CVSS: 7.8EPSS: 0%CPEs: 60EXPL: 0CVE-2020-11164
https://notcve.org/view.php?id=CVE-2020-11164
02 Nov 2020 — u'Third-party app may also call the broadcasts in Perfdump and cause privilege escalation issue due to improper access control' in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in Agatti, APQ8096AU, APQ8098, Bitra, Kamorta, MSM8909W, MSM8917, MSM8940, Nicobar, QCA6390, QCM2150, QCS605, Rennell, SA6155P, SA8155P, Saipan, SDA660, SDM429W, SDM450, SDM630, SDM636, SDM660, SDM670, SDM710, SM6150, SM7150, SM8150, SM8250, SXR11... • https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin •
CVSS: 7.8EPSS: 0%CPEs: 80EXPL: 0CVE-2020-11162
https://notcve.org/view.php?id=CVE-2020-11162
02 Nov 2020 — u'Possible buffer overflow in MHI driver due to lack of input parameter validation of EOT events received from MHI device side' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in Agatti, APQ8009, Bitra, IPQ4019, IPQ5018, IPQ6018, IPQ8064, IPQ8074, Kamorta, MDM9607, MSM8917, MSM8953, Nicobar, QCA6390, QCM2150, QCS404, QCS405, QC... • https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 96EXPL: 0CVE-2020-11125
https://notcve.org/view.php?id=CVE-2020-11125
02 Nov 2020 — u'Out of bound access can happen in MHI command process due to lack of check of channel id value received from MHI devices' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in Agatti, APQ8009, Bitra, IPQ4019, IPQ5018, IPQ6018, IPQ8064, IPQ8074, Kamorta, MDM9150, MDM9607, MDM9650, MSM8905, MSM8917, MSM8953, Nicobar, QCA6390, QCA9... • https://www.qualcomm.com/company/product-security/bulletins/october-2020-bulletin • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 34EXPL: 0CVE-2020-3679
https://notcve.org/view.php?id=CVE-2020-3679
09 Sep 2020 — u'During execution after Address Space Layout Randomization is turned on for QTEE, part of code is still mapped at known address including code segments' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Bitra, Kamorta, Nicobar, QCS404, QCS610, Rennell, SA6155P, SA8155P, Saipan, SC7180, SC8180X, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130 Durante una ejecución después d... • https://www.qualcomm.com/company/product-security/bulletins/september-2020-bulletin •
CVSS: 7.1EPSS: 0%CPEs: 32EXPL: 0CVE-2020-3617
https://notcve.org/view.php?id=CVE-2020-3617
09 Sep 2020 — u'Buffer over-read Issue in Q6 testbus framework due to diag packet length is not completely validated before accessing the field and leads to Information disclosure.' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in Kamorta, Nicobar, QCS605, QCS610, Rennell, SC7180, SDA660, SDM630, SDM636, SDM660, SDM670, SDM710, SM6150, SM7150, SM8150, SXR1130 Un problema de lectura excesiva del búfer en el framework Q6 testbus debido a que la longitud del paquete diag no es ... • https://www.qualcomm.com/company/product-security/bulletins/september-2020-bulletin • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read •
CVSS: 9.4EPSS: 0%CPEs: 100EXPL: 0CVE-2020-3634
https://notcve.org/view.php?id=CVE-2020-3634
09 Sep 2020 — u'Multiple Read overflows issue due to improper length check while decoding Generic NAS transport/EMM info' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909W, MSM8917, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QCS610, QM215, Rennell, SA415M, Saipan, SC7180, SDA660, S... • https://www.qualcomm.com/company/product-security/bulletins/september-2020-bulletin • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 7.8EPSS: 0%CPEs: 56EXPL: 0CVE-2020-3656
https://notcve.org/view.php?id=CVE-2020-3656
09 Sep 2020 — Out of bound access can happen in MHI command process due to lack of check of command channel id value received from MHI devices in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, Kamorta, MDM9607, MSM8917, MSM8953, Nicobar, QCM2150, QCS405, QCS605, QM215, Rennell, SA6155P, SA8155P, Saipan, SC8180X, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM710, SDM845, SDX55, SM6150, SM7150, SM8150, SM82... • https://www.qualcomm.com/company/product-security/bulletins/september-2020-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 54EXPL: 0CVE-2020-11135
https://notcve.org/view.php?id=CVE-2020-11135
09 Sep 2020 — u'Reachable assertion when wrong data size is returned by parser for ape clips' in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8098, Kamorta, MSM8917, MSM8953, Nicobar, QCM2150, QCS605, QM215, Rennell, SA6155P, SA8155P, Saipan, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 Una aserción accesible cuando un tamaño de datos incorrecto es devuelto por el analizador para clips ape en los pr... • https://www.qualcomm.com/company/product-security/bulletins/september-2020-bulletin • CWE-617: Reachable Assertion •
CVSS: 7.8EPSS: 0%CPEs: 34EXPL: 0CVE-2020-11124
https://notcve.org/view.php?id=CVE-2020-11124
09 Sep 2020 — u'Possible use-after-free while accessing diag client map table since list can be reallocated due to exceeding max client limit.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607, Nicobar, QCS404, QCS405, QCS610, Rennell, SA6155P, SA8155P, Saipan, SC8180X, SDM660, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130 Un posible uso de la memoria previamente liberada mientras se accede a la tabla de mapas del cliente d... • https://www.qualcomm.com/company/product-security/bulletins/september-2020-bulletin • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 60EXPL: 0CVE-2020-3669
https://notcve.org/view.php?id=CVE-2020-3669
08 Sep 2020 — u'Buffer Overflow issue in WLAN tcp ip verification due to usage of out of range pointer offset' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8098, IPQ5018, IPQ6018, IPQ8074, Kamorta, MSM8998, Nicobar, QCA6390, QCA8081, QCN7605, QCS404, QCS405, QCS605, Rennell, SA415M, SC7180, SC8180X, SDA845, S... • https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •