CVSS: 6.5EPSS: 0%CPEs: 18EXPL: 0CVE-2017-18283
https://notcve.org/view.php?id=CVE-2017-18283
Possible memory corruption when Read Val Blob Req is received with invalid parameters in Snapdragon Mobile in version QCA9379, SD 210/SD 212/SD 205, SD 625, SD 835, SD 845, SD 850, SDA660. Posible corrupción de memoria cuando se recibe Read Val Blob Req con parámetros inválidos en Snapdragon Mobile en versiones QCA9379, SD 210/SD 212/SD 205, SD 625, SD 835, SD 845, SD 850 y SDA660. • http://www.securitytracker.com/id/1041432 https://source.android.com/security/bulletin/2018-08-01#qualcomm-closed-source-components https://www.qualcomm.com/company/product-security/bulletins • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 52EXPL: 0CVE-2017-18298
https://notcve.org/view.php?id=CVE-2017-18298
Lack of Input Validation in SDMX API can lead to NULL pointer access in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660 . La falta de validación de entradas en la API SDMX puede conducir a un acceso de puntero NULL en Snapdragon Automobile, Snapdragon Mobile y Snapdragon Wear en versiones MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850 y SDA660 . • http://www.securitytracker.com/id/1041432 https://source.android.com/security/bulletin/2018-08-01#qualcomm-closed-source-components https://www.qualcomm.com/company/product-security/bulletins • CWE-476: NULL Pointer Dereference •
CVSS: 7.0EPSS: 0%CPEs: 14EXPL: 0CVE-2017-18305
https://notcve.org/view.php?id=CVE-2017-18305
XBL sec mem dump system call allows complete control of EL3 by unlocking all XPUs if enable fuse is not blown in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835. La llamada del sistema XBL sec mem dump permite el control total de EL3 desbloqueando todos los XPU si no se se sobrecarga un fusible "enable" en Snapdragon Mobile y Snapdragon Wear en versiones MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205 y SD 835. • http://www.securitytracker.com/id/1041432 https://source.android.com/security/bulletin/2018-08-01#qualcomm-closed-source-components https://www.qualcomm.com/company/product-security/bulletins •
CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0CVE-2017-18155
https://notcve.org/view.php?id=CVE-2017-18155
While playing HEVC content using HD DMB in Snapdragon Automobile and Snapdragon Mobile in version MSM8996AU, SD 450, SD 625, SD 820, SD 820A, SD 835, an uninitialized variable can be used leading to a kernel fault. Al reproducir contenido HEVC mediante HD DMB en Snapdragon Automobile y Snapdragon Mobile en las versiones MSM8996AU, SD 450, SD 625, SD 820, SD 820A y SD 835, puede emplearse una variable no inicializada, lo que conduce a un fallo del kernel. • https://source.android.com/security/bulletin/2018-06-01#qualcomm-components • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 48EXPL: 0CVE-2018-5874
https://notcve.org/view.php?id=CVE-2018-5874
While parsing an mp4 file, a stack-based buffer overflow can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear. Al analizar un archivo MP4, podría ocurrir un desbordamiento de búfer basado en pila en Snapdragon Automobile, Snapdragon Mobile y Snapdragon Wear. • https://www.qualcomm.com/company/product-security/bulletins • CWE-787: Out-of-bounds Write •