CVSS: 8.4EPSS: 0%CPEs: 10EXPL: 0CVE-2018-5852 – Buffer Over-read in IPA
https://notcve.org/view.php?id=CVE-2018-5852
An unsigned integer underflow vulnerability in IPA driver result into a buffer over-read while reading NAT entry using debugfs command 'cat /sys/kernel/debug/ipa/ip4_nat' • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-126: Buffer Over-read •
CVSS: 8.4EPSS: 0%CPEs: 7EXPL: 0CVE-2017-18307 – Information Exposure in Kernel
https://notcve.org/view.php?id=CVE-2017-18307
Information disclosure possible while audio playback. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.4EPSS: 0%CPEs: 7EXPL: 0CVE-2017-18306 – Information Exposure in Camera Driver
https://notcve.org/view.php?id=CVE-2017-18306
Information disclosure due to uninitialized variable. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.4EPSS: 0%CPEs: 10EXPL: 0CVE-2018-11952 – Improper Authentication in TrustZone
https://notcve.org/view.php?id=CVE-2018-11952
An image with a version lower than the fuse version may potentially be booted lead to improper authentication. Es posible que una imagen con una versión inferior a la versión de fuse se inicie y dé lugar a una autenticación incorrecta. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-287: Improper Authentication •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 0CVE-2018-11922 – Configurations in Android Build
https://notcve.org/view.php?id=CVE-2018-11922
Wrong configuration in Touch Pal application can collect user behavior data without awareness by the user. Una configuración incorrecta en la aplicación Touch Pal puede recopilar datos sobre el comportamiento del usuario sin que éste se dé cuenta. • https://docs.qualcomm.com/product/publicresources/securitybulletin/may-2018-bulletin.html • CWE-16: Configuration •