Qualcomm Sc8180x Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Qualcomm Sc8180x Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (200)
CVE-2019-14052 — CVSS 9.8 (critical): u'Accessing an uninitialized data structure could result in partially copying of contents and thus incorrect processing' in Snapdragon…
CVE-2019-14098 — CVSS 9.8 (critical): Possible buffer overflow in data offload handler due to lack of check of keydata length when copying data in Snapdragon Auto, Snapdragon…
CVE-2020-3669 — CVSS 9.8 (critical): u'Buffer Overflow issue in WLAN tcp ip verification due to usage of out of range pointer offset' in Snapdragon Auto, Snapdragon Compute…
CVE-2020-3668 — CVSS 9.8 (critical): u'Buffer overflow while parsing PMF enabled MCBC frames due to frame length being lesser than what is expected while parsing' in Snapdragon…
CVE-2020-3667 — CVSS 9.8 (critical): u'Buffer Overflow in mic calculation for WPA due to copying data into buffer without validating the length of buffer' in Snapdragon Auto…
CVE-2020-11116 — CVSS 9.8 (critical): u'Possible out of bound write while processing association response received from host due to lack of check of IE length' in Snapdragon…
CVE-2020-3657 — CVSS 9.8 (critical): u'Remote code execution can happen by sending a carefully crafted POST query when Device configuration is accessed from a tethered client…
CVE-2019-10511 — CVSS 9.8 (critical): Possibility of memory overflow while decoding GSNDCP compressed mode PDU in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT…
CVE-2019-10516 — CVSS 9.8 (critical): Multiple read overflows in MM while decoding service accept,service reject,attach reject and MT detach in Snapdragon Auto, Snapdragon…
CVE-2020-11153 — CVSS 9.8 (critical): u'Out of bound memory access while processing GATT data received due to lack of check of pdu data length and leads to remote code…
CVE-2020-11163 — CVSS 9.8 (critical): Possible buffer overflow while updating ikev2 parameters due to lack of check of input validation for certain parameters received from the…
CVE-2020-11170 — CVSS 9.8 (critical): Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction in…
CVE-2020-3639 — CVSS 9.8 (critical): u'When a non standard SIP sigcomp message is received from the network, then there may be chances of using more UDVM cycle or memory…
CVE-2019-10586 — CVSS 9.8 (critical): Filling media attribute tag names without validating the destination buffer size which can result in the buffer overflow in Snapdragon…
CVE-2020-11176 — CVSS 9.8 (critical): While processing server certificate from IPSec server, certificate validation for subject alternative name API can cause heap overflow…
CVE-2019-10587 — CVSS 9.8 (critical): Possible Stack overflow can occur when processing a large SDP body or non standard SDP body without right delimiters in Snapdragon Auto…
CVE-2020-3615 — CVSS 9.8 (critical): Valid deauth/disassoc frames is dropped in case if RMF is enabled and some rouge peer keep on sending rogue deauth/disassoc frames due to…
CVE-2019-10588 — CVSS 9.8 (critical): Copying RTCP messages into the output buffer without checking the destination buffer size which could lead to a remote stack overflow. in…
CVE-2020-3614 — CVSS 9.8 (critical): Possible buffer overflow while copying the frame to local buffer due to lack of check of length before copying in Snapdragon Auto…
CVE-2020-11227 — CVSS 9.8 (critical): Out of bound write while parsing RTT/TTY packet parsing due to lack of check of buffer size before copying into buffer in Snapdragon Auto…
CVE-2019-10593 — CVSS 9.8 (critical): Buffer overflow can occur when processing non standard SDP video Image attribute parameter in a VILTE\VOLTE call in Snapdragon Auto…
CVE-2019-10594 — CVSS 9.8 (critical): Stack overflow can occur when SDP is received with multiple payload types in the FMTP attribute of a video M line in Snapdragon Auto…
CVE-2019-14031 — CVSS 9.8 (critical): Buffer overflow can occur while parsing RSN IE containing list of PMK ID`s which are more than the buffer size in Snapdragon Auto…
CVE-2019-10525 — CVSS 9.8 (critical): Buffer overflow during SIB read when network configures complete sib list along with first and last segment of other SIB in Snapdragon…
CVE-2019-10526 — CVSS 9.8 (critical): Out of bound write in WLAN driver due to NULL character not properly placed after SSID name in Snapdragon Auto, Snapdragon Compute…
CVE-2019-10609 — CVSS 9.8 (critical): Out of bound write can happen due to lack of check of array index value while calculating it. in Snapdragon Auto, Snapdragon Compute…
CVE-2021-1920 — CVSS 9.8 (critical): Integer underflow can occur due to improper handling of incoming RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-10612 — CVSS 9.8 (critical): UTCB object has a function pointer called by the reaper to deallocate its memory resources and this address can potentially be corrupted by…
CVE-2019-14097 — CVSS 9.8 (critical): Possible buffer overflow in WLAN Parser due to lack of length check when copying data in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2021-1919 — CVSS 9.8 (critical): Integer underflow can occur when the RTCP length is lesser than than the actual blocks present in Snapdragon Auto, Snapdragon Compute…
CVE-2019-10546 — CVSS 9.8 (critical): Buffer overflow can occur in WLAN firmware while parsing beacon/probe_response frames during roaming in Snapdragon Auto, Snapdragon…
CVE-2019-14062 — CVSS 9.8 (critical): Buffer overflows while decoding setup message from Network due to lack of check of IE message length received from network in Snapdragon…
CVE-2021-1916 — CVSS 9.8 (critical): Possible buffer underflow due to lack of check for negative indices values when processing user provided input in Snapdragon Auto…
CVE-2020-3703 — CVSS 9.8 (critical): u'Buffer over-read issue in Bluetooth peripheral firmware due to lack of check for invalid opcode and length of opcode received from…
CVE-2020-3699 — CVSS 9.8 (critical): Possible out of bound access while processing assoc response from host due to improper length check before copying into buffer in…
CVE-2019-14073 — CVSS 9.8 (critical): Copying RTCP messages into the output buffer without checking the destination buffer size which could lead to a remote stack overflow when…
CVE-2022-40514 — CVSS 9.8 (critical): Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame.
CVE-2019-14080 — CVSS 9.8 (critical): Out of bound write can happen due to lack of check of array index value while parsing SDP attribute for SAR in Snapdragon Auto, Snapdragon…
CVE-2019-14083 — CVSS 9.8 (critical): While parsing Service Descriptor Extended Attribute received as part of SDF frame, there is a possibility that incorrect length is…
CVE-2019-14095 — CVSS 9.8 (critical): Buffer overflow occurs while processing LMP packet in which name length parameter exceeds value specified in BT-specification in Snapdragon…
CVE-2019-10487 — CVSS 9.8 (critical): Buffer over read can happen while parsing SMS OTA messages at transport layer if network sends un-intended values in Snapdragon Auto…
CVE-2020-3698 — CVSS 9.8 (critical): Out of bound write while QoS DSCP mapping due to improper input validation for data received from association response frame in Snapdragon…
CVE-2020-3692 — CVSS 9.8 (critical): u'Possible buffer overflow while updating output buffer for IMEI and Gateway Address due to lack of check of input validation for…
CVE-2019-14110 — CVSS 9.8 (critical): Buffer overflow can occur in function wlan firmware while copying association frame content if frame length is more than the maximum buffer…
CVE-2019-14111 — CVSS 9.8 (critical): Possible buffer overflow while handling NAN reception of NMF in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon…
CVE-2019-14112 — CVSS 9.8 (critical): Potential buffer overflow while processing CBF frames due to lack of check of buffer length before copy in Snapdragon Auto, Snapdragon…
CVE-2019-14113 — CVSS 9.8 (critical): Buffer overflow can occur in In WLAN firmware while unwraping data using CCMP cipher suite during parsing of EAPOL handshake frame in…
CVE-2019-14114 — CVSS 9.8 (critical): Buffer overflow in WLAN firmware while parsing GTK IE containing GTK key having length more than the buffer size in Snapdragon Auto…
CVE-2020-3675 — CVSS 9.8 (critical): u'Potential integer underflow while parsing Service Info and IPv6 link-local TLVs that comes as part of NDPE attribute' in Snapdragon Auto…
CVE-2019-10500 — CVSS 9.8 (critical): While processing MT Secondary PDP request, Buffer overflow will happen due to incorrect calculation of buffer size in Snapdragon Auto…
CVE-2019-14131 — CVSS 9.8 (critical): Out of bound write can occur in radio measurement request if STA receives multiple invalid rrm measurement request from AP in Snapdragon…
CVE-2019-2271 — CVSS 9.8 (critical): Buffer over read can happen while parsing downlink session management OTA messages if network sends un-intended values in Snapdragon Auto…
CVE-2019-2289 — CVSS 9.8 (critical): Lack of integrity check allows MODEM to accept any NAS messages which can result into authentication bypass of NAS in Snapdragon Auto…
CVE-2019-2303 — CVSS 9.8 (critical): SNDCP module may access array out side its boundary when it receives malformed XID message. in Snapdragon Auto, Snapdragon Compute…
CVE-2019-2317 — CVSS 9.8 (critical): The secret key used to make the Initial Sequence Number in the TCP SYN packet could be brute forced and therefore can be predicted in…
CVE-2019-14033 — CVSS 9.1 (critical): Multiple Read overflows issue due to improper length check while decoding tau reject/tau accept/detach request/attach reject/attach accept…
CVE-2020-11166 — CVSS 9.1 (critical): Potential out of bound read exception when UE receives unusually large number of padding octets in the beginning of ROHC header in…
CVE-2020-11169 — CVSS 9.1 (critical): u'Buffer over-read while processing received L2CAP packet due to lack of integer overflow check' in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11301 — CVSS 9.1 (critical): Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon…
CVE-2020-11222 — CVSS 9.1 (critical): Buffer over read while processing MT SMS with maximum length due to improper length check in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11275 — CVSS 9.1 (critical): Possible buffer over-read while parsing quiet IE in Rx beacon frame due to improper check of IE length in received beacon in Snapdragon…
CVE-2019-10553 — CVSS 9.1 (critical): Multiple Read overflows due to improper length checks while decoding authentication in Cs domain/RAU Reject and TC cmd in Snapdragon Auto…
CVE-2020-3653 — CVSS 9.1 (critical): Possible buffer over-read in windows wlan driver function due to lack of check of length of variable received from userspace in Snapdragon…
CVE-2019-10622 — CVSS 9.1 (critical): Out of bound memory access can happen while parsing ADSP message due to lack of check of size of payload received from userspace in…
CVE-2019-10577 — CVSS 9.1 (critical): Improper input validation while processing SIP URI received from the network will lead to buffer over-read and then to denial of service in…
CVE-2019-14019 — CVSS 9.1 (critical): Multiple Read overflows issue due to improper length check while decoding RAU accept/PDN disconnect Rej/Modify EPS ctxt req/bearer resource…
CVE-2019-14020 — CVSS 9.1 (critical): Multiple Read overflows issue due to improper length check while decoding dedicated_eps_bearer_req/ act_def_context_req/…
CVE-2019-10551 — CVSS 9.1 (critical): String error while processing non standard SIP messages received can lead to buffer overread and then denial of service in Snapdragon Auto…
CVE-2020-3652 — CVSS 9.1 (critical): Possible buffer over-read issue in windows x86 wlan driver function while processing beacon or request frame due to lack of check of length…
CVE-2019-14063 — CVSS 9.1 (critical): Out of bound access due to Invalid inputs to dapm mux settings which results into kernel failure in Snapdragon Auto, Snapdragon Compute…
CVE-2019-10554 — CVSS 9.1 (critical): Multiple Read overflows issue due to improper length check while decoding Identity Request in CSdomain/Authentication Reject in CS domain/…
CVE-2020-11171 — CVSS 9.1 (critical): Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon…
CVE-2020-11188 — CVSS 9.1 (critical): Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon…
CVE-2020-11189 — CVSS 9.1 (critical): Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon…
CVE-2020-11190 — CVSS 9.1 (critical): Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Snapdragon…
CVE-2020-3670 — CVSS 9.1 (critical): u'Potential out of bounds read while processing downlink NAS transport message due to improper length check of Information Element(IEI) NAS…
CVE-2019-10610 — CVSS 9.1 (critical): Possible buffer over read when trying to process SDP message Video media line with frame-size attribute in video Media line in Snapdragon…
CVE-2019-14011 — CVSS 9.1 (critical): Multiple Read overflows issue due to improper length check while decoding 3G attach accept/ SMS/ pdn connection reject/ esm data transport/…
CVE-2019-10550 — CVSS 9.1 (critical): Buffer Over-read when UE is trying to process the message received form the network without zero termination in Snapdragon Auto, Snapdragon…
CVE-2019-10552 — CVSS 9.1 (critical): Multiple Buffer Over-read issue can happen due to improper length checks while decoding Service Reject/RAU Reject/PTMSI Realloc cmd in…
CVE-2020-11154 — CVSS 8.8 (high): u'Buffer overflow while processing a crafted PDU data packet in bluetooth due to lack of check of buffer size before copying' in Snapdragon…
CVE-2020-11155 — CVSS 8.8 (high): u'Buffer overflow while processing PDU packet in bluetooth due to lack of check of buffer length before copying into it.' in Snapdragon…
CVE-2020-11251 — CVSS 8.2 (high): Out-of-bounds read vulnerability while accessing DTMF payload due to lack of check of buffer length before copying in Snapdragon Auto…
CVE-2020-11156 — CVSS 8.1 (high): u'Buffer over-read issue in Bluetooth estack due to lack of check for invalid length of L2cap packet received from peer device.' in…
CVE-2020-11141 — CVSS 8.1 (high): u'Buffer over-read issue in Bluetooth estack due to lack of check for invalid length of L2cap configuration request received from peer…
CVE-2024-43050 — CVSS 7.8 (high): Memory corruption while invoking IOCTL calls from user space to issue factory test command inside WLAN driver.
CVE-2019-10527 — CVSS 7.8 (high): u'SMEM partition can be manipulated in case of any compromise on HLOS, thus resulting in access to memory outside of SMEM address range…
CVE-2019-10547 — CVSS 7.8 (high): When issuing IOCTL calls to ION, Memory leak can occur due to failure in unassign pages under certain conditions in Snapdragon Auto…
CVE-2019-10556 — CVSS 7.8 (high): Missing length check before copying the data from kernel space to userspace through the copy function can lead to buffer overflow in some…
CVE-2019-10567 — CVSS 7.8 (high): There is a way to deceive the GPU kernel driver into thinking there is room in the GPU ringbuffer and overwriting existing commands could…
CVE-2019-10569 — CVSS 7.8 (high): Stack buffer overflow due to instance id is misplaced inside definition of hardware accelerated effects in makefile in Snapdragon Auto…
CVE-2019-10580 — CVSS 7.8 (high): When kernel thread unregistered listener, Use after free issue happened as the listener client`s private data has been already freed in…
CVE-2019-10596 — CVSS 7.8 (high): u'Improper access control can lead signed process to guess pid of other processes and access their address space' in Snapdragon Auto…
CVE-2019-10597 — CVSS 7.8 (high): kernel writes to user passed address without any checks can lead to arbitrary memory write in Snapdragon Auto, Snapdragon Compute…
CVE-2019-10615 — CVSS 7.8 (high): u'Possibility of integer overflow in keymaster 4 while allocating memory due to multiplication of large numcerts value and size of…
CVE-2019-10621 — CVSS 7.8 (high): Use after free issue when MAP and UNMAP calls at same time as data structure used my MAP may be freed by UNMAP function in Snapdragon Auto…
CVE-2019-10624 — CVSS 7.8 (high): While handling the vendor command there is an integer truncation issue that could yield a buffer overflow due to int data type copied to u8…
CVE-2019-10628 — CVSS 7.8 (high): u'Memory can be potentially corrupted if random index is allowed to manipulate TLB entries in Kernel from user library' in Snapdragon Auto…
CVE-2019-10629 — CVSS 7.8 (high): u'User Process can potentially corrupt kernel virtual page by passing a crafted page in API' in Snapdragon Auto, Snapdragon Compute…
CVE-2019-13992 — CVSS 7.8 (high): u'Out of bound memory access if stack push and pop operation are performed without doing a bound check on stack top' in Snapdragon Auto…
CVE-2019-13994 — CVSS 7.8 (high): u'Lack of check that the current received data fragment size of a particular packet that are read from shared memory are less than the…
CVE-2019-13995 — CVSS 7.8 (high): u'Lack of integer overflow check for addition of fragment size and remaining size that are read from shared memory can lead to memory…
CVE-2019-13998 — CVSS 7.8 (high): u'Lack of check that the TX FIFO write and read indices that are read from shared RAM are less than the FIFO size results into memory…
CVE-2019-13999 — CVSS 7.8 (high): u'Lack of check for integer overflow for round up and addition operations result into memory corruption and potential information leakage'…
CVE-2019-14000 — CVSS 7.8 (high): Lack of check that the RX FIFO write index that is read from shared RAM is less than the FIFO size results into memory corruption and…
CVE-2019-14015 — CVSS 7.8 (high): A stack-based buffer overflow exists in the initialization of the identification stage due to lack of check on the number of templates…
CVE-2019-14018 — CVSS 7.8 (high): Possible out of bound array access as there is no check on carrier index passed in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer…
CVE-2019-14021 — CVSS 7.8 (high): Possible buffer overrun when processing EFS filename and payload sent over diag interface due to lack of check for filename length and…
CVE-2019-14026 — CVSS 7.8 (high): Possible buffer overflow in WLAN WMI handler due to lack of ssid length check when copying data in Snapdragon Auto, Snapdragon Compute…
CVE-2019-14027 — CVSS 7.8 (high): Buffer overflow due to lack of upper bound check on channel length which is used for a loop. in Snapdragon Compute, Snapdragon…
CVE-2019-14028 — CVSS 7.8 (high): Buffer overwrite during memcpy due to lack of check on SSID length validation in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-14029 — CVSS 7.8 (high): Use-after-free in graphics module due to destroying already queued syncobj in error case in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-14030 — CVSS 7.8 (high): The size of a buffer is determined by addition and multiplications operations that have the potential to overflow due to lack of bound…
CVE-2019-14032 — CVSS 7.8 (high): Memory use after free issue in audio due to lack of resource control in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT…
CVE-2019-14037 — CVSS 7.8 (high): Close and bind operations done on a socket can lead to a Use-After-Free condition. in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-14041 — CVSS 7.8 (high): During listener modified response processing, a buffer overrun occurs due to lack of buffer size verification when updating message buffer…
CVE-2019-14047 — CVSS 7.8 (high): While IPA driver processes route add rule IOCTL, there is no input validation of the rule ID prior to adding the rule to the IPA HW commit…
CVE-2019-14049 — CVSS 7.8 (high): Stage-2 fault will occur while writing to an ION system allocation which has been assigned to non-HLOS memory which is non-standard in…
CVE-2019-14055 — CVSS 7.8 (high): Possibility of use-after-free and double free because of not marking buffer as NULL after freeing can lead to dangling pointer access in…
CVE-2019-14056 — CVSS 7.8 (high): u'Possible integer overflow in API due to lack of check on large oid range count in cert extension field' in Snapdragon Auto, Snapdragon…
CVE-2019-14060 — CVSS 7.8 (high): Uninitialized stack data gets used If memory is not allocated for blob or if the allocated blob is less than the struct size required due…
CVE-2019-14065 — CVSS 7.8 (high): u'Pointer double free in HavenSvc due to not setting the pointer to NULL after freeing it' in Snapdragon Auto, Snapdragon Compute…
CVE-2019-14066 — CVSS 7.8 (high): Integer overflow in calculating estimated output buffer size when getting a list of installed Feature IDs, Serial Numbers or checking…
CVE-2019-14071 — CVSS 7.8 (high): Compromised reset handler may bypass access control due to AC config is being reset if debug path is enabled to collect secure or…
CVE-2019-14074 — CVSS 7.8 (high): u'Heap overflow in diag command handler due to lack of check of packet length received from user' in Snapdragon Auto, Snapdragon Compute…
CVE-2019-14076 — CVSS 7.8 (high): Buffer overflow occurs while processing an subsample data length out of range due to lack of user input validation in Snapdragon Auto…
CVE-2019-14077 — CVSS 7.8 (high): Out of bound memory access while processing ese transmit command due to passing Response buffer received from user in Snapdragon Auto…
CVE-2019-14089 — CVSS 7.8 (high): u'Keymaster attestation key and device IDs provisioning which is a one time process is incorrectly allowed to be re-provisioned after a…
CVE-2019-14091 — CVSS 7.8 (high): Double free issue in NPU due to lack of resource locking mechanism to avoid race condition in Snapdragon Auto, Snapdragon Compute…
CVE-2019-14094 — CVSS 7.8 (high): Integer overflow in diag command handler when user inputs a large value for number of tasks field in the request packet in Snapdragon Auto…
CVE-2019-14099 — CVSS 7.8 (high): Device misbehavior may be observed when incorrect offset, length or number of buffers is passed by user space in Snapdragon Auto…
CVE-2019-14100 — CVSS 7.8 (high): Register write via debugfs is disabled by default to prevent register writing via debugfs. in Snapdragon Auto, Snapdragon Compute…
CVE-2019-14117 — CVSS 7.8 (high): u'Whenever the page list is updated via privileged user, the previous list elements are freed but are not deleted from the list which…
CVE-2019-2251 — CVSS 7.8 (high): If a bitmap file is loaded from any un-authenticated source, there is a possibility that the bitmap can potentially cause stack buffer…
CVE-2020-11121 — CVSS 7.8 (high): u'Possible buffer overflow in WIFI hal process due to usage of memcpy without checking length of destination buffer' in Snapdragon Auto…
CVE-2020-11124 — CVSS 7.8 (high): u'Possible use-after-free while accessing diag client map table since list can be reallocated due to exceeding max client limit.' in…
CVE-2020-11125 — CVSS 7.8 (high): u'Out of bound access can happen in MHI command process due to lack of check of channel id value received from MHI devices' in Snapdragon…
CVE-2020-11127 — CVSS 7.8 (high): u'Integer overflow can cause a buffer overflow due to lack of table length check in the extensible boot Loader during the validation of…
CVE-2020-11128 — CVSS 7.8 (high): u'Possible out of bound access while copying the mask file content into the buffer without checking the buffer size' in Snapdragon Auto…
CVE-2020-11130 — CVSS 7.8 (high): u'Possible buffer overflow in WIFI hal process due to copying data without checking the buffer length' in Snapdragon Auto, Snapdragon…
CVE-2020-11162 — CVSS 7.8 (high): u'Possible buffer overflow in MHI driver due to lack of input parameter validation of EOT events received from MHI device side' in…
CVE-2020-11174 — CVSS 7.8 (high): u'Array index underflow issue in adsp driver due to improper check of channel id before used as array index.' in Snapdragon Auto…
CVE-2020-11195 — CVSS 7.8 (high): Out of bound write and read in TA while processing command from NS side due to improper length check on command and response buffers in…
CVE-2020-11204 — CVSS 7.8 (high): Possible memory corruption and information leakage in sub-system due to lack of check for validity and boundary compliance for parameters…
CVE-2020-11253 — CVSS 7.8 (high): Arbitrary memory write issue in video driver while setting the internal buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2020-3610 — CVSS 7.8 (high): Possibility of double free of the drawobj that is added to the drawqueue array of the context during IOCTL commands as there is no refcount…
CVE-2020-3618 — CVSS 7.8 (high): NULL exception due to accessing bad pointer while posting events on RT FIFO in Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired…
CVE-2020-3622 — CVSS 7.8 (high): u'Channel name string which has been read from shared memory is potentially subjected to string manipulations but not validated for NULL…
CVE-2020-3624 — CVSS 7.8 (high): u'A potential buffer overflow exists due to integer overflow when parsing handler options due to wrong data type usage in operation' in…
CVE-2020-3630 — CVSS 7.8 (high): Possibility of out of bound access while processing the responses from video firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2020-3638 — CVSS 7.8 (high): u'An Unaligned address or size can propagate to the database due to improper page permissions and can lead to improper access control' in…
CVE-2020-3646 — CVSS 7.8 (high): u'Buffer overflow seen as the destination buffer size is lesser than the source buffer size in video application' in Snapdragon Compute…
CVE-2020-3647 — CVSS 7.8 (high): u'Potential buffer overflow when accessing npu debugfs node "off"/"log" with large buffer size' in Snapdragon Compute, Snapdragon…
CVE-2020-3656 — CVSS 7.8 (high): Out of bound access can happen in MHI command process due to lack of check of command channel id value received from MHI devices in…
CVE-2020-3684 — CVSS 7.8 (high): u'QSEE reads the access permission policy for the SMEM TOC partition from the SMEM TOC contents populated by XBL Loader and applies them…
CVE-2020-3690 — CVSS 7.8 (high): u'Due to an incorrect SMMU configuration, the modem crypto engine can potentially compromise the hypervisor' in Snapdragon Auto, Snapdragon…
CVE-2022-33233 — CVSS 7.8 (high): Memory corruption due to configuration weakness in modem wile sending command to write protected files.
CVE-2022-33248 — CVSS 7.8 (high): Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http.
CVE-2018-13916 — CVSS 7.8 (high): Out-of-bounds memory access in Qurt kernel function when using the identifier to access Qurt kernel buffer to retrieve thread data. in…
CVE-2020-3700 — CVSS 7.5 (high): Possible out of bounds read due to a missing bounds check and could lead to local information disclosure in the wifi driver with no…
CVE-2021-30327 — CVSS 7.5 (high): Buffer overflow in sahara protocol while processing commands leads to overwrite of secure configuration data in Snapdragon Mobile…
CVE-2020-3704 — CVSS 7.5 (high): u'While processing invalid connection request PDU which is nonstandard (interval or timeout is 0) from central device may lead peripheral…
CVE-2021-1914 — CVSS 7.5 (high): Loop with unreachable exit condition may occur due to improper handling of unsupported input in Snapdragon Auto, Snapdragon Compute…
CVE-2022-40512 — CVSS 7.5 (high): Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.
CVE-2020-11218 — CVSS 7.5 (high): Denial of service in baseband when NW configures LTE betaOffset-RI-Index due to lack of data validation in Snapdragon Auto, Snapdragon…
CVE-2020-3651 — CVSS 7.5 (high): Active command timeout since WM status change cmd is not removed from active queue if peer sends multiple deauth frames. in Snapdragon…
CVE-2019-14012 — CVSS 7.5 (high): Possibility of null pointer deference as the array of video codecs from media info is referenced without null checking while processing SDP…
CVE-2020-11281 — CVSS 7.5 (high): Allowing RTT frames to be linked with non randomized MAC address by comparing the sequence numbers can lead to information disclosure. in…
CVE-2020-11118 — CVSS 7.5 (high): u'Information exposure issues while processing IE header due to improper check of beacon IE frame' in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11278 — CVSS 7.5 (high): Possible denial of service while handling host WMI command due to improper validation in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2020-11115 — CVSS 7.5 (high): u'Buffer over read occurs while processing information element from beacon due to lack of check of data received from beacon' in Snapdragon…
CVE-2019-2337 — CVSS 7.5 (high): While Skipping unknown IES, EMM is reading the buffer even if the no of bytes to read are more than message length which may cause device…
CVE-2019-2335 — CVSS 7.5 (high): While processing Attach Reject message, Valid exit condition is not met resulting into an infinite loop in Snapdragon Auto, Snapdragon…
CVE-2020-11226 — CVSS 7.5 (high): Out of bound memory read in Data modem while unpacking data due to lack of offset length check in Snapdragon Auto, Snapdragon Compute…
CVE-2020-11255 — CVSS 7.5 (high): Denial of service while processing RTCP packets containing multiple SDES reports due to memory for last SDES packet is freed and rest of…
CVE-2019-14022 — CVSS 7.5 (high): Error occurs While extracting the ipv6_header having an invalid length due to lack of length check in Snapdragon Auto, Snapdragon Compute…
CVE-2020-3645 — CVSS 7.5 (high): Firmware will hit assert in WLAN firmware If encrypted data length in FILS IE of reassoc response is more than 528 bytes in Snapdragon…
CVE-2019-10549 — CVSS 7.5 (high): Null pointer dereference issue can happen due to improper validation of CSEQ header response received from network in Snapdragon Auto…
CVE-2019-10485 — CVSS 7.5 (high): Infinite loop while decoding compressed data can lead to overrun condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT…
CVE-2020-11252 — CVSS 7.2 (high): Trustzone initialization code will disable xPU`s when memory dumps are enabled and lead to information disclosure in Snapdragon Auto…
CVE-2019-14053 — CVSS 7.1 (high): When attempting to create a new XFRM policy, a stack out-of-bounds read will occur if the user provides a template where the mode is set to…
CVE-2019-10625 — CVSS 7.1 (high): Out of bound access in diag services when DCI command buffer reallocation is not done properly with required capacity in Snapdragon Auto…
CVE-2019-10623 — CVSS 7.1 (high): Possible integer overflow can happen in host driver while processing user controlled string due to improper validation on data received. in…
CVE-2020-11132 — CVSS 7.1 (high): u'Buffer over read in boot due to size check ignored before copying GUID attribute from request to response' in Snapdragon Auto, Snapdragon…
CVE-2019-14104 — CVSS 7.1 (high): Slab-out-of-bounds access can occur if the context pointer is invalid due to lack of null check on pointer before accessing it in…
CVE-2019-14101 — CVSS 7.1 (high): Out of bounds read can happen in diag event set mask command handler when user provided length in the command request is less than expected…
CVE-2019-14043 — CVSS 7.1 (high): Out of bound read in Fingerprint application due to requested data is being used without length check in Snapdragon Auto, Snapdragon…
CVE-2019-14042 — CVSS 7.1 (high): Out of bound read in in fingerprint application due to requested data assigned to a local buffer without length check in Snapdragon Auto…
CVE-2019-14072 — CVSS 7.0 (high): Unhandled paging request is observed due to dereferencing an already freed object because of race condition between sparse free and sparse…