Every CVE whose affected-product data names Qualcomm Apq8076, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (15)
CVE-2020-11136 — CVSS 9.8 (critical): Buffer Over-read in audio driver while using malloc management function due to not returning NULL for zero sized memory requirement in…
CVE-2020-11137 — CVSS 9.8 (critical): Integer multiplication overflow resulting in lower buffer size allocation than expected causes memory access out of bounds resulting in…
CVE-2020-11138 — CVSS 9.8 (critical): Uninitialized pointers accessed during music play back with incorrect bit stream due to an uninitialized heap memory result in instability…
CVE-2020-11140 — CVSS 9.8 (critical): Out of bound memory access during music playback with ALAC modified content due to improper validation in Snapdragon Auto, Snapdragon…
CVE-2020-11143 — CVSS 9.8 (critical): Out of bound memory access during music playback with modified content due to copying data without checking destination buffer size in…
CVE-2020-11212 — CVSS 9.8 (critical): Out of bounds reads while parsing NAN beacons attributes and OUIs due to improper length of field check in Snapdragon Auto, Snapdragon…
CVE-2020-11213 — CVSS 9.8 (critical): Out of bound reads might occur in while processing Service descriptor due to improper validation of length of fields in Snapdragon Auto…
CVE-2020-3686 — CVSS 9.8 (critical): Possible memory out of bound issue during music playback when an incorrect bit stream content is copied into array without checking the…
CVE-2020-3691 — CVSS 9.8 (critical): Possible out of bound memory access in audio due to integer underflow while processing modified contents in Snapdragon Auto, Snapdragon…
CVE-2020-11282 — CVSS 7.8 (high): Improper access control when using mmap with the kgsl driver with a special offset value that can be provided to map the memstore of the…
CVE-2020-11146 — CVSS 7.8 (high): Out of bound write while copying data using IOCTL due to lack of check of array index received from user in Snapdragon Auto, Snapdragon…
CVE-2020-11139 — CVSS 7.5 (high): Out of bound memory access while processing frames due to lack of check of invalid frames received in Snapdragon Auto, Snapdragon Compute…
CVE-2020-3685 — CVSS 7.5 (high): Pointer variable which is freed is not cleared can result in memory corruption and leads to denial of service in Snapdragon Auto…
CVE-2020-11286 — CVSS 6.8 (medium): An Untrusted Pointer Dereference can occur while doing USB control transfers, if multiple requests of different standard request categories…
CVE-2020-11152 — CVSS 6.4 (medium): Race condition in HAL layer while processing callback objects received from HIDL due to lack of synchronization between accessing objects…