CVSS: 10.0EPSS: 0%CPEs: 36EXPL: 0CVE-2019-14086
https://notcve.org/view.php?id=CVE-2019-14086
05 Mar 2020 — Possible integer overflow while checking the length of frame which is a 32 bit integer and is added to another 32 bit integer which can lead to unexpected result during the check in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8098, MDM9607, MSM8998, QCA6584, QCN7605, QCS605, SDA660, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SXR1130 Un posible desbordamiento... • https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin • CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 74EXPL: 0CVE-2019-14083
https://notcve.org/view.php?id=CVE-2019-14083
05 Mar 2020 — While parsing Service Descriptor Extended Attribute received as part of SDF frame, there is a possibility that incorrect length is specified in the attribute length field of extended SSI which can lead to integer underflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ805... • https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2019-14085
https://notcve.org/view.php?id=CVE-2019-14085
05 Mar 2020 — Possible Integer underflow in WLAN function due to lack of check of data received from user side in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in QCN7605, QCS605, SDA845, SDM670, SDM710, SDM845, SDM850, SM8150, SXR1130 Un posible desbordamiento de enteros en la función WLAN debido a una falta de comprobación de datos recibidos del lado del usuario en los productos Snapdragon Auto, Snapdragon Compute... • https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.1EPSS: 0%CPEs: 34EXPL: 0CVE-2019-14081
https://notcve.org/view.php?id=CVE-2019-14081
05 Mar 2020 — Buffer Over-read when WLAN module gets a WMI message for SAR limits with invalid number of limits to be enforced in Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in APQ8098, IPQ8074, MSM8998, QCA8081, QCN7605, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM8150, SXR1130 Una lectura excesiva del búfer cuando el módulo WLAN recibe un mensa... • https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin • CWE-125: Out-of-bounds Read •
CVSS: 7.0EPSS: 0%CPEs: 64EXPL: 0CVE-2019-14072
https://notcve.org/view.php?id=CVE-2019-14072
05 Mar 2020 — Unhandled paging request is observed due to dereferencing an already freed object because of race condition between sparse free and sparse bind ioctls which access the same physical entry in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8096AU, APQ8098, MDM9607, MSM8909W, MSM8939, MSM8953, MSM8996AU, Nicobar, QCS405, QCS605, Rennell, SA6155P, Saipan, SC8180X, SDA660, SD... • https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 40EXPL: 1CVE-2019-14079
https://notcve.org/view.php?id=CVE-2019-14079
05 Mar 2020 — Access to the uninitialized variable when the driver tries to unmap the dma buffer of a request which was never mapped in the first place leading to kernel failure in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8009, APQ8053, MDM9607, MDM9640, MSM8909W, MSM8953, QCA6574AU, QCS605, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM670, SDM710, SDM845, SDX24, SM8150, SXR1130 Un acceso a la variable no inicializada cua... • https://github.com/parallelbeings/CVE-2019-14079 • CWE-908: Use of Uninitialized Resource •
CVSS: 7.8EPSS: 0%CPEs: 86EXPL: 0CVE-2019-14071
https://notcve.org/view.php?id=CVE-2019-14071
05 Mar 2020 — Compromised reset handler may bypass access control due to AC config is being reset if debug path is enabled to collect secure or non-secure ram dumps in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8017, APQ8053, APQ8096, APQ8096AU, IPQ6018, MDM9205, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCM2150, Q... • https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin •
CVSS: 7.8EPSS: 0%CPEs: 90EXPL: 0CVE-2019-14061
https://notcve.org/view.php?id=CVE-2019-14061
05 Mar 2020 — Null-pointer dereference can occur while accessing the segment element info when it is not allocated and assigned in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, Nicobar, QCS405, QC... • https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin • CWE-476: NULL Pointer Dereference •
CVSS: 7.8EPSS: 0%CPEs: 42EXPL: 0CVE-2019-14068
https://notcve.org/view.php?id=CVE-2019-14068
05 Mar 2020 — Out of bound access in msm routing due to lack of check of size before accessing in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, APQ8096AU, MDM9607, MSM8905, MSM8909W, Nicobar, QCS405, QCS605, Rennell, Saipan, SDM429W, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 Un acceso fuera de límite en el enrutamient... • https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 0%CPEs: 10EXPL: 0CVE-2019-14045
https://notcve.org/view.php?id=CVE-2019-14045
05 Mar 2020 — Possible buffer overflow while processing clientlog and serverlog due to lack of validation of data received in logs in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile in APQ8096AU, QCS605, SDM439, SM8150, SXR1130 Un posible desbordamiento del búfer mientras se procesa clientlog y serverlog debido a una falta de comprobación de los datos recibidos en registros en los productos de Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile en las versiones APQ8096AU, QCS605, SDM439, SM8150, SXR11... • https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •