CVSS: 5.5EPSS: 0%CPEs: 62EXPL: 0CVE-2017-18322
https://notcve.org/view.php?id=CVE-2017-18322
Cryptographic key material leaked in WCDMA debug messages in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016. Material de clave criptográfica filtrado en los mensajes de depuración de WCDMA en snapdragon mobile y snapdragon wear en sus versiones MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835 y Snapdragon_High_Med_2016. • http://www.securityfocus.com/bid/106128 https://www.qualcomm.com/company/product-security/bulletins • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.5EPSS: 0%CPEs: 68EXPL: 0CVE-2017-18326
https://notcve.org/view.php?id=CVE-2017-18326
Cryptographic keys are printed in modem debug messages in snapdragon mobile and snapdragon wear in versions MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 800, SD 810, SD 820, SD 835, SDA660, SDM630, SDM660, Snapdragon_High_Med_2016. Se imprimen claves criptográficas en los mensajes de depuración de los módems en snapdragon mobile y snapdragon wear en sus versiones MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 800, SD 810, SD 820, SD 835, SDA660, SDM630, SDM660 y Snapdragon_High_Med_2016. • http://www.securityfocus.com/bid/106128 https://www.qualcomm.com/company/product-security/bulletins • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 28EXPL: 0CVE-2018-5917
https://notcve.org/view.php?id=CVE-2018-5917
Possible buffer overflow in OEM crypto function due to improper input validation in Snapdragon Automobile, Snapdragon Mobile in versions MSM8996AU, SD 425, SD 430, SD 450, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24, SXR1130. Posible desbordamiento de búfer en la función crypto OEM debido a una validación de entradas incorrecta en Snapdragon Automobile y Snapdragon Mobile en versiones MSM8996AU, SD 425, SD 430, SD 450, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24 y SXR1130. • http://www.securityfocus.com/bid/105838 https://www.qualcomm.com/company/product-security/bulletins • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 58EXPL: 0CVE-2018-11921
https://notcve.org/view.php?id=CVE-2018-11921
Failure condition is not handled properly and the correct error code is not returned. It could cause unintended SUI behavior and create unintended SUI display in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24, SXR1130. La condición de error no se gestiona adecuadamente y no se devuelve el código de error correcto. Podría provocar un comportamiento no planeado en SUI y crear una vista SUI no pretendida en Snapdragon Automobile, Snapdragon Mobile y Snapdragon Wear en versiones MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24 y SXR1130. • http://www.securityfocus.com/bid/106845 https://www.qualcomm.com/company/product-security/bulletins • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.8EPSS: 0%CPEs: 38EXPL: 0CVE-2018-11264
https://notcve.org/view.php?id=CVE-2018-11264
Possible buffer overflow in Ontario fingerprint code due to lack of input validation for the parameters coming into TZ from HLOS in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SDA660. Posible desbordamiento de búfer en el código de huella digital Ontario debido a la falta de validación de entradas de los parámetros que entran en TZ desde HLOS en Snapdragon Automobile, Snapdragon Mobile y Snapdragon Wear en versiones MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835 y SDA660. • http://www.securityfocus.com/bid/105838 https://www.qualcomm.com/company/product-security/bulletins • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •