CVSS: 7.8EPSS: 0%CPEs: 195EXPL: 0CVE-2020-11185
https://notcve.org/view.php?id=CVE-2020-11185
Out of bound issue in WLAN driver while processing vdev responses from firmware due to lack of validation of data received from firmware in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking Un problema fuera de límite en el controlador WLAN mientras se procesan las respuestas vdev del firmware debido a una falta de comprobación de datos recibidos del firmware en los productos Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin • CWE-787: Out-of-bounds Write •
CVSS: 7.2EPSS: 0%CPEs: 151EXPL: 0CVE-2020-11183
https://notcve.org/view.php?id=CVE-2020-11183
A process can potentially cause a buffer overflow in the display service allowing privilege escalation by executing code as that service in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Un proceso puede potencialmente causar un desbordamiento del búfer en el servicio de visualización permitiendo una escalada de privilegios al ejecutar código como ese servicio en los productos Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.9EPSS: 0%CPEs: 160EXPL: 0CVE-2020-11152
https://notcve.org/view.php?id=CVE-2020-11152
Race condition in HAL layer while processing callback objects received from HIDL due to lack of synchronization between accessing objects in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Una condición de carrera en la capa HAL al procesar objetos de devolución de llamada recibidos desde HIDL debido a una falta de sincronización entre los objetos de acceso en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.2EPSS: 0%CPEs: 293EXPL: 0CVE-2020-11149
https://notcve.org/view.php?id=CVE-2020-11149
Out of bound access due to usage of an out-of-range pointer offset in the camera driver. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables un acceso fuera de límites debido al uso de un desplazamiento del puntero fuera de rango en el controlador de la cámara. en Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 280EXPL: 0CVE-2020-11150
https://notcve.org/view.php?id=CVE-2020-11150
Out of bound memory access in camera driver due to improper validation on data coming from UMD which is used for offset manipulation of pointer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Un acceso fuera del límite de la memoria en el controlador de la cámara debido a una comprobación inapropiada de los datos provenientes de UMD que se utilizan para la manipulación de desplazamiento del puntero en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music , Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •