CVSS: 7.9EPSS: 0%CPEs: 30EXPL: 0CVE-2018-11998
https://notcve.org/view.php?id=CVE-2018-11998
While processing a packet decode request in MQTT, Race condition can occur leading to an out-of-bounds access in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, SD 210/SD 212/SD 205, SD 427, SD 435, SD 450, SD 625, SD 636, SD 835, SDA660, SDM630, SDM660, Snapdragon_High_Med_2016 Durante el procesamiento de una petición de "packet decode" en MQTT, podría ocurrir una condición de carrera que desemboca en un acceso fuera de límites en snapdragon mobile y snapdragon wear en sus versiones MDM9206, MDM9607, SD 210/SD 212/SD 205, SD 427, SD 435, SD 450, SD 625, SD 636, SD 835, SDA660, SDM630, SDM660 y Snapdragon_High_Med_2016. • https://www.qualcomm.com/company/product-security/bulletins • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.8EPSS: 0%CPEs: 66EXPL: 0CVE-2017-8276
https://notcve.org/view.php?id=CVE-2017-8276
Improper authorization involving a fuse in TrustZone in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016. Autorización incorrecta que implica un fusible en TrustZone en snapdragon automobile y snapdragon wear en sus versiones MDM9206, MDM9607, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24 y Snapdragon_High_Med_2016. • http://www.securityfocus.com/bid/106128 https://www.qualcomm.com/company/product-security/bulletins • CWE-863: Incorrect Authorization •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2018-5869
https://notcve.org/view.php?id=CVE-2018-5869
Improper input validation in the QTEE keymaster app can lead to invalid memory access in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 800, SD 810 Validación de entradas incorrecta en la aplicación keymaster QTEE puede provocar un acceso de memoria no válido en snapdragon mobile y snapdragon wear en las versiones MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 800 y SD 810. • http://www.securityfocus.com/bid/106128 https://www.qualcomm.com/company/product-security/bulletins • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2018-11993
https://notcve.org/view.php?id=CVE-2018-11993
Improper check while accessing the local memory stack on MQTT connection request can lead to buffer overflow in snapdragon wear in versions MDM9206, MDM9607 Una comprobación indebida durante el acceso a la pila de memoria local en una petición de conexión MQTT puede conducir a un desbordamiento de búfer en snapdragon wear en sus versiones MDM9206 y MDM9607. • https://www.qualcomm.com/company/product-security/bulletins • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 48EXPL: 0CVE-2018-3595
https://notcve.org/view.php?id=CVE-2018-3595
Anti-rollback can be bypassed in replay scenario during app loading due to improper error handling of RPMB writes in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDX24, SXR1130 Anti-rollback puede omitirse en escenarios de reproducción durante la carga de una aplicación debido a la gestión incorrecta de errores de escrituras RPMB en snapdragon automobile, snapdragon mobile y snapdragon wear en sus versiones MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDX24 y SXR1130. • http://www.securityfocus.com/bid/106128 https://www.qualcomm.com/company/product-security/bulletins •