Qualcomm Sd 820a Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Qualcomm Sd 820a Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (200)
CVE-2019-2325 — CVSS 9.8 (critical): Out of boundary access due to token received from ADSP and is used without validation as an index into the array in Snapdragon Auto…
CVE-2019-10541 — CVSS 9.8 (critical): Dereference on uninitialized buffer can happen when parsing FLV clip with corrupted codec specific data in Snapdragon Auto, Snapdragon…
CVE-2015-9178 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2015-9180 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2015-9181 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2015-9182 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2015-9184 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2015-9185 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2015-9186 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2015-9187 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2015-9188 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2015-9192 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2018-11930 — CVSS 9.8 (critical): Improper input validation on input data which is used to locate and copy the additional IEs in WLAN function can lead to potential integer…
CVE-2019-2324 — CVSS 9.8 (critical): When ADSP is compromised, the audio port index that`s returned from ADSP might be out of the valid range and leads to out of boundary…
CVE-2015-9158 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2019-2254 — CVSS 9.8 (critical): Position determination accuracy may be degraded due to wrongly decoded information in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-2253 — CVSS 9.8 (critical): Buffer over-read can occur while parsing an ogg file with a corrupted comment block. in Snapdragon Auto, Snapdragon Connectivity…
CVE-2015-9159 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2019-2252 — CVSS 9.8 (critical): Classic buffer overflow vulnerability while playing the specific video whose Decode picture buffer size is more than 16 in Snapdragon Auto…
CVE-2015-9160 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2019-2245 — CVSS 9.8 (critical): Possible integer underflow can happen when calculating length of elementary stream map from invalid packet length which is later used to…
CVE-2019-2331 — CVSS 9.8 (critical): Possible Integer overflow because of subtracting two integers without checking if the result would overflow or not in Snapdragon Auto…
CVE-2018-11271 — CVSS 9.8 (critical): Improper authentication can happen on Remote command handling due to inappropriate handling of events in Snapdragon Auto, Snapdragon…
CVE-2015-9164 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2019-2327 — CVSS 9.8 (critical): Possible buffer overflow can occur when playing clip with incorrect element size in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2015-9167 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 410/12, SD 425, SD…
CVE-2015-9170 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2019-2244 — CVSS 9.8 (critical): Possible integer underflow can happen when calculating length of elementary stream info from invalid section length which is later used to…
CVE-2015-9171 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2019-10542 — CVSS 9.8 (critical): Buffer over-read may occur when downloading a corrupted firmware file that has chunk length in header which doesn`t match the contents in…
CVE-2015-9172 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2015-9175 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2015-9177 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2015-9198 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2019-10539 — CVSS 9.8 (critical): Possible buffer overflow issue due to lack of length check when parsing the extended cap IE header length in Snapdragon Auto, Snapdragon…
CVE-2018-11936 — CVSS 9.8 (critical): Index of array is processed in a wrong way inside a while loop and result in invalid index (-1 or something else) leads to out of bound…
CVE-2018-11937 — CVSS 9.8 (critical): Lack of input validation before copying can lead to a buffer over read in WLAN function in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2015-9199 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile IPQ4019, MDM9625…
CVE-2018-11940 — CVSS 9.8 (critical): Lack of check in length before using memcpy in WLAN function can lead to OOB access in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-10538 — CVSS 9.8 (critical): Lack of check of address range received from firmware response allows modem to respond arbitrary pages into its address range which can…
CVE-2018-11945 — CVSS 9.8 (critical): Improper input validation in wireless service messaging module for data received from broadcast messages can lead to heap overflow in…
CVE-2019-10534 — CVSS 9.8 (critical): Null-pointer dereference can occur while accessing the super index entry when it is not been allocated in Snapdragon Auto, Snapdragon…
CVE-2019-10533 — CVSS 9.8 (critical): Out of bound access due to improper validation of array index cause the index table entry to get corrupt in Snapdragon Auto, Snapdragon…
CVE-2018-11949 — CVSS 9.8 (critical): Failure to initialize the extra buffer can lead to an out of buffer access in WLAN function in Snapdragon Auto, Snapdragon Compute…
CVE-2018-11953 — CVSS 9.8 (critical): While processing ssid IE length from remote AP, possible out-of-bounds access may occur due to crafted ssid IE length in Snapdragon Auto…
CVE-2018-11955 — CVSS 9.8 (critical): Lack of check on length of reason-code fetched from payload may lead driver access the memory not allocated to the frame and results in out…
CVE-2015-9201 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2015-9202 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2015-9203 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2015-9210 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2015-9211 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2019-10528 — CVSS 9.8 (critical): Use after free issue in kernel while accessing freed mdlog session info and its attributes after closing the session in Snapdragon Auto…
CVE-2019-10522 — CVSS 9.8 (critical): While playing the clip which is nonstandard buffer overflow can occur while parsing in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2018-13886 — CVSS 9.8 (critical): Unchecked OTA field in GNSS XTRA3 lead to integer overflow and then buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2015-9224 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear, and…
CVE-2016-10414 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, and…
CVE-2019-2323 — CVSS 9.8 (critical): Lack of check to ensure crypto engine data passed by user is initialized can result in bus error in Snapdragon Auto, Snapdragon Compute…
CVE-2019-10509 — CVSS 9.8 (critical): Device record of the pairing device used after free during ACL disconnection in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-10505 — CVSS 9.8 (critical): Out of bound access while processing a non-standard IE measurement request with length crossing past the size of frame in Snapdragon Auto…
CVE-2016-10422 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, and…
CVE-2014-10053 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2019-2322 — CVSS 9.8 (critical): Buffer overflow can occur when playing specific clip which is non-standard in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity…
CVE-2016-10424 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2018-13911 — CVSS 9.8 (critical): Out of bounds memory read and access may lead to unexpected behavior in GNSS XTRA Parser in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2018-5915 — CVSS 9.8 (critical): Exception in Modem IP stack while processing IPv6 packet in snapdragon automobile, snapdragon mobile and snapdragon wear in versions…
CVE-2016-10425 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2016-10426 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 410/12, SD 425, SD…
CVE-2019-2309 — CVSS 9.8 (critical): While storing calibrated data from firmware in cache, An integer overflow may occur since data length received may exceed real data length…
CVE-2019-2307 — CVSS 9.8 (critical): Possible integer underflow due to lack of validation before calculation of data length in 802.11 Rx management configuration in Snapdragon…
CVE-2016-10430 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD…
CVE-2018-13924 — CVSS 9.8 (critical): Lack of check to prevent the buffer length taking negative values can lead to stack overflow. in Snapdragon Auto, Snapdragon Compute…
CVE-2018-13925 — CVSS 9.8 (critical): Error in parsing PMT table frees the memory allocated for the map section but does not reset the context map section reference causing heap…
CVE-2016-10431 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2018-3593 — CVSS 9.8 (critical): In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206…
CVE-2018-3594 — CVSS 9.8 (critical): In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206…
CVE-2018-5882 — CVSS 9.8 (critical): While parsing a Flac file with a corrupted comment block, a buffer over-read can occur in Snapdragon Automobile, Snapdragon Mobile and…
CVE-2019-2305 — CVSS 9.8 (critical): Out of bound access when reason code is extracted from frame data without validating the frame length in Snapdragon Auto, Snapdragon…
CVE-2019-2294 — CVSS 9.8 (critical): Usage of hard-coded magic number for calculating heap guard bytes can allow users to corrupt heap blocks without heap algorithm knowledge…
CVE-2016-10444 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2016-10445 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 410/12, SD 425, SD…
CVE-2019-2287 — CVSS 9.8 (critical): Improper validation for inputs received from firmware can lead to an out of bound write issue in video driver. in Snapdragon Auto…
CVE-2016-10452 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 410/12, SD 425, SD…
CVE-2016-10462 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 410/12, SD 425, SD…
CVE-2016-10467 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 210/SD 212/SD 205…
CVE-2019-2285 — CVSS 9.8 (critical): Out of bound write issue is observed while giving information about properties that have been set so far for playing video in Snapdragon…
CVE-2016-10471 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD…
CVE-2016-10474 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2016-10484 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2016-10486 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9640, MDM9645, SD…
CVE-2016-10487 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2016-10490 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2016-10493 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2016-10494 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2019-2283 — CVSS 9.8 (critical): Improper validation of read and write index of tx and rx fifo`s before calculating pointer can lead to out-of-bound access in Snapdragon…
CVE-2017-11076 — CVSS 9.8 (critical): On some hardware revisions where VP9 decoding is hardware-accelerated, the frame size is not programmed correctly into the decoder hardware…
CVE-2017-17772 — CVSS 9.8 (critical): In multiple functions that process 802.11 frames, out-of-bounds reads can occur due to insufficient validation.
CVE-2019-2279 — CVSS 9.8 (critical): Shared memory gets updated with invalid data and may lead to access beyond the allocated memory. in Snapdragon Auto, Snapdragon…
CVE-2019-2332 — CVSS 9.8 (critical): Memory corruption while accessing the memory as payload size is not validated before access in Snapdragon Auto, Snapdragon Compute…
CVE-2017-18130 — CVSS 9.8 (critical): In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206…
CVE-2014-9987 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2017-18136 — CVSS 9.8 (critical): In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206…
CVE-2017-18140 — CVSS 9.8 (critical): In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206…
CVE-2014-9988 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear SD…
CVE-2017-18146 — CVSS 9.8 (critical): In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206…
CVE-2014-9993 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2015-9108 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 425, SD…
CVE-2015-9109 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 425, SD…
CVE-2015-9110 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD…
CVE-2015-9111 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 425, SD…
CVE-2019-2276 — CVSS 9.8 (critical): Possible out of bound read occurs while processing beaconing request due to lack of check on action frames received from user controlled…
CVE-2019-2269 — CVSS 9.8 (critical): Possible buffer overflow while processing the high level lim process action frame due to improper buffer length validation in Snapdragon…
CVE-2015-9112 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 400, SD…
CVE-2019-2259 — CVSS 9.8 (critical): Resource allocation error while playing the video whose dimensions are more than supported dimension in Snapdragon Auto, Snapdragon…
CVE-2015-9113 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 425, SD…
CVE-2015-9114 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD…
CVE-2015-9115 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 410/12, SD…
CVE-2015-9116 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 425, SD…
CVE-2019-2258 — CVSS 9.8 (critical): Improper validation of array index causes OOB write and then leads to memory corruption in MMCP in Snapdragon Auto, Snapdragon Compute…
CVE-2015-9120 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2015-9128 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2015-9129 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2015-9138 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear, and…
CVE-2015-9145 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2015-9148 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, MDM9635M…
CVE-2015-9149 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2017-18318 — CVSS 9.8 (critical): Missing validation check on CRL issuer name in Snapdragon Automobile, Snapdragon Mobile in versions MSM8996AU, SD 410/12, SD 425, SD 430…
CVE-2015-9152 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile IPQ4019, SD 210/SD…
CVE-2019-2256 — CVSS 9.8 (critical): An unprivileged user can craft a bitstream such that the payload encoded in the bitstream gains code execution in Snapdragon Auto…
CVE-2019-2255 — CVSS 9.8 (critical): An unprivileged user can craft a bitstream such that the payload encoded in the bitstream gains code execution in Snapdragon Auto…
CVE-2015-9153 — CVSS 9.8 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2018-11932 — CVSS 9.1 (critical): Improper input validation can lead RW access to secure subsystem from HLOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity…
CVE-2016-10492 — CVSS 9.1 (critical): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615…
CVE-2018-13906 — CVSS 9.1 (critical): The HMAC authenticating the message from QSEE is vulnerable to timing side channel analysis leading to potentially forged application…
CVE-2018-5875 — CVSS 8.8 (high): While parsing an mp4 file, an integer overflow leading to a buffer overflow can occur in Snapdragon Automobile, Snapdragon Mobile and…
CVE-2018-11279 — CVSS 8.8 (high): Lack of check of input size can make device memory get corrupted because of buffer overflow in snapdragon automobile, snapdragon mobile and…
CVE-2018-5876 — CVSS 8.8 (high): While parsing an mp4 file, a buffer overflow can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear.
CVE-2018-5874 — CVSS 8.8 (high): While parsing an mp4 file, a stack-based buffer overflow can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear.
CVE-2018-11952 — CVSS 8.4 (high): An image with a version lower than the fuse version may potentially be booted lead to improper authentication.
CVE-2018-5852 — CVSS 8.4 (high): An unsigned integer underflow vulnerability in IPA driver result into a buffer over-read while reading NAT entry using debugfs command 'cat…
CVE-2019-10510 — CVSS 8.2 (high): BT process died and BT toggled due to null pointer dereference when invalid vendor pass through command sent from remote in Snapdragon…
CVE-2016-10417 — CVSS 8.1 (high): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2016-10435 — CVSS 8.1 (high): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2016-10439 — CVSS 8.1 (high): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD…
CVE-2016-10409 — CVSS 8.1 (high): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD…
CVE-2016-10433 — CVSS 8.1 (high): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear…
CVE-2016-10432 — CVSS 8.1 (high): In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 410/12, SD 425, SD…
CVE-2019-10529 — CVSS 8.1 (high): Possible use after free issue due to race condition while attempting to mark the entry pages as dirty using function set_page_dirty() in…
CVE-2019-10496 — CVSS 7.8 (high): Lack of checking a variable received from driver and populating in Firmware data structure leads to buffer overflow in Snapdragon Auto…
CVE-2017-18124 — CVSS 7.8 (high): During secure boot, addition is performed on uint8 ptrs which led to overflow issue in Small Cell SoC, Snapdragon Automobile, Snapdragon…
CVE-2017-18131 — CVSS 7.8 (high): In QTEE, an incorrect fuse value can be blown in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607…
CVE-2017-18141 — CVSS 7.8 (high): When a 3rd party TEE has been loaded it is possible for the non-secure world to create a secure monitor call which will give it access to…
CVE-2017-18155 — CVSS 7.8 (high): While playing HEVC content using HD DMB in Snapdragon Automobile and Snapdragon Mobile in version MSM8996AU, SD 450, SD 625, SD 820, SD…
CVE-2017-18156 — CVSS 7.8 (high): While processing camera buffers in camera driver, a use after free condition can occur in Snapdragon Automobile, Snapdragon Mobile…
CVE-2017-18157 — CVSS 7.8 (high): A Use After Free Condition can occur in Thermal Engine in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607…
CVE-2017-18172 — CVSS 7.8 (high): In a device, with screen size 1440x2560, the check of contiguous buffer will overflow on certain buffer size resulting in an Integer…
CVE-2017-18274 — CVSS 7.8 (high): While iterating through the models contained in a fixed-size array in the actData structure, which also stores an incorrect number of…
CVE-2017-18278 — CVSS 7.8 (high): An integer underflow may occur due to lack of check when received data length from font_mgr_qsee_request_service is bigger than the minimal…
CVE-2017-18294 — CVSS 7.8 (high): While reading file class type from ELF header, a buffer overread may happen if the ELF file size is less than the size of ELF64 header size…
CVE-2017-18295 — CVSS 7.8 (high): Possible buffer overflow if input is not null terminated in DSP Service module in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear…
CVE-2017-18296 — CVSS 7.8 (high): Access control on applications is not applied while accessing SafeSwitch services can lead to improper access in Snapdragon Automobile…
CVE-2017-18298 — CVSS 7.8 (high): Lack of Input Validation in SDMX API can lead to NULL pointer access in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in…
CVE-2017-18303 — CVSS 7.8 (high): While processing the sensors registry configuration file, if inputs are not validated a buffer overflow will occur in Snapdragon…
CVE-2017-18304 — CVSS 7.8 (high): Insufficient memory allocation in boot due to incorrect size being passed could result in out of bounds access in Small Cell SoC…
CVE-2017-18310 — CVSS 7.8 (high): ClientEnv exposes services 0-32 to HLOS in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MSM8909W, MSM8996AU, SD…
CVE-2017-18311 — CVSS 7.8 (high): XPU Master privilege escalation is possible due to improper access control of unused configuration xPU ports where unused configuration…
CVE-2017-18312 — CVSS 7.8 (high): While accessing SafeSwitch services, third party can manipulate a given device and perform unauthorized operation due to lack of checking…
CVE-2017-18316 — CVSS 7.8 (high): Secure application can access QSEE kernel memory through Ontario kernel driver in Snapdragon Automobile, Snapdragon Mobile and Snapdragon…
CVE-2017-18317 — CVSS 7.8 (high): Restrictions related to the modem (sim lock, sim kill) can be bypassed by manipulating the system to issue a deactivation flow sequence in…
CVE-2017-18320 — CVSS 7.8 (high): QSEE unload attempt on a 3rd party TEE without previously loading results in a data abort in snapdragon automobile and snapdragon mobile in…
CVE-2017-18330 — CVSS 7.8 (high): Buffer overflow in AES-CCM and AES-GCM encryption via initialization vector in snapdragon automobile, snapdragon mobile and snapdragon wear…
CVE-2017-18331 — CVSS 7.8 (high): Improper access control on secure display buffers in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206…
CVE-2017-8276 — CVSS 7.8 (high): Improper authorization involving a fuse in TrustZone in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206…
CVE-2018-11258 — CVSS 7.8 (high): In ADSP RPC in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear, a Use After Free condition can occur in versions MDM9206…
CVE-2018-11264 — CVSS 7.8 (high): Possible buffer overflow in Ontario fingerprint code due to lack of input validation for the parameters coming into TZ from HLOS in…
CVE-2018-11288 — CVSS 7.8 (high): Possible undefined behavior due to lack of size check in function for parameter segment_idx can lead to a read outside of the intended…
CVE-2018-11289 — CVSS 7.8 (high): Data truncation during higher to lower type conversion which causes less memory allocation than desired can lead to a buffer overflow in…
CVE-2018-11305 — CVSS 7.8 (high): When a series of FDAL messages are sent to the modem, a Use After Free condition can occur in Snapdragon Automobile, Snapdragon Mobile…
CVE-2018-11819 — CVSS 7.8 (high): Use after issue in WLAN function due to multiple ACS scan requests at a time in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon…
CVE-2018-11830 — CVSS 7.8 (high): Improper input validation in QCPE create function may lead to integer overflow in Snapdragon Auto, Snapdragon Consumer Electronics…
CVE-2018-11847 — CVSS 7.8 (high): Malicious TA can tag QSEE kernel memory and map to EL0, there by corrupting the physical memory as well it can be used to corrupt the QSEE…
CVE-2018-11849 — CVSS 7.8 (high): Lack of check on out of range of bssid parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile…
CVE-2018-11850 — CVSS 7.8 (high): Lack of check on remaining length parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile…
CVE-2018-11855 — CVSS 7.8 (high): If an end user makes use of SCP11 sample OCE code without modification it could lead to a buffer overflow when transmitting a CAPDU in…
CVE-2018-11870 — CVSS 7.8 (high): Buffer overwrite can occur when the legacy rates count received from the host is not checked against the maximum number of legacy rates in…
CVE-2018-11871 — CVSS 7.8 (high): Buffer overwrite can happen in WLAN function while processing set pdev parameter command due to lack of input validation in Snapdragon…
CVE-2018-11888 — CVSS 7.8 (high): Unauthorized access may be allowed by the SCP11 Crypto Services TA will processing commands from other TA in Snapdragon Auto, Snapdragon…
CVE-2018-11899 — CVSS 7.8 (high): While processing radio connection status change events, Radio index is not properly validated in Snapdragon Auto, Snapdragon Connectivity…
CVE-2018-11921 — CVSS 7.8 (high): Failure condition is not handled properly and the correct error code is not returned. It could cause unintended SUI behavior and create…
CVE-2018-11923 — CVSS 7.8 (high): Improper buffer length check before copying can lead to integer overflow and then a buffer overflow in WMA event handler in Snapdragon…
CVE-2018-11924 — CVSS 7.8 (high): Improper buffer length validation in WLAN function can lead to a potential integer oveflow issue in Snapdragon Auto, Snapdragon Compute…
CVE-2018-11927 — CVSS 7.8 (high): Improper input validation on input which is used as an array index will lead to an out of bounds issue while processing AP find event from…
CVE-2018-11928 — CVSS 7.8 (high): Lack of check on length parameter may cause buffer overflow while processing WMI commands in Snapdragon Auto, Snapdragon Compute…
CVE-2018-11929 — CVSS 7.8 (high): Lack of input validation in WLAN function can lead to potential heap overflow in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon…
CVE-2018-11931 — CVSS 7.8 (high): Improper access to HLOS is possible while transferring memory to CPZ in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity…
CVE-2018-11934 — CVSS 7.8 (high): Possible out of bounds write due to improper input validation while processing DO_ACS vendor command in Snapdragon Auto, Snapdragon…
CVE-2018-11938 — CVSS 7.8 (high): Improper input validation for argument received from HLOS can lead to buffer overflows and unexpected behavior in Snapdragon Auto…
CVE-2018-11966 — CVSS 7.8 (high): Undefined behavior in UE while processing unknown IEI in OTA message in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT…
CVE-2018-11967 — CVSS 7.8 (high): Signature verification of the skel library could potentially be disabled as the memory region on the remote subsystem in which the library…