CVSS: 7.8EPSS: 0%CPEs: 122EXPL: 0CVE-2020-3624
https://notcve.org/view.php?id=CVE-2020-3624
08 Sep 2020 — u'A potential buffer overflow exists due to integer overflow when parsing handler options due to wrong data type usage in operation' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, MDM9207C, MDM960... • https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.0EPSS: 0%CPEs: 88EXPL: 0CVE-2020-3619
https://notcve.org/view.php?id=CVE-2020-3619
08 Sep 2020 — u'Non-secure memory is touched multiple times during TrustZone\u2019s execution and can lead to privilege escalation or memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8098, IPQ8074, Kamorta, MDM9150, MDM9206, MDM9607, MDM9650, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8998,... • https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 126EXPL: 0CVE-2020-3620
https://notcve.org/view.php?id=CVE-2020-3620
08 Sep 2020 — u'Lack of check of integer overflow while doing a round up operation for data read from shared memory for G-link SMEM transport can lead to corruption and potential information leak' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Bi... • https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 126EXPL: 0CVE-2020-3621
https://notcve.org/view.php?id=CVE-2020-3621
08 Sep 2020 — u'Lack of check to ensure that the TX read index & RX write index that are read from shared memory are less than the FIFO size results into memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, A... • https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 30EXPL: 0CVE-2020-3611
https://notcve.org/view.php?id=CVE-2020-3611
08 Sep 2020 — u'XBL SEC clears only ZI region when loading Qualcomm-signed segments can lead to improper access issue' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in APQ8098, Kamorta, MSM8998, QCS404, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SXR1130 XBL SEC borra solo la región ZI cuando la carga de segmentos firmados por Qualcomm puede generar un problema de acceso inapropiado en los pr... • https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin •
CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0CVE-2020-11133
https://notcve.org/view.php?id=CVE-2020-11133
08 Sep 2020 — u'Possible out of bound array write in rxdco cal utility due to lack of array bound check' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MSM8998, QCS605, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SXR1130 Una posible escritura de la matriz fuera de límite en la utilidad rxdco cal debido a una falta de comprobación del límite de la matriz en los productos Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon M... • https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.5EPSS: 0%CPEs: 96EXPL: 0CVE-2020-11115
https://notcve.org/view.php?id=CVE-2020-11115
08 Sep 2020 — u'Buffer over read occurs while processing information element from beacon due to lack of check of data received from beacon' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, APQ8098, Bitra, Kamorta, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8... • https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 0%CPEs: 98EXPL: 0CVE-2020-11116
https://notcve.org/view.php?id=CVE-2020-11116
08 Sep 2020 — u'Possible out of bound write while processing association response received from host due to lack of check of IE length' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, APQ8098, Bitra, Kamorta, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, QCA6174A... • https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 114EXPL: 0CVE-2019-14115
https://notcve.org/view.php?id=CVE-2019-14115
08 Sep 2020 — u'Information disclosure issue occurs as in current logic as secure touch is released without clearing the display session which can result in user reading the secure input while touch is in non-secure domain as secure display is active' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8076, APQ8... • https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin • CWE-459: Incomplete Cleanup •
CVSS: 7.8EPSS: 0%CPEs: 140EXPL: 0CVE-2019-14074
https://notcve.org/view.php?id=CVE-2019-14074
08 Sep 2020 — u'Heap overflow in diag command handler due to lack of check of packet length received from user' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8076, APQ8096AU, APQ8098, Bitra, IPQ6018, IPQ8074, Kamorta, MDM9150, MDM9205, MDM9206, MDM9207C, MDM9607... • https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin • CWE-20: Improper Input Validation CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •