CVSS: 7.8EPSS: 0%CPEs: 96EXPL: 0CVE-2019-14026
https://notcve.org/view.php?id=CVE-2019-14026
05 Mar 2020 — Possible buffer overflow in WLAN WMI handler due to lack of ssid length check when copying data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, IPQ6018, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8996AU, MSM8998, Nicobar, QCA6174A,... • https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 50EXPL: 0CVE-2019-14027
https://notcve.org/view.php?id=CVE-2019-14027
05 Mar 2020 — Buffer overflow due to lack of upper bound check on channel length which is used for a loop. in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in APQ8098, IPQ6018, IPQ8074, MSM8998, Nicobar, QCA8081, QCN7605, QCS404, QCS605, Rennell, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SXR1130, SX... • https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 116EXPL: 0CVE-2019-14000
https://notcve.org/view.php?id=CVE-2019-14000
05 Mar 2020 — Lack of check that the RX FIFO write index that is read from shared RAM is less than the FIFO size results into memory corruption and potential information leakage in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, IPQ6018, IPQ8074, MDM9150, MDM9205, MDM9206, MDM9607, MDM9... • https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 56EXPL: 0CVE-2019-14015
https://notcve.org/view.php?id=CVE-2019-14015
05 Mar 2020 — A stack-based buffer overflow exists in the initialization of the identification stage due to lack of check on the number of templates provided. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8096, APQ8096AU, MDM9205, MSM8996, MSM8996AU, Nicobar, QCS404, QCS405, QCS605, Rennell, SA6155P, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670... • https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 74EXPL: 0CVE-2019-10546
https://notcve.org/view.php?id=CVE-2019-10546
05 Mar 2020 — Buffer overflow can occur in WLAN firmware while parsing beacon/probe_response frames during roaming in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in APQ8096, APQ8096AU, IPQ6018, IPQ8074, MDM9607, MDM9640, MDM9650, MSM8996AU, Nicobar, QCA6174A, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA8081, QCA9377, QCA9379, QCS404, QCS605, R... • https://www.qualcomm.com/company/product-security/bulletins/march-2020-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0CVE-2019-2267
https://notcve.org/view.php?id=CVE-2019-2267
21 Jan 2020 — Locked regions may be modified through other interfaces in secure boot loader image due to improper access control. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in MDM9205, QCS404, QCS605, SDA845, SDM670, SDM710, SDM845, SDM850, SM8150, SXR1130, SXR2130 Las regiones bloqueadas pueden ser modificadas por medio de otras interfaces en la imagen del cargador de arranque segur... • https://www.qualcomm.com/company/product-security/bulletins/january-2020-bulletin •
CVSS: 5.5EPSS: 0%CPEs: 98EXPL: 0CVE-2019-10513
https://notcve.org/view.php?id=CVE-2019-10513
18 Dec 2019 — Possibility of Null pointer access if the SPDM commands are executed in the non-standard way in Trustzone in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, IPQ8074, MDM9150, MDM9205, MDM9206, MDM9207C, MDM9607,... • https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin • CWE-476: NULL Pointer Dereference •
CVSS: 7.1EPSS: 0%CPEs: 98EXPL: 0CVE-2019-10482
https://notcve.org/view.php?id=CVE-2019-10482
18 Dec 2019 — Due to the use of non-time-constant comparison functions there is issue in timing side channels which can be used as a potential side channel for SUI corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8909, MSM8917, MSM8920, MS... • https://www.qualcomm.com/company/product-security/bulletins/december-2019-bulletin •
CVSS: 7.1EPSS: 0%CPEs: 38EXPL: 0CVE-2019-2338
https://notcve.org/view.php?id=CVE-2019-2338
12 Dec 2019 — Crafted image that has a valid signature from a non-QC entity can be loaded which can read/write memory that belongs to the secure world in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in MDM9205, MSM8998, QCS404, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SM6150, SM7150, SM8150, SXR1130, SXR2130 Una imagen diseñada que tenga una f... • https://www.qualcomm.com/company/product-security/bulletins/november-2019-bulletin •
CVSS: 7.8EPSS: 0%CPEs: 26EXPL: 0CVE-2019-2319
https://notcve.org/view.php?id=CVE-2019-2319
12 Dec 2019 — HLOS could corrupt CPZ page table memory for S1 managed VMs in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in MDM9205, QCS404, QCS605, SDA845, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SXR1130, SXR2130 HLOS podría corromper la memoria de la tabla de páginas CPZ para Máquinas Virtuales administradas por S1 en los productos Snapdragon Auto, Snapdragon Compute, S... • https://www.qualcomm.com/company/product-security/bulletins/november-2019-bulletin • CWE-787: Out-of-bounds Write •