Qualcomm Sda660 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Qualcomm Sda660 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (200)
CVE-2019-2271 — CVSS 9.8 (critical): Buffer over read can happen while parsing downlink session management OTA messages if network sends un-intended values in Snapdragon Auto…
CVE-2019-2268 — CVSS 9.8 (critical): Possible OOB read issue in P2P action frames while handling WLAN management frame in Snapdragon Auto, Snapdragon Consumer Electronics…
CVE-2018-11949 — CVSS 9.8 (critical): Failure to initialize the extra buffer can lead to an out of buffer access in WLAN function in Snapdragon Auto, Snapdragon Compute…
CVE-2019-2331 — CVSS 9.8 (critical): Possible Integer overflow because of subtracting two integers without checking if the result would overflow or not in Snapdragon Auto…
CVE-2018-11287 — CVSS 9.8 (critical): In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427…
CVE-2019-2259 — CVSS 9.8 (critical): Resource allocation error while playing the video whose dimensions are more than supported dimension in Snapdragon Auto, Snapdragon…
CVE-2019-2258 — CVSS 9.8 (critical): Improper validation of array index causes OOB write and then leads to memory corruption in MMCP in Snapdragon Auto, Snapdragon Compute…
CVE-2019-2256 — CVSS 9.8 (critical): An unprivileged user can craft a bitstream such that the payload encoded in the bitstream gains code execution in Snapdragon Auto…
CVE-2019-2255 — CVSS 9.8 (critical): An unprivileged user can craft a bitstream such that the payload encoded in the bitstream gains code execution in Snapdragon Auto…
CVE-2019-10487 — CVSS 9.8 (critical): Buffer over read can happen while parsing SMS OTA messages at transport layer if network sends un-intended values in Snapdragon Auto…
CVE-2019-2254 — CVSS 9.8 (critical): Position determination accuracy may be degraded due to wrongly decoded information in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-2253 — CVSS 9.8 (critical): Buffer over-read can occur while parsing an ogg file with a corrupted comment block. in Snapdragon Auto, Snapdragon Connectivity…
CVE-2019-2252 — CVSS 9.8 (critical): Classic buffer overflow vulnerability while playing the specific video whose Decode picture buffer size is more than 16 in Snapdragon Auto…
CVE-2019-14095 — CVSS 9.8 (critical): Buffer overflow occurs while processing LMP packet in which name length parameter exceeds value specified in BT-specification in Snapdragon…
CVE-2018-11930 — CVSS 9.8 (critical): Improper input validation on input data which is used to locate and copy the additional IEs in WLAN function can lead to potential integer…
CVE-2019-14013 — CVSS 9.8 (critical): While parsing invalid super index table, elements within super index table may exceed total chunk size and invalid data is read into the…
CVE-2019-14016 — CVSS 9.8 (critical): Integer overflow occurs while playing the clip which is nonstandard in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity…
CVE-2019-14017 — CVSS 9.8 (critical): Heap buffer overflow can occur while parsing invalid MKV clip which is not standard and have invalid vorbis codec data in Snapdragon Auto…
CVE-2020-3633 — CVSS 9.8 (critical): Array out of bound may occur while playing mp3 file as no check is there on offset if it is greater than the buffer allocated or not in…
CVE-2020-11196 — CVSS 9.8 (critical): u'Integer overflow to buffer overflow occurs while playback of ASF clip having unexpected number of codec entries' in Snapdragon Auto…
CVE-2019-14086 — CVSS 9.8 (critical): Possible integer overflow while checking the length of frame which is a 32 bit integer and is added to another 32 bit integer which can…
CVE-2019-2269 — CVSS 9.8 (critical): Possible buffer overflow while processing the high level lim process action frame due to improper buffer length validation in Snapdragon…
CVE-2018-11937 — CVSS 9.8 (critical): Lack of input validation before copying can lead to a buffer over read in WLAN function in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2016-10502 — CVSS 9.8 (critical): While generating trusted application id, An integer overflow can occur giving the trusted application an invalid identity in Snapdragon…
CVE-2019-14031 — CVSS 9.8 (critical): Buffer overflow can occur while parsing RSN IE containing list of PMK ID`s which are more than the buffer size in Snapdragon Auto…
CVE-2020-3673 — CVSS 9.8 (critical): u'Buffer overflow can happen as part of SIP message packet processing while storing values in array due to lack of check to validate the…
CVE-2019-14083 — CVSS 9.8 (critical): While parsing Service Descriptor Extended Attribute received as part of SDF frame, there is a possibility that incorrect length is…
CVE-2019-14080 — CVSS 9.8 (critical): Out of bound write can happen due to lack of check of array index value while parsing SDP attribute for SAR in Snapdragon Auto, Snapdragon…
CVE-2018-11940 — CVSS 9.8 (critical): Lack of check in length before using memcpy in WLAN function can lead to OOB access in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-14073 — CVSS 9.8 (critical): Copying RTCP messages into the output buffer without checking the destination buffer size which could lead to a remote stack overflow when…
CVE-2020-11193 — CVSS 9.8 (critical): u'Buffer over read can happen while parsing mkv clip due to improper typecasting of data returned from atomsize' in Snapdragon Auto…
CVE-2019-14052 — CVSS 9.8 (critical): u'Accessing an uninitialized data structure could result in partially copying of contents and thus incorrect processing' in Snapdragon…
CVE-2019-14062 — CVSS 9.8 (critical): Buffer overflows while decoding setup message from Network due to lack of check of IE message length received from network in Snapdragon…
CVE-2018-11945 — CVSS 9.8 (critical): Improper input validation in wireless service messaging module for data received from broadcast messages can lead to heap overflow in…
CVE-2020-11168 — CVSS 9.8 (critical): u'Null-pointer dereference can occur while accessing data buffer beyond its size that leads to access the buffer beyond its range' in…
CVE-2019-2332 — CVSS 9.8 (critical): Memory corruption while accessing the memory as payload size is not validated before access in Snapdragon Auto, Snapdragon Compute…
CVE-2019-10493 — CVSS 9.8 (critical): Position determination accuracy may be degraded due to wrongly decoded information in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-2249 — CVSS 9.8 (critical): Kernel can do a memory read from arbitrary address passed by user during execution of a syscall in Snapdragon Auto, Snapdragon Compute…
CVE-2020-3663 — CVSS 9.8 (critical): Buffer over-write may occur during fetching track decoder specific information if cb size exceeds buffer size in Snapdragon Auto…
CVE-2017-18314 — CVSS 9.8 (critical): In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD…
CVE-2019-2327 — CVSS 9.8 (critical): Possible buffer overflow can occur when playing clip with incorrect element size in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-10500 — CVSS 9.8 (critical): While processing MT Secondary PDP request, Buffer overflow will happen due to incorrect calculation of buffer size in Snapdragon Auto…
CVE-2019-2325 — CVSS 9.8 (critical): Out of boundary access due to token received from ADSP and is used without validation as an index into the array in Snapdragon Auto…
CVE-2020-3639 — CVSS 9.8 (critical): u'When a non standard SIP sigcomp message is received from the network, then there may be chances of using more UDVM cycle or memory…
CVE-2019-2245 — CVSS 9.8 (critical): Possible integer underflow can happen when calculating length of elementary stream map from invalid packet length which is later used to…
CVE-2019-10505 — CVSS 9.8 (critical): Out of bound access while processing a non-standard IE measurement request with length crossing past the size of frame in Snapdragon Auto…
CVE-2020-3654 — CVSS 9.8 (critical): u'Buffer overflow occurs while processing SIP message packet due to lack of check of index validation before copying into it' in Snapdragon…
CVE-2019-10509 — CVSS 9.8 (critical): Device record of the pairing device used after free during ACL disconnection in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-10511 — CVSS 9.8 (critical): Possibility of memory overflow while decoding GSNDCP compressed mode PDU in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT…
CVE-2019-2323 — CVSS 9.8 (critical): Lack of check to ensure crypto engine data passed by user is initialized can result in bus error in Snapdragon Auto, Snapdragon Compute…
CVE-2019-2244 — CVSS 9.8 (critical): Possible integer underflow can happen when calculating length of elementary stream info from invalid section length which is later used to…
CVE-2019-2242 — CVSS 9.8 (critical): Device memory may get corrupted because of buffer overflow/underflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer…
CVE-2019-10516 — CVSS 9.8 (critical): Multiple read overflows in MM while decoding service accept,service reject,attach reject and MT detach in Snapdragon Auto, Snapdragon…
CVE-2019-2322 — CVSS 9.8 (critical): Buffer overflow can occur when playing specific clip which is non-standard in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity…
CVE-2019-2320 — CVSS 9.8 (critical): Possible out of bounds write in a MT SMS/SS scenario due to improper validation of array index in Snapdragon Auto, Snapdragon Compute…
CVE-2019-10522 — CVSS 9.8 (critical): While playing the clip which is nonstandard buffer overflow can occur while parsing in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-14127 — CVSS 9.8 (critical): Possible buffer overflow while playing mkv clip due to lack of validation of atom size buffer in Snapdragon Auto, Snapdragon Compute…
CVE-2019-2311 — CVSS 9.8 (critical): Possible buffer overflow in WLAN handler due to lack of validation of destination buffer size before copying it in Snapdragon Auto…
CVE-2019-10525 — CVSS 9.8 (critical): Buffer overflow during SIB read when network configures complete sib list along with first and last segment of other SIB in Snapdragon…
CVE-2020-3641 — CVSS 9.8 (critical): Integer overflow may occur if atom size is less than atom offset as there is improper validation of atom size in Snapdragon Auto…
CVE-2019-10528 — CVSS 9.8 (critical): Use after free issue in kernel while accessing freed mdlog session info and its attributes after closing the session in Snapdragon Auto…
CVE-2019-2305 — CVSS 9.8 (critical): Out of bound access when reason code is extracted from frame data without validating the frame length in Snapdragon Auto, Snapdragon…
CVE-2019-10532 — CVSS 9.8 (critical): Null-pointer dereference issue can occur while calculating string length when source string length is zero in Snapdragon Auto, Snapdragon…
CVE-2019-10533 — CVSS 9.8 (critical): Out of bound access due to improper validation of array index cause the index table entry to get corrupt in Snapdragon Auto, Snapdragon…
CVE-2019-10534 — CVSS 9.8 (critical): Null-pointer dereference can occur while accessing the super index entry when it is not been allocated in Snapdragon Auto, Snapdragon…
CVE-2018-13886 — CVSS 9.8 (critical): Unchecked OTA field in GNSS XTRA3 lead to integer overflow and then buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-10538 — CVSS 9.8 (critical): Lack of check of address range received from firmware response allows modem to respond arbitrary pages into its address range which can…
CVE-2019-10539 — CVSS 9.8 (critical): Possible buffer overflow issue due to lack of length check when parsing the extended cap IE header length in Snapdragon Auto, Snapdragon…
CVE-2019-10540 — CVSS 9.8 (critical): Buffer overflow in WLAN NAN function due to lack of check of count value received in NAN availability attribute in Snapdragon Auto…
CVE-2019-10541 — CVSS 9.8 (critical): Dereference on uninitialized buffer can happen when parsing FLV clip with corrupted codec specific data in Snapdragon Auto, Snapdragon…
CVE-2018-13887 — CVSS 9.8 (critical): Untrusted header fields in GNSS XTRA3 function can lead to integer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer…
CVE-2019-10546 — CVSS 9.8 (critical): Buffer overflow can occur in WLAN firmware while parsing beacon/probe_response frames during roaming in Snapdragon Auto, Snapdragon…
CVE-2020-3662 — CVSS 9.8 (critical): Buffer overflow can occur while parsing eac3 header while playing the clip which is nonstandard in Snapdragon Auto, Snapdragon Compute…
CVE-2020-3688 — CVSS 9.8 (critical): Possible buffer overflow while parsing mp4 clip with corrupted sample atoms due to improper validation of index in Snapdragon Auto…
CVE-2019-2303 — CVSS 9.8 (critical): SNDCP module may access array out side its boundary when it receives malformed XID message. in Snapdragon Auto, Snapdragon Compute…
CVE-2019-10557 — CVSS 9.8 (critical): Out-of-bound read in the wireless driver in the Linux kernel due to lack of check of buffer length. in Snapdragon Auto, Snapdragon Consumer…
CVE-2018-13898 — CVSS 9.8 (critical): Out-of-Bounds write due to incorrect array index check in PMIC in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics…
CVE-2019-10559 — CVSS 9.8 (critical): Accessing data buffer beyond the available data while parsing ogg clip can lead to null-pointer dereference and then memory corruption in…
CVE-2019-14114 — CVSS 9.8 (critical): Buffer overflow in WLAN firmware while parsing GTK IE containing GTK key having length more than the buffer size in Snapdragon Auto…
CVE-2020-3661 — CVSS 9.8 (critical): Buffer overflow will happen while parsing mp4 clip with corrupted sample atoms values which exceeds MAX_UINT32 range due to lack of…
CVE-2019-2300 — CVSS 9.8 (critical): Possible buffer overflow in WLAN handler due to lack of validation of destination buffer size before copying into it in Snapdragon Auto…
CVE-2019-2294 — CVSS 9.8 (critical): Usage of hard-coded magic number for calculating heap guard bytes can allow users to corrupt heap blocks without heap algorithm knowledge…
CVE-2019-10572 — CVSS 9.8 (critical): Improper check in video driver while processing data from video firmware can lead to integer overflow and then buffer overflow in…
CVE-2019-14113 — CVSS 9.8 (critical): Buffer overflow can occur in In WLAN firmware while unwraping data using CCMP cipher suite during parsing of EAPOL handshake frame in…
CVE-2019-14112 — CVSS 9.8 (critical): Potential buffer overflow while processing CBF frames due to lack of check of buffer length before copy in Snapdragon Auto, Snapdragon…
CVE-2019-10586 — CVSS 9.8 (critical): Filling media attribute tag names without validating the destination buffer size which can result in the buffer overflow in Snapdragon…
CVE-2019-10587 — CVSS 9.8 (critical): Possible Stack overflow can occur when processing a large SDP body or non standard SDP body without right delimiters in Snapdragon Auto…
CVE-2019-10588 — CVSS 9.8 (critical): Copying RTCP messages into the output buffer without checking the destination buffer size which could lead to a remote stack overflow. in…
CVE-2019-10589 — CVSS 9.8 (critical): Lack of length check of response buffer can lead to buffer over-flow while GP command response buffer handling in Snapdragon Auto…
CVE-2019-10590 — CVSS 9.8 (critical): Out of bound access while parsing dts atom, which is non-standard as it does not have valid number of tracks in Snapdragon Auto, Snapdragon…
CVE-2019-14110 — CVSS 9.8 (critical): Buffer overflow can occur in function wlan firmware while copying association frame content if frame length is more than the maximum buffer…
CVE-2019-2289 — CVSS 9.8 (critical): Lack of integrity check allows MODEM to accept any NAS messages which can result into authentication bypass of NAS in Snapdragon Auto…
CVE-2019-10593 — CVSS 9.8 (critical): Buffer overflow can occur when processing non standard SDP video Image attribute parameter in a VILTE\VOLTE call in Snapdragon Auto…
CVE-2019-10594 — CVSS 9.8 (critical): Stack overflow can occur when SDP is received with multiple payload types in the FMTP attribute of a video M line in Snapdragon Auto…
CVE-2020-3660 — CVSS 9.8 (critical): Possible null-pointer dereference can occur while parsing mp4 clip with corrupted sample table atoms in Snapdragon Auto, Snapdragon…
CVE-2019-2287 — CVSS 9.8 (critical): Improper validation for inputs received from firmware can lead to an out of bound write issue in video driver. in Snapdragon Auto…
CVE-2018-13911 — CVSS 9.8 (critical): Out of bounds memory read and access may lead to unexpected behavior in GNSS XTRA Parser in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-2285 — CVSS 9.8 (critical): Out of bound write issue is observed while giving information about properties that have been set so far for playing video in Snapdragon…
CVE-2018-11922 — CVSS 9.8 (critical): Wrong configuration in Touch Pal application can collect user behavior data without awareness by the user.
CVE-2019-10609 — CVSS 9.8 (critical): Out of bound write can happen due to lack of check of array index value while calculating it. in Snapdragon Auto, Snapdragon Compute…
CVE-2019-10611 — CVSS 9.8 (critical): Buffer overflow can occur while processing clip due to lack of check of object size before parsing in Snapdragon Auto, Snapdragon Compute…
CVE-2019-10614 — CVSS 9.8 (critical): Out of boundary access is possible as there is no validation of data accessed against the received size of the packet in case of malicious…
CVE-2018-13924 — CVSS 9.8 (critical): Lack of check to prevent the buffer length taking negative values can lead to stack overflow. in Snapdragon Auto, Snapdragon Compute…
CVE-2019-14098 — CVSS 9.8 (critical): Possible buffer overflow in data offload handler due to lack of check of keydata length when copying data in Snapdragon Auto, Snapdragon…
CVE-2018-13925 — CVSS 9.8 (critical): Error in parsing PMT table frees the memory allocated for the map section but does not reset the context map section reference causing heap…
CVE-2018-11271 — CVSS 9.8 (critical): Improper authentication can happen on Remote command handling due to inappropriate handling of events in Snapdragon Auto, Snapdragon…
CVE-2020-3657 — CVSS 9.8 (critical): u'Remote code execution can happen by sending a carefully crafted POST query when Device configuration is accessed from a tethered client…
CVE-2019-2283 — CVSS 9.8 (critical): Improper validation of read and write index of tx and rx fifo`s before calculating pointer can lead to out-of-bound access in Snapdragon…
CVE-2019-2279 — CVSS 9.8 (critical): Shared memory gets updated with invalid data and may lead to access beyond the allocated memory. in Snapdragon Auto, Snapdragon…
CVE-2018-5915 — CVSS 9.8 (critical): Exception in Modem IP stack while processing IPv6 packet in snapdragon automobile, snapdragon mobile and snapdragon wear in versions…
CVE-2019-14097 — CVSS 9.8 (critical): Possible buffer overflow in WLAN Parser due to lack of length check when copying data in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-14004 — CVSS 9.8 (critical): Buffer overflow occurs while processing invalid MKV clip, which has invalid EBML size in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-14006 — CVSS 9.8 (critical): Buffer overflow occur while playing the clip which is nonstandard due to lack of offset length check in Snapdragon Auto, Snapdragon…
CVE-2018-11284 — CVSS 9.3 (critical): Spoofed SMS can be used to send a large number of messages to the device which will in turn initiate a flood of registration updates with…
CVE-2019-10553 — CVSS 9.1 (critical): Multiple Read overflows due to improper length checks while decoding authentication in Cs domain/RAU Reject and TC cmd in Snapdragon Auto…
CVE-2019-10554 — CVSS 9.1 (critical): Multiple Read overflows issue due to improper length check while decoding Identity Request in CSdomain/Authentication Reject in CS domain/…
CVE-2019-14019 — CVSS 9.1 (critical): Multiple Read overflows issue due to improper length check while decoding RAU accept/PDN disconnect Rej/Modify EPS ctxt req/bearer resource…
CVE-2019-14020 — CVSS 9.1 (critical): Multiple Read overflows issue due to improper length check while decoding dedicated_eps_bearer_req/ act_def_context_req/…
CVE-2019-10552 — CVSS 9.1 (critical): Multiple Buffer Over-read issue can happen due to improper length checks while decoding Service Reject/RAU Reject/PTMSI Realloc cmd in…
CVE-2019-10579 — CVSS 9.1 (critical): Buffer over-read can occur while playing the video clip which is not standard in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2018-13906 — CVSS 9.1 (critical): The HMAC authenticating the message from QSEE is vulnerable to timing side channel analysis leading to potentially forged application…
CVE-2019-10550 — CVSS 9.1 (critical): Buffer Over-read when UE is trying to process the message received form the network without zero termination in Snapdragon Auto, Snapdragon…
CVE-2019-10551 — CVSS 9.1 (critical): String error while processing non standard SIP messages received can lead to buffer overread and then denial of service in Snapdragon Auto…
CVE-2020-3670 — CVSS 9.1 (critical): u'Potential out of bounds read while processing downlink NAS transport message due to improper length check of Information Element(IEI) NAS…
CVE-2020-3658 — CVSS 9.1 (critical): Possible null-pointer dereference can occur while parsing mp4 clip with corrupted sample table atoms in Snapdragon Auto, Snapdragon…
CVE-2019-14011 — CVSS 9.1 (critical): Multiple Read overflows issue due to improper length check while decoding 3G attach accept/ SMS/ pdn connection reject/ esm data transport/…
CVE-2020-3634 — CVSS 9.1 (critical): u'Multiple Read overflows issue due to improper length check while decoding Generic NAS transport/EMM info' in Snapdragon Auto, Snapdragon…
CVE-2019-10610 — CVSS 9.1 (critical): Possible buffer over read when trying to process SDP message Video media line with frame-size attribute in video Media line in Snapdragon…
CVE-2019-14057 — CVSS 9.1 (critical): Buffer Over read of codec private data while parsing an mkv file due to lack of check of buffer size before read in Snapdragon Auto…
CVE-2019-10577 — CVSS 9.1 (critical): Improper input validation while processing SIP URI received from the network will lead to buffer over-read and then to denial of service in…
CVE-2019-14033 — CVSS 9.1 (critical): Multiple Read overflows issue due to improper length check while decoding tau reject/tau accept/detach request/attach reject/attach accept…
CVE-2018-11279 — CVSS 8.8 (high): Lack of check of input size can make device memory get corrupted because of buffer overflow in snapdragon automobile, snapdragon mobile and…
CVE-2018-5879 — CVSS 8.8 (high): Improper length check while processing an MQTT message can lead to heap overflow in snapdragon mobile and snapdragon wear in versions…
CVE-2018-5881 — CVSS 8.8 (high): Improper validation of buffer length checks in the lwm2m device management protocol can leads to a buffer overflow in snapdragon mobile and…
CVE-2019-10529 — CVSS 8.1 (high): Possible use after free issue due to race condition while attempting to mark the entry pages as dirty using function set_page_dirty() in…
CVE-2019-10494 — CVSS 8.1 (high): Race condition between the camera functions due to lack of resource lock which will lead to memory corruption and UAF issue in Snapdragon…
CVE-2019-14037 — CVSS 7.8 (high): Close and bind operations done on a socket can lead to a Use-After-Free condition. in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2019-14040 — CVSS 7.8 (high): Using memory after being freed in qsee due to wrong implementation can lead to unexpected behavior such as execution of unknown code in…
CVE-2019-14041 — CVSS 7.8 (high): During listener modified response processing, a buffer overrun occurs due to lack of buffer size verification when updating message buffer…
CVE-2019-14050 — CVSS 7.8 (high): Out-of-bound writes occurs due to lack of check of buffer size will cause buffer overflow only in 32bit architecture. in Snapdragon Auto…
CVE-2019-14054 — CVSS 7.8 (high): Improper permissions in XBL_SEC region enable user to update XBL_SEC code and data and divert the RAM dump path to normal cold boot path in…
CVE-2019-14055 — CVSS 7.8 (high): Possibility of use-after-free and double free because of not marking buffer as NULL after freeing can lead to dangling pointer access in…
CVE-2019-14056 — CVSS 7.8 (high): u'Possible integer overflow in API due to lack of check on large oid range count in cert extension field' in Snapdragon Auto, Snapdragon…
CVE-2019-14028 — CVSS 7.8 (high): Buffer overwrite during memcpy due to lack of check on SSID length validation in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2017-18124 — CVSS 7.8 (high): During secure boot, addition is performed on uint8 ptrs which led to overflow issue in Small Cell SoC, Snapdragon Automobile, Snapdragon…
CVE-2017-18141 — CVSS 7.8 (high): When a 3rd party TEE has been loaded it is possible for the non-secure world to create a secure monitor call which will give it access to…
CVE-2017-18282 — CVSS 7.8 (high): Non-secure SW can cause SDCC to generate secure bus accesses, which may expose RPM access in Snapdragon Mobile, Snapdragon Wear in version…
CVE-2017-18293 — CVSS 7.8 (high): When a particular GPIO is protected by blocking access to the corresponding GPIO resource registers, the protection can be bypassed using…
CVE-2017-18294 — CVSS 7.8 (high): While reading file class type from ELF header, a buffer overread may happen if the ELF file size is less than the size of ELF64 header size…
CVE-2017-18296 — CVSS 7.8 (high): Access control on applications is not applied while accessing SafeSwitch services can lead to improper access in Snapdragon Automobile…
CVE-2017-18298 — CVSS 7.8 (high): Lack of Input Validation in SDMX API can lead to NULL pointer access in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in…
CVE-2017-18303 — CVSS 7.8 (high): While processing the sensors registry configuration file, if inputs are not validated a buffer overflow will occur in Snapdragon…
CVE-2017-18304 — CVSS 7.8 (high): Insufficient memory allocation in boot due to incorrect size being passed could result in out of bounds access in Small Cell SoC…
CVE-2017-18310 — CVSS 7.8 (high): ClientEnv exposes services 0-32 to HLOS in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MSM8909W, MSM8996AU, SD…
CVE-2017-18311 — CVSS 7.8 (high): XPU Master privilege escalation is possible due to improper access control of unused configuration xPU ports where unused configuration…
CVE-2017-18316 — CVSS 7.8 (high): Secure application can access QSEE kernel memory through Ontario kernel driver in Snapdragon Automobile, Snapdragon Mobile and Snapdragon…
CVE-2017-18320 — CVSS 7.8 (high): QSEE unload attempt on a 3rd party TEE without previously loading results in a data abort in snapdragon automobile and snapdragon mobile in…
CVE-2017-18328 — CVSS 7.8 (high): Use after free in QSH client rule processing in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9635M, MDM9640…
CVE-2017-18329 — CVSS 7.8 (high): Possible Buffer overflow when transmitting an RTP packet in snapdragon automobile and snapdragon wear in versions MDM9615, MDM9625…
CVE-2017-18330 — CVSS 7.8 (high): Buffer overflow in AES-CCM and AES-GCM encryption via initialization vector in snapdragon automobile, snapdragon mobile and snapdragon wear…
CVE-2017-18331 — CVSS 7.8 (high): Improper access control on secure display buffers in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206…
CVE-2017-8276 — CVSS 7.8 (high): Improper authorization involving a fuse in TrustZone in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206…
CVE-2018-11264 — CVSS 7.8 (high): Possible buffer overflow in Ontario fingerprint code due to lack of input validation for the parameters coming into TZ from HLOS in…
CVE-2018-11267 — CVSS 7.8 (high): In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9615, MDM9640, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205…
CVE-2018-11268 — CVSS 7.8 (high): In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD…
CVE-2018-11269 — CVSS 7.8 (high): In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD…
CVE-2018-11277 — CVSS 7.8 (high): In Snapdragon (Automobile, Mobile, Wear) in version MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD…
CVE-2018-11285 — CVSS 7.8 (high): In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427…
CVE-2018-11289 — CVSS 7.8 (high): Data truncation during higher to lower type conversion which causes less memory allocation than desired can lead to a buffer overflow in…
CVE-2018-11305 — CVSS 7.8 (high): When a series of FDAL messages are sent to the modem, a Use After Free condition can occur in Snapdragon Automobile, Snapdragon Mobile…
CVE-2018-11819 — CVSS 7.8 (high): Use after issue in WLAN function due to multiple ACS scan requests at a time in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon…
CVE-2018-11821 — CVSS 7.8 (high): Possible integer overflow may happen in WLAN during memory allocation in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206…
CVE-2018-11822 — CVSS 7.8 (high): A possible integer overflow may happen in WLAN during memory allocation in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660
CVE-2018-11824 — CVSS 7.8 (high): A stack-based buffer overflow can occur in a firmware routine in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650…
CVE-2018-11838 — CVSS 7.8 (high): Possible double free issue in WLAN due to lack of checking memory free condition. in Snapdragon Auto, Snapdragon Compute, Snapdragon…
CVE-2018-11849 — CVSS 7.8 (high): Lack of check on out of range of bssid parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile…
CVE-2018-11850 — CVSS 7.8 (high): Lack of check on remaining length parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile…
CVE-2018-11853 — CVSS 7.8 (high): Lack of check on out of range for channels When processing channel list set command will lead to buffer flow in Snapdragon Mobile…
CVE-2018-11854 — CVSS 7.8 (high): Lack of check of valid length of input parameter may cause buffer overwrite in WLAN in Snapdragon Mobile in version SD 835, SD 845, SD 850…
CVE-2018-11855 — CVSS 7.8 (high): If an end user makes use of SCP11 sample OCE code without modification it could lead to a buffer overflow when transmitting a CAPDU in…
CVE-2018-11861 — CVSS 7.8 (high): Buffer overflow can happen in WLAN function due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850…
CVE-2018-11862 — CVSS 7.8 (high): Buffer overflow can happen in WLAN module due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850…
CVE-2018-11865 — CVSS 7.8 (high): Integer overflow may happen when calculating an internal structure size due to lack of validation of the input length in Snapdragon Mobile…
CVE-2018-11866 — CVSS 7.8 (high): Integer overflow may happen in WLAN when calculating an internal structure size due to lack of validation of the input length in Snapdragon…
CVE-2018-11870 — CVSS 7.8 (high): Buffer overwrite can occur when the legacy rates count received from the host is not checked against the maximum number of legacy rates in…
CVE-2018-11871 — CVSS 7.8 (high): Buffer overwrite can happen in WLAN function while processing set pdev parameter command due to lack of input validation in Snapdragon…
CVE-2018-11872 — CVSS 7.8 (high): Improper input validation leads to buffer overwrite in the WLAN function that handles WMI commands in Snapdragon Mobile in version SD 845…
CVE-2018-11874 — CVSS 7.8 (high): Buffer overflow if the length of passphrase is more than 32 when setting up secure NDP connection in Snapdragon Mobile in version SD 835…
CVE-2018-11876 — CVSS 7.8 (high): Lack of input validation while copying to buffer in WLAN will lead to a buffer overflow in Snapdragon Mobile in version SD 835, SD 845, SD…
CVE-2018-11877 — CVSS 7.8 (high): When the buffer length passed is very large in WLAN, bounds check could be bypassed leading to potential buffer overwrite in Snapdragon…
CVE-2018-11880 — CVSS 7.8 (high): Incorrect bound check can lead to potential buffer overwrite in WLAN function in Snapdragon Mobile in version SD 835, SD 845, SD 850…
CVE-2018-11882 — CVSS 7.8 (high): Incorrect bound check can lead to potential buffer overwrite in WLAN controller in Snapdragon Mobile in version SD 835, SD 845, SD 850…
CVE-2018-11884 — CVSS 7.8 (high): Improper input validation leads to buffer overflow while processing network list offload command in WLAN function in Snapdragon Mobile in…
CVE-2018-11899 — CVSS 7.8 (high): While processing radio connection status change events, Radio index is not properly validated in Snapdragon Auto, Snapdragon Connectivity…
CVE-2018-11921 — CVSS 7.8 (high): Failure condition is not handled properly and the correct error code is not returned. It could cause unintended SUI behavior and create…
CVE-2018-11923 — CVSS 7.8 (high): Improper buffer length check before copying can lead to integer overflow and then a buffer overflow in WMA event handler in Snapdragon…
CVE-2018-11924 — CVSS 7.8 (high): Improper buffer length validation in WLAN function can lead to a potential integer oveflow issue in Snapdragon Auto, Snapdragon Compute…
CVE-2018-11925 — CVSS 7.8 (high): Data length received from firmware is not validated against the max allowed size which can result in buffer overflow. in Snapdragon Auto…
CVE-2018-11928 — CVSS 7.8 (high): Lack of check on length parameter may cause buffer overflow while processing WMI commands in Snapdragon Auto, Snapdragon Compute…
CVE-2018-11931 — CVSS 7.8 (high): Improper access to HLOS is possible while transferring memory to CPZ in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity…