Skip to main content

Qualcomm

1142 CVEs vendor

Monthly

CVE-2014-9779 HIGH This Week

arch/arm/mach-msm/qdsp6v2/msm_audio_ion.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices allows attackers to obtain sensitive information from kernel memory via a crafted. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Qualcomm Privilege Escalation Google Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2014-9778 HIGH This Week

The vid_dec_set_h264_mv_buffers function in drivers/video/msm/vidc/common/dec/vdec.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Qualcomm Google Buffer Overflow Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2014-9777 HIGH This Week

The vid_dec_set_meta_buffers function in drivers/video/msm/vidc/common/dec/vdec.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate the number. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Qualcomm Google Buffer Overflow Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2013-7457 HIGH This Week

Unspecified vulnerability in the Qualcomm components in Android before 2016-07-05 allows attackers to gain privileges via a crafted application. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Qualcomm Google Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-2498 MEDIUM PATCH This Month

The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 (2013) devices allows attackers to bypass intended data-access restrictions via a crafted application, aka internal bug 27777162. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Qualcomm Google Information Disclosure Android
NVD
CVSS 3.0
5.5
EPSS
0.1%
CVE-2016-2489 HIGH PATCH This Week

The Qualcomm video driver in Android before 2016-06-01 on Nexus 5, 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 27407629. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Qualcomm Privilege Escalation Google Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2016-2488 HIGH PATCH This Week

The Qualcomm camera driver in Android before 2016-06-01 on Nexus 5, 5X, 6, 6P, and 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 27600832. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Qualcomm Privilege Escalation Google Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2016-2474 HIGH PATCH This Week

The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 5X devices allows attackers to gain privileges via a crafted application, aka internal bug 27424603. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Qualcomm Google Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2016-2473 CRITICAL PATCH Act Now

The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 27777501. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Qualcomm Google Information Disclosure Android
NVD
CVSS 3.0
9.8
EPSS
0.2%
CVE-2016-2472 HIGH PATCH This Week

The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 27776888. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Qualcomm Google Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2016-2471 HIGH PATCH This Week

The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 27773913. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Qualcomm Google Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2016-2470 HIGH PATCH This Week

The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 27662174. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Qualcomm Google Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2016-2469 HIGH PATCH This Week

The Qualcomm sound driver in Android before 2016-06-01 on Nexus 5, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 27531992. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Qualcomm Google Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.1%
CVE-2016-2468 HIGH PATCH This Week

The Qualcomm GPU driver in Android before 2016-06-01 on Nexus 5, 5X, 6, 6P, and 7 devices allows attackers to gain privileges via a crafted application, aka internal bug 27475454. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Qualcomm Google Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.4%
CVE-2016-2467 HIGH PATCH This Week

The Qualcomm sound driver in Android before 2016-06-01 on Nexus 5 devices allows attackers to gain privileges via a crafted application, aka internal bug 28029010. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Qualcomm Google Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2016-2466 HIGH PATCH This Week

The Qualcomm sound driver in Android before 2016-06-01 on Nexus 6 devices allows attackers to gain privileges via a crafted application, aka internal bug 27947307. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Qualcomm Google Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2016-2465 HIGH PATCH This Week

The Qualcomm video driver in Android before 2016-06-01 on Nexus 5, 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 27407865. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Qualcomm Google Information Disclosure Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2016-2066 HIGH PATCH This Week

Integer signedness error in the MSM QDSP6 audio driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Denial Of Service Google Linux Buffer Overflow Qualcomm +2
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2016-2061 HIGH This Week

Integer signedness error in the MSM V4L2 video driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Google Linux Buffer Overflow Qualcomm +2
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2016-2454 MEDIUM PATCH This Month

The Qualcomm hardware video codec in Android before 2016-05-01 on Nexus 5 devices allows remote attackers to cause a denial of service (reboot) via a crafted file, aka internal bug 26221024. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Qualcomm Google Denial Of Service Android
NVD
CVSS 3.0
5.5
EPSS
0.3%
CVE-2016-2443 HIGH PATCH This Week

The Qualcomm MDP driver in Android before 2016-05-01 on Nexus 5 and Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 26404525. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Qualcomm Privilege Escalation Google Android
NVD
CVSS 3.0
7.0
EPSS
0.1%
CVE-2016-2442 HIGH PATCH This Week

The Qualcomm buspm driver in Android before 2016-05-01 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 26494907. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Qualcomm Privilege Escalation Google Android
NVD
CVSS 3.0
7.0
EPSS
0.1%
CVE-2016-2441 HIGH PATCH This Week

The Qualcomm buspm driver in Android before 2016-05-01 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 26354602. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Qualcomm Privilege Escalation Google Android
NVD
CVSS 3.0
7.0
EPSS
0.0%
CVE-2016-2432 HIGH PATCH This Week

The Qualcomm TrustZone component in Android before 2016-05-01 on Nexus 6 and Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 25913059. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Qualcomm Privilege Escalation Google Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2016-2431 HIGH PATCH This Week

The Qualcomm TrustZone component in Android before 2016-05-01 on Nexus 5, Nexus 6, Nexus 7 (2013), and Android One devices allows attackers to gain privileges via a crafted application, aka internal. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Qualcomm Privilege Escalation Google Android
NVD
CVSS 3.0
7.8
EPSS
1.4%
CVE-2016-2060 HIGH PATCH This Week

server/TetherController.cpp in the tethering controller in netd, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Qualcomm Privilege Escalation Google Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2015-0571 HIGH This Week

The WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not verify authorization for. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Qualcomm Google Linux Authentication Bypass Linux Kernel
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2015-0570 HIGH This Week

Stack-based buffer overflow in the SET_WPS_IE IOCTL implementation in wlan_hdd_hostapd.c in the WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Linux Buffer Overflow Qualcomm +1
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2015-0569 HIGH POC This Week

Heap-based buffer overflow in the private wireless extensions IOCTL implementation in wlan_hdd_wext.c in the WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Google Linux Buffer Overflow Qualcomm +1
NVD Exploit-DB
CVSS 3.1
7.8
EPSS
0.4%
CVE-2016-2062 HIGH PATCH This Week

The adreno_perfcounter_query_group function in drivers/gpu/msm/adreno_perfcounter.c in the Adreno GPU driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Denial Of Service Google Linux Buffer Overflow +4
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2016-2059 HIGH PATCH This Week

The msm_ipc_router_bind_control_port function in net/ipc_router/ipc_router_core.c in the IPC router kernel module for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android. Rated high severity (CVSS 7.0). This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Denial Of Service Google Linux Qualcomm Privilege Escalation +2
NVD
CVSS 3.1
7.0
EPSS
0.0%
CVE-2016-2411 MEDIUM This Month

A Qualcomm Power Management kernel driver in Android 6.x before 2016-04-01 allows attackers to gain privileges via a crafted application that leverages root access, aka internal bug 26866053. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Google Information Disclosure Android
NVD
CVSS 3.0
6.5
EPSS
0.1%
CVE-2016-2410 HIGH PATCH This Week

A Qualcomm video kernel driver in Android 6.x before 2016-04-01 allows attackers to gain privileges via a crafted application that leverages control over a service that can call this driver, aka. Rated high severity (CVSS 7.4), this vulnerability is no authentication required.

Qualcomm Privilege Escalation Google Android
NVD
CVSS 3.0
7.4
EPSS
0.0%
CVE-2016-0844 HIGH PATCH This Week

The Qualcomm RF driver in Android 6.x before 2016-04-01 does not properly restrict access to socket ioctl calls, which allows attackers to gain privileges via a crafted application, aka internal bug. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity.

Qualcomm Privilege Escalation Google Android
NVD
CVSS 3.0
8.4
EPSS
0.0%
CVE-2016-0843 HIGH PATCH This Week

The Qualcomm ARM processor performance-event manager in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows attackers to gain privileges via a crafted. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity.

Qualcomm Privilege Escalation Google Android
NVD
CVSS 3.0
8.4
EPSS
0.0%
CVE-2016-0819 HIGH This Week

The Qualcomm performance component in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allows attackers to gain privileges via a crafted application, aka internal bug. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Qualcomm Privilege Escalation Google Android
NVD
CVSS 3.0
7.8
EPSS
0.0%
CVE-2016-0806 HIGH This Week

The Qualcomm Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application, aka internal bug. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Qualcomm Privilege Escalation Google Android
NVD
CVSS 3.0
8.4
EPSS
0.0%
CVE-2016-0805 HIGH This Week

The performance event manager for Qualcomm ARM processors in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows attackers to gain privileges via a crafted. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Qualcomm Privilege Escalation Google Android
NVD
CVSS 3.0
8.4
EPSS
0.1%
CVE-2014-10031 HIGH POC THREAT Act Now

Buffer overflow in the IMAPd service in Qualcomm Eudora WorldMail 9.0.333.0 allows remote attackers to execute arbitrary code via a long string in a UID command. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 39.4%.

Qualcomm Buffer Overflow RCE Eudora Worldmail
NVD Exploit-DB
CVSS 2.0
7.5
EPSS
39.4%
Threat
4.2
CVE-2014-4322 HIGH POC PATCH This Week

drivers/misc/qseecom.c in the QSEECOM driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not validate certain. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Memory Corruption Denial Of Service Google Linux Buffer Overflow +2
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
3.5%
CVE-2014-4323 HIGH This Week

The mdp_lut_hw_update function in drivers/video/msm/mdp.c in the MDP display driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Google Linux Linux Kernel
NVD
CVSS 2.0
7.5
EPSS
2.4%
CVE-2013-6124 LOW Monitor

The Qualcomm Innovation Center (QuIC) init scripts in Code Aurora Forum (CAF) releases of Android 4.1.x through 4.4.x allow local users to modify file metadata via a symlink attack on a file accessed. Rated low severity (CVSS 3.3). No vendor patch available.

Qualcomm Google RCE Android Msm
NVD
CVSS 2.0
3.3
EPSS
0.0%
CVE-2013-2599 MEDIUM This Month

A certain Qualcomm Innovation Center (QuIC) patch to the NativeDaemonConnector class in services/java/com/android/server/NativeDaemonConnector.java in Code Aurora Forum (CAF) releases of Android. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Qualcomm Google Information Disclosure Java Android Msm
NVD
CVSS 2.0
5.0
EPSS
0.1%
CVE-2013-2598 MEDIUM This Month

app/aboot/aboot.c in the Little Kernel (LK) bootloader, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to overwrite. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Google Information Disclosure Android Msm
NVD
CVSS 2.0
6.6
EPSS
0.0%
CVE-2013-2597 HIGH KEV THREAT Act Now

Stack-based buffer overflow in the acdb_ioctl function in audio_acdb.c in the acdb audio driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and no vendor patch available.

Buffer Overflow Qualcomm Google Linux
NVD VulDB
CVSS 3.1
8.4
EPSS
6.7%
CVE-2013-2595 HIGH This Week

The device-initialization functionality in the MSM camera driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Privilege Escalation Linux Google Android Msm
NVD
CVSS 2.0
7.2
EPSS
0.9%
CVE-2014-4325 HIGH PATCH This Week

The cmd_boot function in app/aboot/aboot.c in the Little Kernel (LK) bootloader, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Qualcomm Google Authentication Bypass Little Kernel Bootloader
NVD
CVSS 2.0
7.2
EPSS
0.0%
CVE-2014-0974 LOW PATCH Monitor

The boot_linux_from_mmc function in app/aboot/aboot.c in the Little Kernel (LK) bootloader, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other. Rated low severity (CVSS 1.9).

Qualcomm Privilege Escalation Google Little Kernel Bootloader
NVD
CVSS 2.0
1.9
EPSS
0.1%
CVE-2014-0973 HIGH PATCH This Week

The image_verify function in platform/msm_shared/image_verify.c in the Little Kernel (LK) bootloader, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Qualcomm Google Authentication Bypass Little Kernel Bootloader
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2014-0972 HIGH This Week

The kgsl graphics driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly prevent write access to. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Privilege Escalation Linux Google Android Msm
NVD
CVSS 2.0
7.2
EPSS
0.0%
CVE-2013-4737 CRITICAL PATCH Act Now

The CONFIG_STRICT_MEMORY_RWX implementation for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly consider. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Privilege Escalation Linux Google Qualcomm Quic Mobile Station Modem Kernel
NVD
CVSS 2.0
9.3
EPSS
0.6%
CVE-2013-4736 HIGH PATCH This Week

Multiple integer overflows in the JPEG engine drivers in the MSM camera driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Linux Google Qualcomm Android Msm
NVD
CVSS 2.0
7.8
EPSS
0.5%
CVE-2013-4739 MEDIUM This Month

The MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to obtain sensitive information. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Linux Qualcomm Android Msm +1
NVD
CVSS 2.0
4.9
EPSS
0.1%
CVE-2013-4738 HIGH This Week

Multiple stack-based buffer overflows in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Linux Google Qualcomm Android Msm +1
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2013-6123 MEDIUM POC PATCH This Month

Multiple array index errors in drivers/media/video/msm/server/msm_cam_server.c in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions. Rated medium severity (CVSS 6.9). Public exploit code available.

Linux Google Information Disclosure Qualcomm Android Msm +1
NVD
CVSS 2.0
6.9
EPSS
0.0%
CVE-2013-6392 MEDIUM PATCH This Month

The genlock_dev_ioctl function in genlock.c in the Genlock driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity.

Linux Google Information Disclosure Qualcomm Android Msm
NVD
CVSS 2.0
4.9
EPSS
0.1%
CVE-2013-6122 MEDIUM POC PATCH This Month

goodix_tool.c in the Goodix gt915 touchscreen driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly. Rated medium severity (CVSS 6.9). Public exploit code available.

Google Denial Of Service Linux Buffer Overflow Qualcomm +1
NVD
CVSS 2.0
6.9
EPSS
0.1%
CVE-2013-4740 MEDIUM POC PATCH This Month

goodix_tool.c in the Goodix gt915 touchscreen driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, relies on. Rated medium severity (CVSS 6.9). Public exploit code available.

Google Denial Of Service Linux Buffer Overflow Race Condition +2
NVD
CVSS 2.0
6.9
EPSS
0.1%
CVE-2013-3051 MEDIUM POC This Month

The TrustZone kernel, when used in conjunction with a certain Motorola build of Android 4.1.2, on Motorola Razr HD, Razr M, and Atrix HD devices with the Qualcomm MSM8960 chipset does not verify the. Rated medium severity (CVSS 6.2). Public exploit code available and no vendor patch available.

Information Disclosure Google Qualcomm Msm8960 Android +3
NVD
CVSS 2.0
6.2
EPSS
0.0%
CVE-2012-4222 MEDIUM This Month

drivers/gpu/msm/kgsl.c in the Qualcomm Innovation Center (QuIC) Graphics KGSL kernel-mode driver for Android 2.3 through 4.2 allows attackers to cause a denial of service (NULL pointer dereference). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Google Qualcomm Android
NVD
CVSS 2.0
4.3
EPSS
0.2%
CVE-2012-4221 MEDIUM This Month

Integer overflow in diagchar_core.c in the Qualcomm Innovation Center (QuIC) Diagnostics (aka DIAG) kernel-mode driver for Android 2.3 through 4.2 allows attackers to execute arbitrary code or cause. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

RCE Denial Of Service Google Qualcomm Android
NVD
CVSS 2.0
6.8
EPSS
0.6%
CVE-2012-4220 MEDIUM This Month

diagchar_core.c in the Qualcomm Innovation Center (QuIC) Diagnostics (aka DIAG) kernel-mode driver for Android 2.3 through 4.2 allows attackers to execute arbitrary code or cause a denial of service. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Epss exploitation probability 17.8% and no vendor patch available.

RCE Denial Of Service Google Qualcomm Android
NVD
CVSS 2.0
6.8
EPSS
17.8%
EPSS 0% CVSS 7.8
HIGH This Week

arch/arm/mach-msm/qdsp6v2/msm_audio_ion.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices allows attackers to obtain sensitive information from kernel memory via a crafted. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Qualcomm Privilege Escalation Google +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The vid_dec_set_h264_mv_buffers function in drivers/video/msm/vidc/common/dec/vdec.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate the. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Qualcomm Google Buffer Overflow +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The vid_dec_set_meta_buffers function in drivers/video/msm/vidc/common/dec/vdec.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate the number. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Qualcomm Google Buffer Overflow +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Unspecified vulnerability in the Qualcomm components in Android before 2016-07-05 allows attackers to gain privileges via a crafted application. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Qualcomm Google Information Disclosure +1
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 (2013) devices allows attackers to bypass intended data-access restrictions via a crafted application, aka internal bug 27777162. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Qualcomm Google Information Disclosure +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

The Qualcomm video driver in Android before 2016-06-01 on Nexus 5, 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 27407629. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Qualcomm Privilege Escalation Google +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

The Qualcomm camera driver in Android before 2016-06-01 on Nexus 5, 5X, 6, 6P, and 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 27600832. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Qualcomm Privilege Escalation Google +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 5X devices allows attackers to gain privileges via a crafted application, aka internal bug 27424603. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Qualcomm Google Information Disclosure +1
NVD
EPSS 0% CVSS 9.8
CRITICAL PATCH Act Now

The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 27777501. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Qualcomm Google Information Disclosure +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 27776888. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Qualcomm Google Information Disclosure +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 27773913. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Qualcomm Google Information Disclosure +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 27662174. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Qualcomm Google Information Disclosure +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

The Qualcomm sound driver in Android before 2016-06-01 on Nexus 5, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 27531992. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Qualcomm Google Information Disclosure +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

The Qualcomm GPU driver in Android before 2016-06-01 on Nexus 5, 5X, 6, 6P, and 7 devices allows attackers to gain privileges via a crafted application, aka internal bug 27475454. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Qualcomm Google Information Disclosure +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

The Qualcomm sound driver in Android before 2016-06-01 on Nexus 5 devices allows attackers to gain privileges via a crafted application, aka internal bug 28029010. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Qualcomm Google Information Disclosure +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

The Qualcomm sound driver in Android before 2016-06-01 on Nexus 6 devices allows attackers to gain privileges via a crafted application, aka internal bug 27947307. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Qualcomm Google Information Disclosure +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

The Qualcomm video driver in Android before 2016-06-01 on Nexus 5, 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 27407865. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Qualcomm Google Information Disclosure +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Integer signedness error in the MSM QDSP6 audio driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Denial Of Service Google Linux +4
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Integer signedness error in the MSM V4L2 video driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Google Linux +4
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

The Qualcomm hardware video codec in Android before 2016-05-01 on Nexus 5 devices allows remote attackers to cause a denial of service (reboot) via a crafted file, aka internal bug 26221024. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Qualcomm Google Denial Of Service +1
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

The Qualcomm MDP driver in Android before 2016-05-01 on Nexus 5 and Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka internal bug 26404525. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Qualcomm Privilege Escalation Google +1
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

The Qualcomm buspm driver in Android before 2016-05-01 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 26494907. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Qualcomm Privilege Escalation Google +1
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

The Qualcomm buspm driver in Android before 2016-05-01 on Nexus 5X, 6, and 6P devices allows attackers to gain privileges via a crafted application, aka internal bug 26354602. Rated high severity (CVSS 7.0), this vulnerability is no authentication required.

Qualcomm Privilege Escalation Google +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

The Qualcomm TrustZone component in Android before 2016-05-01 on Nexus 6 and Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 25913059. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Qualcomm Privilege Escalation Google +1
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

The Qualcomm TrustZone component in Android before 2016-05-01 on Nexus 5, Nexus 6, Nexus 7 (2013), and Android One devices allows attackers to gain privileges via a crafted application, aka internal. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Qualcomm Privilege Escalation Google +1
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

server/TetherController.cpp in the tethering controller in netd, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Qualcomm Privilege Escalation Google +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not verify authorization for. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Qualcomm Google Linux +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Stack-based buffer overflow in the SET_WPS_IE IOCTL implementation in wlan_hdd_hostapd.c in the WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Google Linux +3
NVD
EPSS 0% CVSS 7.8
HIGH POC This Week

Heap-based buffer overflow in the private wireless extensions IOCTL implementation in wlan_hdd_wext.c in the WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Memory Corruption Google Linux +3
NVD Exploit-DB
EPSS 0% CVSS 7.8
HIGH PATCH This Week

The adreno_perfcounter_query_group function in drivers/gpu/msm/adreno_perfcounter.c in the Adreno GPU driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Denial Of Service Google +6
NVD
EPSS 0% CVSS 7.0
HIGH PATCH This Week

The msm_ipc_router_bind_control_port function in net/ipc_router/ipc_router_core.c in the IPC router kernel module for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android. Rated high severity (CVSS 7.0). This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Denial Of Service Google Linux +4
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

A Qualcomm Power Management kernel driver in Android 6.x before 2016-04-01 allows attackers to gain privileges via a crafted application that leverages root access, aka internal bug 26866053. Rated medium severity (CVSS 6.5), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Google Information Disclosure +1
NVD
EPSS 0% CVSS 7.4
HIGH PATCH This Week

A Qualcomm video kernel driver in Android 6.x before 2016-04-01 allows attackers to gain privileges via a crafted application that leverages control over a service that can call this driver, aka. Rated high severity (CVSS 7.4), this vulnerability is no authentication required.

Qualcomm Privilege Escalation Google +1
NVD
EPSS 0% CVSS 8.4
HIGH PATCH This Week

The Qualcomm RF driver in Android 6.x before 2016-04-01 does not properly restrict access to socket ioctl calls, which allows attackers to gain privileges via a crafted application, aka internal bug. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity.

Qualcomm Privilege Escalation Google +1
NVD
EPSS 0% CVSS 8.4
HIGH PATCH This Week

The Qualcomm ARM processor performance-event manager in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-04-01 allows attackers to gain privileges via a crafted. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity.

Qualcomm Privilege Escalation Google +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

The Qualcomm performance component in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49H, and 6.x before 2016-03-01 allows attackers to gain privileges via a crafted application, aka internal bug. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Qualcomm Privilege Escalation Google +1
NVD
EPSS 0% CVSS 8.4
HIGH This Week

The Qualcomm Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application, aka internal bug. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Qualcomm Privilege Escalation Google +1
NVD
EPSS 0% CVSS 8.4
HIGH This Week

The performance event manager for Qualcomm ARM processors in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows attackers to gain privileges via a crafted. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Qualcomm Privilege Escalation Google +1
NVD
EPSS 39% 4.2 CVSS 7.5
HIGH POC THREAT Act Now

Buffer overflow in the IMAPd service in Qualcomm Eudora WorldMail 9.0.333.0 allows remote attackers to execute arbitrary code via a long string in a UID command. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 39.4%.

Qualcomm Buffer Overflow RCE +1
NVD Exploit-DB
EPSS 3% CVSS 7.2
HIGH POC PATCH This Week

drivers/misc/qseecom.c in the QSEECOM driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not validate certain. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available.

Memory Corruption Denial Of Service Google +4
NVD Exploit-DB
EPSS 2% CVSS 7.5
HIGH This Week

The mdp_lut_hw_update function in drivers/video/msm/mdp.c in the MDP display driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Google +2
NVD
EPSS 0% CVSS 3.3
LOW Monitor

The Qualcomm Innovation Center (QuIC) init scripts in Code Aurora Forum (CAF) releases of Android 4.1.x through 4.4.x allow local users to modify file metadata via a symlink attack on a file accessed. Rated low severity (CVSS 3.3). No vendor patch available.

Qualcomm Google RCE +1
NVD
EPSS 0% CVSS 5.0
MEDIUM This Month

A certain Qualcomm Innovation Center (QuIC) patch to the NativeDaemonConnector class in services/java/com/android/server/NativeDaemonConnector.java in Code Aurora Forum (CAF) releases of Android. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Qualcomm Google Information Disclosure +2
NVD
EPSS 0% CVSS 6.6
MEDIUM This Month

app/aboot/aboot.c in the Little Kernel (LK) bootloader, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to overwrite. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Google Information Disclosure +1
NVD
EPSS 7% CVSS 8.4
HIGH KEV THREAT Act Now

Stack-based buffer overflow in the acdb_ioctl function in audio_acdb.c in the acdb audio driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and no vendor patch available.

Buffer Overflow Qualcomm Google +1
NVD VulDB
EPSS 1% CVSS 7.2
HIGH This Week

The device-initialization functionality in the MSM camera driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Privilege Escalation Linux +2
NVD
EPSS 0% CVSS 7.2
HIGH PATCH This Week

The cmd_boot function in app/aboot/aboot.c in the Little Kernel (LK) bootloader, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Qualcomm Google Authentication Bypass +1
NVD
EPSS 0% CVSS 1.9
LOW PATCH Monitor

The boot_linux_from_mmc function in app/aboot/aboot.c in the Little Kernel (LK) bootloader, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other. Rated low severity (CVSS 1.9).

Qualcomm Privilege Escalation Google +1
NVD
EPSS 0% CVSS 7.2
HIGH PATCH This Week

The image_verify function in platform/msm_shared/image_verify.c in the Little Kernel (LK) bootloader, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Qualcomm Google Authentication Bypass +1
NVD
EPSS 0% CVSS 7.2
HIGH This Week

The kgsl graphics driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly prevent write access to. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Privilege Escalation Linux +2
NVD
EPSS 1% CVSS 9.3
CRITICAL PATCH Act Now

The CONFIG_STRICT_MEMORY_RWX implementation for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly consider. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable.

Privilege Escalation Linux Google +2
NVD
EPSS 1% CVSS 7.8
HIGH PATCH This Week

Multiple integer overflows in the JPEG engine drivers in the MSM camera driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices. Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Linux Google +2
NVD
EPSS 0% CVSS 4.9
MEDIUM This Month

The MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to obtain sensitive information. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Google Linux +3
NVD
EPSS 0% CVSS 7.2
HIGH This Week

Multiple stack-based buffer overflows in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Linux Google +3
NVD
EPSS 0% CVSS 6.9
MEDIUM POC PATCH This Month

Multiple array index errors in drivers/media/video/msm/server/msm_cam_server.c in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions. Rated medium severity (CVSS 6.9). Public exploit code available.

Linux Google Information Disclosure +3
NVD
EPSS 0% CVSS 4.9
MEDIUM PATCH This Month

The genlock_dev_ioctl function in genlock.c in the Genlock driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does. Rated medium severity (CVSS 4.9), this vulnerability is low attack complexity.

Linux Google Information Disclosure +2
NVD
EPSS 0% CVSS 6.9
MEDIUM POC PATCH This Month

goodix_tool.c in the Goodix gt915 touchscreen driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly. Rated medium severity (CVSS 6.9). Public exploit code available.

Google Denial Of Service Linux +3
NVD
EPSS 0% CVSS 6.9
MEDIUM POC PATCH This Month

goodix_tool.c in the Goodix gt915 touchscreen driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, relies on. Rated medium severity (CVSS 6.9). Public exploit code available.

Google Denial Of Service Linux +4
NVD
EPSS 0% CVSS 6.2
MEDIUM POC This Month

The TrustZone kernel, when used in conjunction with a certain Motorola build of Android 4.1.2, on Motorola Razr HD, Razr M, and Atrix HD devices with the Qualcomm MSM8960 chipset does not verify the. Rated medium severity (CVSS 6.2). Public exploit code available and no vendor patch available.

Information Disclosure Google Qualcomm +5
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

drivers/gpu/msm/kgsl.c in the Qualcomm Innovation Center (QuIC) Graphics KGSL kernel-mode driver for Android 2.3 through 4.2 allows attackers to cause a denial of service (NULL pointer dereference). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

Denial Of Service Google Qualcomm +1
NVD
EPSS 1% CVSS 6.8
MEDIUM This Month

Integer overflow in diagchar_core.c in the Qualcomm Innovation Center (QuIC) Diagnostics (aka DIAG) kernel-mode driver for Android 2.3 through 4.2 allows attackers to execute arbitrary code or cause. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. No vendor patch available.

RCE Denial Of Service Google +2
NVD
EPSS 18% CVSS 6.8
MEDIUM This Month

diagchar_core.c in the Qualcomm Innovation Center (QuIC) Diagnostics (aka DIAG) kernel-mode driver for Android 2.3 through 4.2 allows attackers to execute arbitrary code or cause a denial of service. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable. Epss exploitation probability 17.8% and no vendor patch available.

RCE Denial Of Service Google +2
NVD
Prev Page 13 of 13

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy