CVSS: 7.8EPSS: 0%CPEs: 32EXPL: 0CVE-2018-5866
https://notcve.org/view.php?id=CVE-2018-5866
26 Oct 2018 — While processing logs, data is copied into a buffer pointed to by an untrusted pointer in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850, SDA660. Al procesar logs, los datos se copian en un búfer al que señala un puntero no fiable en Snapdragon Mobile y Snapdragon Wear en versiones MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850 ... • https://www.qualcomm.com/company/product-security/bulletins • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 48EXPL: 0CVE-2018-11850
https://notcve.org/view.php?id=CVE-2018-11850
26 Oct 2018 — Lack of check on remaining length parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9379, SD 210/SD 212/SD 205, SD 425, SD 625, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDX20 La falta de comprobaciones del comando length sobrante al procesar el comando scan start conducirá al flujo del búfer en Snapdrag... • http://www.securityfocus.com/bid/107681 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 72EXPL: 0CVE-2017-18124
https://notcve.org/view.php?id=CVE-2017-18124
26 Oct 2018 — During secure boot, addition is performed on uint8 ptrs which led to overflow issue in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDX20 Durante el arranque seguro, se realiza una suma en uint... • https://www.qualcomm.com/company/product-security/bulletins • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0CVE-2018-3588
https://notcve.org/view.php?id=CVE-2018-3588
26 Oct 2018 — There is improper access control of the SSC and GPU mapped regions which lead to inject code from HLOS in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 820, SD 820A, SD 835, SDA660. Hay un control de acceso incorrecto de las regiones mapeadas SSC y GPU, lo que conduce a la inyección de código del HLOS en Snapdragon Automobile, Snapdragon Mobile y Snapdragon Wear en versiones MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD ... • https://www.qualcomm.com/company/product-security/bulletins •
CVSS: 7.8EPSS: 0%CPEs: 46EXPL: 0CVE-2018-11853
https://notcve.org/view.php?id=CVE-2018-11853
26 Oct 2018 — Lack of check on out of range for channels When processing channel list set command will lead to buffer flow in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9650, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016 La falta de comprobaciones fuera de límites para canales al procesar el comando channel list set conducirá a un flujo del búfer en Snapdragon Mobi... • http://www.securityfocus.com/bid/107681 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2018-11854
https://notcve.org/view.php?id=CVE-2018-11854
26 Oct 2018 — Lack of check of valid length of input parameter may cause buffer overwrite in WLAN in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660 La falta de comprobaciones de longitud válida del parámetro input podría provocar una sobrescritura de búfer en WLAN en Snapdragon Mobile en versiones SD 835, SD 845, SD 850 y SDA660. • http://www.securityfocus.com/bid/107681 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 62EXPL: 0CVE-2017-18310
https://notcve.org/view.php?id=CVE-2017-18310
26 Oct 2018 — ClientEnv exposes services 0-32 to HLOS in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_High_Med_2016 ClientEnv expone los servicios 0-32 al HLOS en Snapdragon Automobile, Snapdragon Mobile y Snapdragon Wear en versiones MSM8909W, MSM8996AU,... • http://www.securitytracker.com/id/1041432 •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2018-11824
https://notcve.org/view.php?id=CVE-2018-11824
26 Oct 2018 — A stack-based buffer overflow can occur in a firmware routine in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SD 845, SD 850, SDA660 Puede ocurrir un desbordamiento de búfer basado en pila en una rutina del firmware en Snapdragon Mobile y Snapdragon Wear en versiones MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SD 845, SD 850 y SDA660. • https://www.qualcomm.com/company/product-security/bulletins • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 70EXPL: 0CVE-2017-18311
https://notcve.org/view.php?id=CVE-2017-18311
26 Oct 2018 — XPU Master privilege escalation is possible due to improper access control of unused configuration xPU ports where unused configuration ports are open in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_Hig... • https://www.qualcomm.com/company/product-security/bulletins •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2018-11822
https://notcve.org/view.php?id=CVE-2018-11822
26 Oct 2018 — A possible integer overflow may happen in WLAN during memory allocation in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660 Podría ocurrir un desbordamiento de enteros en WLAN durante la asignación de memoria en Snapdragon Mobile en versiones SD 835, SD 845, SD 850 y SDA660. • http://www.securityfocus.com/bid/107681 • CWE-190: Integer Overflow or Wraparound •