CVSS: 7.5EPSS: 0%CPEs: 1064EXPL: 0CVE-2020-11296
https://notcve.org/view.php?id=CVE-2020-11296
22 Feb 2021 — Arithmetic overflow can happen while processing NOA IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Un desbordamiento aritmético puede ocurrir mientras se procesa NOA IE debido a un manejo inapropiado de errores en los productos Snapdragon Auto, Snapdrago... • https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin • CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 0%CPEs: 698EXPL: 0CVE-2020-11281
https://notcve.org/view.php?id=CVE-2020-11281
22 Feb 2021 — Allowing RTT frames to be linked with non randomized MAC address by comparing the sequence numbers can lead to information disclosure. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Permitir que las tramas RTT sean vinculadas con direcciones MAC no aleatorias mediante la comparación de números de secuen... • https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 758EXPL: 0CVE-2020-11278
https://notcve.org/view.php?id=CVE-2020-11278
22 Feb 2021 — Possible denial of service while handling host WMI command due to improper validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Una posible denegación de servicio al manejar el comando WMI del host debido a unas comprobaciones inapropiadas en los productos Snapdragon Auto, Snapdragon Compute, Snapd... • https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin • CWE-617: Reachable Assertion •
CVSS: 9.4EPSS: 0%CPEs: 946EXPL: 0CVE-2020-11275
https://notcve.org/view.php?id=CVE-2020-11275
22 Feb 2021 — Possible buffer over-read while parsing quiet IE in Rx beacon frame due to improper check of IE length in received beacon in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Una posible lectura excesiva del búfer al analizar IE silencioso en la trama beacon Rx debido a una comprobación inapro... • https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 348EXPL: 0CVE-2020-11253
https://notcve.org/view.php?id=CVE-2020-11253
22 Feb 2021 — Arbitrary memory write issue in video driver while setting the internal buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile Un problema de escritura de la memoria arbitraria en el controlador de video mientras se configura los búferes internos en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile • https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1042EXPL: 0CVE-2020-11204
https://notcve.org/view.php?id=CVE-2020-11204
22 Feb 2021 — Possible memory corruption and information leakage in sub-system due to lack of check for validity and boundary compliance for parameters that are read from shared MSG RAM in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Una posible corrupción de la memoria y filtración de información en el subsistema debido a un... • https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 788EXPL: 0CVE-2020-11195
https://notcve.org/view.php?id=CVE-2020-11195
22 Feb 2021 — Out of bound write and read in TA while processing command from NS side due to improper length check on command and response buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music Una escritura y lectura fuera de límite en TA mientras se procesa un comando desde el lado NS debido a una comprobación de longitud inapropiada en los búferes de comando y respuesta en los productos Snapdragon Auto, Sn... • https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 1014EXPL: 0CVE-2020-11170
https://notcve.org/view.php?id=CVE-2020-11170
22 Feb 2021 — Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Un acceso fuera de límite a la memoria mientras se reproducen reproducciones de música con contenido vorbis diseñado debido a comprobaci... • https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 0%CPEs: 502EXPL: 0CVE-2020-11163
https://notcve.org/view.php?id=CVE-2020-11163
22 Feb 2021 — Possible buffer overflow while updating ikev2 parameters due to lack of check of input validation for certain parameters received from the ePDG server in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile Un posible desbordamiento del búfer mientras se actualiza los parámetros ikev2 debido a una falta de comprobación de la validación de entrada para determinados parámetros recibidos del servidor ePDG en los productos Snapdragon... • https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin • CWE-129: Improper Validation of Array Index •
CVSS: 10.0EPSS: 0%CPEs: 182EXPL: 0CVE-2020-3639
https://notcve.org/view.php?id=CVE-2020-3639
12 Nov 2020 — u'When a non standard SIP sigcomp message is received from the network, then there may be chances of using more UDVM cycle or memory overflow' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8009, APQ8017, APQ8037, APQ8053, MDM9250, MDM9607, MDM9628, MDM9640, MDM9650, MSM8108, MSM8208, MSM8209, MSM8608, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, QCM4290, QCM6125, QCS410, QCS4290, QCS603, ... • https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin • CWE-129: Improper Validation of Array Index •