Page 27 of 147 results (0.012 seconds)

CVSS: 8.8EPSS: 0%CPEs: 818EXPL: 0

User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device lock in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Un usuario puede sobrescribir el elemento Security Code NV sin conocer el SPC actual debido a una comprobación inapropiada de la configuración del código SPC y el bloqueo del dispositivo en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music , Snapdragon Wearables • https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin •

CVSS: 10.0EPSS: 0%CPEs: 1014EXPL: 0

Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Un acceso fuera de límite a la memoria mientras se reproducen reproducciones de música con contenido vorbis diseñado debido a comprobaciones inapropiadas en la extracción de encabezados en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 7.5EPSS: 0%CPEs: 942EXPL: 0

Buffer over-read can happen when the buffer length received from response handlers is more than the size of the payload in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking Una lectura excesiva del búfer puede ocurrir cuando la longitud del búfer recibida desde los manejadores de respuesta es mayor que el tamaño de la carga útil en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking • https://www.qualcomm.com/company/product-security/bulletins/december-2020-bulletin https://www.qualcomm.com/company/product-security/bulletins/december-2020-security-bulletin • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read •

CVSS: 7.8EPSS: 0%CPEs: 28EXPL: 1

Out of Bound issue in DSP services while processing received arguments due to improper validation of length received as an argument' in SD820, SD821, SD820, QCS603, QCS605, SDA855, SA6155P, SA6145P, SA6155, SA6155P, SD855, SD 675, SD660, SD429, SD439 Un Problema fuera de límites en los servicios DSP mientras se procesan los argumentos recibidos debido a una comprobación inapropiada de la longitud recibida como argumento en versiones SD820, SD821, SD820, QCS603, QCS605, SDA855, SA6155P, SA6145P, SA6155, SA6155P, SD855, SD 675, SD660, SD429, SD439 • https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril https://research.checkpoint.com/2021/pwn2own-qualcomm-dsp https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin • CWE-191: Integer Underflow (Wrap or Wraparound) •

CVSS: 5.5EPSS: 0%CPEs: 28EXPL: 1

Improper authorization in DSP process could allow unauthorized users to downgrade the library versions in SD820, SD821, SD820, QCS603, QCS605, SDA855, SA6155P, SA6145P, SA6155, SA6155P, SD855, SD 675, SD660, SD429, SD439 Una autorización inapropiada en el proceso DSP podría permitir a los usuarios no autorizados degradar las versiones de la biblioteca en versiones SD820, SD821, SD820, QCS603, QCS605, SDA855, SA6155P, SA6145P, SA6155, SA6155P, SD855, SD 675, SD660, SD429, SD439 • https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril https://research.checkpoint.com/2021/pwn2own-qualcomm-dsp https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin • CWE-863: Incorrect Authorization •