Every CVE whose affected-product data names Qualcomm Apq8053, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (26)
CVE-2020-11136 — CVSS 9.8 (critical): Buffer Over-read in audio driver while using malloc management function due to not returning NULL for zero sized memory requirement in…
CVE-2020-11137 — CVSS 9.8 (critical): Integer multiplication overflow resulting in lower buffer size allocation than expected causes memory access out of bounds resulting in…
CVE-2020-11138 — CVSS 9.8 (critical): Uninitialized pointers accessed during music play back with incorrect bit stream due to an uninitialized heap memory result in instability…
CVE-2020-11140 — CVSS 9.8 (critical): Out of bound memory access during music playback with ALAC modified content due to improper validation in Snapdragon Auto, Snapdragon…
CVE-2020-11143 — CVSS 9.8 (critical): Out of bound memory access during music playback with modified content due to copying data without checking destination buffer size in…
CVE-2020-11167 — CVSS 9.8 (critical): Memory corruption while calculating L2CAP packet length in reassembly logic when remote sends more data than expected in Snapdragon Auto…
CVE-2020-11197 — CVSS 9.8 (critical): Possible integer overflow can occur when stream info update is called when total number of streams detected are zero while parsing TS clip…
CVE-2020-11212 — CVSS 9.8 (critical): Out of bounds reads while parsing NAN beacons attributes and OUIs due to improper length of field check in Snapdragon Auto, Snapdragon…
CVE-2020-11213 — CVSS 9.8 (critical): Out of bound reads might occur in while processing Service descriptor due to improper validation of length of fields in Snapdragon Auto…
CVE-2020-11216 — CVSS 9.8 (critical): Buffer over read can happen in video driver when playing clip with atomsize having value UINT32_MAX in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11283 — CVSS 9.8 (critical): A buffer overflow can occur when playing an MKV clip due to lack of input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2020-3686 — CVSS 9.8 (critical): Possible memory out of bound issue during music playback when an incorrect bit stream content is copied into array without checking the…
CVE-2020-3691 — CVSS 9.8 (critical): Possible out of bound memory access in audio due to integer underflow while processing modified contents in Snapdragon Auto, Snapdragon…
CVE-2020-11144 — CVSS 9.1 (critical): Buffer over-read while UE process invalid DL ROHC packet for decompression due to lack of check of size of compresses packet in Snapdragon…
CVE-2020-11282 — CVSS 7.8 (high): Improper access control when using mmap with the kgsl driver with a special offset value that can be provided to map the memstore of the…
CVE-2020-3622 — CVSS 7.8 (high): u'Channel name string which has been read from shared memory is potentially subjected to string manipulations but not validated for NULL…
CVE-2020-3685 — CVSS 7.5 (high): Pointer variable which is freed is not cleared can result in memory corruption and leads to denial of service in Snapdragon Auto…
CVE-2020-11139 — CVSS 7.5 (high): Out of bound memory access while processing frames due to lack of check of invalid frames received in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11200 — CVSS 7.5 (high): Buffer over-read while parsing RPS due to lack of check of input validation on values received from user side. in Snapdragon Auto…
CVE-2020-11145 — CVSS 7.5 (high): Divide by zero issue can happen while updating delta extension header due to improper validation of master SN and extension header SN in…
CVE-2020-11179 — CVSS 7.0 (high): Arbitrary read and write to kernel addresses by temporarily overwriting ring buffer pointer and creating a race condition. in Snapdragon…
CVE-2020-11286 — CVSS 6.8 (medium): An Untrusted Pointer Dereference can occur while doing USB control transfers, if multiple requests of different standard request categories…
CVE-2020-11148 — CVSS 6.7 (medium): Use after free issue in HIDL while using callback to post event in Rx thread when internal mutex is not acquired and meantime close is…
CVE-2020-11149 — CVSS 6.7 (medium): Out of bound access due to usage of an out-of-range pointer offset in the camera driver. in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2020-11183 — CVSS 6.7 (medium): A process can potentially cause a buffer overflow in the display service allowing privilege escalation by executing code as that service in…
CVE-2020-11152 — CVSS 6.4 (medium): Race condition in HAL layer while processing callback objects received from HIDL due to lack of synchronization between accessing objects…