Skip to main content

Msm8909 Firmware

53 CVEs product

Monthly

CVE-2020-3639 CRITICAL Act Now

u'When a non standard SIP sigcomp message is received from the network, then there may be chances of using more UDVM cycle or memory overflow' in Snapdragon Auto, Snapdragon Compute, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Apq8009 Firmware Apq8017 Firmware Apq8037 Firmware +86
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2020-11196 CRITICAL Act Now

u'Integer overflow to buffer overflow occurs while playback of ASF clip having unexpected number of codec entries' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Apq8009 Firmware Apq8009W Firmware Apq8017 Firmware +89
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2020-11193 CRITICAL Act Now

u'Buffer over read can happen while parsing mkv clip due to improper typecasting of data returned from atomsize' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Information Disclosure Apq8009 Firmware Apq8009W Firmware +90
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2020-11132 HIGH This Week

u'Buffer over read in boot due to size check ignored before copying GUID attribute from request to response' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Information Disclosure Apq8009 Firmware Apq8096Au Firmware +79
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2020-11123 MEDIUM This Month

u'information disclosure in gatekeeper trustzone implementation as the throttling mechanism to prevent brute force attempts at getting user`s lock-screen password can be bypassed by performing the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Information Disclosure Apq8009 Firmware Apq8009W Firmware Apq8017 Firmware +112
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2020-3644 MEDIUM This Month

u'Information disclosure issue occurs as in current logic Secure Touch session is released without terminating display session' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity,. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Information Disclosure Apq8009 Firmware Apq8096Au Firmware Apq8098 Firmware +39
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2020-3643 MEDIUM This Month

u'Information disclosure issue can occur due to partial secure display-touch session tear-down' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Information Disclosure Apq8009 Firmware Apq8017 Firmware Apq8053 Firmware +55
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2020-3624 HIGH This Week

u'A potential buffer overflow exists due to integer overflow when parsing handler options due to wrong data type usage in operation' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Integer Overflow Apq8009 Firmware Apq8017 Firmware +59
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-3622 HIGH This Week

u'Channel name string which has been read from shared memory is potentially subjected to string manipulations but not validated for NULL termination can results into memory corruption' in Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Memory Corruption Apq8009 Apq8017 +128
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2020-3621 MEDIUM This Month

u'Lack of check to ensure that the TX read index & RX write index that are read from shared memory are less than the FIFO size results into memory corruption and potential information leakage' in. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Apq8009 Firmware Apq8053 Firmware Apq8096Au Firmware +60
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2020-3620 MEDIUM This Month

u'Lack of check of integer overflow while doing a round up operation for data read from shared memory for G-link SMEM transport can lead to corruption and potential information leak' in Snapdragon. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Integer Overflow Apq8009 Firmware Apq8053 Firmware +61
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2020-3619 HIGH This Week

u'Non-secure memory is touched multiple times during TrustZone\u2019s execution and can lead to privilege escalation or memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon. Rated high severity (CVSS 7.0). No vendor patch available.

Buffer Overflow Qualcomm Privilege Escalation Apq8009 Firmware Apq8017 Firmware +42
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2020-3614 CRITICAL Act Now

Possible buffer overflow while copying the frame to local buffer due to lack of check of length before copying in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Apq8009 Firmware Apq8017 Firmware Apq8053 Firmware +52
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2019-2242 CRITICAL Act Now

Device memory may get corrupted because of buffer overflow/underflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Qualcomm Buffer Overflow Apq8009 Firmware Apq8016 Firmware +46
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2019-10607 HIGH PATCH This Week

Out of bounds memcpy can occur by providing the embedded NULL character string and length greater than the actual string length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Qualcomm Apq8009 Firmware Apq8017 Firmware Apq8053 Firmware +36
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-10605 HIGH PATCH This Week

Buffer overwrite can occur in IEEE80211 header filling function due to lack of range check of array index received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Qualcomm Apq8009 Firmware Apq8053 Firmware Ipq8074 Firmware +11
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-10600 HIGH PATCH This Week

Use of local variable as argument to netlink CB callback goes out of it scope when callback triggered lead to invalid stack memory in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Qualcomm Apq8009 Firmware Apq8017 Firmware +48
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-10595 HIGH PATCH This Week

Possible buffer overwrite in message handler due to lack of validation of tid value calculated from packets received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Qualcomm Information Disclosure Apq8009 Firmware Apq8053 Firmware Apq8064 Firmware +27
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-10544 HIGH PATCH This Week

Improper length check on source buffer to handle userspace data received can lead to out-of-bound access in diag handlers in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Qualcomm Apq8009 Firmware Apq8017 Firmware Apq8053 Firmware +43
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-10525 CRITICAL Act Now

Buffer overflow during SIB read when network configures complete sib list along with first and last segment of other SIB in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Memory Corruption Apq8009 Firmware Apq8017 Firmware +50
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2019-10518 HIGH This Week

Use after free of a pointer in iWLAN scenario during netmgr state transition to CONNECT in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Use After Free Qualcomm Memory Corruption Apq8009 Firmware +48
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-10517 HIGH This Week

Memory is being freed up twice when two concurrent threads are executing in parallel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Information Disclosure Apq8009 Firmware Apq8017 Firmware Apq8053 Firmware +30
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-10516 CRITICAL Act Now

Multiple read overflows in MM while decoding service accept,service reject,attach reject and MT detach in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Information Disclosure Apq8009 Firmware Apq8017 Firmware +50
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2019-10513 MEDIUM This Month

Possibility of Null pointer access if the SPDM commands are executed in the non-standard way in Trustzone in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Qualcomm Apq8009 Firmware Apq8017 Firmware +47
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2019-10500 CRITICAL Act Now

While processing MT Secondary PDP request, Buffer overflow will happen due to incorrect calculation of buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Apq8009 Firmware Apq8017 Firmware Apq8053 Firmware +49
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2019-10487 CRITICAL Act Now

Buffer over read can happen while parsing SMS OTA messages at transport layer if network sends un-intended values in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Information Disclosure Apq8009 Firmware Apq8017 Firmware +51
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2019-10482 MEDIUM This Month

Due to the use of non-time-constant comparison functions there is issue in timing side channels which can be used as a potential side channel for SUI corruption in Snapdragon Auto, Snapdragon. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Qualcomm Information Disclosure Apq8009 Firmware Apq8017 Firmware Apq8053 Firmware +46
NVD
CVSS 3.1
5.9
EPSS
0.6%
CVE-2019-10480 HIGH PATCH This Week

Out of bound write can happen in WMI firmware event handler due to lack of validation of data received from WLAN firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Qualcomm Memory Corruption Apq8009 Firmware Apq8017 Firmware +41
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-2337 HIGH This Week

While Skipping unknown IES, EMM is reading the buffer even if the no of bytes to read are more than message length which may cause device to shutdown in Snapdragon Auto, Snapdragon Compute,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Information Disclosure Apq8053 Firmware Apq8096Au Firmware +46
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2019-2321 HIGH This Week

Incorrect length used while validating the qsee log buffer sent from HLOS which could then lead to remap conflict in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Apq8009 Firmware Apq8017 Firmware Apq8053 Firmware +47
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-2320 CRITICAL Act Now

Possible out of bounds write in a MT SMS/SS scenario due to improper validation of array index in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Apq8009 Firmware Apq8017 Firmware Apq8053 Firmware +51
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2019-2310 HIGH PATCH This Week

Out of bound read would occur while trying to read action category and action ID without validating the action length of the Rx Frame body in Snapdragon Auto, Snapdragon Consumer Electronics. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Qualcomm Information Disclosure Apq8009 Firmware Apq8017 Firmware +33
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2019-2288 HIGH This Week

Out of bound write in TZ while copying the secure dump structure on HLOS provided buffer as a part of memory dump in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Apq8009 Firmware Apq8017 Firmware Apq8053 Firmware +37
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-10592 HIGH This Week

Possible integer overflow while multiplying two integers of 32 bit in QDCM API of get display modes as there is no check on the maximum mode count in Snapdragon Auto, Snapdragon Compute, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Qualcomm Buffer Overflow Apq8017 Firmware Apq8053 Firmware +37
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-10571 HIGH PATCH This Week

Snapshot of IB can lead to invalid address access due to missing check for size in the related function in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Qualcomm Apq8017 Firmware Apq8053 Firmware Apq8096Au Firmware +38
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-10559 CRITICAL Act Now

Accessing data buffer beyond the available data while parsing ogg clip can lead to null-pointer dereference and then memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Information Disclosure Apq8009 Firmware Apq8017 Firmware +35
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2019-10555 HIGH PATCH This Week

Buffer overflow can occur due to usage of wrong datatype and missing length check before copying into buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Qualcomm Apq8017 Firmware Apq8053 Firmware Apq8096Au Firmware +37
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-10511 CRITICAL Act Now

Possibility of memory overflow while decoding GSNDCP compressed mode PDU in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Apq8009 Firmware Apq8017 Firmware Apq8053 Firmware +52
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2019-10494 HIGH PATCH This Week

Race condition between the camera functions due to lack of resource lock which will lead to memory corruption and UAF issue in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity,. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Buffer Overflow Qualcomm Apq8009 Firmware Apq8017 Firmware Apq8053 Firmware +38
NVD
CVSS 3.1
8.1
EPSS
0.3%
CVE-2019-10493 CRITICAL Act Now

Position determination accuracy may be degraded due to wrongly decoded information in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Apq8053 Firmware Mdm9206 Firmware Mdm9207C Firmware +45
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2019-10485 HIGH This Week

Infinite loop while decoding compressed data can lead to overrun condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Qualcomm Apq8009 Firmware Apq8017 Firmware Apq8053 Firmware +52
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2019-2335 HIGH This Week

While processing Attach Reject message, Valid exit condition is not met resulting into an infinite loop in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Qualcomm Apq8009 Firmware Apq8017 Firmware Apq8053 Firmware +50
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2019-2315 HIGH This Week

While invoking the API to copy from fd or local buffer to the secure buffer, Parameters being populated are from non secure environment. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Information Disclosure Apq8009 Firmware Apq8017 Firmware Apq8053 Firmware +40
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-2303 CRITICAL Act Now

SNDCP module may access array out side its boundary when it receives malformed XID message. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Information Disclosure Apq8009 Firmware Apq8017 Firmware +53
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2019-2295 MEDIUM This Month

Information disclosure due to lack of address range check done on the SysDBG buffers in SDI code. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Information Disclosure Apq8009 Firmware Apq8017 Firmware +30
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2019-2289 CRITICAL Act Now

Lack of integrity check allows MODEM to accept any NAS messages which can result into authentication bypass of NAS in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Qualcomm Apq8009 Firmware Apq8017 Firmware Apq8053 Firmware +52
NVD
CVSS 3.1
9.8
EPSS
0.6%
CVE-2019-2271 CRITICAL Act Now

Buffer over read can happen while parsing downlink session management OTA messages if network sends un-intended values in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Information Disclosure Apq8009 Firmware Apq8017 Firmware +53
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2019-2266 HIGH PATCH This Week

Possible double free issue in kernel while handling the camera sensor and its sub modules power sequence in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Qualcomm Information Disclosure Apq8053 Firmware Ipq4019 Firmware Ipq8064 Firmware +13
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-10503 HIGH PATCH This Week

Out-of-bounds access can occur in camera driver due to improper validation of array index in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Qualcomm Apq8009 Firmware Apq8017 Firmware Apq8053 Firmware +24
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2019-10490 MEDIUM This Month

Use after free issue in Xtra daemon shutdown due to static object instance getting freed from a multiple places in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Use After Free Qualcomm Memory Corruption Apq8009 Firmware +37
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2019-2302 CRITICAL Act Now

While processing vendor command which contains corrupted channel count, an integer overflow occurs and finally will lead to heap overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Qualcomm Buffer Overflow Apq8017 Firmware Apq8053 Firmware +28
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2019-10565 CRITICAL Act Now

Double free issue can happen when sensor power settings is freed by some thread while another thread try to access. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Information Disclosure Apq8053 Firmware Mdm9206 Firmware Mdm9207C Firmware +10
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2019-2327 CRITICAL Act Now

Possible buffer overflow can occur when playing clip with incorrect element size in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Mdm9150 Firmware Mdm9206 Firmware Mdm9607 Firmware +41
NVD
CVSS 3.0
9.8
EPSS
0.9%
EPSS 1% CVSS 9.8
CRITICAL Act Now

u'When a non standard SIP sigcomp message is received from the network, then there may be chances of using more UDVM cycle or memory overflow' in Snapdragon Auto, Snapdragon Compute, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Apq8009 Firmware +88
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

u'Integer overflow to buffer overflow occurs while playback of ASF clip having unexpected number of codec entries' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Apq8009 Firmware +91
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

u'Buffer over read can happen while parsing mkv clip due to improper typecasting of data returned from atomsize' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Information Disclosure +92
NVD
EPSS 0% CVSS 7.1
HIGH This Week

u'Buffer over read in boot due to size check ignored before copying GUID attribute from request to response' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Information Disclosure +81
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

u'information disclosure in gatekeeper trustzone implementation as the throttling mechanism to prevent brute force attempts at getting user`s lock-screen password can be bypassed by performing the. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Information Disclosure Apq8009 Firmware +114
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

u'Information disclosure issue occurs as in current logic Secure Touch session is released without terminating display session' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity,. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Information Disclosure Apq8009 Firmware +41
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

u'Information disclosure issue can occur due to partial secure display-touch session tear-down' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Information Disclosure Apq8009 Firmware +57
NVD
EPSS 0% CVSS 7.8
HIGH This Week

u'A potential buffer overflow exists due to integer overflow when parsing handler options due to wrong data type usage in operation' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Integer Overflow +61
NVD
EPSS 0% CVSS 7.8
HIGH This Week

u'Channel name string which has been read from shared memory is potentially subjected to string manipulations but not validated for NULL termination can results into memory corruption' in Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Memory Corruption +130
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

u'Lack of check to ensure that the TX read index & RX write index that are read from shared memory are less than the FIFO size results into memory corruption and potential information leakage' in. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Apq8009 Firmware +62
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

u'Lack of check of integer overflow while doing a round up operation for data read from shared memory for G-link SMEM transport can lead to corruption and potential information leak' in Snapdragon. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Integer Overflow +63
NVD
EPSS 0% CVSS 7.0
HIGH This Week

u'Non-secure memory is touched multiple times during TrustZone\u2019s execution and can lead to privilege escalation or memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon. Rated high severity (CVSS 7.0). No vendor patch available.

Buffer Overflow Qualcomm Privilege Escalation +44
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Possible buffer overflow while copying the frame to local buffer due to lack of check of length before copying in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Apq8009 Firmware +54
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Device memory may get corrupted because of buffer overflow/underflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Qualcomm Buffer Overflow +48
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Out of bounds memcpy can occur by providing the embedded NULL character string and length greater than the actual string length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Qualcomm Apq8009 Firmware +38
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Buffer overwrite can occur in IEEE80211 header filling function due to lack of range check of array index received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Qualcomm Apq8009 Firmware +13
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Use of local variable as argument to netlink CB callback goes out of it scope when callback triggered lead to invalid stack memory in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This NULL Pointer Dereference vulnerability could allow attackers to crash the application by dereferencing a null pointer.

Null Pointer Dereference Denial Of Service Qualcomm +50
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Possible buffer overwrite in message handler due to lack of validation of tid value calculated from packets received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Qualcomm Information Disclosure Apq8009 Firmware +29
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Improper length check on source buffer to handle userspace data received can lead to out-of-bound access in diag handlers in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Overflow vulnerability could allow attackers to corrupt memory to execute arbitrary code or crash the application.

Buffer Overflow Qualcomm Apq8009 Firmware +45
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Buffer overflow during SIB read when network configures complete sib list along with first and last segment of other SIB in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Memory Corruption +52
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Use after free of a pointer in iWLAN scenario during netmgr state transition to CONNECT in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Use After Free Qualcomm +50
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Memory is being freed up twice when two concurrent threads are executing in parallel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Information Disclosure Apq8009 Firmware +32
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Multiple read overflows in MM while decoding service accept,service reject,attach reject and MT detach in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Information Disclosure +52
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Possibility of Null pointer access if the SPDM commands are executed in the non-standard way in Trustzone in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Null Pointer Dereference Denial Of Service Qualcomm +49
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

While processing MT Secondary PDP request, Buffer overflow will happen due to incorrect calculation of buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Apq8009 Firmware +51
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Buffer over read can happen while parsing SMS OTA messages at transport layer if network sends un-intended values in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Information Disclosure +53
NVD
EPSS 1% CVSS 5.9
MEDIUM This Month

Due to the use of non-time-constant comparison functions there is issue in timing side channels which can be used as a potential side channel for SUI corruption in Snapdragon Auto, Snapdragon. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Qualcomm Information Disclosure Apq8009 Firmware +48
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Out of bound write can happen in WMI firmware event handler due to lack of validation of data received from WLAN firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Buffer Overflow Qualcomm Memory Corruption +43
NVD
EPSS 1% CVSS 7.5
HIGH This Week

While Skipping unknown IES, EMM is reading the buffer even if the no of bytes to read are more than message length which may cause device to shutdown in Snapdragon Auto, Snapdragon Compute,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Information Disclosure +48
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Incorrect length used while validating the qsee log buffer sent from HLOS which could then lead to remap conflict in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Apq8009 Firmware +49
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Possible out of bounds write in a MT SMS/SS scenario due to improper validation of array index in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Apq8009 Firmware +53
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

Out of bound read would occur while trying to read action category and action ID without validating the action length of the Rx Frame body in Snapdragon Auto, Snapdragon Consumer Electronics. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Qualcomm Information Disclosure +35
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Out of bound write in TZ while copying the secure dump structure on HLOS provided buffer as a part of memory dump in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Apq8009 Firmware +39
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Possible integer overflow while multiplying two integers of 32 bit in QDCM API of get display modes as there is no check on the maximum mode count in Snapdragon Auto, Snapdragon Compute, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Qualcomm Buffer Overflow +39
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Snapshot of IB can lead to invalid address access due to missing check for size in the related function in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Qualcomm Apq8017 Firmware +40
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Accessing data buffer beyond the available data while parsing ogg clip can lead to null-pointer dereference and then memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Information Disclosure +37
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Buffer overflow can occur due to usage of wrong datatype and missing length check before copying into buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Qualcomm Apq8017 Firmware +39
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Possibility of memory overflow while decoding GSNDCP compressed mode PDU in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Apq8009 Firmware +54
NVD
EPSS 0% CVSS 8.1
HIGH PATCH This Week

Race condition between the camera functions due to lack of resource lock which will lead to memory corruption and UAF issue in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity,. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Buffer Overflow Qualcomm Apq8009 Firmware +40
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Position determination accuracy may be degraded due to wrongly decoded information in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Apq8053 Firmware +47
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Infinite loop while decoding compressed data can lead to overrun condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Qualcomm Apq8009 Firmware +54
NVD
EPSS 1% CVSS 7.5
HIGH This Week

While processing Attach Reject message, Valid exit condition is not met resulting into an infinite loop in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT,. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Qualcomm Apq8009 Firmware +52
NVD
EPSS 0% CVSS 7.8
HIGH This Week

While invoking the API to copy from fd or local buffer to the secure buffer, Parameters being populated are from non secure environment. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Information Disclosure Apq8009 Firmware +42
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

SNDCP module may access array out side its boundary when it receives malformed XID message. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Information Disclosure +55
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Information disclosure due to lack of address range check done on the SysDBG buffers in SDI code. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Information Disclosure +32
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Lack of integrity check allows MODEM to accept any NAS messages which can result into authentication bypass of NAS in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Qualcomm Apq8009 Firmware +54
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Buffer over read can happen while parsing downlink session management OTA messages if network sends un-intended values in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Information Disclosure +55
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Possible double free issue in kernel while handling the camera sensor and its sub modules power sequence in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Qualcomm Information Disclosure Apq8053 Firmware +15
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Out-of-bounds access can occur in camera driver due to improper validation of array index in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Qualcomm Apq8009 Firmware +26
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Use after free issue in Xtra daemon shutdown due to static object instance getting freed from a multiple places in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service Use After Free Qualcomm +39
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

While processing vendor command which contains corrupted channel count, an integer overflow occurs and finally will lead to heap overflow. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Qualcomm Buffer Overflow +30
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Double free issue can happen when sensor power settings is freed by some thread while another thread try to access. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm Information Disclosure Apq8053 Firmware +12
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Possible buffer overflow can occur when playing clip with incorrect element size in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Qualcomm Mdm9150 Firmware +43
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy