Total
723 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-11143 | 1 Qualcomm | 494 Apq8009, Apq8017, Apq8030 and 491 more | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
Out of bound memory access during music playback with modified content due to copying data without checking destination buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11166 | 1 Qualcomm | 816 Apq8009, Apq8009 Firmware, Apq8009w and 813 more | 2024-02-28 | 6.4 MEDIUM | 9.1 CRITICAL |
Potential out of bound read exception when UE receives unusually large number of padding octets in the beginning of ROHC header in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2020-11286 | 1 Qualcomm | 135 Apq8009, Apq8009w, Apq8017 and 132 more | 2024-02-28 | 4.6 MEDIUM | 6.8 MEDIUM |
An Untrusted Pointer Dereference can occur while doing USB control transfers, if multiple requests of different standard request categories like device, interface & endpoint are made together. in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2020-11214 | 1 Qualcomm | 349 Aqt1000, Ar8031, Ar8035 and 346 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Buffer over-read while processing NDL attribute if attribute length is larger than expected and then FW is treating it as more number of immutable schedules in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11299 | 1 Qualcomm | 762 Apq8009, Apq8009 Firmware, Apq8009w and 759 more | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
Buffer overflow can occur in video while playing the non-standard clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2020-3686 | 1 Qualcomm | 492 Apq8009, Apq8009w, Apq8017 and 489 more | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
Possible memory out of bound issue during music playback when an incorrect bit stream content is copied into array without checking the length of array in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11228 | 1 Qualcomm | 262 Aqt1000, Aqt1000 Firmware, Ar8035 and 259 more | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
Part of RPM region was not protected from xblSec itself due to improper policy and leads to unprivileged access in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11305 | 1 Qualcomm | 40 Apq8009, Apq8009 Firmware, Apq8053 and 37 more | 2024-02-28 | 4.6 MEDIUM | 6.8 MEDIUM |
Integer overflow in boot due to improper length check on arguments received in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music | |||||
CVE-2020-11136 | 1 Qualcomm | 506 Apq8009, Apq8009w, Apq8017 and 503 more | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
Buffer Over-read in audio driver while using malloc management function due to not returning NULL for zero sized memory requirement in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11283 | 1 Qualcomm | 379 Apq8009, Apq8009w, Apq8017 and 376 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
A buffer overflow can occur when playing an MKV clip due to lack of input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2020-11197 | 1 Qualcomm | 370 Apq8009, Apq8009w, Apq8017 and 367 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Possible integer overflow can occur when stream info update is called when total number of streams detected are zero while parsing TS clip with invalid data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2020-11138 | 1 Qualcomm | 491 Apq8009, Apq8009w, Apq8017 and 488 more | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
Uninitialized pointers accessed during music play back with incorrect bit stream due to an uninitialized heap memory result in instability in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11145 | 1 Qualcomm | 413 Apq8009, Apq8009w, Apq8017 and 410 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Divide by zero issue can happen while updating delta extension header due to improper validation of master SN and extension header SN in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2020-11170 | 1 Qualcomm | 1010 Apq8009, Apq8009 Firmware, Apq8009w and 1007 more | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11203 | 1 Qualcomm | 286 Apq8009w, Apq8009w Firmware, Apq8064au and 283 more | 2024-02-28 | 3.6 LOW | 7.1 HIGH |
Stack overflow may occur if GSM/WCDMA broadcast config size received from user is larger than variable length array in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | |||||
CVE-2020-11171 | 1 Qualcomm | 770 Apq8009, Apq8009 Firmware, Apq8009w and 767 more | 2024-02-28 | 6.4 MEDIUM | 9.1 CRITICAL |
Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2020-11146 | 1 Qualcomm | 314 Apq8076, Aqt1000, Ar8031 and 311 more | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
Out of bound write while copying data using IOCTL due to lack of check of array index received from user in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2020-11269 | 1 Qualcomm | 1074 Apq8009, Apq8009 Firmware, Apq8009w and 1071 more | 2024-02-28 | 8.3 HIGH | 8.8 HIGH |
Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
CVE-2020-11309 | 1 Qualcomm | 802 Apq8009, Apq8009 Firmware, Apq8009w and 799 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
Use after free in GPU driver while mapping the user memory to GPU memory due to improper check of referenced memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2020-11200 | 1 Qualcomm | 330 Apq8053, Apq8064au, Apq8096au and 327 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Buffer over-read while parsing RPS due to lack of check of input validation on values received from user side. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile |