Total
627 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-14074 | 1 Qualcomm | 140 Apq8009, Apq8009 Firmware, Apq8017 and 137 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
u'Heap overflow in diag command handler due to lack of check of packet length received from user' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8076, APQ8096AU, APQ8098, Bitra, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM92 ...
Show More |
|||||
| CVE-2019-14065 | 1 Qualcomm | 74 Apq8009, Apq8009 Firmware, Apq8098 and 71 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
u'Pointer double free in HavenSvc due to not setting the pointer to NULL after freeing it' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8909, MSM8998, Nicobar, QCS404, QCS405, QCS605, QCS610, Rennell, SA515M, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, ...
Show More |
|||||
| CVE-2019-14056 | 1 Qualcomm | 58 Kamorta, Kamorta Firmware, Mdm9150 and 55 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
u'Possible integer overflow in API due to lack of check on large oid range count in cert extension field' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Kamorta, MDM9150, MDM9205, MDM9607, MDM9650, Nicobar, QCS404, QCS405, QCS605, QCS610, Rennell, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX55, SM6150, ...
Show More |
|||||
| CVE-2019-14052 | 1 Qualcomm | 102 Apq8009, Apq8009 Firmware, Apq8017 and 99 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
u'Accessing an uninitialized data structure could result in partially copying of contents and thus incorrect processing' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996 ...
Show More |
|||||
| CVE-2019-14025 | 1 Qualcomm | 20 Kamorta, Kamorta Firmware, Qcs404 and 17 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
u'When a new session is created, Object is returned that contains TZ addresses and it get passed to HLOS as an handle to refer to a particular session and can cause TZ to jump to a invalid address' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, QCS610, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130
|
|||||
| CVE-2019-13999 | 1 Qualcomm | 128 Apq8009, Apq8009 Firmware, Apq8017 and 125 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
u'Lack of check for integer overflow for round up and addition operations result into memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ6018, IPQ8074, Kamorta, MDM9150 ...
Show More |
|||||
| CVE-2019-13998 | 1 Qualcomm | 130 Apq8009, Apq8009 Firmware, Apq8017 and 127 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
u'Lack of check that the TX FIFO write and read indices that are read from shared RAM are less than the FIFO size results into memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, AP ...
Show More |
|||||
| CVE-2019-13995 | 1 Qualcomm | 130 Apq8009, Apq8009 Firmware, Apq8017 and 127 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
u'Lack of integer overflow check for addition of fragment size and remaining size that are read from shared memory can lead to memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, AP ...
Show More |
|||||
| CVE-2019-13994 | 1 Qualcomm | 130 Apq8009, Apq8009 Firmware, Apq8017 and 127 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
u'Lack of check that the current received data fragment size of a particular packet that are read from shared memory are less than the actual packet size can lead to memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in A ...
Show More |
|||||
| CVE-2019-13992 | 1 Qualcomm | 62 Bitra, Bitra Firmware, Ipq6018 and 59 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
u'Out of bound memory access if stack push and pop operation are performed without doing a bound check on stack top' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Bitra, IPQ6018, IPQ8074, MDM9205, Nicobar, QCA8081, QCN7605, QCS404, QCS405, QCS605, QCS610, Rennell, SA415M, SA6155P, Saipan ...
Show More |
|||||
| CVE-2019-10629 | 1 Qualcomm | 62 Bitra, Bitra Firmware, Ipq6018 and 59 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
u'User Process can potentially corrupt kernel virtual page by passing a crafted page in API' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Bitra, IPQ6018, IPQ8074, MDM9205, Nicobar, QCA8081, QCN7605, QCS404, QCS405, QCS605, QCS610, Rennell, SA415M, SA6155P, Saipan, SC7180, SC8180X, SDA84 ...
Show More |
|||||
| CVE-2019-10628 | 1 Qualcomm | 72 Apq8098, Apq8098 Firmware, Bitra and 69 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
u'Memory can be potentially corrupted if random index is allowed to manipulate TLB entries in Kernel from user library' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8098, Bitra, MDM9205, MDM9650, MSM8998, Nicobar, QCA6390, QCN7605, QCS404, QCS405, QCS605, QCS610, Rennell, SA415M, SA6 ...
Show More |
|||||
| CVE-2019-10615 | 1 Qualcomm | 114 Apq8009, Apq8009 Firmware, Apq8017 and 111 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
u'Possibility of integer overflow in keymaster 4 while allocating memory due to multiplication of large numcerts value and size of keymaster bob which can lead to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, M ...
Show More |
|||||
| CVE-2019-10596 | 1 Qualcomm | 38 Bitra, Bitra Firmware, Nicobar and 35 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
u'Improper access control can lead signed process to guess pid of other processes and access their address space' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Bitra, Nicobar, QCS605, QCS610, Rennell, SA6155P, Saipan, SC7180, SC8180X, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130
|
|||||
| CVE-2019-10562 | 1 Qualcomm | 56 Ipq6018, Ipq6018 Firmware, Kamorta and 53 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
u'Improper authentication and signature verification of debug polices in secure boot loader will allow unverified debug policies to be loaded into secure memory and leads to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ6018, Kamorta, MSM8998, Nicobar, QCS404, QCS605, QCS610, Rennell, SA415M, SA6155P, SC7180, SDA660, SDA845, SDM630, SDM ...
Show More |
|||||
| CVE-2019-10527 | 1 Qualcomm | 138 Apq8009, Apq8009 Firmware, Apq8017 and 135 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
u'SMEM partition can be manipulated in case of any compromise on HLOS, thus resulting in access to memory outside of SMEM address range which could lead to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098 ...
Show More |
|||||
| CVE-2024-33014 | 1 Qualcomm | 650 315 5g Iot Modem, 315 5g Iot Modem Firmware, 860 Mobile Platform and 647 more | 2024-11-20 | N/A | 7.5 HIGH |
|
Transient DOS while parsing ESP IE from beacon/probe response frame.
|
|||||
| CVE-2024-33023 | 1 Qualcomm | 314 Ar8035, Ar8035 Firmware, Csra6620 and 311 more | 2024-11-20 | N/A | 7.8 HIGH |
|
Memory corruption while creating a fence to wait on timeline events, and simultaneously signal timeline events.
|
|||||
| CVE-2024-33022 | 1 Qualcomm | 248 Ar8035, Ar8035 Firmware, Csra6620 and 245 more | 2024-11-20 | N/A | 7.8 HIGH |
|
Memory corruption while allocating memory in HGSL driver.
|
|||||
| CVE-2024-33021 | 1 Qualcomm | 276 Ar8035, Ar8035 Firmware, Csra6620 and 273 more | 2024-11-20 | N/A | 7.8 HIGH |
|
Memory corruption while processing IOCTL call to set metainfo.
|
|||||
| CVE-2024-33028 | 1 Qualcomm | 276 Ar8035, Ar8035 Firmware, Csra6620 and 273 more | 2024-11-20 | N/A | 7.8 HIGH |
|
Memory corruption as fence object may still be accessed in timeline destruct after isync fence is released.
|
|||||
| CVE-2024-33027 | 1 Qualcomm | 180 205 Mobile Platform, 205 Mobile Platform Firmware, 215 Mobile Platform and 177 more | 2024-11-20 | N/A | 7.8 HIGH |
|
Memory corruption can occur when arbitrary user-space app gains kernel level privilege to modify DDR memory by corrupting the GPU page table.
|
|||||
| CVE-2024-33032 | 1 Qualcomm | 138 C-v2x 9150, C-v2x 9150 Firmware, Fastconnect 6200 and 135 more | 2024-11-07 | N/A | 6.7 MEDIUM |
|
Memory corruption when the user application modifies the same shared memory asynchronously when kernel is accessing it.
|
|||||
| CVE-2024-38423 | 1 Qualcomm | 412 205 Mobile Platform, 205 Mobile Platform Firmware, 215 Mobile Platform and 409 more | 2024-11-07 | N/A | 7.8 HIGH |
|
Memory corruption while processing GPU page table switch.
|
|||||
| CVE-2024-38422 | 1 Qualcomm | 536 205 Mobile Platform, 205 Mobile Platform Firmware, 215 Mobile Platform and 533 more | 2024-11-07 | N/A | 7.8 HIGH |
|
Memory corruption while processing voice packet with arbitrary data received from ADSP.
|
|||||
| CVE-2024-38419 | 1 Qualcomm | 296 Ar8035, Ar8035 Firmware, Csra6620 and 293 more | 2024-11-07 | N/A | 7.8 HIGH |
|
Memory corruption while invoking IOCTL calls from the use-space for HGSL memory node.
|
|||||
| CVE-2024-38415 | 1 Qualcomm | 356 215 Mobile Platform, 215 Mobile Platform Firmware, Ar8035 and 353 more | 2024-11-07 | N/A | 7.8 HIGH |
|
Memory corruption while handling session errors from firmware.
|
|||||