa8155_firmwaresnapdragon_782g_mobile_platform_\(sm7325-af\)_firmwaresnapdragon_8cx_compute_platform_\(sc8180xp-af\)_firmwareqdu1000fastconnect_6700sm7250p_firmwarewcn3950_firmwareqca6696wcn3980_firmwareqcm5430_firmwaresnapdragon_8cx_compute_platform_\(sc8180xp-ac\)sxr2330pqcs8550_firmwarewsa8845hqca6426qdx1010_firmwareqca6310snapdragon_780g_5g_mobile_platform_firmwaresdx57mqcn9011snapdragon_8\+_gen_1_mobile_platformssg2125p_firmwareqcn9274snapdragon_865_5g_mobile_platformsnapdragon_8cx_gen_2_5g_compute_platform_\(sc8180xp-aa\)qam8295p_firmwaresnapdragon_x32_5g_modem-rf_systemsm7325pqcs9100qfw7114wcd9326snapdragon_4_gen_2_mobile_platformsnapdragon_x55_5g_modem-rf_systemqca6421wcd9370_firmwaresnapdragon_855_mobile_platform_firmwaresnapdragon_8cx_gen_3_compute_platform_\(sc8280xp-bb\)snapdragon_870_5g_mobile_platform_\(sm8250-ac\)_firmwaresnapdragon_8_gen_1_mobile_platformar8035_firmwaresrv1lwsa8845qdu1010sdx80m_firmwaresnapdragon_865_5g_mobile_platform_firmwaresa8155qamsrv1hqru1062snapdragon_845_mobile_platform_firmwareqca6574snapdragon_xr2_5g_platformwcn6740_firmwaresa8255p_firmwaresa6155sxr1230p_firmwaresd855_firmwaresnapdragon_782g_mobile_platform_\(sm7325-af\)sg8275psnapdragon_8\+_gen_1_mobile_platform_firmwaresnapdragon_855\+\/860_mobile_platform_\(sm8150-ac\)_firmwaresnapdragon_ar1_gen_1_platform_\"luna1\"fastconnect_7800_firmwaresnapdragon_765_5g_mobile_platform_\(sm7250-aa\)qru1052_firmwaresd675snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-bb\)_firmwaresa7775psnapdragon_8c_compute_platform_\(sc8180xp-ad\)sxr2230psa8620p_firmwaresnapdragon_ar2_gen_1_platformsnapdragon_850_mobile_compute_platform_firmwaresnapdragon_888\+_5g_mobile_platform_\(sm8350-ac\)sa8770psrv1m_firmwarewcd9375qca6574_firmwaresnapdragon_x24_lte_modem_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqcs4490sa8620psnapdragon_768g_5g_mobile_platform_\(sm7250-ac\)sa6145p_firmwaresnapdragon_x75_5g_modem-rf_system_firmwareqca6430qca6595_firmwareqam8775p_firmwareqca6391_firmwareqdu1000_firmwaresd_8cx_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_\(sc8180xp-aa\)_firmwaresnapdragon_x65_5g_modem-rf_systemwcn6740qca8081snapdragon_8_gen_3_mobile_platformqca6688aq_firmwaresd888_firmwaresnapdragon_850_mobile_compute_platformsa6155_firmwaresa7775p_firmwaresnapdragon_x75_5g_modem-rf_systemsa8775pwsa8815_firmwaresa9000p_firmwaresnapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)wcd9390_firmwaresnapdragon_765g_5g_mobile_platform_\(sm7250-ab\)fastconnect_6900qam8255pvideo_collaboration_vc3_platformqcn6274_firmwaresnapdragon_8c_compute_platform_\(sc8180x-ad\)qca6431fastconnect_6200_firmwarewsa8835sd_8cxsd865_5gfastconnect_6800_firmwarewcd9375_firmwarerobotics_rb3_platformqca6564auqam8620pqca6595auqcc710snapdragon_778g\+_5g_mobile_platform_\(sm7325-ae\)_firmwaresa6155p_firmwaressg2125pqamsrv1mwcn3950sxr2130_firmwaresrv1h_firmwarefastconnect_7800qfw7124sd_675sa6145psnapdragon_ar2_gen_1_platform_firmwareqcm5430qfw7114_firmwaretalynplusqru1032_firmwaresnapdragon_670_mobile_platformsnapdragon_x50_5g_modem-rf_system_firmwareqcs9100_firmwaresa8530p_firmwaresm4635snapdragon_8_gen_3_mobile_platform_firmwareqca6174a_firmwareqca6564a_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-ac\)_firmwareqca6174aqca6335qru1032qca8337snapdragon_855\+\/860_mobile_platform_\(sm8150-ac\)wcn3990_firmwaretalynplus_firmwareqam8620p_firmwarewsa8830wcn3990wsa8830_firmwareqca6574auqca6430_firmwaresa8155p_firmwareqcs5430_firmwaresa8770p_firmwaresnapdragon_678_mobile_platform_\(sm6150-ac\)_firmwareqcm6490qca6420snapdragon_xr2_5g_platform_firmwaresd865_5g_firmwareqca6436_firmwareqca6595sxr2130sa8255pSnapdragon
CWE ID-CWE-284
Improper Access Control
CVE-2024-53032
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 24.76%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Time-of-check Time-of-use (TOCTOU) Race Condition in Automotive OS Platform

Memory corruption may occur in keyboard virtual device due to guest VM interaction.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa9000pqca6595au_firmwaresa8650p_firmwareqam8775psa8255pqamsrv1m_firmwareqca6595qca6688aq_firmwaresa8770psa8775psrv1h_firmwaresa8620p_firmwareqam8650p_firmwareqca6595_firmwaresrv1mqam8620psa8775p_firmwareqamsrv1msa9000p_firmwaresrv1hqca6574ausa7255psrv1m_firmwaresa8620psa7775psa8650pqam8620p_firmwaresa8540p_firmwaresa7255p_firmwareqam8775p_firmwareqam8295p_firmwareqam8255pqca6688aqqca6698aqsa7775p_firmwaresa8255p_firmwaresa8770p_firmwaresa8295p_firmwareqca6696_firmwareqam8295pqamsrv1hsrv1l_firmwareqca6574au_firmwareqamsrv1h_firmwareqca6595auqam8255p_firmwaresa8295psrv1lqca6698aq_firmwareqam8650pqca6696sa8540pSnapdragon
CWE ID-CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
CVE-2024-53009
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.07% / 20.11%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 12:48
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Validation of Array Index in Automotive Autonomy

Memory corruption while operating the mailbox in Automotive.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1010_firmwareqcm8550_firmwarerobotics_rb3sa6150p_firmwaresd865_5gqca6595sm8735wcd9370qca8081_firmwaresnapdragon_670_mobileqca6696qam8620p_firmwarewcn7880_firmwarewcd9340_firmwaresa8530pwcd9341_firmwaresxr2330p_firmwarewcd9395_firmwarewcn7881_firmwarewcn7750qcc710_firmwareqca6426fastconnect_6700snapdragon_x50_5g_modem-rf_firmwarewsa8832_firmwareqca8337qdu1110qca6426_firmwarewcd9395sc8180xp-aaabqca6574au_firmwaresnapdragon_x72_5g_modem-rfqam8295pwcd9341qca6574auwcd9390snapdragon_888\+_5g_mobile_firmwaresa8620p_firmwarewsa8810_firmwarewsa8845h_firmwaresc8180xp-acafsa9000p_firmwaresrv1hsnapdragon_850_mobile_computeqcs9100sdx80mfastconnect_6800_firmwareqcs5430wcn7860qcm5430qcm5430_firmwaresa8770psnapdragon_678_mobile_firmwaressg2115pqcc710snapdragon_x32_5g_modem-rf_firmwaresnapdragon_xr2_5g_firmwaresa8540pqsm8350_firmwarefastconnect_6900qru1032_firmwareqep8111sa7255pqfw7114wcd9385_firmwareqca6421qca6310qam8255p_firmwaresa8155_firmwaresnapdragon_x65_5g_modem-rfqca6335wsa8845sa6155pqca6421_firmwaresc8180x-adqca6564au_firmwarewsa8810qam8650pqdu1000_firmwaresa9000psrv1h_firmwaresnapdragon_888_5g_mobile_firmwareqca6595ausnapdragon_888_5g_mobilesxr2250p_firmwareqdu1010wcd9326_firmwaresa6155p_firmwaresnapdragon_845_mobile_firmwarewsa8840snapdragon_ar1_gen_1srv1m_firmwaresnapdragon_x35_5g_modem-rf_firmwareqcs8550_firmwareqca6698auqdu1210_firmwaresnapdragon_8_gen_2_mobile_firmwaresnapdragon_x55_5g_modem-rfqfw7124_firmwareqca6436_firmwaresm8750pqcn9012snapdragon_x55_5g_modem-rf_firmwaresnapdragon_x62_5g_modem-rf_firmwareqmp1000snapdragon_8_gen_2_mobileqca6420wcd9370_firmwareqdu1110_firmwareqdu1000sa7255p_firmwaresnapdragon_x72_5g_modem-rf_firmwareqca6574asnapdragon_8\+_gen_2_mobileqca6174asa8195pwcd9340qdu1210snapdragon_auto_5g_modem-rf_gen_2qca6335_firmwareqcm6490sa8540p_firmwaresxr2250psm8550p_firmwareqcm8550wcn3988snapdragon_765_5g_mobile_firmwareqcn9274vision_intelligence_300_firmwaresa8775pqca6574sxr2230p_firmwaresd675_firmwaresnapdragon_855_mobile_firmwareqca6698au_firmwareqca6430_firmwareqcn9011sa8775p_firmwareqamsrv1hsdx57mwsa8845hwcd9326sa6150psa8155p_firmwareqca6564asa8155psnapdragon_765g_5g_mobile_firmwarewsa8830sm8550psa6145psnapdragon_768g_5g_mobile_firmwaresa8255p_firmwarear8035qamsrv1m_firmwarewcn7750_firmwaresa8650p_firmwaresa6155srv1l_firmwareqcs9100_firmwaresnapdragon_865\+_5g_mobile_firmwareqcn6224qcs615ssg2125p_firmwarewcn3950_firmwareqca6698aqsa7775p_firmwaresa8530p_firmwarefastconnect_6200sd670sa8145p_firmwaresc8180x-acaf_firmwarewcd9378qdx1011sa8150p_firmwarefastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwarewcn3990robotics_rb3_firmwaresnapdragon_x75_5g_modem-rf_firmwaresd670_firmwaresnapdragon_8_gen_3_mobilesnapdragon_855_mobileqcs6490sc8180xp-acaf_firmwarefastconnect_6200_firmwarewsa8830_firmwareqcn6224_firmwareqca6431qca6678aq_firmwarewsa8845_firmwarewsa8832wcd9378_firmwaresrv1lsdx57m_firmwaresxr2130_firmwaresrv1mqca6678aqsnapdragon_860_mobile_firmwaresnapdragon_x35_5g_modem-rfar8035_firmwaresc8180xp-aaab_firmwarewcn7860_firmwaresc8380xpsnapdragon_x62_5g_modem-rfqca6564ausm4635sc8180xp-adsc8280xp-abbbwsa8815_firmwaresa8195p_firmwareqca8337_firmwaresg8275p_firmwareqca9377_firmwareqcm6490_firmwaresm7250p_firmwaresm4635_firmwarevision_intelligence_400_firmwareqru1032wcn3950snapdragon_870_5g_mobile_firmwaresm8750snapdragon_auto_5g_modem-rf_gen_2_firmwareqca6797aq_firmwaresa8295p_firmwaresnapdragon_870_5g_mobilesd_675_firmwaresnapdragon_678_mobilesc8180x-acafsm7250psa8155sd_8cx_firmwaresc8180x-ad_firmwareqca6584auqcn6274_firmwareqcn9011_firmwareqru1062_firmwaresnapdragon_850_mobile_compute_firmwaresnapdragon_675_mobile_firmwaresnapdragon_768g_5g_mobilesc8380xp_firmwareqru1062qca6310_firmwaresnapdragon_845_mobilesnapdragon_8_gen_3_mobile_firmwarefastconnect_6800qfw7114_firmwareqca6595_firmwarefastconnect_7800_firmwaresnapdragon_675_mobilesnapdragon_865_5g_mobile_firmwarefastconnect_6900_firmwarewcd9380sa6145p_firmwareqam8255psxr2230psa6155_firmwareqmp1000_firmwaresnapdragon_xr2_5gwcn7880sa8150psxr2330psnapdragon_x24_lte_modemsc8180x-aaabsxr1230psc8180x-aaab_firmwarewcn7881video_collaboration_vc3_platformaqt1000qca6688aqqam8295p_firmwaresd855qca6431_firmwarewcn3990_firmwareqca6698aq_firmwareqca6564a_firmwarewcd9385snapdragon_888\+_5g_mobileqsm8350snapdragon_8_gen_1_mobilesa8255psxr1230p_firmwarewcd9390_firmwaresnapdragon_865\+_5g_mobileqep8111_firmwareqcs615_firmwareqca6430snapdragon_855\+_mobilesg8275psnapdragon_765_5g_mobileqdx1011_firmwaresnapdragon_860_mobilesc8180xp-ad_firmwaresm8750_firmwaresdx55_firmwaressg2125pqru1052sxr2130snapdragon_x65_5g_modem-rf_firmwareqamsrv1mqca6174a_firmwarewcn7861_firmwarewcn7861snapdragon_x50_5g_modem-rfqam8650p_firmwaresnapdragon_670_mobile_firmwareqca6420_firmwareaqt1000_firmwareqcs6490_firmwareqam8620pwcn3980_firmwaresd855_firmwareqca6436qca6584au_firmwareqcn6274snapdragon_x24_lte_modem_firmwarewsa8835qca6391_firmwarewsa8840_firmwareqfw7124qca6595au_firmwareqdu1010_firmwareqcs8300_firmwareqca6696_firmwareqcs8300wcd9380_firmwareqca6574_firmwareqca8081wsa8815sd_8_gen1_5gsnapdragon_ar2_gen_1_firmwareqam8775pqca9377qca6797aqsnapdragon_x75_5g_modem-rfsa8620pqca6574a_firmwaresdx55snapdragon_865_5g_mobilesnapdragon_855\+_mobile_firmwaresd675wcd9375_firmwaresd_8_gen1_5g_firmwaresa7775pqca6391snapdragon_ar1_gen_1_firmwareqcn9274_firmwareqcn9012_firmwareqcs5430_firmwaresnapdragon_x32_5g_modem-rfqru1052_firmwaresa8770p_firmwaresa8295pqcs8550sc8280xp-abbb_firmwaresm8735_firmwarefastconnect_7800sa8650pqam8775p_firmwaresd865_5g_firmwaresm8750p_firmwarewcd9375snapdragon_8\+_gen_2_mobile_firmwareqca6688aq_firmwarevision_intelligence_300snapdragon_ar2_gen_1snapdragon_765g_5g_mobilewcn3988_firmwareqamsrv1h_firmwaresa8145psd_675vision_intelligence_400sdx80m_firmwarewsa8835_firmwaressg2115p_firmwaresd_8cxwcn3980qdx1010snapdragon_8_gen_1_mobile_firmwareSnapdragon
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2024-53022
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.15% / 35.21%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in Automotive OS Platform

Memory corruption may occur during communication between primary and guest VM.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6696sa7775psa8775psa8540p_firmwaresa8775p_firmwareqam8255p_firmwaresrv1m_firmwaresrv1mqamsrv1h_firmwareqam8295p_firmwaresrv1l_firmwaresa8620pqam8775pqam8255pqca6696_firmwaresa9000p_firmwareqca6595_firmwaresa8540psa8620p_firmwaresa8770p_firmwaresa8255p_firmwareqca6595au_firmwaresrv1lqam8620p_firmwaresa7255psa8770psa8650p_firmwaresa9000psrv1hqam8775p_firmwareqamsrv1hsa7775p_firmwareqam8650p_firmwaresa8295pqamsrv1mqam8295pqca6595qamsrv1m_firmwaresa8295p_firmwareqam8650psa8255psa8650psrv1h_firmwareqam8620pqca6595ausa7255p_firmwareSnapdragon
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-53030
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.74%
||
7 Day CHG~0.00%
Published-03 Mar, 2025 | 10:07
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Input Validation in Automotive OS Platform

Memory corruption while processing input message passed from FE driver.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa9000pqca6595au_firmwaresa8650p_firmwareqca6678aqsa8255psa8155p_firmwareqamsrv1m_firmwareqcs9100msm8996aumsm8996au_firmwaresa8620p_firmwaresa8155pqam8650p_firmwareqca6574a_firmwareqca6595_firmwaresnapdragon_820_automotive_firmwareqca6584au_firmwaresa6155_firmwareqam8620psrv1hqca6564auqca6564a_firmwaresa7255psa8620pqam8620p_firmwaresa7255p_firmwareqam8775p_firmwareqam8295p_firmwareqca6797aqqam8255pqca6688aqsa7775p_firmwaresa8255p_firmwaresa8155_firmwaresa8770p_firmwaresa8295p_firmwaresa6150pqca6696_firmwareqam8295psa8150pqca6595ausa6150p_firmwareqcs9100_firmwaresa8295psa8145psa8150p_firmwaresrv1lsa6145psa6155p_firmwareqca6698aq_firmwareqam8650pqam8775pqca6595qca6688aq_firmwaresa8770psrv1h_firmwaresa8775psrv1msnapdragon_820_automotivesa8775p_firmwaresa9000p_firmwareqamsrv1mqca6564au_firmwareqca6574auqca6797aq_firmwaresrv1m_firmwaresa7775psa8650psa8540p_firmwaresa8145p_firmwaresa6155sa8195p_firmwareqca6698aqsa8195pqca6584ausa6155pqamsrv1hqca6564aqca6574au_firmwareqamsrv1h_firmwareqca6678aq_firmwareqca6574aqam8255p_firmwaresa6145p_firmwaresa8155srv1l_firmwareqca6696sa8540pSnapdragon
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-14021
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.79%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overrun when processing EFS filename and payload sent over diag interface due to lack of check for filename length and payload size received in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwareqcm2150_firmwaremdm9640_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150msm8917sdm670qcs605_firmwaresc8180xmdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwareapq8098mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wmsm8909_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresdm660sc8180x_firmwaresdm710qm215sc7180_firmwaremdm9607sdm710_firmwaremdm9150msm8937msm8905sm8150_firmwaremsm8909apq8096ausdm439_firmwarerennellsc7180sdm630_firmwaresda660_firmwarerennell_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8096au_firmwaremsm8917_firmwaremsm8998sm8150sdx20_firmwaresdm850nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-14099
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 13.16%
||
7 Day CHG~0.00%
Published-30 Jul, 2020 | 11:40
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Device misbehavior may be observed when incorrect offset, length or number of buffers is passed by user space in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8053, MDM9206, MDM9207C, MDM9607, MSM8909W, MSM8917, MSM8953, Nicobar, QCM2150, QCS405, QCS605, QM215, Saipan, SC8180X, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm2150_firmwaremsm8953sdm450sdm429wsdm632_firmwaresdm450_firmwaresdm632qcm2150sdx24sdm439mdm9607_firmwaresm8250_firmwaresc8180x_firmwaresdm429qcs405sm7150_firmwaresm6150msm8909w_firmwaremdm9607qm215sdm429w_firmwaresm7150msm8917sxr2130qcs605_firmwaremdm9207c_firmwaresc8180xmdm9206mdm9207csm8150_firmwaresdx24_firmwaresxr2130_firmwaresdm439_firmwareqcs405_firmwaresda845_firmwaremdm9206_firmwareqcs605qm215_firmwaresdx55msm8953_firmwareapq8053saipan_firmwaresm6150_firmwaresm8250msm8917_firmwaresdm429_firmwaresm8150sxr1130_firmwaresdx55_firmwarenicobar_firmwaremsm8909wsaipansxr1130apq8053_firmwaresda845nicobarSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-14091
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.85%
||
7 Day CHG~0.00%
Published-22 Jun, 2020 | 07:10
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Double free issue in NPU due to lack of resource locking mechanism to avoid race condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607, QCS405, Rennell, Saipan, SC8180X, SDX55, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm8150_firmwaresxr2130_firmwareqcs405_firmwarerennellrennell_firmwaresm8250_firmwaremdm9607_firmwaresdx55sc8180x_firmwareqcs405saipan_firmwaresm8250mdm9607sm8150sdx55_firmwaresaipansxr2130sc8180xSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-415
Double Free
CWE ID-CWE-667
Improper Locking
CVE-2019-14135
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 10.47%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible integer overflow to buffer overflow in WLAN while parsing nonstandard NAN IE messages. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA4010, QCA6174A, QCA6574AU, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9886, QCN7605, QCS405, QCS605, SA6155P, Saipan, SDA845, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaremdm9640_firmwaremsm8996au_firmwaresdm845sdx24mdm9650sm7150_firmwaresm6150msm8996ausm7150qca4010_firmwareapq8009_firmwaresdm670qcs605_firmwaremdm9206qca9379_firmwareqca6174asdm670_firmwaresdx24_firmwareqca6584au_firmwareipq8074sda845_firmwareqca9377qcn7605mdm9206_firmwareqcs605qca9886mdm9640mdm9650_firmwareqca6574au_firmwaresxr1130_firmwareqca8081_firmwaresxr1130apq8009apq8053_firmwaresda845sdm850_firmwareqca6584ausa6155p_firmwaresdx20sdm660mdm9607_firmwareqcs405ipq8074_firmwareqca6574ausdm710mdm9607apq8017_firmwaresdm710_firmwareqcn7605_firmwareqca4010sa6155pqca8081mdm9207c_firmwaremdm9207cqca6174a_firmwareqca9886_firmwaresm8150_firmwareapq8096auqcs405_firmwareapq8053apq8096au_firmwaresaipan_firmwaresm6150_firmwaresm8150sdx20_firmwaresdm850apq8017saipanqca9379sdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-14055
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.10%
||
7 Day CHG~0.00%
Published-07 Feb, 2020 | 05:00
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possibility of use-after-free and double free because of not marking buffer as NULL after freeing can lead to dangling pointer access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8939, MSM8953, MSM8996AU, MSM8998, Nicobar, QCN7605, QCS605, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439mdm9650sdm429msm8909w_firmwaremsm8996ausdm429w_firmwareapq8009_firmwaresxr2130qcs605_firmwaresc8180xmdm9206sdx24_firmwaresdm636sda845_firmwareapq8098qcn7605mdm9206_firmwaremsm8939qcs605mdm9640sdm429_firmwaremdm9650_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wapq8009apq8053_firmwaresda845nicobarmsm8953sdm450sdm636_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660sdm630mdm9607_firmwaresm8250_firmwaresc8180x_firmwaremdm9607apq8017_firmwaremsm8939_firmwareqcn7605_firmwaremdm9207c_firmwaremsm8905mdm9207csm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwaresdm630_firmwaresda660_firmwaresdx55msm8953_firmwareapq8053apq8096au_firmwaresm8250msm8998sm8150sdx20_firmwareapq8017nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CWE ID-CWE-415
Double Free
CVE-2019-14085
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.79%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible Integer underflow in WLAN function due to lack of check of data received from user side in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in QCN7605, QCS605, SDA845, SDM670, SDM710, SDM845, SDM850, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm850_firmwaresdm670_firmwaresm8150_firmwaresda845_firmwaresdm845qcn7605qcs605sdm710sm8150sdm850sdm710_firmwaresxr1130_firmwareqcn7605_firmwaresxr1130sdm670qcs605_firmwaresda845sdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CVE-2019-14000
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.72%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of check that the RX FIFO write index that is read from shared RAM is less than the FIFO size results into memory corruption and potential information leakage in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, IPQ6018, IPQ8074, MDM9150, MDM9205, MDM9206, MDM9607, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCS404, QCS405, QCS605, QM215, Rennell, SA6155P, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwareapq8096_firmwaremdm9640_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632apq8096sdx24sdm439qcs404_firmwaremdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8996aumdm9645sdm429w_firmwaresm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwaresc8180xmdm9206sdm670_firmwareqcs404sdx24_firmwareipq8074sdm636sda845_firmwareapq8098ipq6018_firmwaremdm9205mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwareqca8081_firmwaresxr1130apq8009apq8053_firmwaresda845nicobarsdm850_firmwaresa6155p_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresm8250_firmwaremdm9655_firmwaresdm660sc8180x_firmwareqcs405ipq8074_firmwaresdm710qm215mdm9607mdm9645_firmwareapq8017_firmwaresdm710_firmwaresa6155pqca8081mdm9150msm8937msm8996_firmwaremsm8905ipq6018sm8150_firmwaresxr2130_firmwaremdm9655apq8096ausdm439_firmwarerennellqcs405_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresm8250msm8998sm8150sdx20_firmwaresdm850apq8017msm8996nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-14074
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 10.47%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Heap overflow in diag command handler due to lack of check of packet length received from user' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8076, APQ8096AU, APQ8098, Bitra, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM9207C, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SA415M, SA6155P, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9640_firmwareqcs610sdm450_firmwaresdm632qcs404_firmwaremdm9650mdm9645apq8009_firmwaremsm8917sdm670qcs605_firmwareapq8076apq8076_firmwaresda845_firmwaresa415mbitraapq8098qcn7605mdm9206_firmwarebitra_firmwaremsm8905_firmwaresda660sdx55_firmwareqca8081_firmwaresxr1130msm8909wapq8053_firmwaresda845sa6155p_firmwaresdm450sdm636_firmwareapq8098_firmwaremsm8998_firmwaresdm630mdm9607_firmwaresm8250_firmwaremdm9655_firmwaresa415m_firmwareqcs405qm215sc7180_firmwareapq8017_firmwaremdm9625_firmwaresdm710_firmwaresa6155pqca8081msm8937msm8905sm8150_firmwaremsm8909sxr2130_firmwaremdm9655rennellsc7180mdm9625msm8953_firmwaresaipan_firmwaresm6150_firmwaremsm8917_firmwaremsm8998sm8150sdx20_firmwaresdm850kamortaapq8017msm8996saipanmdm9640kamorta_firmwaremdm9635m_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdx24sdm439sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150sxr2130sc8180xmdm9206sdm670_firmwareqcs404sdx24_firmwareipq8074sdm636mdm9635mipq6018_firmwaremdm9205qcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaresxr1130_firmwareapq8009msm8909_firmwarenicobarsdm850_firmwaremsm8920msm8953sdx20qcm2150msm8920_firmwaresdm660sc8180x_firmwareipq8074_firmwaresdm710mdm9607mdm9645_firmwareqcn7605_firmwareqcs610_firmwaremdm9150mdm9207c_firmwaremsm8996_firmwareipq6018mdm9207capq8096ausdm439_firmwareqcs405_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwareqm215_firmwaresdx55msm8940apq8053apq8096au_firmwaresm8250nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-14026
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 10.47%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow in WLAN WMI handler due to lack of ssid length check when copying data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, IPQ6018, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8996AU, MSM8998, Nicobar, QCA6174A, QCA6574, QCA6574AU, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9886, QCN7605, QCS404, QCS405, QCS605, Rennell, SA6155P, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwareapq8096_firmwaremdm9640_firmwaremsm8996au_firmwaresdm845apq8096sdx24qcs404_firmwaremdm9650sm7150_firmwaresm6150qca6574msm8996ausm7150apq8009_firmwaresdm670sxr2130qcs605_firmwaresc8180xmdm9206qca9379_firmwareqca6174asdm670_firmwareqcs404sdx24_firmwareqca6584au_firmwareipq8074sdm636sda845_firmwareqca9377apq8098qcn7605ipq6018_firmwaremdm9206_firmwareqca6574_firmwareqca9886qcs605mdm9650_firmwareqca6574au_firmwaresda660sxr1130_firmwareqca8081_firmwaresxr1130apq8009apq8053_firmwaresda845nicobarsdm850_firmwareqca6584ausa6155p_firmwaresdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660sdm630mdm9607_firmwaresm8250_firmwaresc8180x_firmwareqcs405ipq8074_firmwareqca6574ausdm710mdm9607apq8017_firmwaresdm710_firmwareqcn7605_firmwaresa6155pqca8081mdm9207c_firmwareipq6018mdm9207cqca6174a_firmwareqca9886_firmwaresm8150_firmwaresxr2130_firmwareapq8096auqcs405_firmwarerennellsdm630_firmwaresda660_firmwarerennell_firmwareapq8053sm6150_firmwareapq8096au_firmwaresm8250msm8998sm8150sdx20_firmwaresdm850apq8017nicobar_firmwareqca9379sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-14056
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.79%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Possible integer overflow in API due to lack of check on large oid range count in cert extension field' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Kamorta, MDM9150, MDM9205, MDM9607, MDM9650, Nicobar, QCS404, QCS405, QCS605, QCS610, Rennell, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX55, SM6150, SM7150, SM8150, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm850_firmwarekamorta_firmwaremdm9150_firmwaresa6155p_firmwareqcs610sdm636_firmwaresdm845sdm660sdm630qcs404_firmwaremdm9607_firmwaremdm9650sc8180x_firmwareqcs405sm7150_firmwaresdm710sc7180_firmwaremdm9607sm6150sdm710_firmwaresm7150sa6155psdm670qcs610_firmwaremdm9150qcs605_firmwaresc8180xsxr2130sdm670_firmwareqcs404sm8150_firmwaresxr2130_firmwaresdm636qcs405_firmwarerennellsc7180sda845_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwaremdm9205qcs605sdx55sm6150_firmwaremdm9650_firmwaresm8150sdm850sda660kamortasdx55_firmwaresxr1130_firmwarenicobar_firmwaresxr1130sdm660_firmwaresda845nicobarsdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-14018
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.79%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound array access as there is no check on carrier index passed in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9635m_firmwareapq8096_firmwaremdm9640_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdm450_firmwaresdm632apq8096sdx24sdm439mdm9650sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996aumdm9645sdm429w_firmwaresm7150msm8917sdm670qcs605_firmwaresc8180xmdm9206sdm670_firmwaresdx24_firmwaresdm636sda845_firmwaremdm9635mapq8098mdm9206_firmwareqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130msm8909wmsm8909_firmwareapq8053_firmwaresda845nicobarsdm850_firmwaremsm8920msm8953sdm450sdm636_firmwaresdm845_firmwareapq8098_firmwaresdx20msm8998_firmwareqcm2150msm8920_firmwaresdm630mdm9607_firmwaresdm660mdm9655_firmwaresc8180x_firmwaresdm710qm215sc7180_firmwaremdm9607mdm9645_firmwaremdm9625_firmwaresdm710_firmwaremdm9150msm8937msm8905sm8150_firmwaremsm8909mdm9655apq8096ausdm439_firmwarerennellsc7180sdm630_firmwaresda660_firmwaremdm9625rennell_firmwareqm215_firmwaresdx55msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaremsm8998sm8150sdx20_firmwaresdm850nicobar_firmwaresdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-129
Improper Validation of Array Index
CVE-2019-14117
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.10%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Whenever the page list is updated via privileged user, the previous list elements are freed but are not deleted from the list which results in a use after free causing an unhandled page fault exception in rmnet driver' in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Bitra, MDM9607, QCS405, Saipan, SC8180X, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm8150_firmwaresxr2130_firmwareqcs405_firmwarebitrasm8250_firmwaremdm9607_firmwaresc8180x_firmwaresdx55qcs405sm7150_firmwaresaipan_firmwaresm6150_firmwaresm6150sm8250mdm9607bitra_firmwaresm8150sdx55_firmwaresm7150saipansxr2130sc8180xSnapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2019-14034
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.10%
||
7 Day CHG~0.00%
Published-21 Jan, 2020 | 06:30
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free while processing eeprom query as there is a chance to not unlock mutex after error occurs in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, MSM8909W, MSM8917, MSM8953, Nicobar, QCS605, QM215, Rennell, SA6155P, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM670, SDM710, SDM845, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa6155p_firmwaremsm8953sdm450sdm429wsdm632_firmwaresdm845sdm450_firmwaresdm632sdx24sdm439sm8250_firmwaresdm429sm7150_firmwaresdm710msm8909w_firmwareqm215sm6150sdm429w_firmwaresdm710_firmwaresm7150apq8009_firmwaremsm8917msm8909wsa6155psdm670sxr2130qcs605_firmwaresdm670_firmwaresm8150_firmwaresdx24_firmwaresxr2130_firmwaresdm439_firmwaresda845_firmwarerennellrennell_firmwareqm215_firmwareqcs605sdx55msm8953_firmwareapq8053sm6150_firmwaresm8250msm8917_firmwaresdm429_firmwaresm8150sxr1130_firmwaresdx55_firmwarenicobar_firmwareapq8009sxr1130apq8053_firmwaresda845nicobarsdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-416
Use After Free
CVE-2019-14077
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 13.16%
||
7 Day CHG~0.00%
Published-02 Jun, 2020 | 15:05
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound memory access while processing ese transmit command due to passing Response buffer received from user in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8098, IPQ6018, Kamorta, MDM9150, MDM9205, MDM9607, MDM9650, MSM8909, MSM8998, Nicobar, QCS404, QCS405, QCS605, Rennell, SA415M, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-kamorta_firmwaremdm9150_firmwaresdm845sdx24qcs404_firmwaremdm9650sm7150_firmwaresm6150sm7150apq8009_firmwaresdm670sxr2130qcs605_firmwaresc8180xsdm670_firmwareqcs404sdx24_firmwaresdm636sda845_firmwaresa415mapq8098ipq6018_firmwaremdm9205qcs605mdm9650_firmwaresda660sdx55_firmwaresxr1130_firmwaresxr1130apq8009msm8909_firmwaresda845nicobarsdm850_firmwaresa6155p_firmwaresdm636_firmwareapq8098_firmwaremsm8998_firmwaresdm660sdm630mdm9607_firmwaresm8250_firmwaresc8180x_firmwaresa415m_firmwareqcs405sdm710sc7180_firmwaremdm9607sdm710_firmwaresa6155pmdm9150ipq6018sm8150_firmwaremsm8909sxr2130_firmwareqcs405_firmwarerennellsc7180sdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwaresdx55sm6150_firmwaresm8250msm8998sm8150sdm850kamortanicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2019-14024
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.79%
||
7 Day CHG~0.00%
Published-21 Jan, 2020 | 06:30
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible stack-use-after-scope issue in NFC usecase for card emulation in Snapdragon Auto, Snapdragon Industrial IOT, Snapdragon Mobile in MSM8917, MSM8953, Nicobar, QM215, Rennell, SDM429, SDM439, SDM450, SDM632, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-msm8953sdm450sdm632_firmwaresdm845sdm450_firmwaresdm632sdm439sm8250_firmwaresdm429sm7150_firmwaresdm710qm215sm6150sdm710_firmwaresm7150msm8917sdm670sxr2130sdm670_firmwaresm8150_firmwaresxr2130_firmwaresdm439_firmwarerennellrennell_firmwareqm215_firmwaremsm8953_firmwaresm6150_firmwaresm8250msm8917_firmwaresdm429_firmwaresm8150nicobar_firmwarenicobarsdm845_firmwareSnapdragon Auto, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-416
Use After Free
CVE-2019-14028
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.79%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overwrite during memcpy due to lack of check on SSID length validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096, APQ8096AU, APQ8098, IPQ6018, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8996AU, MSM8998, Nicobar, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9886, QCN7605, QCS404, QCS405, QCS605, Rennell, SA6155P, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwareapq8096_firmwaremdm9640_firmwareqca4531_firmwaremsm8996au_firmwaresdm845apq8096sdx24qcs404_firmwaremdm9650sm7150_firmwaresm6150qca6574msm8996ausm7150apq8009_firmwaresdm670sxr2130qcs605_firmwaresc8180xmdm9206qca6564qca9379_firmwareqca6174asdm670_firmwareqcs404sdx24_firmwareqca6584au_firmwareipq8074sdm636sda845_firmwareqca9377qca4531apq8098qcn7605ipq6018_firmwaremdm9206_firmwareqca6574_firmwareqca9886qcs605qca6584_firmwaremdm9650_firmwareqca6584qca6574au_firmwaresda660sxr1130_firmwareapq8064_firmwareqca8081_firmwaresxr1130apq8009apq8053_firmwaresda845nicobarsdm850_firmwareqca6584ausa6155p_firmwaresdm636_firmwareapq8064sdm845_firmwareapq8098_firmwaresdx20msm8998_firmwaresdm660sdm630mdm9607_firmwaresm8250_firmwaresc8180x_firmwareqcs405ipq8074_firmwareqca6574ausdm710mdm9607apq8017_firmwaresdm710_firmwareqcn7605_firmwaresa6155pqca8081mdm9207c_firmwareipq6018mdm9207cqca6174a_firmwareqca9886_firmwareqca6564_firmwaresm8150_firmwaresxr2130_firmwareapq8096auqcs405_firmwarerennellsdm630_firmwaresda660_firmwarerennell_firmwareapq8053sm6150_firmwareapq8096au_firmwaresm8250msm8998sm8150sdx20_firmwaresdm850apq8017nicobar_firmwareqca9379sdm660_firmwaremdm9640Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-14002
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.21%
||
7 Day CHG~0.00%
Published-07 Feb, 2020 | 05:00
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

APKs without proper permission may bind to CallEnhancementService and can lead to unauthorized access to call status in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096AU, APQ8098, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, Nicobar, QCA6574AU, QCS605, QM215, SA6155P, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SM6150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-msm8920sa6155p_firmwaremsm8953sdm450sdm636_firmwaresdm429wmsm8996au_firmwaresdm632_firmwareapq8098_firmwaresdm845sdm450_firmwaresdm632sdm660msm8920_firmwaresdm439sdm630sm8250_firmwaresdm429msm8940_firmwareqca6574ausm6150msm8909w_firmwareqm215msm8996ausdm429w_firmwaremsm8917sa6155psxr2130msm8937qcs605_firmwaresm8150_firmwaresxr2130_firmwareapq8096ausdm439_firmwaresdm636sdm630_firmwareapq8098sda660_firmwareqm215_firmwareqcs605msm8940apq8053apq8096au_firmwaremsm8953_firmwaresm6150_firmwaremsm8917_firmwaremsm8937_firmwaresdm429_firmwaresm8150sm8250qca6574au_firmwaresda660nicobar_firmwaremsm8909wapq8053_firmwaresdm660_firmwarenicobarsdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2019-14032
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 25.29%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory use after free issue in audio due to lack of resource control in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8953, MSM8996AU, Nicobar, QCS405, QCS605, Rennell, SA6155P, Saipan, SC8180X, SDA845, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9640_firmwaremsm8996au_firmwaresdm845sdx24mdm9650sm7150_firmwaresm6150msm8909w_firmwaremsm8996ausm7150apq8009_firmwaresdm670sxr2130qcs605_firmwaresc8180xmdm9206sdm670_firmwaresdx24_firmwaresda845_firmwareapq8098mdm9206_firmwareqcs605mdm9640mdm9650_firmwaremsm8905_firmwaresxr1130_firmwaresdx55_firmwaresxr1130msm8909wapq8009apq8053_firmwaresda845nicobarsa6155p_firmwaremsm8953apq8098_firmwaresdx20mdm9607_firmwaresm8250_firmwaresc8180x_firmwareqcs405sdm710mdm9607apq8017_firmwaresdm710_firmwaresa6155pmdm9207c_firmwaremsm8905mdm9207csm8150_firmwaresxr2130_firmwareapq8096auqcs405_firmwarerennellrennell_firmwaresdx55msm8953_firmwareapq8053apq8096au_firmwaresaipan_firmwaresm6150_firmwaresm8250sm8150sdx20_firmwareapq8017nicobar_firmwaresaipansdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-416
Use After Free
CVE-2019-14094
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 13.16%
||
7 Day CHG~0.00%
Published-22 Jun, 2020 | 07:10
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in diag command handler when user inputs a large value for number of tasks field in the request packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, APQ8096AU, APQ8098, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM9207C, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QM215, Rennell, SA415M, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9640_firmwaresdm450_firmwaresdm632qcs404_firmwaremdm9650mdm9645apq8009_firmwaremsm8917sdm670qcs605_firmwaresda845_firmwaresa415mapq8098qcn7605mdm9206_firmwaremsm8905_firmwaresda660qca8081_firmwaresxr1130msm8909wapq8053_firmwaresda845sdm450sdm636_firmwareapq8098_firmwaremsm8998_firmwaresdm630mdm9607_firmwaresm8250_firmwaremdm9655_firmwaresa415m_firmwareqcs405qm215sc7180_firmwaremdm9625_firmwaresdm710_firmwareqca8081msm8937msm8905sm8150_firmwaremsm8909sxr2130_firmwaremdm9655rennellsc7180mdm9625msm8953_firmwaresaipan_firmwaresm6150_firmwaremsm8917_firmwaremsm8998sm8150sdx20_firmwaresdm850kamortamsm8996saipanmdm9640kamorta_firmwaremdm9635m_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdx24sdm439sdm429msm8940_firmwaresm7150_firmwaresm6150msm8909w_firmwaremsm8996ausdm429w_firmwaresm7150sxr2130sc8180xmdm9206sdm670_firmwareqcs404sdx24_firmwareipq8074sdm636mdm9635mipq6018_firmwaremdm9205qcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaresxr1130_firmwareapq8009msm8909_firmwarenicobarsdm850_firmwaremsm8920msm8953sdx20qcm2150msm8920_firmwaresdm660sc8180x_firmwareipq8074_firmwaresdm710mdm9607mdm9645_firmwareqcn7605_firmwaremdm9150mdm9207c_firmwaremsm8996_firmwareipq6018mdm9207capq8096ausdm439_firmwareqcs405_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwareqm215_firmwaremsm8940apq8053apq8096au_firmwaresm8250nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-14048
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 13.16%
||
7 Day CHG~0.00%
Published-05 Mar, 2020 | 08:56
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound memory access while playing a crafted clip in media player in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in SM8150

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm8150sm8150_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2019-14122
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.79%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory failure in SKB if it fails to to add the requested padding to the skb in low memory targets or targets with major memory fragmentation in Snapdragon Auto, Snapdragon Mobile in Saipan, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sxr2130saipan_firmwaresm8250sm8150_firmwaresm8150sxr2130_firmwaresaipansm8250_firmwareSnapdragon Auto, Snapdragon Mobile
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2019-14066
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.79%
||
7 Day CHG~0.00%
Published-02 Jun, 2020 | 15:05
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in calculating estimated output buffer size when getting a list of installed Feature IDs, Serial Numbers or checking Feature ID status in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Kamorta, MDM9205, MDM9607, Nicobar, QCS404, QCS405, Rennell, SA6155P, SC7180, SC8180X, SDX55, SM6150, SM7150, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-kamorta_firmwaresa6155p_firmwareqcs404sxr2130_firmwareqcs405_firmwarerennellsc7180mdm9205_firmwarerennell_firmwaremdm9205qcs404_firmwaremdm9607_firmwaresc8180x_firmwaresdx55qcs405sm7150_firmwaresm6150_firmwaresm6150sc7180_firmwaremdm9607kamortasm7150sdx55_firmwarenicobar_firmwaresa6155psxr2130sc8180xnicobarSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-14023
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.79%
||
7 Day CHG~0.00%
Published-21 Jan, 2020 | 06:30
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

String format issue will occur while processing HLOS data as there is no user input validation to ensure inputs are properly NULL terminated before string copy in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607, Nicobar, Rennell, SA6155P, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa6155p_firmwaresm8150_firmwaresxr2130_firmwarerennellrennell_firmwaremdm9607_firmwaresm8250_firmwaresdx55sm7150_firmwaresm6150_firmwaresm8250sm6150mdm9607sm8150sdx55_firmwaresm7150nicobar_firmwaresa6155psxr2130nicobarSnapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CVE-2019-14047
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.79%
||
7 Day CHG~0.00%
Published-22 Jun, 2020 | 07:10
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

While IPA driver processes route add rule IOCTL, there is no input validation of the rule ID prior to adding the rule to the IPA HW commit list in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8053, APQ8096AU, MDM9607, MSM8909W, MSM8996, MSM8996AU, QCN7605, QCS605, SC8180X, SDA845, SDX20, SDX24, SDX55, SM8150, SXR1130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm8150_firmwaresdx24_firmwareapq8096aumsm8996au_firmwareqcs605_firmwaresda845_firmwaresdx20qcn7605sdx24mdm9607_firmwareqcs605sc8180x_firmwaresdx55apq8053apq8096au_firmwaremsm8909w_firmwaremdm9607msm8996ausm8150sdx20_firmwareapq8053_firmwaresxr1130_firmwaresdx55_firmwareqcn7605_firmwaremsm8996sxr1130sda845msm8909wsc8180xmsm8996_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-20
Improper Input Validation
CVE-2019-14001
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 5.78%
||
7 Day CHG~0.00%
Published-16 Apr, 2020 | 10:46
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Wrong public key usage from existing oem_keystore for hash generation in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8953, MSM8996AU, QM215, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDX20

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-msm8953sdm450sdm636_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm450_firmwaresdm632sdx20sdm660sdm439mdm9607_firmwaresdm630mdm9650sdm429msm8909w_firmwaremdm9607msm8996auqm215sdm429w_firmwareapq8017_firmwareapq8009_firmwaremsm8909wmsm8917mdm9207c_firmwaremdm9206msm8905mdm9207capq8096ausdm439_firmwaresdm636sdm630_firmwaremdm9206_firmwareqm215_firmwaremsm8953_firmwareapq8053apq8096au_firmwaremsm8917_firmwaresdm429_firmwaremdm9650_firmwaresdx20_firmwaremsm8905_firmwareapq8017apq8009apq8053_firmwaresdm660_firmwareSnapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
CVE-2019-13999
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.72%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Lack of check for integer overflow for round up and addition operations result into memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCN7605, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SA415M, SA515M, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwaremdm9640_firmwareqcs610sdm450_firmwaresdm632qcs404_firmwaremdm9650mdm9645apq8009_firmwaremsm8917sdm670qcs605_firmwaresda845_firmwaresa415mapq8098qcn7605mdm9206_firmwaremsm8905_firmwaresda660sdx55_firmwareqca8081_firmwaresxr1130apq8053_firmwaresda845sa6155p_firmwaresdm450sdm636_firmwaresa515m_firmwareapq8098_firmwaremsm8998_firmwaresdm630mdm9607_firmwaresm8250_firmwaremdm9655_firmwaresa415m_firmwareqcs405qm215sc7180_firmwareapq8017_firmwaresdm710_firmwaresa6155pqca8081msm8937msm8905sm8150_firmwaremsm8909sxr2130_firmwaremdm9655rennellsc7180msm8953_firmwaresm6150_firmwaremsm8917_firmwaremsm8998sm8150sdx20_firmwaresdm850kamortaapq8017msm8996mdm9640kamorta_firmwareqcm2150_firmwaresdm429wmsm8996au_firmwaresdm632_firmwaresdm845sdx24sdm439sdm429msm8940_firmwaresm7150_firmwaresm6150msm8996ausdm429w_firmwaresm7150sxr2130sc8180xmdm9206sdm670_firmwareqcs404sdx24_firmwareipq8074sdm636ipq6018_firmwaremdm9205sa515mqcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaresxr1130_firmwareapq8009msm8909_firmwarenicobarsdm850_firmwaremsm8920msm8953sdx20qcm2150msm8920_firmwaresdm660sc8180x_firmwareipq8074_firmwaresdm710mdm9607mdm9645_firmwareqcn7605_firmwareqcs610_firmwaremdm9150msm8996_firmwareipq6018apq8096ausdm439_firmwareqcs405_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwarerennell_firmwareqm215_firmwaresdx55msm8940apq8053apq8096au_firmwaresm8250nicobar_firmwaresdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-13992
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.79%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Out of bound memory access if stack push and pop operation are performed without doing a bound check on stack top' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Bitra, IPQ6018, IPQ8074, MDM9205, Nicobar, QCA8081, QCN7605, QCS404, QCS405, QCS605, QCS610, Rennell, SA415M, SA6155P, Saipan, SC7180, SC8180X, SDA845, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm850_firmwaresa6155p_firmwareqcs610sdm845sdx20sdx24qcs404_firmwaresm8250_firmwaresc8180x_firmwaresa415m_firmwareqcs405sm7150_firmwareipq8074_firmwaresdm710sc7180_firmwaresm6150sdm710_firmwaresm7150qcn7605_firmwaresa6155psdm670qca8081qcs610_firmwareqcs605_firmwaresc8180xsxr2130ipq6018sdm670_firmwareqcs404sdx24_firmwaresm8150_firmwareipq8074sxr2130_firmwareqcs405_firmwarerennellsa415msc7180bitrasda845_firmwaremdm9205_firmwareqcn7605rennell_firmwareipq6018_firmwaremdm9205qcs605sdx55saipan_firmwaresm6150_firmwaresm8250bitra_firmwaresm8150sdx20_firmwaresdm850sxr1130_firmwaresdx55_firmwareqca8081_firmwarenicobar_firmwaresaipansxr1130sda845nicobarsdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-14089
Matching Score-8
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-8
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 3.58%
||
7 Day CHG~0.00%
Published-08 Sep, 2020 | 09:31
Updated-05 Aug, 2024 | 00:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Keymaster attestation key and device IDs provisioning which is a one time process is incorrectly allowed to be re-provisioned after a user data erase or a factory reset' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Kamorta, Nicobar, QCS404, QCS610, Rennell, SA515M, SA6155P, SC7180, SC8180X, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-kamorta_firmwaresa6155p_firmwareqcs404sm8150_firmwaresxr2130_firmwareqcs610sa515m_firmwarerennellsc7180rennell_firmwaresa515mqcs404_firmwaresm8250_firmwaresc8180x_firmwaresdx55sm7150_firmwaresm6150_firmwaresm8250sm6150sc7180_firmwaresm8150kamortasm7150sdx55_firmwarenicobar_firmwaresa6155pqcs610_firmwaresxr2130sc8180xnicobarSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-327
Use of a Broken or Risky Cryptographic Algorithm
  • Previous
  • 1
  • 2
  • ...
  • 6
  • 7
  • 8
  • ...
  • 31
  • 32
  • Next
Details not found