Vulnerabilities (CVE)

Filtered by vendor Qualcomm Subscribe
Filtered by product Mdm9205 Firmware
Total 197 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-11289 1 Qualcomm 992 Apq8009, Apq8009 Firmware, Apq8017 and 989 more 2024-11-21 7.2 HIGH 7.8 HIGH
Out of bound write can occur in TZ command handler due to lack of validation of command ID in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CVE-2020-11288 1 Qualcomm 636 Aqt1000, Aqt1000 Firmware, Ar8031 and 633 more 2024-11-21 7.2 HIGH 7.8 HIGH
Out of bound write can occur in playready while processing command due to lack of input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CVE-2020-11285 1 Qualcomm 800 Apq8009, Apq8009 Firmware, Apq8009w and 797 more 2024-11-21 9.4 HIGH 8.2 HIGH
Buffer over-read while unpacking the RTCP packet we may read extra byte if wrong length is provided in RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11279 1 Qualcomm 816 Apq8009, Apq8009 Firmware, Apq8009w and 813 more 2024-11-21 10.0 HIGH 7.5 HIGH
Memory corruption while processing crafted SDES packets due to improper length check in sdes packets recieved in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11269 1 Qualcomm 1074 Apq8009, Apq8009 Firmware, Apq8009w and 1071 more 2024-11-21 8.3 HIGH 8.8 HIGH
Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CVE-2020-11255 1 Qualcomm 688 Apq8009, Apq8009 Firmware, Apq8017 and 685 more 2024-11-21 7.8 HIGH 7.5 HIGH
Denial of service while processing RTCP packets containing multiple SDES reports due to memory for last SDES packet is freed and rest of the memory is leaked in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables
CVE-2020-11252 1 Qualcomm 620 Aqt1000, Aqt1000 Firmware, Ar8031 and 617 more 2024-11-21 4.7 MEDIUM 7.2 HIGH
Trustzone initialization code will disable xPU`s when memory dumps are enabled and lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CVE-2020-11251 1 Qualcomm 802 Apq8009, Apq8009 Firmware, Apq8009w and 799 more 2024-11-21 9.4 HIGH 8.2 HIGH
Out-of-bounds read vulnerability while accessing DTMF payload due to lack of check of buffer length before copying in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11227 1 Qualcomm 802 Apq8009, Apq8009 Firmware, Apq8009w and 799 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
Out of bound write while parsing RTT/TTY packet parsing due to lack of check of buffer size before copying into buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11226 1 Qualcomm 802 Apq8009, Apq8009 Firmware, Apq8009w and 799 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
Out of bound memory read in Data modem while unpacking data due to lack of offset length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11221 1 Qualcomm 802 Apq8009, Apq8009 Firmware, Apq8009w and 799 more 2024-11-21 2.1 LOW 5.5 MEDIUM
Usage of syscall by non-secure entity can allow extraction of secure QTEE diagnostic information in clear text form due to insufficient checks in the syscall handler and leads to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CVE-2020-11204 1 Qualcomm 1038 Apq8009, Apq8009 Firmware, Apq8016 and 1035 more 2024-11-21 7.2 HIGH 7.8 HIGH
Possible memory corruption and information leakage in sub-system due to lack of check for validity and boundary compliance for parameters that are read from shared MSG RAM in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CVE-2020-11199 1 Qualcomm 802 Apq8009, Apq8009 Firmware, Apq8009w and 799 more 2024-11-21 2.1 LOW 5.5 MEDIUM
HLOS to access EL3 stack canary by just mapping imem region due to Improper access control and can lead to information exposure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CVE-2020-11195 1 Qualcomm 786 Apq8009, Apq8009 Firmware, Apq8016 and 783 more 2024-11-21 7.2 HIGH 7.8 HIGH
Out of bound write and read in TA while processing command from NS side due to improper length check on command and response buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CVE-2020-11191 1 Qualcomm 952 Apq8009, Apq8009 Firmware, Apq8009w and 949 more 2024-11-21 9.4 HIGH 8.2 HIGH
Out of bound read occurs while processing crafted SDP due to lack of check of null string in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CVE-2020-11190 1 Qualcomm 802 Apq8009, Apq8009 Firmware, Apq8009w and 799 more 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11189 1 Qualcomm 802 Apq8009, Apq8009 Firmware, Apq8009w and 799 more 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11188 1 Qualcomm 796 Apq8009, Apq8009 Firmware, Apq8009w and 793 more 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11178 1 Qualcomm 574 Aqt1000, Aqt1000 Firmware, Ar8031 and 571 more 2024-11-21 7.2 HIGH 7.8 HIGH
Trusted APPS to overwrite the CPZ memory of another use-case as TZ only checks the physical address not overlapping with its memory and its RoT memory in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CVE-2020-11177 1 Qualcomm 814 Apq8009, Apq8009 Firmware, Apq8009w and 811 more 2024-11-21 7.2 HIGH 8.8 HIGH
User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device lock in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables