CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 0CVE-2018-11824
https://notcve.org/view.php?id=CVE-2018-11824
A stack-based buffer overflow can occur in a firmware routine in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SD 845, SD 850, SDA660 Puede ocurrir un desbordamiento de búfer basado en pila en una rutina del firmware en Snapdragon Mobile y Snapdragon Wear en versiones MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SD 845, SD 850 y SDA660. • https://www.qualcomm.com/company/product-security/bulletins • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2017-18308
https://notcve.org/view.php?id=CVE-2017-18308
Modem segments are unlocked after authentication, leaving modem segments open to all in Snapdragon Mobile, Snapdragon Wear in version MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430 Los segmentos del módem se desbloquean tras la autenticación, lo que los deja abiertos a todos en Snapdragon Mobile y Snapdragon Wear en versiones MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 425 y SD 430. • http://www.securitytracker.com/id/1041432 https://www.qualcomm.com/company/product-security/bulletins •
CVSS: 7.8EPSS: 0%CPEs: 50EXPL: 0CVE-2018-11305
https://notcve.org/view.php?id=CVE-2018-11305
When a series of FDAL messages are sent to the modem, a Use After Free condition can occur in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDA660, SDX20. Cuando se envía una serie de mensajes FDAL al módem, puede ocurrir una condición de Uso de memoria previamente liberada en Snapdragon Automobile, Snapdragon Mobile y Snapdragon Wear en versiones MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDA660 y SDX20. • http://www.securitytracker.com/id/1041432 https://www.qualcomm.com/company/product-security/bulletins • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2018-11828
https://notcve.org/view.php?id=CVE-2018-11828
When FW tries to get random mac address generated from new SW RNG and ADC values read are constant then DUT get struck in loop while trying to get random ADC samples in Snapdragon Mobile in version SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52 Cuando el firmware intenta obtener direcciones mac aleatorias generadas desde nuevo software, las lecturas de valores RNG y ADC son constantes, pero DUT se queda atrapado en un bucle al intentar obtener muestras ADC aleatorias en Snapdragon Mobile en versiones SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625 y SD 650/52. • http://www.securityfocus.com/bid/107681 https://www.qualcomm.com/company/product-security/bulletins • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 48EXPL: 0CVE-2018-11850
https://notcve.org/view.php?id=CVE-2018-11850
Lack of check on remaining length parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9379, SD 210/SD 212/SD 205, SD 425, SD 625, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDX20 La falta de comprobaciones del comando length sobrante al procesar el comando scan start conducirá al flujo del búfer en Snapdragon Automobile, Snapdragon Mobile y Snapdragon Wear en versiones MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9379, SD 210/SD 212/SD 205, SD 425, SD 625, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660 y SDX20. • http://www.securityfocus.com/bid/107681 https://www.qualcomm.com/company/product-security/bulletins • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •