Qualcomm Qm215 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Qualcomm Qm215 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (200)
CVE-2019-10611 — CVSS 9.8 (critical): Buffer overflow can occur while processing clip due to lack of check of object size before parsing in Snapdragon Auto, Snapdragon Compute…
CVE-2020-3661 — CVSS 9.8 (critical): Buffer overflow will happen while parsing mp4 clip with corrupted sample atoms values which exceeds MAX_UINT32 range due to lack of…
CVE-2019-10532 — CVSS 9.8 (critical): Null-pointer dereference issue can occur while calculating string length when source string length is zero in Snapdragon Auto, Snapdragon…
CVE-2019-10587 — CVSS 9.8 (critical): Possible Stack overflow can occur when processing a large SDP body or non standard SDP body without right delimiters in Snapdragon Auto…
CVE-2019-10588 — CVSS 9.8 (critical): Copying RTCP messages into the output buffer without checking the destination buffer size which could lead to a remote stack overflow. in…
CVE-2019-10589 — CVSS 9.8 (critical): Lack of length check of response buffer can lead to buffer over-flow while GP command response buffer handling in Snapdragon Auto…
CVE-2019-10590 — CVSS 9.8 (critical): Out of bound access while parsing dts atom, which is non-standard as it does not have valid number of tracks in Snapdragon Auto, Snapdragon…
CVE-2020-3673 — CVSS 9.8 (critical): u'Buffer overflow can happen as part of SIP message packet processing while storing values in array due to lack of check to validate the…
CVE-2019-10593 — CVSS 9.8 (critical): Buffer overflow can occur when processing non standard SDP video Image attribute parameter in a VILTE\VOLTE call in Snapdragon Auto…
CVE-2019-10594 — CVSS 9.8 (critical): Stack overflow can occur when SDP is received with multiple payload types in the FMTP attribute of a video M line in Snapdragon Auto…
CVE-2022-40510 — CVSS 9.8 (critical): Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder.
CVE-2019-10609 — CVSS 9.8 (critical): Out of bound write can happen due to lack of check of array index value while calculating it. in Snapdragon Auto, Snapdragon Compute…
CVE-2018-11953 — CVSS 9.8 (critical): While processing ssid IE length from remote AP, possible out-of-bounds access may occur due to crafted ssid IE length in Snapdragon Auto…
CVE-2019-10614 — CVSS 9.8 (critical): Out of boundary access is possible as there is no validation of data accessed against the received size of the packet in case of malicious…
CVE-2019-10487 — CVSS 9.8 (critical): Buffer over read can happen while parsing SMS OTA messages at transport layer if network sends un-intended values in Snapdragon Auto…
CVE-2019-10493 — CVSS 9.8 (critical): Position determination accuracy may be degraded due to wrongly decoded information in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-10500 — CVSS 9.8 (critical): While processing MT Secondary PDP request, Buffer overflow will happen due to incorrect calculation of buffer size in Snapdragon Auto…
CVE-2019-10511 — CVSS 9.8 (critical): Possibility of memory overflow while decoding GSNDCP compressed mode PDU in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT…
CVE-2019-10516 — CVSS 9.8 (critical): Multiple read overflows in MM while decoding service accept,service reject,attach reject and MT detach in Snapdragon Auto, Snapdragon…
CVE-2019-14004 — CVSS 9.8 (critical): Buffer overflow occurs while processing invalid MKV clip, which has invalid EBML size in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-14005 — CVSS 9.8 (critical): Buffer overflow occur while playing the clip which is nonstandard due to lack of check of size duration in Snapdragon Auto, Snapdragon…
CVE-2019-14006 — CVSS 9.8 (critical): Buffer overflow occur while playing the clip which is nonstandard due to lack of offset length check in Snapdragon Auto, Snapdragon…
CVE-2020-3663 — CVSS 9.8 (critical): Buffer over-write may occur during fetching track decoder specific information if cb size exceeds buffer size in Snapdragon Auto…
CVE-2020-3662 — CVSS 9.8 (critical): Buffer overflow can occur while parsing eac3 header while playing the clip which is nonstandard in Snapdragon Auto, Snapdragon Compute…
CVE-2019-14013 — CVSS 9.8 (critical): While parsing invalid super index table, elements within super index table may exceed total chunk size and invalid data is read into the…
CVE-2019-14016 — CVSS 9.8 (critical): Integer overflow occurs while playing the clip which is nonstandard in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity…
CVE-2019-14017 — CVSS 9.8 (critical): Heap buffer overflow can occur while parsing invalid MKV clip which is not standard and have invalid vorbis codec data in Snapdragon Auto…
CVE-2019-10525 — CVSS 9.8 (critical): Buffer overflow during SIB read when network configures complete sib list along with first and last segment of other SIB in Snapdragon…
CVE-2018-11271 — CVSS 9.8 (critical): Improper authentication can happen on Remote command handling due to inappropriate handling of events in Snapdragon Auto, Snapdragon…
CVE-2018-11930 — CVSS 9.8 (critical): Improper input validation on input data which is used to locate and copy the additional IEs in WLAN function can lead to potential integer…
CVE-2020-3703 — CVSS 9.8 (critical): u'Buffer over-read issue in Bluetooth peripheral firmware due to lack of check for invalid opcode and length of opcode received from…
CVE-2019-14052 — CVSS 9.8 (critical): u'Accessing an uninitialized data structure could result in partially copying of contents and thus incorrect processing' in Snapdragon…
CVE-2020-3660 — CVSS 9.8 (critical): Possible null-pointer dereference can occur while parsing mp4 clip with corrupted sample table atoms in Snapdragon Auto, Snapdragon…
CVE-2019-14062 — CVSS 9.8 (critical): Buffer overflows while decoding setup message from Network due to lack of check of IE message length received from network in Snapdragon…
CVE-2020-3654 — CVSS 9.8 (critical): u'Buffer overflow occurs while processing SIP message packet due to lack of check of index validation before copying into it' in Snapdragon…
CVE-2020-3641 — CVSS 9.8 (critical): Integer overflow may occur if atom size is less than atom offset as there is improper validation of atom size in Snapdragon Auto…
CVE-2019-14073 — CVSS 9.8 (critical): Copying RTCP messages into the output buffer without checking the destination buffer size which could lead to a remote stack overflow when…
CVE-2019-14080 — CVSS 9.8 (critical): Out of bound write can happen due to lack of check of array index value while parsing SDP attribute for SAR in Snapdragon Auto, Snapdragon…
CVE-2019-14095 — CVSS 9.8 (critical): Buffer overflow occurs while processing LMP packet in which name length parameter exceeds value specified in BT-specification in Snapdragon…
CVE-2020-3639 — CVSS 9.8 (critical): u'When a non standard SIP sigcomp message is received from the network, then there may be chances of using more UDVM cycle or memory…
CVE-2019-14127 — CVSS 9.8 (critical): Possible buffer overflow while playing mkv clip due to lack of validation of atom size buffer in Snapdragon Auto, Snapdragon Compute…
CVE-2019-2242 — CVSS 9.8 (critical): Device memory may get corrupted because of buffer overflow/underflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer…
CVE-2019-2244 — CVSS 9.8 (critical): Possible integer underflow can happen when calculating length of elementary stream info from invalid section length which is later used to…
CVE-2019-2245 — CVSS 9.8 (critical): Possible integer underflow can happen when calculating length of elementary stream map from invalid packet length which is later used to…
CVE-2018-13911 — CVSS 9.8 (critical): Out of bounds memory read and access may lead to unexpected behavior in GNSS XTRA Parser in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-2255 — CVSS 9.8 (critical): An unprivileged user can craft a bitstream such that the payload encoded in the bitstream gains code execution in Snapdragon Auto…
CVE-2019-2256 — CVSS 9.8 (critical): An unprivileged user can craft a bitstream such that the payload encoded in the bitstream gains code execution in Snapdragon Auto…
CVE-2019-2259 — CVSS 9.8 (critical): Resource allocation error while playing the video whose dimensions are more than supported dimension in Snapdragon Auto, Snapdragon…
CVE-2019-2271 — CVSS 9.8 (critical): Buffer over read can happen while parsing downlink session management OTA messages if network sends un-intended values in Snapdragon Auto…
CVE-2019-10559 — CVSS 9.8 (critical): Accessing data buffer beyond the available data while parsing ogg clip can lead to null-pointer dereference and then memory corruption in…
CVE-2020-3699 — CVSS 9.8 (critical): Possible out of bound access while processing assoc response from host due to improper length check before copying into buffer in…
CVE-2019-2289 — CVSS 9.8 (critical): Lack of integrity check allows MODEM to accept any NAS messages which can result into authentication bypass of NAS in Snapdragon Auto…
CVE-2020-3633 — CVSS 9.8 (critical): Array out of bound may occur while playing mp3 file as no check is there on offset if it is greater than the buffer allocated or not in…
CVE-2019-2303 — CVSS 9.8 (critical): SNDCP module may access array out side its boundary when it receives malformed XID message. in Snapdragon Auto, Snapdragon Compute…
CVE-2019-2317 — CVSS 9.8 (critical): The secret key used to make the Initial Sequence Number in the TCP SYN packet could be brute forced and therefore can be predicted in…
CVE-2020-3614 — CVSS 9.8 (critical): Possible buffer overflow while copying the frame to local buffer due to lack of check of length before copying in Snapdragon Auto…
CVE-2019-2320 — CVSS 9.8 (critical): Possible out of bounds write in a MT SMS/SS scenario due to improper validation of array index in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11196 — CVSS 9.8 (critical): u'Integer overflow to buffer overflow occurs while playback of ASF clip having unexpected number of codec entries' in Snapdragon Auto…
CVE-2020-11193 — CVSS 9.8 (critical): u'Buffer over read can happen while parsing mkv clip due to improper typecasting of data returned from atomsize' in Snapdragon Auto…
CVE-2020-11184 — CVSS 9.8 (critical): u'Possible buffer overflow will occur in video while parsing mp4 clip with crafted esds atom size.' in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11116 — CVSS 9.8 (critical): u'Possible out of bound write while processing association response received from host due to lack of check of IE length' in Snapdragon…
CVE-2020-11168 — CVSS 9.8 (critical): u'Null-pointer dereference can occur while accessing data buffer beyond its size that leads to access the buffer beyond its range' in…
CVE-2018-13886 — CVSS 9.8 (critical): Unchecked OTA field in GNSS XTRA3 lead to integer overflow and then buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-10572 — CVSS 9.8 (critical): Improper check in video driver while processing data from video firmware can lead to integer overflow and then buffer overflow in…
CVE-2020-3698 — CVSS 9.8 (critical): Out of bound write while QoS DSCP mapping due to improper input validation for data received from association response frame in Snapdragon…
CVE-2020-3688 — CVSS 9.8 (critical): Possible buffer overflow while parsing mp4 clip with corrupted sample atoms due to improper validation of index in Snapdragon Auto…
CVE-2018-13925 — CVSS 9.8 (critical): Error in parsing PMT table frees the memory allocated for the map section but does not reset the context map section reference causing heap…
CVE-2018-13887 — CVSS 9.8 (critical): Untrusted header fields in GNSS XTRA3 function can lead to integer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer…
CVE-2019-10586 — CVSS 9.8 (critical): Filling media attribute tag names without validating the destination buffer size which can result in the buffer overflow in Snapdragon…
CVE-2019-10579 — CVSS 9.1 (critical): Buffer over-read can occur while playing the video clip which is not standard in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2020-3670 — CVSS 9.1 (critical): u'Potential out of bounds read while processing downlink NAS transport message due to improper length check of Information Element(IEI) NAS…
CVE-2019-10553 — CVSS 9.1 (critical): Multiple Read overflows due to improper length checks while decoding authentication in Cs domain/RAU Reject and TC cmd in Snapdragon Auto…
CVE-2019-10554 — CVSS 9.1 (critical): Multiple Read overflows issue due to improper length check while decoding Identity Request in CSdomain/Authentication Reject in CS domain/…
CVE-2019-10577 — CVSS 9.1 (critical): Improper input validation while processing SIP URI received from the network will lead to buffer over-read and then to denial of service in…
CVE-2020-3634 — CVSS 9.1 (critical): u'Multiple Read overflows issue due to improper length check while decoding Generic NAS transport/EMM info' in Snapdragon Auto, Snapdragon…
CVE-2019-14020 — CVSS 9.1 (critical): Multiple Read overflows issue due to improper length check while decoding dedicated_eps_bearer_req/ act_def_context_req/…
CVE-2019-14033 — CVSS 9.1 (critical): Multiple Read overflows issue due to improper length check while decoding tau reject/tau accept/detach request/attach reject/attach accept…
CVE-2019-14057 — CVSS 9.1 (critical): Buffer Over read of codec private data while parsing an mkv file due to lack of check of buffer size before read in Snapdragon Auto…
CVE-2019-10550 — CVSS 9.1 (critical): Buffer Over-read when UE is trying to process the message received form the network without zero termination in Snapdragon Auto, Snapdragon…
CVE-2020-3658 — CVSS 9.1 (critical): Possible null-pointer dereference can occur while parsing mp4 clip with corrupted sample table atoms in Snapdragon Auto, Snapdragon…
CVE-2019-14019 — CVSS 9.1 (critical): Multiple Read overflows issue due to improper length check while decoding RAU accept/PDN disconnect Rej/Modify EPS ctxt req/bearer resource…
CVE-2019-10610 — CVSS 9.1 (critical): Possible buffer over read when trying to process SDP message Video media line with frame-size attribute in video Media line in Snapdragon…
CVE-2019-14011 — CVSS 9.1 (critical): Multiple Read overflows issue due to improper length check while decoding 3G attach accept/ SMS/ pdn connection reject/ esm data transport/…
CVE-2019-10551 — CVSS 9.1 (critical): String error while processing non standard SIP messages received can lead to buffer overread and then denial of service in Snapdragon Auto…
CVE-2019-10552 — CVSS 9.1 (critical): Multiple Buffer Over-read issue can happen due to improper length checks while decoding Service Reject/RAU Reject/PTMSI Realloc cmd in…
CVE-2019-10494 — CVSS 8.1 (high): Race condition between the camera functions due to lack of resource lock which will lead to memory corruption and UAF issue in Snapdragon…
CVE-2022-33264 — CVSS 7.9 (high): Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message.
CVE-2018-11967 — CVSS 7.8 (high): Signature verification of the skel library could potentially be disabled as the memory region on the remote subsystem in which the library…
CVE-2018-13895 — CVSS 7.8 (high): Due to the missing permissions on several content providers of the RCS app in its android manifest file will lead to an unprivileged access…
CVE-2018-13899 — CVSS 7.8 (high): Processing messages after error may result in user after free memory fault in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity…
CVE-2018-13908 — CVSS 7.8 (high): Truncated access authentication token leads to weakened access control for stored secure application data in Snapdragon Auto, Snapdragon…
CVE-2018-13910 — CVSS 7.8 (high): Out-of-Bounds access in TZ due to invalid index calculated to check against DDR in Snapdragon Auto, Snapdragon Connectivity, Snapdragon…
CVE-2018-13916 — CVSS 7.8 (high): Out-of-bounds memory access in Qurt kernel function when using the identifier to access Qurt kernel buffer to retrieve thread data. in…
CVE-2018-13918 — CVSS 7.8 (high): kernel could return a received message length higher than expected, which leads to buffer overflow in a subsequent operation and stops…
CVE-2018-13920 — CVSS 7.8 (high): Use-after-free condition due to Improper handling of hrtimers when the PMU driver tries to access its events in Snapdragon Auto, Snapdragon…
CVE-2018-5913 — CVSS 7.8 (high): A non-time constant function memcmp is used which creates a side channel that could leak information in Snapdragon Auto, Snapdragon…
CVE-2019-10527 — CVSS 7.8 (high): u'SMEM partition can be manipulated in case of any compromise on HLOS, thus resulting in access to memory outside of SMEM address range…
CVE-2019-10544 — CVSS 7.8 (high): Improper length check on source buffer to handle userspace data received can lead to out-of-bound access in diag handlers in Snapdragon…
CVE-2019-10548 — CVSS 7.8 (high): While trying to obtain datad ipc handle during DPL initialization, Heap use-after-free issue can occur if modem SSR occurs at same time in…
CVE-2019-10555 — CVSS 7.8 (high): Buffer overflow can occur due to usage of wrong datatype and missing length check before copying into buffer in Snapdragon Auto, Snapdragon…
CVE-2019-10556 — CVSS 7.8 (high): Missing length check before copying the data from kernel space to userspace through the copy function can lead to buffer overflow in some…
CVE-2019-10558 — CVSS 7.8 (high): While transferring data from APPS to DSP, Out of bound in FastRPC HLOS Driver due to the data buffer which can be controlled by DSP in…
CVE-2019-10564 — CVSS 7.8 (high): Possible OOB issue in EEPROM due to lack of check while accessing memory map array at the time of reading operation in Snapdragon Auto…
CVE-2019-10567 — CVSS 7.8 (high): There is a way to deceive the GPU kernel driver into thinking there is room in the GPU ringbuffer and overwriting existing commands could…
CVE-2019-10571 — CVSS 7.8 (high): Snapshot of IB can lead to invalid address access due to missing check for size in the related function in Snapdragon Auto, Snapdragon…
CVE-2019-10584 — CVSS 7.8 (high): Possibility of out of bound access in debug queue, if packet size field is corrupted in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-10585 — CVSS 7.8 (high): Possible integer overflow happens when mmap find function will increment refcount every time when it invokes and can lead to use after free…
CVE-2019-10592 — CVSS 7.8 (high): Possible integer overflow while multiplying two integers of 32 bit in QDCM API of get display modes as there is no check on the maximum…
CVE-2019-10600 — CVSS 7.8 (high): Use of local variable as argument to netlink CB callback goes out of it scope when callback triggered lead to invalid stack memory in…
CVE-2019-10604 — CVSS 7.8 (high): Possibility of heap-buffer-overflow during last iteration of loop while populating image version information in diag command response…
CVE-2019-10615 — CVSS 7.8 (high): u'Possibility of integer overflow in keymaster 4 while allocating memory due to multiplication of large numcerts value and size of…
CVE-2019-13994 — CVSS 7.8 (high): u'Lack of check that the current received data fragment size of a particular packet that are read from shared memory are less than the…
CVE-2019-13995 — CVSS 7.8 (high): u'Lack of integer overflow check for addition of fragment size and remaining size that are read from shared memory can lead to memory…
CVE-2019-13998 — CVSS 7.8 (high): u'Lack of check that the TX FIFO write and read indices that are read from shared RAM are less than the FIFO size results into memory…
CVE-2019-13999 — CVSS 7.8 (high): u'Lack of check for integer overflow for round up and addition operations result into memory corruption and potential information leakage'…
CVE-2019-14000 — CVSS 7.8 (high): Lack of check that the RX FIFO write index that is read from shared RAM is less than the FIFO size results into memory corruption and…
CVE-2019-14001 — CVSS 7.8 (high): Wrong public key usage from existing oem_keystore for hash generation in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial…
CVE-2019-14002 — CVSS 7.8 (high): APKs without proper permission may bind to CallEnhancementService and can lead to unauthorized access to call status in Snapdragon Auto…
CVE-2019-14018 — CVSS 7.8 (high): Possible out of bound array access as there is no check on carrier index passed in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer…
CVE-2019-14021 — CVSS 7.8 (high): Possible buffer overrun when processing EFS filename and payload sent over diag interface due to lack of check for filename length and…
CVE-2019-14024 — CVSS 7.8 (high): Possible stack-use-after-scope issue in NFC usecase for card emulation in Snapdragon Auto, Snapdragon Industrial IOT, Snapdragon Mobile in…
CVE-2019-14034 — CVSS 7.8 (high): Use after free while processing eeprom query as there is a chance to not unlock mutex after error occurs in Snapdragon Auto, Snapdragon…
CVE-2019-14040 — CVSS 7.8 (high): Using memory after being freed in qsee due to wrong implementation can lead to unexpected behavior such as execution of unknown code in…
CVE-2019-14041 — CVSS 7.8 (high): During listener modified response processing, a buffer overrun occurs due to lack of buffer size verification when updating message buffer…
CVE-2019-14060 — CVSS 7.8 (high): Uninitialized stack data gets used If memory is not allocated for blob or if the allocated blob is less than the struct size required due…
CVE-2019-14071 — CVSS 7.8 (high): Compromised reset handler may bypass access control due to AC config is being reset if debug path is enabled to collect secure or…
CVE-2019-14074 — CVSS 7.8 (high): u'Heap overflow in diag command handler due to lack of check of packet length received from user' in Snapdragon Auto, Snapdragon Compute…
CVE-2019-14093 — CVSS 7.8 (high): Array out of bound access can occur in display module due to lack of bound check on input parcel received in Snapdragon Auto, Snapdragon…
CVE-2019-14094 — CVSS 7.8 (high): Integer overflow in diag command handler when user inputs a large value for number of tasks field in the request packet in Snapdragon Auto…
CVE-2019-14099 — CVSS 7.8 (high): Device misbehavior may be observed when incorrect offset, length or number of buffers is passed by user space in Snapdragon Auto…
CVE-2019-2247 — CVSS 7.8 (high): Possibility of double free issue while running multiple instances of smp2p test because of proper protection is missing while using global…
CVE-2019-2248 — CVSS 7.8 (high): Buffer overflow can occur if invalid header tries to overwrite the existing buffer which fix size allocation in Snapdragon Auto, Snapdragon…
CVE-2019-2274 — CVSS 7.8 (high): Improper Access Control for RPU write access from secure processor in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics…
CVE-2019-2288 — CVSS 7.8 (high): Out of bound write in TZ while copying the secure dump structure on HLOS provided buffer as a part of memory dump in Snapdragon Auto…
CVE-2019-2315 — CVSS 7.8 (high): While invoking the API to copy from fd or local buffer to the secure buffer, Parameters being populated are from non secure environment. in…
CVE-2019-2321 — CVSS 7.8 (high): Incorrect length used while validating the qsee log buffer sent from HLOS which could then lead to remap conflict in Snapdragon Auto…
CVE-2020-11120 — CVSS 7.8 (high): u'Calling thread may free the data buffer pointer that was passed to the callback and later when event loop executes the callback, data…
CVE-2020-11121 — CVSS 7.8 (high): u'Possible buffer overflow in WIFI hal process due to usage of memcpy without checking length of destination buffer' in Snapdragon Auto…
CVE-2020-11125 — CVSS 7.8 (high): u'Out of bound access can happen in MHI command process due to lack of check of channel id value received from MHI devices' in Snapdragon…
CVE-2020-11128 — CVSS 7.8 (high): u'Possible out of bound access while copying the mask file content into the buffer without checking the buffer size' in Snapdragon Auto…
CVE-2020-11130 — CVSS 7.8 (high): u'Possible buffer overflow in WIFI hal process due to copying data without checking the buffer length' in Snapdragon Auto, Snapdragon…
CVE-2020-11162 — CVSS 7.8 (high): u'Possible buffer overflow in MHI driver due to lack of input parameter validation of EOT events received from MHI device side' in…
CVE-2020-11175 — CVSS 7.8 (high): u'Use after free issue in Bluetooth transport driver when a method in the object is accessed after the object has been deleted due to…
CVE-2020-3610 — CVSS 7.8 (high): Possibility of double free of the drawobj that is added to the drawqueue array of the context during IOCTL commands as there is no refcount…
CVE-2020-3616 — CVSS 7.8 (high): Buffer overflow in display function due to memory copy without checking length of size using strcpy function in Snapdragon Auto, Snapdragon…
CVE-2020-3622 — CVSS 7.8 (high): u'Channel name string which has been read from shared memory is potentially subjected to string manipulations but not validated for NULL…
CVE-2020-3624 — CVSS 7.8 (high): u'A potential buffer overflow exists due to integer overflow when parsing handler options due to wrong data type usage in operation' in…
CVE-2020-3626 — CVSS 7.8 (high): Any application can bind to it and exercise the APIs due to no protection for AIDL uimlpaservice in Snapdragon Auto, Snapdragon Compute…
CVE-2020-3630 — CVSS 7.8 (high): Possibility of out of bound access while processing the responses from video firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2020-3635 — CVSS 7.8 (high): Stack based overflow If the maximum number of arguments allowed per request in perflock exceeds in Snapdragon Auto, Snapdragon Compute…
CVE-2020-3656 — CVSS 7.8 (high): Out of bound access can happen in MHI command process due to lack of check of command channel id value received from MHI devices in…
CVE-2020-3676 — CVSS 7.8 (high): Possible memory corruption in perfservice due to improper validation array length taken from user application. in Snapdragon Auto…
CVE-2019-10485 — CVSS 7.5 (high): Infinite loop while decoding compressed data can lead to overrun condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT…
CVE-2020-11135 — CVSS 7.5 (high): u'Reachable assertion when wrong data size is returned by parser for ape clips' in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon…
CVE-2019-10578 — CVSS 7.5 (high): Null pointer dereference can occur while parsing the clip which is nonstandard in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2022-40504 — CVSS 7.5 (high): Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network.
CVE-2020-11157 — CVSS 7.5 (high): u'Lack of handling unexpected control messages while encryption was in progress can terminate the connection and thus leading to a DoS' in…
CVE-2019-10549 — CVSS 7.5 (high): Null pointer dereference issue can happen due to improper validation of CSEQ header response received from network in Snapdragon Auto…
CVE-2019-2337 — CVSS 7.5 (high): While Skipping unknown IES, EMM is reading the buffer even if the no of bytes to read are more than message length which may cause device…
CVE-2020-3651 — CVSS 7.5 (high): Active command timeout since WM status change cmd is not removed from active queue if peer sends multiple deauth frames. in Snapdragon…
CVE-2020-11115 — CVSS 7.5 (high): u'Buffer over read occurs while processing information element from beacon due to lack of check of data received from beacon' in Snapdragon…
CVE-2019-14061 — CVSS 7.5 (high): Null-pointer dereference can occur while accessing the segment element info when it is not allocated and assigned in Snapdragon Auto…
CVE-2019-2335 — CVSS 7.5 (high): While processing Attach Reject message, Valid exit condition is not met resulting into an infinite loop in Snapdragon Auto, Snapdragon…
CVE-2019-14022 — CVSS 7.5 (high): Error occurs While extracting the ipv6_header having an invalid length due to lack of length check in Snapdragon Auto, Snapdragon Compute…
CVE-2019-14012 — CVSS 7.5 (high): Possibility of null pointer deference as the array of video codecs from media info is referenced without null checking while processing SDP…
CVE-2020-11118 — CVSS 7.5 (high): u'Information exposure issues while processing IE header due to improper check of beacon IE frame' in Snapdragon Auto, Snapdragon Compute…
CVE-2019-14003 — CVSS 7.5 (high): Null pointer exception can happen while parsing invalid MKV clip where cue information is parsed before segment information in Snapdragon…
CVE-2019-10591 — CVSS 7.5 (high): Null pointer dereference can happen when parsing udta atom which is non-standard and having invalid depth in Snapdragon Auto, Snapdragon…
CVE-2019-14053 — CVSS 7.1 (high): When attempting to create a new XFRM policy, a stack out-of-bounds read will occur if the user provides a template where the mode is set to…
CVE-2019-14101 — CVSS 7.1 (high): Out of bounds read can happen in diag event set mask command handler when user provided length in the command request is less than expected…
CVE-2023-21626 — CVSS 7.1 (high): Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key.
CVE-2019-10574 — CVSS 7.1 (high): Lack of boundary checks for data offsets received from HLOS can lead to out-of-bound read in Snapdragon Auto, Snapdragon Compute…
CVE-2020-3680 — CVSS 7.0 (high): A race condition can occur when using the fastrpc memory mapping API. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT…
CVE-2019-14070 — CVSS 7.0 (high): Possible use after free issue in pcm volume controls due to race condition exist in private data used in mixer controls in Snapdragon Auto…
CVE-2018-13909 — CVSS 7.0 (high): Metadata verification and partial hash system calls by bootloader may corrupt parallel hashing state in progress resulting in unexpected…
CVE-2019-10486 — CVSS 7.0 (high): Race condition due to the lack of resource lock which will be concurrently modified in the memcpy statement leads to out of bound access in…
CVE-2020-3619 — CVSS 7.0 (high): u'Non-secure memory is touched multiple times during TrustZone\u2019s execution and can lead to privilege escalation or memory corruption'…
CVE-2022-33289 — CVSS 6.8 (medium): Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.
CVE-2022-33302 — CVSS 6.8 (medium): Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length.
CVE-2019-10482 — CVSS 5.9 (medium): Due to the use of non-time-constant comparison functions there is issue in timing side channels which can be used as a potential side…
CVE-2022-33296 — CVSS 5.9 (medium): Memory corruption due to integer overflow to buffer overflow in Modem while parsing Traffic Channel Neighbor List Update message.
CVE-2019-14007 — CVSS 5.5 (medium): Due to the use of non-time-constant comparison functions there is issue in timing side channels which can be used as a potential side…