CVSS: 7.8EPSS: 0%CPEs: 48EXPL: 0CVE-2017-18328
https://notcve.org/view.php?id=CVE-2017-18328
03 Jan 2019 — Use after free in QSH client rule processing in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 820, SD 835, SDA660, SDM630, SDM660, Snapdragon_High_Med_2016. Vulnerabilidad de uso de memoria previamente liberada en el procesamiento de reglas del cliente en QSH en snapdragon mobile y snapdragon wear en sus versiones MDM9206, MDM9607, MDM9635M, MDM9640, ... • http://www.securityfocus.com/bid/106128 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 16EXPL: 0CVE-2016-10502
https://notcve.org/view.php?id=CVE-2016-10502
10 Dec 2018 — While generating trusted application id, An integer overflow can occur giving the trusted application an invalid identity in Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835 and SDA660. Mientras se genera un ID de aplicación de confianza, puede ocurrir un desbordamiento de enteros que otorga a la aplicación de confianza una identidad inválida en Snapdragon Mobile y Snapdragon Wear en versiones MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835 y ... • http://www.securityfocus.com/bid/105838 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 40EXPL: 0CVE-2017-18316
https://notcve.org/view.php?id=CVE-2017-18316
28 Nov 2018 — Secure application can access QSEE kernel memory through Ontario kernel driver in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24, SXR1130. Una aplicación segura puede acceder a la memoria del kernel QSEE mediante el controlador del kernel Ontario en Snapdragon Automobile, Snapdragon Mobile y Snapdragon Wear en versiones MDM9206, ... • http://www.securityfocus.com/bid/105838 •
CVSS: 7.8EPSS: 0%CPEs: 32EXPL: 0CVE-2018-11996
https://notcve.org/view.php?id=CVE-2018-11996
28 Nov 2018 — When a malformed command is sent to the device programmer, an out-of-bounds access can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 600, SD 820, SD 820A, SD 835, SDA660, SDX20, SDX24. Cuando un comando mal formado se envía al programador del dispositivo, puede ocurrir un acceso fuera de límites en Snapdragon Automobile, Snapdragon Mobile y Snapdragon Wear en versiones MDM9206, MDM9607, MDM9... • http://www.securityfocus.com/bid/105838 • CWE-129: Improper Validation of Array Index •
CVSS: 7.8EPSS: 0%CPEs: 40EXPL: 0CVE-2018-11994
https://notcve.org/view.php?id=CVE-2018-11994
28 Nov 2018 — SMMU secure camera logic allows secure camera controllers to access HLOS memory during session in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24, SXR1130. La lógica segura de la cámara SMMU permite que los controladores seguros de cámara accedan a la memoria HLOS durante la sesión en Snapdragon Automobile, Snapdragon Mobile y Sna... • http://www.securityfocus.com/bid/105838 •
CVSS: 6.5EPSS: 0%CPEs: 70EXPL: 0CVE-2018-5916
https://notcve.org/view.php?id=CVE-2018-5916
28 Nov 2018 — Buffer overread while decoding PDP modify request or network initiated secondary PDP activation in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX20, SXR1130. Sobrelectura de búfer al descifrar la petición de modificación... • http://www.securityfocus.com/bid/105838 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 60EXPL: 0CVE-2018-5918
https://notcve.org/view.php?id=CVE-2018-5918
28 Nov 2018 — Possible buffer overflow in DRM Trusted application due to lack of check function return values in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24, SXR1130. Posible desbordamiento de búfer en la aplicación DRM Trusted debido a la falta de comprobación de los valores... • https://www.qualcomm.com/company/product-security/bulletins • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 32EXPL: 0CVE-2018-5877
https://notcve.org/view.php?id=CVE-2018-5877
28 Nov 2018 — In the device programmer target-side code for firehose, a string may not be properly NULL terminated can lead to a incorrect buffer size in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 600, SD 820, SD 820A, SD 835, SDA660, SDX20. En el código del lado del objetivo del programador del dispositivo para firehose, una cadena que podría no estar correctamente terminada en NULL puede conducir a u... • http://www.securityfocus.com/bid/105838 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 38EXPL: 0CVE-2018-11264
https://notcve.org/view.php?id=CVE-2018-11264
28 Nov 2018 — Possible buffer overflow in Ontario fingerprint code due to lack of input validation for the parameters coming into TZ from HLOS in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SDA660. Posible desbordamiento de búfer en el código de huella digital Ontario debido a la falta de validación de entradas de los parámetros que entran en TZ desde HLOS... • http://www.securityfocus.com/bid/105838 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 58EXPL: 0CVE-2018-11921
https://notcve.org/view.php?id=CVE-2018-11921
28 Nov 2018 — Failure condition is not handled properly and the correct error code is not returned. It could cause unintended SUI behavior and create unintended SUI display in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24, SXR1130. La condición de error no se gestiona adecuadamente y no ... • http://www.securityfocus.com/bid/106845 • CWE-755: Improper Handling of Exceptional Conditions •