Qualcomm Sd 600 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Qualcomm Sd 600 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (81)
CVE-2018-13887 — CVSS 9.8 (critical): Untrusted header fields in GNSS XTRA3 function can lead to integer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer…
CVE-2015-9138 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear, and…
CVE-2019-2327 — CVSS 9.8 (critical): Possible buffer overflow can occur when playing clip with incorrect element size in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2018-13886 — CVSS 9.8 (critical): Unchecked OTA field in GNSS XTRA3 lead to integer overflow and then buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2018-13925 — CVSS 9.8 (critical): Error in parsing PMT table frees the memory allocated for the map section but does not reset the context map section reference causing heap…
CVE-2019-2324 — CVSS 9.8 (critical): When ADSP is compromised, the audio port index that`s returned from ADSP might be out of the valid range and leads to out of boundary…
CVE-2018-5882 — CVSS 9.8 (critical): While parsing a Flac file with a corrupted comment block, a buffer over-read can occur in Snapdragon Automobile, Snapdragon Mobile and…
CVE-2019-10534 — CVSS 9.8 (critical): Null-pointer dereference can occur while accessing the super index entry when it is not been allocated in Snapdragon Auto, Snapdragon…
CVE-2019-10533 — CVSS 9.8 (critical): Out of bound access due to improper validation of array index cause the index table entry to get corrupt in Snapdragon Auto, Snapdragon…
CVE-2019-10522 — CVSS 9.8 (critical): While playing the clip which is nonstandard buffer overflow can occur while parsing in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2015-9143 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607…
CVE-2014-10048 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650…
CVE-2015-9148 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, MDM9635M…
CVE-2015-9157 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607…
CVE-2015-9167 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 410/12, SD 425, SD…
CVE-2015-9180 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2015-9185 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2015-9188 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2019-2322 — CVSS 9.8 (critical): Buffer overflow can occur when playing specific clip which is non-standard in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity…
CVE-2015-9190 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607…
CVE-2015-9201 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2015-9209 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615…
CVE-2019-2307 — CVSS 9.8 (critical): Possible integer underflow due to lack of validation before calculation of data length in 802.11 Rx management configuration in Snapdragon…
CVE-2015-9223 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, SD 400, SD 600, and…
CVE-2015-9224 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear, and…
CVE-2016-10412 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Mobile, and Snapdragon Wear FSM9055…
CVE-2019-2253 — CVSS 9.8 (critical): Buffer over-read can occur while parsing an ogg file with a corrupted comment block. in Snapdragon Auto, Snapdragon Connectivity…
CVE-2019-2245 — CVSS 9.8 (critical): Possible integer underflow can happen when calculating length of elementary stream map from invalid packet length which is later used to…
CVE-2019-2244 — CVSS 9.8 (critical): Possible integer underflow can happen when calculating length of elementary stream info from invalid section length which is later used to…
CVE-2016-10441 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650…
CVE-2016-10456 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615…
CVE-2019-10542 — CVSS 9.8 (critical): Buffer over-read may occur when downloading a corrupted firmware file that has chunk length in header which doesn`t match the contents in…
CVE-2016-10472 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650…
CVE-2016-10473 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650…
CVE-2016-10479 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9607, MDM9615, MDM9635M, MDM9640, SD 210/SD…
CVE-2016-10481 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M…
CVE-2017-17773 — CVSS 9.8 (critical): In Snapdragon Automobile, Snapdragon Wearable and Snapdragon Mobile MDM9206,MDM9607,MDM9650,SD 210/SD 212/SD 205,SD 400,SD 410/12,SD 425,SD…
CVE-2019-10541 — CVSS 9.8 (critical): Dereference on uninitialized buffer can happen when parsing FLV clip with corrupted codec specific data in Snapdragon Auto, Snapdragon…
CVE-2014-10054 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2019-2332 — CVSS 9.8 (critical): Memory corruption while accessing the memory as payload size is not validated before access in Snapdragon Auto, Snapdragon Compute…
CVE-2014-9989 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615…
CVE-2014-9990 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615…
CVE-2015-9120 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2019-2331 — CVSS 9.8 (critical): Possible Integer overflow because of subtracting two integers without checking if the result would overflow or not in Snapdragon Auto…
CVE-2018-11955 — CVSS 9.8 (critical): Lack of check on length of reason-code fetched from payload may lead driver access the memory not allocated to the frame and results in out…
CVE-2015-9136 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9640…
CVE-2018-5874 — CVSS 8.8 (high): While parsing an mp4 file, a stack-based buffer overflow can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear.
CVE-2018-5875 — CVSS 8.8 (high): While parsing an mp4 file, an integer overflow leading to a buffer overflow can occur in Snapdragon Automobile, Snapdragon Mobile and…
CVE-2018-5876 — CVSS 8.8 (high): While parsing an mp4 file, a buffer overflow can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear.
CVE-2019-10507 — CVSS 7.8 (high): Lack of check of extscan change results received from firmware can lead to an out of buffer read in Snapdragon Auto, Snapdragon Consumer…
CVE-2017-18303 — CVSS 7.8 (high): While processing the sensors registry configuration file, if inputs are not validated a buffer overflow will occur in Snapdragon…
CVE-2017-18315 — CVSS 7.8 (high): Buffer over-read vulnerabilities in an older version of ASN.1 parser in Snapdragon Mobile in versions SD 600.
CVE-2018-11849 — CVSS 7.8 (high): Lack of check on out of range of bssid parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile…
CVE-2018-11870 — CVSS 7.8 (high): Buffer overwrite can occur when the legacy rates count received from the host is not checked against the maximum number of legacy rates in…
CVE-2018-11871 — CVSS 7.8 (high): Buffer overwrite can happen in WLAN function while processing set pdev parameter command due to lack of input validation in Snapdragon…
CVE-2018-11928 — CVSS 7.8 (high): Lack of check on length parameter may cause buffer overflow while processing WMI commands in Snapdragon Auto, Snapdragon Compute…
CVE-2018-11968 — CVSS 7.8 (high): Improper check before assigning value can lead to integer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity…
CVE-2018-11996 — CVSS 7.8 (high): When a malformed command is sent to the device programmer, an out-of-bounds access can occur in Snapdragon Automobile, Snapdragon Mobile…
CVE-2018-5838 — CVSS 7.8 (high): Improper Validation of Array Index In the adreno OpenGL driver in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear, an…
CVE-2018-5877 — CVSS 7.8 (high): In the device programmer target-side code for firehose, a string may not be properly NULL terminated can lead to a incorrect buffer size in…
CVE-2019-10506 — CVSS 7.8 (high): While processing QCA_NL80211_VENDOR_SUBCMD_AVOID_FREQUENCY vendor command, driver does not validate the data obtained from the user space…
CVE-2019-10508 — CVSS 7.8 (high): Lack of input validation for data received from user space can lead to OOB access in WLAN in Snapdragon Auto, Snapdragon Consumer…
CVE-2019-2299 — CVSS 7.8 (high): An out-of-bound write can be triggered by a specially-crafted command supplied by a userspace application. in Snapdragon Auto, Snapdragon…
CVE-2019-2312 — CVSS 7.8 (high): When handling the vendor command there exists a potential buffer overflow due to lack of input validation of data buffer received in…
CVE-2019-2328 — CVSS 7.8 (high): Possible buffer overflow when number of channels passed is more than size of channel mapping array in Snapdragon Auto, Snapdragon Compute…
CVE-2019-2334 — CVSS 7.5 (high): Null pointer dereferencing can happen when playing the clip with wrong block group id in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2016-10464 — CVSS 7.5 (high): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9640…
CVE-2019-10488 — CVSS 7.5 (high): Null pointer dereference can occur while parsing invalid chunks while playing the nonstandard clip in Snapdragon Auto, Snapdragon Compute…
CVE-2019-10489 — CVSS 7.5 (high): Possible null-pointer dereference can occur while parsing avi clip during copy in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer…
CVE-2016-10416 — CVSS 7.5 (high): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615…
CVE-2016-10415 — CVSS 7.5 (high): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9640…
CVE-2015-9123 — CVSS 7.5 (high): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055…
CVE-2015-9213 — CVSS 7.5 (high): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615…
CVE-2014-10062 — CVSS 7.5 (high): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9640…
CVE-2015-9189 — CVSS 7.5 (high): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607…
CVE-2015-9140 — CVSS 7.5 (high): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055…
CVE-2015-9137 — CVSS 7.5 (high): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615…
CVE-2018-5894 — CVSS 6.5 (medium): Improper Validation of Array Index in Multimedia While parsing an mp4 file in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear…
CVE-2016-10420 — CVSS 5.5 (medium): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650…
CVE-2019-2240 — CVSS 5.5 (medium): While sending the rendered surface content to the screen, Error handling is not properly checked results in an unpredictable behaviour in…
CVE-2017-18277 — CVSS 5.5 (medium): When dynamic memory allocation fails, currently the process sleeps for one second and continues with infinite loop without retrying for…