CVSS: 7.8EPSS: 0%CPEs: 72EXPL: 0CVE-2019-14077
https://notcve.org/view.php?id=CVE-2019-14077
02 Jun 2020 — Out of bound memory access while processing ese transmit command due to passing Response buffer received from user in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8098, IPQ6018, Kamorta, MDM9150, MDM9205, MDM9607, MDM9650, MSM8909, MSM8998, Nicobar, QCS404, QCS405, QCS605, Rennell, SA415M, SA6155P, SC7180, SC8180X, SDA660, SDA845, SDM... • https://www.qualcomm.com/company/product-security/bulletins/may-2020-bulletin • CWE-704: Incorrect Type Conversion or Cast •
CVSS: 7.1EPSS: 0%CPEs: 82EXPL: 0CVE-2019-14053
https://notcve.org/view.php?id=CVE-2019-14053
02 Jun 2020 — When attempting to create a new XFRM policy, a stack out-of-bounds read will occur if the user provides a template where the mode is set to a value that does not resolve to a valid XFRM mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ... • https://www.qualcomm.com/company/product-security/bulletins/may-2020-bulletin • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 32EXPL: 0CVE-2019-14054
https://notcve.org/view.php?id=CVE-2019-14054
02 Jun 2020 — Improper permissions in XBL_SEC region enable user to update XBL_SEC code and data and divert the RAM dump path to normal cold boot path in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, MSM8998, QCS404, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM8150, SXR1130, SXR2130 Los permisos inapropiados en la región XBL_SEC permiten al usuario actualizar el código y los datos ... • https://www.qualcomm.com/company/product-security/bulletins/may-2020-bulletin •
CVSS: 7.1EPSS: 0%CPEs: 60EXPL: 0CVE-2019-14043
https://notcve.org/view.php?id=CVE-2019-14043
02 Jun 2020 — Out of bound read in Fingerprint application due to requested data is being used without length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Kamorta, MDM9150, MDM9205, MDM9650, MSM8998, Nicobar, QCS404, QCS405, QCS605, Rennell, SA415M, SA6155P, SC7180, SC8180X, SDA660, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55,... • https://www.qualcomm.com/company/product-security/bulletins/may-2020-bulletin • CWE-125: Out-of-bounds Read •
CVSS: 7.1EPSS: 0%CPEs: 46EXPL: 0CVE-2019-14038
https://notcve.org/view.php?id=CVE-2019-14038
02 Jun 2020 — Buffer over-read in ADSP parse function due to lack of check for availability of sufficient data payload received in command response in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8953, QCS605, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM670, SDM710, SDM845, SDX20, SDX24 Una l... • https://www.qualcomm.com/company/product-security/bulletins/may-2020-bulletin • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read •
CVSS: 7.1EPSS: 0%CPEs: 44EXPL: 0CVE-2019-14039
https://notcve.org/view.php?id=CVE-2019-14039
02 Jun 2020 — Out of bound read in adm call back function due to incorrect boundary check for payload in command response in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8053, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8953, QCS605, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM670, SDM710, SDM845, SDX20, SDX24 Una lectura fuera de límite en la función adm call back ... • https://www.qualcomm.com/company/product-security/bulletins/may-2020-bulletin • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 0%CPEs: 86EXPL: 0CVE-2019-14127
https://notcve.org/view.php?id=CVE-2019-14127
16 Apr 2020 — Possible buffer overflow while playing mkv clip due to lack of validation of atom size buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCS605, QM215, Rennell, SA6155P, Saipan, SDA660, SDM429, SDM429W, SDM439, SDM450... • https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 0%CPEs: 52EXPL: 0CVE-2019-14112
https://notcve.org/view.php?id=CVE-2019-14112
16 Apr 2020 — Potential buffer overflow while processing CBF frames due to lack of check of buffer length before copy in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in APQ8098, IPQ6018, IPQ8074, MSM8998, Nicobar, QCA8081, QCN7605, QCS404, QCS605, Rennell, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, ... • https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 0%CPEs: 104EXPL: 0CVE-2019-14113
https://notcve.org/view.php?id=CVE-2019-14113
16 Apr 2020 — Buffer overflow can occur in In WLAN firmware while unwraping data using CCMP cipher suite during parsing of EAPOL handshake frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096, APQ8096AU, APQ8098, IPQ6018, IPQ8074, MDM9206, MDM9207C, MDM96... • https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-190: Integer Overflow or Wraparound •
CVSS: 10.0EPSS: 0%CPEs: 102EXPL: 0CVE-2019-14114
https://notcve.org/view.php?id=CVE-2019-14114
16 Apr 2020 — Buffer overflow in WLAN firmware while parsing GTK IE containing GTK key having length more than the buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, IPQ6018, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM89... • https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin • CWE-190: Integer Overflow or Wraparound •