Every CVE whose affected-product data names Qualcomm Apq8009, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (20)
CVE-2020-3691 — CVSS 9.8 (critical): Possible out of bound memory access in audio due to integer underflow while processing modified contents in Snapdragon Auto, Snapdragon…
CVE-2020-11137 — CVSS 9.8 (critical): Integer multiplication overflow resulting in lower buffer size allocation than expected causes memory access out of bounds resulting in…
CVE-2020-11138 — CVSS 9.8 (critical): Uninitialized pointers accessed during music play back with incorrect bit stream due to an uninitialized heap memory result in instability…
CVE-2020-11143 — CVSS 9.8 (critical): Out of bound memory access during music playback with modified content due to copying data without checking destination buffer size in…
CVE-2020-11197 — CVSS 9.8 (critical): Possible integer overflow can occur when stream info update is called when total number of streams detected are zero while parsing TS clip…
CVE-2020-11212 — CVSS 9.8 (critical): Out of bounds reads while parsing NAN beacons attributes and OUIs due to improper length of field check in Snapdragon Auto, Snapdragon…
CVE-2020-11213 — CVSS 9.8 (critical): Out of bound reads might occur in while processing Service descriptor due to improper validation of length of fields in Snapdragon Auto…
CVE-2020-11216 — CVSS 9.8 (critical): Buffer over read can happen in video driver when playing clip with atomsize having value UINT32_MAX in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11283 — CVSS 9.8 (critical): A buffer overflow can occur when playing an MKV clip due to lack of input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2020-3686 — CVSS 9.8 (critical): Possible memory out of bound issue during music playback when an incorrect bit stream content is copied into array without checking the…
CVE-2020-11136 — CVSS 9.8 (critical): Buffer Over-read in audio driver while using malloc management function due to not returning NULL for zero sized memory requirement in…
CVE-2020-11144 — CVSS 9.1 (critical): Buffer over-read while UE process invalid DL ROHC packet for decompression due to lack of check of size of compresses packet in Snapdragon…
CVE-2020-11282 — CVSS 7.8 (high): Improper access control when using mmap with the kgsl driver with a special offset value that can be provided to map the memstore of the…
CVE-2020-3622 — CVSS 7.8 (high): u'Channel name string which has been read from shared memory is potentially subjected to string manipulations but not validated for NULL…
CVE-2020-11268 — CVSS 7.5 (high): Potential UE reset while decoding a crafted Sib1 or SIB1 that schedules unsupported SIBs and can lead to denial of service in Snapdragon…
CVE-2020-11145 — CVSS 7.5 (high): Divide by zero issue can happen while updating delta extension header due to improper validation of master SN and extension header SN in…
CVE-2020-3685 — CVSS 7.5 (high): Pointer variable which is freed is not cleared can result in memory corruption and leads to denial of service in Snapdragon Auto…
CVE-2020-11179 — CVSS 7.0 (high): Arbitrary read and write to kernel addresses by temporarily overwriting ring buffer pointer and creating a race condition. in Snapdragon…
CVE-2020-11286 — CVSS 6.8 (medium): An Untrusted Pointer Dereference can occur while doing USB control transfers, if multiple requests of different standard request categories…
CVE-2020-11183 — CVSS 6.7 (medium): A process can potentially cause a buffer overflow in the display service allowing privilege escalation by executing code as that service in…