CVSS: 7.8EPSS: 0%CPEs: 72EXPL: 0CVE-2019-10628
https://notcve.org/view.php?id=CVE-2019-10628
08 Sep 2020 — u'Memory can be potentially corrupted if random index is allowed to manipulate TLB entries in Kernel from user library' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8098, Bitra, MDM9205, MDM9650, MSM8998, Nicobar, QCA6390, QCN7605, QCS404, QCS405, QCS605, QCS610, Rennell, SA415M, SA6155P, Saipan... • https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin • CWE-129: Improper Validation of Array Index •
CVSS: 7.8EPSS: 0%CPEs: 62EXPL: 0CVE-2019-10629
https://notcve.org/view.php?id=CVE-2019-10629
08 Sep 2020 — u'User Process can potentially corrupt kernel virtual page by passing a crafted page in API' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Bitra, IPQ6018, IPQ8074, MDM9205, Nicobar, QCA8081, QCN7605, QCS404, QCS405, QCS605, QCS610, Rennell, SA415M, SA6155P, Saipan, SC7180, SC8180X, SDA845, SDM670, S... • https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin • CWE-129: Improper Validation of Array Index •
CVSS: 7.8EPSS: 0%CPEs: 114EXPL: 0CVE-2019-10615
https://notcve.org/view.php?id=CVE-2019-10615
08 Sep 2020 — u'Possibility of integer overflow in keymaster 4 while allocating memory due to multiplication of large numcerts value and size of keymaster bob which can lead to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9... • https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 138EXPL: 0CVE-2019-10527
https://notcve.org/view.php?id=CVE-2019-10527
08 Sep 2020 — u'SMEM partition can be manipulated in case of any compromise on HLOS, thus resulting in access to memory outside of SMEM address range which could lead to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Bitra, IPQ... • https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin • CWE-129: Improper Validation of Array Index CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 56EXPL: 0CVE-2019-10562
https://notcve.org/view.php?id=CVE-2019-10562
08 Sep 2020 — u'Improper authentication and signature verification of debug polices in secure boot loader will allow unverified debug policies to be loaded into secure memory and leads to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ6018, Kamorta, MSM8998, Nicobar, QCS404, QCS605, QCS610, Rennell, SA415M, SA6155P, SC7180, SDA660, SDA845, SDM630, SDM636, SDM660,... • https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin • CWE-287: Improper Authentication CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2019-14124
https://notcve.org/view.php?id=CVE-2019-14124
30 Jul 2020 — Memory failure in content protection module due to not having pointer within the scope in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130 Un fallo de la memoria en el módulo de protección de contenido debido a que no tiene puntero dentro del alcance en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking en versione... • https://www.qualcomm.com/company/product-security/bulletins/july-2020-bulletin • CWE-824: Access of Uninitialized Pointer •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2019-14130
https://notcve.org/view.php?id=CVE-2019-14130
30 Jul 2020 — Memory corruption can occurs in trusted application if offset size from HLOS is more than actual mapped buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130 Una corrupción de la memoria puede presentarse en una aplicación confiable si el tamaño del desplazamiento de HLOS es mayor que el tamaño real del búfer asignado en los productos Snapdragon Auto, Snapdragon Compute... • https://www.qualcomm.com/company/product-security/bulletins/july-2020-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.1EPSS: 0%CPEs: 114EXPL: 0CVE-2019-14101
https://notcve.org/view.php?id=CVE-2019-14101
30 Jul 2020 — Out of bounds read can happen in diag event set mask command handler when user provided length in the command request is less than expected length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8096, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9205, MDM9... • https://www.qualcomm.com/company/product-security/bulletins/july-2020-bulletin • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2019-14123
https://notcve.org/view.php?id=CVE-2019-14123
30 Jul 2020 — Possible buffer overflow and over read possible due to missing bounds checks for fixed limits if we consider widevine HLOS client as non-trustable in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130 Un posible desbordamiento del búfer y posible lectura excesiva debido falta de comprobaciones de límites para límites fijos si consideramos que el cliente widevine HLOS no es confiabl... • https://www.qualcomm.com/company/product-security/bulletins/july-2020-bulletin • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 128EXPL: 0CVE-2019-14094
https://notcve.org/view.php?id=CVE-2019-14094
22 Jun 2020 — Integer overflow in diag command handler when user inputs a large value for number of tasks field in the request packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, APQ8096AU, APQ8098, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM9... • https://www.qualcomm.com/company/product-security/bulletins/june-2020-bulletin • CWE-190: Integer Overflow or Wraparound •