CVSS: 5.5EPSS: 0%CPEs: 62EXPL: 0CVE-2017-18322
https://notcve.org/view.php?id=CVE-2017-18322
Cryptographic key material leaked in WCDMA debug messages in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016. Material de clave criptográfica filtrado en los mensajes de depuración de WCDMA en snapdragon mobile y snapdragon wear en sus versiones MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835 y Snapdragon_High_Med_2016. • http://www.securityfocus.com/bid/106128 https://www.qualcomm.com/company/product-security/bulletins • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 68EXPL: 0CVE-2017-18326
https://notcve.org/view.php?id=CVE-2017-18326
Cryptographic keys are printed in modem debug messages in snapdragon mobile and snapdragon wear in versions MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 800, SD 810, SD 820, SD 835, SDA660, SDM630, SDM660, Snapdragon_High_Med_2016. Se imprimen claves criptográficas en los mensajes de depuración de los módems en snapdragon mobile y snapdragon wear en sus versiones MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 800, SD 810, SD 820, SD 835, SDA660, SDM630, SDM660 y Snapdragon_High_Med_2016. • http://www.securityfocus.com/bid/106128 https://www.qualcomm.com/company/product-security/bulletins • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 0%CPEs: 16EXPL: 0CVE-2016-10502
https://notcve.org/view.php?id=CVE-2016-10502
While generating trusted application id, An integer overflow can occur giving the trusted application an invalid identity in Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835 and SDA660. Mientras se genera un ID de aplicación de confianza, puede ocurrir un desbordamiento de enteros que otorga a la aplicación de confianza una identidad inválida en Snapdragon Mobile y Snapdragon Wear en versiones MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835 y SDA660. • http://www.securityfocus.com/bid/105838 https://source.android.com/security/bulletin/2018-11-01#qualcomm-components • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 32EXPL: 0CVE-2018-5877
https://notcve.org/view.php?id=CVE-2018-5877
In the device programmer target-side code for firehose, a string may not be properly NULL terminated can lead to a incorrect buffer size in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 600, SD 820, SD 820A, SD 835, SDA660, SDX20. En el código del lado del objetivo del programador del dispositivo para firehose, una cadena que podría no estar correctamente terminada en NULL puede conducir a un tamaño de búfer incorrecto en Snapdragon Automobile, Snapdragon Mobile y Snapdragon Wear en versiones MDM9206, MDM9607, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 600, SD 820, SD 820A, SD 835, SDA660 y SDX20. • http://www.securityfocus.com/bid/105838 https://www.qualcomm.com/company/product-security/bulletins • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 58EXPL: 0CVE-2018-11921
https://notcve.org/view.php?id=CVE-2018-11921
Failure condition is not handled properly and the correct error code is not returned. It could cause unintended SUI behavior and create unintended SUI display in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24, SXR1130. La condición de error no se gestiona adecuadamente y no se devuelve el código de error correcto. Podría provocar un comportamiento no planeado en SUI y crear una vista SUI no pretendida en Snapdragon Automobile, Snapdragon Mobile y Snapdragon Wear en versiones MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24 y SXR1130. • http://www.securityfocus.com/bid/106845 https://www.qualcomm.com/company/product-security/bulletins • CWE-755: Improper Handling of Exceptional Conditions •