CVSS: 9.1EPSS: 0%CPEs: 818EXPL: 0CVE-2020-11166
https://notcve.org/view.php?id=CVE-2020-11166
17 Mar 2021 — Potential out of bound read exception when UE receives unusually large number of padding octets in the beginning of ROHC header in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Una posible excepción de lectura fuera de límite cuando UE recibe un número inusualmente grande de octetos de relleno al comienzo del encabezado ROHC en los productos Snapdragon Auto, S... • https://www.qualcomm.com/company/product-security/bulletins/march-2021-bulletin • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 0%CPEs: 1076EXPL: 0CVE-2020-11269
https://notcve.org/view.php?id=CVE-2020-11269
22 Feb 2021 — Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Una posible corrupción de la memoria durante el procesamiento de tramas EAPOL debido a una falta de compro... • https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 1042EXPL: 0CVE-2020-11204
https://notcve.org/view.php?id=CVE-2020-11204
22 Feb 2021 — Possible memory corruption and information leakage in sub-system due to lack of check for validity and boundary compliance for parameters that are read from shared MSG RAM in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Una posible corrupción de la memoria y filtración de información en el subsistema debido a un... • https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 818EXPL: 0CVE-2020-11177
https://notcve.org/view.php?id=CVE-2020-11177
22 Feb 2021 — User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device lock in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Un usuario puede sobrescribir el elemento Security Code NV sin conocer el SPC actual debido a una comprobación inapropiada de la configuración del código SPC y el bloqueo del dispos... • https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin •
CVSS: 10.0EPSS: 0%CPEs: 1014EXPL: 0CVE-2020-11170
https://notcve.org/view.php?id=CVE-2020-11170
22 Feb 2021 — Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Un acceso fuera de límite a la memoria mientras se reproducen reproducciones de música con contenido vorbis diseñado debido a comprobaci... • https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 0%CPEs: 182EXPL: 0CVE-2020-3639
https://notcve.org/view.php?id=CVE-2020-3639
12 Nov 2020 — u'When a non standard SIP sigcomp message is received from the network, then there may be chances of using more UDVM cycle or memory overflow' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8009, APQ8017, APQ8037, APQ8053, MDM9250, MDM9607, MDM9628, MDM9640, MDM9650, MSM8108, MSM8208, MSM8209, MSM8608, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, QCM4290, QCM6125, QCS410, QCS4290, QCS603, ... • https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin • CWE-129: Improper Validation of Array Index •
CVSS: 10.0EPSS: 0%CPEs: 184EXPL: 0CVE-2020-11193
https://notcve.org/view.php?id=CVE-2020-11193
12 Nov 2020 — u'Buffer over read can happen while parsing mkv clip due to improper typecasting of data returned from atomsize' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM9206, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, Q... • https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 0%CPEs: 184EXPL: 0CVE-2020-11196
https://notcve.org/view.php?id=CVE-2020-11196
12 Nov 2020 — u'Integer overflow to buffer overflow occurs while playback of ASF clip having unexpected number of codec entries' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM9206, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290,... • https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 230EXPL: 0CVE-2020-11123
https://notcve.org/view.php?id=CVE-2020-11123
12 Nov 2020 — u'information disclosure in gatekeeper trustzone implementation as the throttling mechanism to prevent brute force attempts at getting user`s lock-screen password can be bypassed by performing the standard gatekeeper operations.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8009W, APQ8017, APQ8... • https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin •
CVSS: 5.5EPSS: 0%CPEs: 116EXPL: 0CVE-2020-3643
https://notcve.org/view.php?id=CVE-2020-3643
08 Sep 2020 — u'Information disclosure issue can occur due to partial secure display-touch session tear-down' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8076, APQ8096AU, APQ8098, IPQ6018, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, ... • https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-404: Improper Resource Shutdown or Release •