CVSS: 7.8EPSS: 0%CPEs: 48EXPL: 0CVE-2017-18328
https://notcve.org/view.php?id=CVE-2017-18328
03 Jan 2019 — Use after free in QSH client rule processing in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 820, SD 835, SDA660, SDM630, SDM660, Snapdragon_High_Med_2016. Vulnerabilidad de uso de memoria previamente liberada en el procesamiento de reglas del cliente en QSH en snapdragon mobile y snapdragon wear en sus versiones MDM9206, MDM9607, MDM9635M, MDM9640, ... • http://www.securityfocus.com/bid/106128 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 32EXPL: 0CVE-2018-11996
https://notcve.org/view.php?id=CVE-2018-11996
28 Nov 2018 — When a malformed command is sent to the device programmer, an out-of-bounds access can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 600, SD 820, SD 820A, SD 835, SDA660, SDX20, SDX24. Cuando un comando mal formado se envía al programador del dispositivo, puede ocurrir un acceso fuera de límites en Snapdragon Automobile, Snapdragon Mobile y Snapdragon Wear en versiones MDM9206, MDM9607, MDM9... • http://www.securityfocus.com/bid/105838 • CWE-129: Improper Validation of Array Index •
CVSS: 6.5EPSS: 0%CPEs: 70EXPL: 0CVE-2018-5916
https://notcve.org/view.php?id=CVE-2018-5916
28 Nov 2018 — Buffer overread while decoding PDP modify request or network initiated secondary PDP activation in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX20, SXR1130. Sobrelectura de búfer al descifrar la petición de modificación... • http://www.securityfocus.com/bid/105838 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 32EXPL: 0CVE-2018-5877
https://notcve.org/view.php?id=CVE-2018-5877
28 Nov 2018 — In the device programmer target-side code for firehose, a string may not be properly NULL terminated can lead to a incorrect buffer size in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 600, SD 820, SD 820A, SD 835, SDA660, SDX20. En el código del lado del objetivo del programador del dispositivo para firehose, una cadena que podría no estar correctamente terminada en NULL puede conducir a u... • http://www.securityfocus.com/bid/105838 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 72EXPL: 0CVE-2017-18124
https://notcve.org/view.php?id=CVE-2017-18124
26 Oct 2018 — During secure boot, addition is performed on uint8 ptrs which led to overflow issue in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDX20 Durante el arranque seguro, se realiza una suma en uint... • https://www.qualcomm.com/company/product-security/bulletins • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 70EXPL: 0CVE-2017-18311
https://notcve.org/view.php?id=CVE-2017-18311
26 Oct 2018 — XPU Master privilege escalation is possible due to improper access control of unused configuration xPU ports where unused configuration ports are open in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_Hig... • https://www.qualcomm.com/company/product-security/bulletins •
CVSS: 7.8EPSS: 0%CPEs: 70EXPL: 0CVE-2018-11268
https://notcve.org/view.php?id=CVE-2018-11268
20 Sep 2018 — In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016, a potential buffer overflow exists when parsing TFTP options. En Snapdragon (Automobile, Mobile y Wear) en versiones MDM9206, MDM9607, MDM9635M, MDM... • http://www.securityfocus.com/bid/106845 • CWE-129: Improper Validation of Array Index •
CVSS: 8.8EPSS: 0%CPEs: 56EXPL: 0CVE-2018-11982
https://notcve.org/view.php?id=CVE-2018-11982
20 Sep 2018 — In Snapdragon (Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016, a double free of ASN1 heap memory used for EUTRA CAP container occurs during UTRAN to LTE Capability inquiry procedure. En Snapdragon (Mobile y Wear) en versiones MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9655, MSM8909W, ... • https://www.qualcomm.com/company/product-security/bulletins • CWE-415: Double Free •
CVSS: 10.0EPSS: 0%CPEs: 74EXPL: 0CVE-2017-18314
https://notcve.org/view.php?id=CVE-2017-18314
20 Sep 2018 — In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_High_Med_2016, on TZ cold boot the CNOC_QDSS RG0 locked by xBL_SEC is cleared by TZ. En Snapdragon (Automobile, Mobile y Wear) en versiones MDM9206, MDM9607,... • https://source.android.com/security/bulletin/2018-09-01#qualcomm-closed-source-components •
CVSS: 7.8EPSS: 0%CPEs: 70EXPL: 0CVE-2018-11269
https://notcve.org/view.php?id=CVE-2018-11269
20 Sep 2018 — In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016, a potential buffer overflow exists when parsing TFTP options. En Snapdragon (Automobile, Mobile y Wear) en versiones MDM9206, MDM9607, MDM9635M, MDM... • http://www.securityfocus.com/bid/105838 • CWE-129: Improper Validation of Array Index •