CVSS: 5.5EPSS: 0%CPEs: 42EXPL: 0CVE-2018-11999
https://notcve.org/view.php?id=CVE-2018-11999
18 Jan 2019 — Improper input validation in trustzone can lead to denial of service in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 636, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDM630, SDM660, SDX24 Validación de entradas incorrecta en trustzone puede provocar una denegación de servicio (DoS) en snapdragon automobile, snapdragon mobile y snapdragon wear en las versiones MDM9206, MDM9607, MDM96... • http://www.securityfocus.com/bid/106128 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 78EXPL: 0CVE-2017-18330
https://notcve.org/view.php?id=CVE-2017-18330
03 Jan 2019 — Buffer overflow in AES-CCM and AES-GCM encryption via initialization vector in snapdragon automobile, snapdragon mobile and snapdragon wear in versions IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016. Desbordamiento de búfer en el cifr... • http://www.securityfocus.com/bid/106128 •
CVSS: 5.5EPSS: 0%CPEs: 56EXPL: 0CVE-2017-18327
https://notcve.org/view.php?id=CVE-2017-18327
03 Jan 2019 — Security keys are logged when any WCDMA call is configured or reconfigured in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDX20, SXR1130. Se registran claves de seguridad cuando cualquier llamada WCDMA se configura/reconfigura en snapdragon automobile, snapdragon mo... • http://www.securityfocus.com/bid/106128 • CWE-310: Cryptographic Issues •
CVSS: 5.5EPSS: 0%CPEs: 74EXPL: 0CVE-2017-11004
https://notcve.org/view.php?id=CVE-2017-11004
03 Jan 2019 — A non-secure user may be able to access certain registers in snapdragon automobile, snapdragon mobile and snapdragon wear in versions IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016. Un usuario inseguro podría acceder a determinados registros en snapdrag... • http://www.securityfocus.com/bid/106128 •
CVSS: 5.5EPSS: 0%CPEs: 64EXPL: 0CVE-2017-18324
https://notcve.org/view.php?id=CVE-2017-18324
03 Jan 2019 — Cryptographic key material leaked in debug messages - GERAN in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, SD 855, SDX24, Snapdragon_High_Med_2016. Material de clave criptográfica filtrado en los mensajes de depuración de GERAN en snapdragon mobile y snapdragon wear en sus version... • http://www.securityfocus.com/bid/106128 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 68EXPL: 0CVE-2017-18326
https://notcve.org/view.php?id=CVE-2017-18326
03 Jan 2019 — Cryptographic keys are printed in modem debug messages in snapdragon mobile and snapdragon wear in versions MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 800, SD 810, SD 820, SD 835, SDA660, SDM630, SDM660, Snapdragon_High_Med_2016. Se imprimen claves criptográficas en los mensajes de depuración de los módems en snapdragon mobile y snapdragon wear en s... • http://www.securityfocus.com/bid/106128 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2017-18321
https://notcve.org/view.php?id=CVE-2017-18321
03 Jan 2019 — Security keys used by the terminal and NW for a session could be leaked in snapdragon mobile in versions MDM9650, MDM9655, SD 835, SDA660. Las claves de seguridad utilizadas por el terminal y NW para una sesión podrían filtrarse en snapdragon mobile en sus versiones MDM9650, MDM9655, SD 835 y SDA660. • http://www.securityfocus.com/bid/106128 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 64EXPL: 0CVE-2017-18320
https://notcve.org/view.php?id=CVE-2017-18320
03 Jan 2019 — QSEE unload attempt on a 3rd party TEE without previously loading results in a data abort in snapdragon automobile and snapdragon mobile in versions MSM8996AU, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016, SXR1130. Intento de descarga QSEE en un TEE de terceros sin cargar los resultados previamente en un "data a... • http://www.securityfocus.com/bid/106128 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 68EXPL: 0CVE-2017-18141
https://notcve.org/view.php?id=CVE-2017-18141
03 Jan 2019 — When a 3rd party TEE has been loaded it is possible for the non-secure world to create a secure monitor call which will give it access to privileged functions meant to only be accessible from the TEE in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM4... • http://www.securityfocus.com/bid/106128 •
CVSS: 5.5EPSS: 0%CPEs: 60EXPL: 0CVE-2017-18319
https://notcve.org/view.php?id=CVE-2017-18319
03 Jan 2019 — Information leak in UIM API debug messages in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016. Filtrado de información en los mensajes de depuración de la API UIM en snapdragon mobile y snapdragon wear en sus versiones MDM9206, MDM9607, MDM9615, MDM9625, MDM96... • http://www.securityfocus.com/bid/106128 • CWE-320: Key Management Errors •