CVSS: 9.8EPSS: 0%CPEs: 76EXPL: 0CVE-2019-2279
https://notcve.org/view.php?id=CVE-2019-2279
22 Jul 2019 — Shared memory gets updated with invalid data and may lead to access beyond the allocated memory. in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCA6574AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845... • https://www.codeaurora.org/security-bulletin/2019/06/03/june-2019-code-aurora-security-bulletin • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 84EXPL: 0CVE-2019-2261
https://notcve.org/view.php?id=CVE-2019-2261
22 Jul 2019 — Unauthorized access from GPU subsystem to HLOS or other non secure subsystem memory can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9150, MDM9206, MDM9607, MDM9650, MSM8996AU, QCA8081, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632,... • https://www.qualcomm.com/company/product-security/bulletins •
CVSS: 7.8EPSS: 0%CPEs: 62EXPL: 0CVE-2019-2292
https://notcve.org/view.php?id=CVE-2019-2292
22 Jul 2019 — Out of bound access can occur due to buffer copy without checking size of input received from WLAN firmware in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9650, MSM8996AU, QCA6574AU, QCS405, QCS605, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 665, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24 Puede ocurrir un acceso fuera ... • https://www.codeaurora.org/security-bulletin/2019/06/03/june-2019-code-aurora-security-bulletin • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 112EXPL: 0CVE-2018-13924
https://notcve.org/view.php?id=CVE-2018-13924
22 Jul 2019 — Lack of check to prevent the buffer length taking negative values can lead to stack overflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCA6174A, QCA8081, QCS404, QCS405, ... • https://www.qualcomm.com/company/product-security/bulletins • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 76EXPL: 0CVE-2019-2243
https://notcve.org/view.php?id=CVE-2019-2243
22 Jul 2019 — Possible buffer overflow at the end of iterating loop while getting the version info and lead to information disclosure. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD ... • https://www.qualcomm.com/company/product-security/bulletins • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 72EXPL: 0CVE-2018-13896
https://notcve.org/view.php?id=CVE-2018-13896
22 Jul 2019 — XBL_SEC image authentication and other crypto related validations are accessible to a compromised OEM XBL Loader due to missing lock at XBL_SEC stage.. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, QCS404, QCS605, Qualcomm 215, SD 410/12, SD 425, SD 427... • https://www.qualcomm.com/company/product-security/bulletins • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 36EXPL: 0CVE-2018-3583
https://notcve.org/view.php?id=CVE-2018-3583
14 Jun 2019 — A buffer overflow can occur while processing an extscan hotlist event in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA9379, QCS605, SD 625, SD 636, SD 820, SD 820A, SD 835, SD 855, SDA660, SDM630, SDM660, SDX20 Puede ocurrir un desbordamiento del búfer mientras se procesa un evento en la lista activa (hotlist) de extscan en Snapdragon Au... • https://www.codeaurora.org/security-bulletin/2019/05/06/may-2019-code-aurora-security-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 48EXPL: 0CVE-2018-13919
https://notcve.org/view.php?id=CVE-2018-13919
14 Jun 2019 — Use-after-free vulnerability will occur if reset of the routing table encounters an invalid rule id while processing command to reset in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, QCS405, QCS605, SD 625, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDM630, SDM660, SDX20, SDX24 Ocurrirá una vulne... • https://www.codeaurora.org/security-bulletin/2019/05/06/may-2019-code-aurora-security-bulletin • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 70EXPL: 0CVE-2019-2256
https://notcve.org/view.php?id=CVE-2019-2256
14 Jun 2019 — An unprivileged user can craft a bitstream such that the payload encoded in the bitstream gains code execution in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, S... • https://www.qualcomm.com/company/product-security/bulletins •
CVSS: 7.8EPSS: 0%CPEs: 48EXPL: 0CVE-2019-2257
https://notcve.org/view.php?id=CVE-2019-2257
14 Jun 2019 — Wrong permissions in configuration file can lead to unauthorized permission in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, SD 210/SD 212/SD 205, SD 615/16/SD 415, SD 636, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 855, SDA660, SDM660, SDX20, SDX24 Los permisos inapropiados en el archivo de configuración puede... • https://www.qualcomm.com/company/product-security/bulletins • CWE-732: Incorrect Permission Assignment for Critical Resource •