Filtered by vendor Qualcomm
Subscribe
Total
2008 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-11289 | 1 Qualcomm | 84 Ipq8074, Ipq8074 Firmware, Mdm9150 and 81 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Data truncation during higher to lower type conversion which causes less memory allocation than desired can lead to a buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in versions IPQ8074, MDM9150, MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, QCA8081, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130. | |||||
| CVE-2018-11288 | 1 Qualcomm | 40 Mdm9206, Mdm9206 Firmware, Mdm9607 and 37 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Possible undefined behavior due to lack of size check in function for parameter segment_idx can lead to a read outside of the intended region in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDX24, SXR1130 | |||||
| CVE-2018-11287 | 1 Qualcomm | 58 Mdm9206, Mdm9206 Firmware, Mdm9607 and 55 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016, incorrect control flow implementation in Video while checking buffer sufficiency. | |||||
| CVE-2018-11285 | 1 Qualcomm | 64 Mdm9206, Mdm9206 Firmware, Mdm9607 and 61 more | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016, while parsing FLAC file with corrupted picture block, a buffer over-read can occur. | |||||
| CVE-2018-11284 | 1 Qualcomm | 24 Mdm9206, Mdm9206 Firmware, Mdm9607 and 21 more | 2024-11-21 | 8.5 HIGH | 9.3 CRITICAL |
| Spoofed SMS can be used to send a large number of messages to the device which will in turn initiate a flood of registration updates with the server in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 625, SD 636, SDA660, SDM630, SDM660, SDX20 | |||||
| CVE-2018-11279 | 1 Qualcomm | 92 Mdm9206, Mdm9206 Firmware, Mdm9607 and 89 more | 2024-11-21 | 8.3 HIGH | 8.8 HIGH |
| Lack of check of input size can make device memory get corrupted because of buffer overflow in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130 | |||||
| CVE-2018-11277 | 1 Qualcomm | 40 Msm8909w, Msm8909w Firmware, Msm8996au and 37 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| In Snapdragon (Automobile, Mobile, Wear) in version MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SDA660, the com.qualcomm.embms is a vendor package deployed in the system image which has an inadequate permission level and allows any application installed from Play Store to request this permission at install-time. The system application interfaces with the Radio Interface Layer leading to potential access control issue. | |||||
| CVE-2018-11271 | 1 Qualcomm | 84 Mdm9206, Mdm9206 Firmware, Mdm9607 and 81 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Improper authentication can happen on Remote command handling due to inappropriate handling of events in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SM7150, Snapdragon_High_Med_2016, SXR1130 | |||||
| CVE-2018-11269 | 1 Qualcomm | 70 Mdm9206, Mdm9206 Firmware, Mdm9607 and 67 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016, a potential buffer overflow exists when parsing TFTP options. | |||||
| CVE-2018-11268 | 1 Qualcomm | 70 Mdm9206, Mdm9206 Firmware, Mdm9607 and 67 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016, a potential buffer overflow exists when parsing TFTP options. | |||||
| CVE-2018-11267 | 1 Qualcomm | 78 Mdm9206, Mdm9206 Firmware, Mdm9607 and 75 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9615, MDM9640, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016, when sending an malformed XML data to deviceprogrammer/firehose it may do an out of bounds buffer write allowing a region of memory to be filled with 0x20. | |||||
| CVE-2018-11264 | 1 Qualcomm | 38 Mdm9206, Mdm9206 Firmware, Mdm9607 and 35 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Possible buffer overflow in Ontario fingerprint code due to lack of input validation for the parameters coming into TZ from HLOS in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SDA660. | |||||
| CVE-2018-11259 | 1 Qualcomm | 76 Mdm9206, Mdm9206 Firmware, Mdm9607 and 73 more | 2024-11-21 | 3.6 LOW | 7.7 HIGH |
| Due to Improper Access Control of NAND-based EFS in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear, From fastboot on a NAND-based device, the EFS partition can be erased. Apps processor then has non-secure world full read/write access to the partition until the modem boots and configures the EFS partition addresses in its MPU partition. | |||||
| CVE-2018-11258 | 1 Qualcomm | 42 Mdm9206, Mdm9206 Firmware, Mdm9607 and 39 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| In ADSP RPC in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear, a Use After Free condition can occur in versions MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDX20. | |||||
| CVE-2018-11257 | 1 Qualcomm | 10 Sd 205, Sd 205 Firmware, Sd 210 and 7 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Permissions, Privileges, and Access Controls in TA in Snapdragon Mobile has an options that allows RPMB erase for secure devices in versions SD 210/SD 212/SD 205, SD 845, SD 850. | |||||
| CVE-2017-8276 | 1 Qualcomm | 66 Mdm9206, Mdm9206 Firmware, Mdm9607 and 63 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Improper authorization involving a fuse in TrustZone in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016. | |||||
| CVE-2017-8275 | 1 Qualcomm | 28 Sd 205, Sd 205 Firmware, Sd 210 and 25 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 820, SD 835, an integer overflow vulnerability exists in a video library. | |||||
| CVE-2017-8274 | 1 Qualcomm | 24 Mdm9206, Mdm9206 Firmware, Mdm9607 and 21 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, an access control vulnerability exists in Core. | |||||
| CVE-2017-8252 | 1 Qualcomm | 110 Ipq4019, Ipq4019 Firmware, Ipq8074 and 107 more | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| Kernel can inject faults in computations during the execution of TrustZone leading to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8074, MDM9150, MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCA8081, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24, SM7150, Snapdragon_High_Med_2016, SXR1130 | |||||
| CVE-2017-18696 | 3 Google, Qualcomm, Samsung | 4 Android, Msm8996, Exynos 7420 and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with M(6.0) and N(7.0) (Exynos7420, Exynos8890, or MSM8996 chipsets) software. RKP allows memory corruption. The Samsung ID is SVE-2016-7897 (January 2017). | |||||