Skip to main content
CVE-2020-3702 MEDIUM This Month

u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Qualcomm Information Disclosure Apq8053 Firmware Ipq4019 Firmware Ipq8064 Firmware +10
NVD
CVSS 3.1
6.5
EPSS
0.3%
CVE-2020-3644 MEDIUM This Month

u'Information disclosure issue occurs as in current logic Secure Touch session is released without terminating display session' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity,. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Information Disclosure Apq8009 Firmware Apq8096Au Firmware Apq8098 Firmware +39
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2020-3643 MEDIUM This Month

u'Information disclosure issue can occur due to partial secure display-touch session tear-down' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Information Disclosure Apq8009 Firmware Apq8017 Firmware Apq8053 Firmware +55
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2020-3621 MEDIUM This Month

u'Lack of check to ensure that the TX read index & RX write index that are read from shared memory are less than the FIFO size results into memory corruption and potential information leakage' in. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Apq8009 Firmware Apq8053 Firmware Apq8096Au Firmware +60
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2020-3620 MEDIUM This Month

u'Lack of check of integer overflow while doing a round up operation for data read from shared memory for G-link SMEM transport can lead to corruption and potential information leak' in Snapdragon. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Integer Overflow Apq8009 Firmware Apq8053 Firmware +61
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2020-11122 MEDIUM This Month

u'Null Pointer exception while playing crafted mkv file as data stream get deleted on secondary invalid configuration' in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile in APQ8098,. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Qualcomm Apq8098 Firmware Bitra Firmware +8
NVD
CVSS 3.1
5.5
EPSS
0.4%
CVE-2020-4698 MEDIUM PATCH This Month

IBM Business Process Manager 8.5, 8.6 and IBM Business Automation Workflow 18.0, 19.0, and 20.0 are vulnerable to stored cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Business Automation Workflow Business Process Manager
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2020-4516 MEDIUM PATCH This Month

IBM Business Process Manager 8.5, 8.6 and IBM Business Automation Workflow 18.0, 19.0, and 20.0 are vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS IBM Business Automation Workflow Business Process Manager
NVD
CVSS 3.1
5.4
EPSS
0.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy