Skip to main content

Sd 850 Firmware

136 CVEs product

Monthly

CVE-2019-2255 CRITICAL Act Now

An unprivileged user can craft a bitstream such that the payload encoded in the bitstream gains code execution in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm RCE Msm8909W Firmware Msm8996au Firmware Qcs605 Firmware +32
NVD
CVSS 3.0
9.8
EPSS
1.5%
CVE-2019-2250 HIGH This Week

Kernel can write to arbitrary memory address passed by user while freeing/stopping a thread in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in QCS605, SD. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Information Disclosure Qcs605 Firmware Sd 675 Firmware Sd 712 Firmware +9
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2019-2248 HIGH PATCH This Week

Buffer overflow can occur if invalid header tries to overwrite the existing buffer which fix size allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Qualcomm Mdm9150 Firmware Mdm9206 Firmware Mdm9607 Firmware +30
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2019-2247 HIGH PATCH This Week

Possibility of double free issue while running multiple instances of smp2p test because of proper protection is missing while using global variable in Snapdragon Auto, Snapdragon Compute, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Qualcomm Information Disclosure Mdm9150 Firmware Mdm9206 Firmware Mdm9607 Firmware +35
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2019-2245 CRITICAL PATCH Act Now

Possible integer underflow can happen when calculating length of elementary stream map from invalid packet length which is later used to read from input buffer in Snapdragon Auto, Snapdragon Compute,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Qualcomm Information Disclosure Mdm9206 Firmware Mdm9607 Firmware +39
NVD
CVSS 3.0
9.8
EPSS
1.0%
CVE-2019-2244 CRITICAL Act Now

Possible integer underflow can happen when calculating length of elementary stream info from invalid section length which is later used to read from input buffer in Snapdragon Auto, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Qualcomm Information Disclosure Mdm9206 Firmware Mdm9607 Firmware +39
NVD
CVSS 3.0
9.8
EPSS
1.0%
CVE-2018-5918 HIGH This Week

Possible buffer overflow in DRM Trusted application due to lack of check function return values in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Mdm9206 Firmware Mdm9607 Firmware Mdm9650 Firmware +27
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2018-5917 HIGH This Week

Possible buffer overflow in OEM crypto function due to improper input validation in Snapdragon Automobile, Snapdragon Mobile in versions MSM8996AU, SD 425, SD 430, SD 450, SD 625, SD 820, SD 820A, SD. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Msm8996au Firmware Sd 425 Firmware Sd 430 Firmware +11
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2018-5916 MEDIUM This Month

Buffer overread while decoding PDP modify request or network initiated secondary PDP activation in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9615,. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Qualcomm Mdm9206 Firmware Mdm9607 Firmware +33
NVD
CVSS 3.0
6.5
EPSS
0.4%
CVE-2018-5912 HIGH This Week

Potential buffer overflow in Video due to lack of input validation in input and output values in Snapdragon Automobile, Snapdragon Mobile in MSM8996AU, SD 450, SD 625, SD 820, SD 820A, SD 835, SD. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Msm8996au Firmware Sd 450 Firmware Sd 625 Firmware +6
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2018-11994 HIGH This Week

SMMU secure camera logic allows secure camera controllers to access HLOS memory during session in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Mdm9206 Firmware Mdm9607 Firmware Mdm9650 Firmware +17
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2018-11921 HIGH This Week

Failure condition is not handled properly and the correct error code is not returned. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Mdm9206 Firmware Mdm9607 Firmware Mdm9650 Firmware +26
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2018-11884 HIGH This Week

Improper input validation leads to buffer overflow while processing network list offload command in WLAN function in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Sd 835 Firmware Sd 845 Firmware Sd 850 Firmware +1
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2018-11882 HIGH This Week

Incorrect bound check can lead to potential buffer overwrite in WLAN controller in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Sd 835 Firmware Sd 845 Firmware Sd 850 Firmware +1
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2018-11880 HIGH This Week

Incorrect bound check can lead to potential buffer overwrite in WLAN function in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Sd 835 Firmware Sd 845 Firmware Sd 850 Firmware +1
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2018-11877 HIGH This Week

When the buffer length passed is very large in WLAN, bounds check could be bypassed leading to potential buffer overwrite in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Sd 835 Firmware Sd 845 Firmware Sd 850 Firmware +1
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2018-11876 HIGH This Week

Lack of input validation while copying to buffer in WLAN will lead to a buffer overflow in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Sd 835 Firmware Sd 845 Firmware Sd 850 Firmware +1
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2018-11875 HIGH This Week

Lack of check of buffer size before copying in a WLAN function can lead to a buffer overflow in Snapdragon Mobile in version SD 845, SD 850. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Sd 845 Firmware Sd 850 Firmware
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2018-11874 HIGH This Week

Buffer overflow if the length of passphrase is more than 32 when setting up secure NDP connection in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Sd 835 Firmware Sd 845 Firmware Sd 850 Firmware +1
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2018-11872 HIGH This Week

Improper input validation leads to buffer overwrite in the WLAN function that handles WMI commands in Snapdragon Mobile in version SD 845, SD 850, SDA660. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Sd 845 Firmware Sd 850 Firmware Sda660 Firmware
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2018-11871 HIGH This Week

Buffer overwrite can happen in WLAN function while processing set pdev parameter command due to lack of input validation in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Ipq4019 Firmware Ipq8064 Firmware Ipq8074 Firmware +46
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2018-11870 HIGH This Week

Buffer overwrite can occur when the legacy rates count received from the host is not checked against the maximum number of legacy rates in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Mdm9206 Firmware Mdm9607 Firmware Mdm9635M Firmware +27
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2018-11866 HIGH This Week

Integer overflow may happen in WLAN when calculating an internal structure size due to lack of validation of the input length in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Qualcomm Buffer Overflow Ipq8074 Firmware Mdm9206 Firmware +23
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2018-11865 HIGH This Week

Integer overflow may happen when calculating an internal structure size due to lack of validation of the input length in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Qualcomm Buffer Overflow Mdm9206 Firmware Mdm9607 Firmware +22
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2018-11862 HIGH This Week

Buffer overflow can happen in WLAN module due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850, SDA660. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Sd 845 Firmware Sd 850 Firmware Sda660 Firmware
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2018-11861 HIGH This Week

Buffer overflow can happen in WLAN function due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850, SDA660. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Sd 845 Firmware Sd 850 Firmware Sda660 Firmware
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2018-11859 HIGH This Week

Buffer overwrite can happen in WLAN due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Sd 845 Firmware Sd 850 Firmware
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2018-11858 HIGH This Week

When processing IE set command, buffer overwrite may occur due to lack of input validation of the IE length in Snapdragon Mobile in version SD 835, SD 845, SD 850. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Sd 835 Firmware Sd 845 Firmware Sd 850 Firmware
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2018-11857 HIGH This Week

Improper input validation in WLAN encrypt/decrypt module can lead to a buffer copy in Snapdragon Mobile in version SD 835, SD 845, SD 850. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Sd 835 Firmware Sd 845 Firmware Sd 850 Firmware
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2018-11856 HIGH This Week

Improper input validation leads to buffer overwrite in the WLAN function that handles WMI commands in Snapdragon Mobile in version SD 835, SD 845, SD 850. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Sd 835 Firmware Sd 845 Firmware Sd 850 Firmware
NVD
CVSS 3.0
7.8
EPSS
0.3%
CVE-2018-5866 HIGH This Week

While processing logs, data is copied into a buffer pointed to by an untrusted pointer in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Mdm9206 Firmware Mdm9607 Firmware Mdm9650 Firmware +13
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2018-11951 MEDIUM This Month

Improper access control in core module lead XBL_LOADER performs the ZI region clear for QTEE instead of XBL_SEC in Snapdragon Mobile in version SD 845, SD 850. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Sd 845 Firmware Sd 850 Firmware
NVD
CVSS 3.0
5.5
EPSS
0.2%
CVE-2018-11950 HIGH This Week

Unapproved TrustZone applications can be loaded and executed in Snapdragon Mobile in version SD 845, SD 850. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Sd 845 Firmware Sd 850 Firmware
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2018-11854 HIGH This Week

Lack of check of valid length of input parameter may cause buffer overwrite in WLAN in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Sd 835 Firmware Sd 845 Firmware Sd 850 Firmware +1
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2018-11853 HIGH This Week

Lack of check on out of range for channels When processing channel list set command will lead to buffer flow in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9650, SD. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Ipq8074 Firmware Mdm9206 Firmware Mdm9607 Firmware +20
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2018-11850 HIGH This Week

Lack of check on remaining length parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Mdm9206 Firmware Mdm9607 Firmware Mdm9640 Firmware +21
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2018-11849 HIGH This Week

Lack of check on out of range of bssid parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Ipq8074 Firmware Mdm9206 Firmware Mdm9607 Firmware +40
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2018-11846 MEDIUM This Month

The use of a non-time-constant memory comparison operation can lead to timing/side channel attacks in Snapdragon Mobile in version SD 210/SD 212/SD 205, SD 845, SD 850. Rated medium severity (CVSS 4.7). No vendor patch available.

Qualcomm Information Disclosure Sd 210 Firmware Sd 212 Firmware Sd 205 Firmware +2
NVD
CVSS 3.0
4.7
EPSS
0.2%
CVE-2018-11824 HIGH This Week

A stack-based buffer overflow can occur in a firmware routine in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SD 845, SD 850, SDA660. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Qualcomm Buffer Overflow Mdm9206 Firmware Mdm9607 Firmware +8
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2018-11822 HIGH This Week

A possible integer overflow may happen in WLAN during memory allocation in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Qualcomm Buffer Overflow Sd 835 Firmware Sd 845 Firmware +2
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2018-11821 HIGH This Week

Possible integer overflow may happen in WLAN during memory allocation in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9650, SD 425, SD 427, SD 430, SD 435, SD 450, SD. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Qualcomm Buffer Overflow Ipq8074 Firmware Mdm9206 Firmware +19
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2018-11259 HIGH This Week

Due to Improper Access Control of NAND-based EFS in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear, From fastboot on a NAND-based device, the EFS partition can be erased. Rated high severity (CVSS 7.7), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Mdm9206 Firmware Mdm9607 Firmware Mdm9635M Firmware +35
NVD
CVSS 3.0
7.7
EPSS
0.2%
CVE-2018-11257 HIGH This Week

Permissions, Privileges, and Access Controls in TA in Snapdragon Mobile has an options that allows RPMB erase for secure devices in versions SD 210/SD 212/SD 205, SD 845, SD 850. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Sd 210 Firmware Sd 212 Firmware Sd 205 Firmware +2
NVD
CVSS 3.0
7.8
EPSS
0.2%
CVE-2018-3593 CRITICAL Act Now

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 425,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Qualcomm Mdm9206 Firmware Mdm9607 Firmware +23
NVD
CVSS 3.0
9.8
EPSS
1.3%
CVE-2018-3592 CRITICAL Act Now

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Null Pointer Dereference Denial Of Service Qualcomm Mdm9206 Firmware +20
NVD
CVSS 3.0
9.8
EPSS
1.3%
CVE-2018-3589 CRITICAL Act Now

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile MDM9650, MDM9655, SD 835, SD 845, SD 850, the vswr capture size is larger than the maximum size of a diag logPacket,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Qualcomm Buffer Overflow Mdm9650 Firmware Mdm9655 Firmware +3
NVD
CVSS 3.0
9.8
EPSS
1.4%
EPSS 2% CVSS 9.8
CRITICAL Act Now

An unprivileged user can craft a bitstream such that the payload encoded in the bitstream gains code execution in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qualcomm RCE Msm8909W Firmware +34
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Kernel can write to arbitrary memory address passed by user while freeing/stopping a thread in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in QCS605, SD. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Information Disclosure Qcs605 Firmware +11
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Buffer overflow can occur if invalid header tries to overwrite the existing buffer which fix size allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow Qualcomm Mdm9150 Firmware +32
NVD
EPSS 0% CVSS 7.8
HIGH PATCH This Week

Possibility of double free issue while running multiple instances of smp2p test because of proper protection is missing while using global variable in Snapdragon Auto, Snapdragon Compute, Snapdragon. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Qualcomm Information Disclosure Mdm9150 Firmware +37
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

Possible integer underflow can happen when calculating length of elementary stream map from invalid packet length which is later used to read from input buffer in Snapdragon Auto, Snapdragon Compute,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Qualcomm Information Disclosure +41
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Possible integer underflow can happen when calculating length of elementary stream info from invalid section length which is later used to read from input buffer in Snapdragon Auto, Snapdragon. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Integer Overflow Qualcomm Information Disclosure +41
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Possible buffer overflow in DRM Trusted application due to lack of check function return values in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Mdm9206 Firmware +29
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Possible buffer overflow in OEM crypto function due to improper input validation in Snapdragon Automobile, Snapdragon Mobile in versions MSM8996AU, SD 425, SD 430, SD 450, SD 625, SD 820, SD 820A, SD. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Msm8996au Firmware +13
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Buffer overread while decoding PDP modify request or network initiated secondary PDP activation in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9615,. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Qualcomm +35
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Potential buffer overflow in Video due to lack of input validation in input and output values in Snapdragon Automobile, Snapdragon Mobile in MSM8996AU, SD 450, SD 625, SD 820, SD 820A, SD 835, SD. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Msm8996au Firmware +8
NVD
EPSS 0% CVSS 7.8
HIGH This Week

SMMU secure camera logic allows secure camera controllers to access HLOS memory during session in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Mdm9206 Firmware +19
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Failure condition is not handled properly and the correct error code is not returned. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Mdm9206 Firmware +28
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Improper input validation leads to buffer overflow while processing network list offload command in WLAN function in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Sd 835 Firmware +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Incorrect bound check can lead to potential buffer overwrite in WLAN controller in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Sd 835 Firmware +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Incorrect bound check can lead to potential buffer overwrite in WLAN function in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Sd 835 Firmware +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

When the buffer length passed is very large in WLAN, bounds check could be bypassed leading to potential buffer overwrite in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Sd 835 Firmware +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Lack of input validation while copying to buffer in WLAN will lead to a buffer overflow in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Sd 835 Firmware +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Lack of check of buffer size before copying in a WLAN function can lead to a buffer overflow in Snapdragon Mobile in version SD 845, SD 850. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Sd 845 Firmware +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Buffer overflow if the length of passphrase is more than 32 when setting up secure NDP connection in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Sd 835 Firmware +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Improper input validation leads to buffer overwrite in the WLAN function that handles WMI commands in Snapdragon Mobile in version SD 845, SD 850, SDA660. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Sd 845 Firmware +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Buffer overwrite can happen in WLAN function while processing set pdev parameter command due to lack of input validation in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Ipq4019 Firmware +48
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Buffer overwrite can occur when the legacy rates count received from the host is not checked against the maximum number of legacy rates in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Mdm9206 Firmware +29
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Integer overflow may happen in WLAN when calculating an internal structure size due to lack of validation of the input length in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Qualcomm Buffer Overflow +25
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Integer overflow may happen when calculating an internal structure size due to lack of validation of the input length in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Qualcomm Buffer Overflow +24
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Buffer overflow can happen in WLAN module due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850, SDA660. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Sd 845 Firmware +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Buffer overflow can happen in WLAN function due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850, SDA660. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Sd 845 Firmware +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Buffer overwrite can happen in WLAN due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Sd 845 Firmware +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

When processing IE set command, buffer overwrite may occur due to lack of input validation of the IE length in Snapdragon Mobile in version SD 835, SD 845, SD 850. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Sd 835 Firmware +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Improper input validation in WLAN encrypt/decrypt module can lead to a buffer copy in Snapdragon Mobile in version SD 835, SD 845, SD 850. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Sd 835 Firmware +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Improper input validation leads to buffer overwrite in the WLAN function that handles WMI commands in Snapdragon Mobile in version SD 835, SD 845, SD 850. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Sd 835 Firmware +2
NVD
EPSS 0% CVSS 7.8
HIGH This Week

While processing logs, data is copied into a buffer pointed to by an untrusted pointer in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Mdm9206 Firmware +15
NVD
EPSS 0% CVSS 5.5
MEDIUM This Month

Improper access control in core module lead XBL_LOADER performs the ZI region clear for QTEE instead of XBL_SEC in Snapdragon Mobile in version SD 845, SD 850. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Sd 845 Firmware +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Unapproved TrustZone applications can be loaded and executed in Snapdragon Mobile in version SD 845, SD 850. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Sd 845 Firmware +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Lack of check of valid length of input parameter may cause buffer overwrite in WLAN in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Sd 835 Firmware +3
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Lack of check on out of range for channels When processing channel list set command will lead to buffer flow in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9650, SD. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Ipq8074 Firmware +22
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Lack of check on remaining length parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Mdm9206 Firmware +23
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Lack of check on out of range of bssid parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206,. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Qualcomm Buffer Overflow Ipq8074 Firmware +42
NVD
EPSS 0% CVSS 4.7
MEDIUM This Month

The use of a non-time-constant memory comparison operation can lead to timing/side channel attacks in Snapdragon Mobile in version SD 210/SD 212/SD 205, SD 845, SD 850. Rated medium severity (CVSS 4.7). No vendor patch available.

Qualcomm Information Disclosure Sd 210 Firmware +4
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A stack-based buffer overflow can occur in a firmware routine in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SD 845, SD 850, SDA660. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Qualcomm Buffer Overflow +10
NVD
EPSS 0% CVSS 7.8
HIGH This Week

A possible integer overflow may happen in WLAN during memory allocation in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Qualcomm Buffer Overflow +4
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Possible integer overflow may happen in WLAN during memory allocation in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9650, SD 425, SD 427, SD 430, SD 435, SD 450, SD. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Qualcomm Buffer Overflow +21
NVD
EPSS 0% CVSS 7.7
HIGH This Week

Due to Improper Access Control of NAND-based EFS in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear, From fastboot on a NAND-based device, the EFS partition can be erased. Rated high severity (CVSS 7.7), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Mdm9206 Firmware +37
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Permissions, Privileges, and Access Controls in TA in Snapdragon Mobile has an options that allows RPMB erase for secure devices in versions SD 210/SD 212/SD 205, SD 845, SD 850. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Qualcomm Sd 210 Firmware +4
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 425,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Information Disclosure Qualcomm +25
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Null Pointer Dereference Denial Of Service +22
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile MDM9650, MDM9655, SD 835, SD 845, SD 850, the vswr capture size is larger than the maximum size of a diag logPacket,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Google Qualcomm Buffer Overflow +5
NVD
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy