Vulnerabilities (CVE)

Filtered by vendor Qualcomm Subscribe
Filtered by product Sd845 Firmware
Total 226 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-11251 1 Qualcomm 802 Apq8009, Apq8009 Firmware, Apq8009w and 799 more 2024-11-21 9.4 HIGH 8.2 HIGH
Out-of-bounds read vulnerability while accessing DTMF payload due to lack of check of buffer length before copying in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11250 1 Qualcomm 720 Apq8009w, Apq8009w Firmware, Apq8017 and 717 more 2024-11-21 6.9 MEDIUM 7.0 HIGH
Use after free due to race condition when reopening the device driver repeatedly in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CVE-2020-11247 1 Qualcomm 638 Apq8009, Apq8009 Firmware, Apq8009w and 635 more 2024-11-21 9.4 HIGH 8.2 HIGH
Out of bound memory read while unpacking data due to lack of offset length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11246 1 Qualcomm 634 Apq8017, Apq8017 Firmware, Apq8037 and 631 more 2024-11-21 7.2 HIGH 8.4 HIGH
A double free condition can occur when the device moves to suspend mode during secure playback in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CVE-2020-11241 1 Qualcomm 852 Apq8009, Apq8009 Firmware, Apq8096au and 849 more 2024-11-21 7.8 HIGH 7.5 HIGH
Out of bound read will happen if EAPOL Key length is less than expected while processing NAN shared key descriptor attribute in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CVE-2020-11240 1 Qualcomm 686 Apq8009w, Apq8009w Firmware, Apq8017 and 683 more 2024-11-21 7.2 HIGH 7.8 HIGH
Memory corruption due to ioctl command size was incorrectly set to the size of a pointer and not enough storage is allocated for the copy of the user argument in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11239 1 Qualcomm 812 Apq8009, Apq8009 Firmware, Apq8009w and 809 more 2024-11-21 7.2 HIGH 7.8 HIGH
Use after free issue when importing a DMA buffer by using the CPU address of the buffer due to attachment is not cleaned up properly in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11238 1 Qualcomm 804 Aqt1000, Aqt1000 Firmware, Ar8031 and 801 more 2024-11-21 7.8 HIGH 7.5 HIGH
Possible Buffer over-read in ARP/NS parsing due to lack of check of packet length received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CVE-2020-11235 1 Qualcomm 1076 Apq8009, Apq8009 Firmware, Apq8017 and 1073 more 2024-11-21 7.2 HIGH 7.8 HIGH
Buffer overflow might occur while parsing unified command due to lack of check of input data received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CVE-2020-11234 1 Qualcomm 674 Apq8009, Apq8009 Firmware, Apq8009w and 671 more 2024-11-21 7.2 HIGH 8.4 HIGH
When sending a socket event message to a user application, invalid information will be passed if socket is freed by other thread resulting in a Use After Free condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11227 1 Qualcomm 802 Apq8009, Apq8009 Firmware, Apq8009w and 799 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
Out of bound write while parsing RTT/TTY packet parsing due to lack of check of buffer size before copying into buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11226 1 Qualcomm 802 Apq8009, Apq8009 Firmware, Apq8009w and 799 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
Out of bound memory read in Data modem while unpacking data due to lack of offset length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11222 1 Qualcomm 548 Apq8017, Apq8017 Firmware, Apq8053 and 545 more 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
Buffer over read while processing MT SMS with maximum length due to improper length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile
CVE-2020-11221 1 Qualcomm 802 Apq8009, Apq8009 Firmware, Apq8009w and 799 more 2024-11-21 2.1 LOW 5.5 MEDIUM
Usage of syscall by non-secure entity can allow extraction of secure QTEE diagnostic information in clear text form due to insufficient checks in the syscall handler and leads to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CVE-2020-11218 1 Qualcomm 548 Apq8017, Apq8017 Firmware, Apq8053 and 545 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
Denial of service in baseband when NW configures LTE betaOffset-RI-Index due to lack of data validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CVE-2020-11204 1 Qualcomm 1038 Apq8009, Apq8009 Firmware, Apq8016 and 1035 more 2024-11-21 7.2 HIGH 7.8 HIGH
Possible memory corruption and information leakage in sub-system due to lack of check for validity and boundary compliance for parameters that are read from shared MSG RAM in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CVE-2020-11199 1 Qualcomm 802 Apq8009, Apq8009 Firmware, Apq8009w and 799 more 2024-11-21 2.1 LOW 5.5 MEDIUM
HLOS to access EL3 stack canary by just mapping imem region due to Improper access control and can lead to information exposure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CVE-2020-11198 1 Qualcomm 602 Aqt1000, Aqt1000 Firmware, Ar8031 and 599 more 2024-11-21 7.2 HIGH 6.7 MEDIUM
Key material used for TZ diag buffer encryption and other data related to log buffer is not wiped securely due to improper usage of memset in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CVE-2020-11195 1 Qualcomm 786 Apq8009, Apq8009 Firmware, Apq8016 and 783 more 2024-11-21 7.2 HIGH 7.8 HIGH
Out of bound write and read in TA while processing command from NS side due to improper length check on command and response buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CVE-2020-11192 1 Qualcomm 738 Apq8009, Apq8009 Firmware, Apq8009w and 735 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
Out of bound write while parsing SDP string due to missing check on null termination in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables