Vulnerabilities (CVE)

Filtered by vendor Qualcomm Subscribe
Total 2008 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-10429 1 Qualcomm 64 Fsm9055, Fsm9055 Firmware, Ipq4019 and 61 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear FSM9055, IPQ4019, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, and SDX20, three image types are loaded in the same manner without distinguishing them.
CVE-2016-10428 1 Qualcomm 16 Sd 425, Sd 425 Firmware, Sd 430 and 13 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, HMAC verification in counter file uses an insecure memcmp which may assist a timing attack.
CVE-2016-10427 1 Qualcomm 68 Mdm9206, Mdm9206 Firmware, Mdm9607 and 65 more 2024-11-21 7.8 HIGH 7.5 HIGH
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, improper boundary check in RLC AM module leads to denial of service by reaching assertion.
CVE-2016-10426 1 Qualcomm 24 Sd 410, Sd 410 Firmware, Sd 412 and 21 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 410/12, SD 425, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 810, SD 820, and SD 820A, a buffer overflow can occur in SafeSwitch.
CVE-2016-10425 1 Qualcomm 46 Mdm9206, Mdm9206 Firmware, Sd 205 and 43 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, and SD 835, if GPT listener response is passed a large buffer offset, a buffer overflow occurs.
CVE-2016-10424 1 Qualcomm 48 Mdm9206, Mdm9206 Firmware, Mdm9650 and 45 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 820, SD 820A, SD 835, SD 845, and SD 850, upgrading LibPNG from 1.6.12 to 1.6.21 fixes multiple issues with different CWEs.
CVE-2016-10423 1 Qualcomm 16 Sd 425, Sd 425 Firmware, Sd 430 and 13 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, when a Trusted Application has opened the SPI interface to a particular device, it is possible for another Trusted Application to read the data on this open interface due to non-exclusive access of the SPI bus.
CVE-2016-10422 1 Qualcomm 60 Fsm9055, Fsm9055 Firmware, Ipq4019 and 57 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear FSM9055, IPQ4019, MDM9206, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, improper access control in system call leads to unauthorized access.
CVE-2016-10421 1 Qualcomm 68 Mdm9206, Mdm9206 Firmware, Mdm9607 and 65 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, key material is not always cleared properly.
CVE-2016-10420 1 Qualcomm 52 Mdm9206, Mdm9206 Firmware, Mdm9607 and 49 more 2024-11-21 7.1 HIGH 5.5 MEDIUM
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, while playing back a .flv clip which doesn't have an inbuilt seek table, a dynamic index table access is out of bounds and leads to crash.
CVE-2016-10419 1 Qualcomm 26 Mdm9640, Mdm9640 Firmware, Mdm9645 and 23 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9640, MDM9645, MDM9650, MDM9655, SD 450, SD 625, SD 650/52, SD 820, SD 835, SD 845, SD 850, and SDX20, when initializing scheduler object service request, an out of bounds access could occur due to uninitialized object number.
CVE-2016-10418 1 Qualcomm 28 Mdm9206, Mdm9206 Firmware, Mdm9650 and 25 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A, and SD 835, HLOS can enable PMIC debug through TCSR_QPDI_DISABLE_CFG due to improper access control.
CVE-2016-10417 1 Qualcomm 64 Ipq4019, Ipq4019 Firmware, Mdm9206 and 61 more 2024-11-21 9.3 HIGH 8.1 HIGH
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, and SDX20, in QTEE, a TOCTOU vulnerability exists due to improper access control.
CVE-2016-10416 1 Qualcomm 58 Mdm9206, Mdm9206 Firmware, Mdm9607 and 55 more 2024-11-21 7.8 HIGH 7.5 HIGH
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, and SD 820, UE crash is seen due to IPCMem exhaustion, when UDP data is pumped to UE's ULP (UserPlane Location protocol) UDP port 7275.
CVE-2016-10415 1 Qualcomm 56 Mdm9206, Mdm9206 Firmware, Mdm9607 and 53 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, dereference of an invalid input parameter could cause a denial of service.
CVE-2016-10414 1 Qualcomm 68 Mdm9206, Mdm9206 Firmware, Mdm9607 and 65 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, when a hash is passed with zero datalength, the code returns an error, even though zero data length is valid.
CVE-2016-10412 1 Qualcomm 62 Fsm9055, Fsm9055 Firmware, Mdm9206 and 59 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Mobile, and Snapdragon Wear FSM9055, MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, an integer overflow leading to buffer overflow can potentially occur in a memory API function.
CVE-2016-10411 1 Qualcomm 40 Sd 205, Sd 205 Firmware, Sd 210 and 37 more 2024-11-21 7.8 HIGH 7.5 HIGH
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, and SD 835, RTP daemon crashes and terminates VT call when UE receives RTCP unknown APP packet report which caused the parser to miss an end of RTCP packet length and go on forever looking for it, even going beyond the limits of the RTCP Packet length.
CVE-2016-10410 1 Qualcomm 68 Mdm9206, Mdm9206 Firmware, Mdm9607 and 65 more 2024-11-21 10.0 HIGH 9.8 CRITICAL
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, buffer overflow vulnerability in RTP during Volte call.
CVE-2016-10409 1 Qualcomm 18 Sd 425, Sd 425 Firmware, Sd 430 and 15 more 2024-11-21 9.3 HIGH 8.1 HIGH
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A, and SD 835, TOCTOU vulnerability may occur while composing the RPMB request using HLOS controlled buffers.