CVSS: 7.7EPSS: 0%CPEs: 76EXPL: 0CVE-2018-11259
https://notcve.org/view.php?id=CVE-2018-11259
06 Jul 2018 — Due to Improper Access Control of NAND-based EFS in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear, From fastboot on a NAND-based device, the EFS partition can be erased. Apps processor then has non-secure world full read/write access to the partition until the modem boots and configures the EFS partition addresses in its MPU partition. Debido al control de acceso incorrecto del EFS basado en NAND en Snapdragon Automobile, Snapdragon Mobile y Snapdragon Wear, se puede eliminar la partición EFS... • https://www.qualcomm.com/company/product-security/bulletins • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 8.4EPSS: 0%CPEs: 24EXPL: 0CVE-2018-5884
https://notcve.org/view.php?id=CVE-2018-5884
06 Jul 2018 — Improper Access Control in Multimedia in Snapdragon Mobile and Snapdragon Wear, Non-standard applications without permission may acquire permission of Qualcomm-specific proprietary intents. Control de acceso incorrecto en multimedia en Snapdragon Mobile y Snapdragon Wear. Las aplicaciones no estándar sin permisos podrían adquirir el permiso de los intents propietarios específicos de Qualcomm. • https://www.qualcomm.com/company/product-security/bulletins • CWE-269: Improper Privilege Management •
CVSS: 10.0EPSS: 0%CPEs: 54EXPL: 0CVE-2015-9210
https://notcve.org/view.php?id=CVE-2015-9210
18 Apr 2018 — In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, lack of input validation in playready_licacq_process_response() can lead to memory over read. En Android, antes del nivel de parche de seguridad del 2018-04-05 o antes en... • http://www.securityfocus.com/bid/103671 • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 48EXPL: 0CVE-2015-9217
https://notcve.org/view.php?id=CVE-2015-9217
18 Apr 2018 — In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SDM630, SDM636, SDM660, and Snapdragon_High_Med_2016, certain malformed HVEC clips could cause an assertion to fail. En Android, antes del nivel de parche de seguridad del 2018-04-05 o antes en Qualcomm Snapdragon Mobile and Snapdragon Wear MS... • http://www.securityfocus.com/bid/103671 •
CVSS: 10.0EPSS: 0%CPEs: 68EXPL: 0CVE-2016-10414
https://notcve.org/view.php?id=CVE-2016-10414
18 Apr 2018 — In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, when a hash is passed with zero datalength, the code returns an error, eve... • http://www.securityfocus.com/bid/103671 • CWE-388: 7PK - Errors •
CVSS: 10.0EPSS: 0%CPEs: 52EXPL: 0CVE-2016-10457
https://notcve.org/view.php?id=CVE-2016-10457
18 Apr 2018 — In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, app is requesting more permissions than required. En Android, antes del nivel de parche de seguridad del 2018-04-05 o antes en Qualcomm Snapdragon Automobile, Snapdragon Mobile y Snapdragon Wear MDM9206,... • http://www.securityfocus.com/bid/103671 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 0%CPEs: 54EXPL: 0CVE-2016-10473
https://notcve.org/view.php?id=CVE-2016-10473
18 Apr 2018 — In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, in a supplementary services function, a buffer overflow can occur. En Android, antes del nivel de parche de seguridad del 2018-04-05 o antes en Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9... • http://www.securityfocus.com/bid/103671 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 68EXPL: 0CVE-2016-10497
https://notcve.org/view.php?id=CVE-2016-10497
18 Apr 2018 — In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, improper CFG allocation can cause heap leak. En Android, antes del nivel de parche de seguridad del 2018-04-05 o antes en Qualcomm S... • http://www.securityfocus.com/bid/103671 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 50EXPL: 0CVE-2015-9129
https://notcve.org/view.php?id=CVE-2015-9129
18 Apr 2018 — In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, if the size parameter passed to TZ_PR_CMD_CONTENT_SET_PROP is small, an integer underflow occurs. En Android, antes del nivel de parche de seguridad del 2018-04-05 o antes en Qualcomm Sn... • http://www.securityfocus.com/bid/103671 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 10.0EPSS: 0%CPEs: 54EXPL: 0CVE-2015-9159
https://notcve.org/view.php?id=CVE-2015-9159
18 Apr 2018 — In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, lack of input validation OEMCrypto_GetRandom can cause potential buffer overflow. En Android, antes del nivel de parche de seguridad del 2018-04-05 o antes en Qualcomm Sn... • http://www.securityfocus.com/bid/103671 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •