CVSS: 7.8EPSS: 0%CPEs: 64EXPL: 0CVE-2017-18320
https://notcve.org/view.php?id=CVE-2017-18320
03 Jan 2019 — QSEE unload attempt on a 3rd party TEE without previously loading results in a data abort in snapdragon automobile and snapdragon mobile in versions MSM8996AU, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016, SXR1130. Intento de descarga QSEE en un TEE de terceros sin cargar los resultados previamente en un "data a... • http://www.securityfocus.com/bid/106128 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 68EXPL: 0CVE-2017-18141
https://notcve.org/view.php?id=CVE-2017-18141
03 Jan 2019 — When a 3rd party TEE has been loaded it is possible for the non-secure world to create a secure monitor call which will give it access to privileged functions meant to only be accessible from the TEE in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM4... • http://www.securityfocus.com/bid/106128 •
CVSS: 5.5EPSS: 0%CPEs: 60EXPL: 0CVE-2017-18319
https://notcve.org/view.php?id=CVE-2017-18319
03 Jan 2019 — Information leak in UIM API debug messages in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016. Filtrado de información en los mensajes de depuración de la API UIM en snapdragon mobile y snapdragon wear en sus versiones MDM9206, MDM9607, MDM9615, MDM9625, MDM96... • http://www.securityfocus.com/bid/106128 • CWE-320: Key Management Errors •
CVSS: 5.5EPSS: 0%CPEs: 62EXPL: 0CVE-2017-18322
https://notcve.org/view.php?id=CVE-2017-18322
03 Jan 2019 — Cryptographic key material leaked in WCDMA debug messages in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016. Material de clave criptográfica filtrado en los mensajes de depuración de WCDMA en snapdragon mobile y snapdragon wear en sus versiones MDM92... • http://www.securityfocus.com/bid/106128 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 74EXPL: 0CVE-2017-18329
https://notcve.org/view.php?id=CVE-2017-18329
03 Jan 2019 — Possible Buffer overflow when transmitting an RTP packet in snapdragon automobile and snapdragon wear in versions MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 835, SD 845 / SD 850, SDA660, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130 Posible desbordamiento de búfer durante la trasferencia de un paquete RTP en snap... • http://www.securityfocus.com/bid/106128 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 70EXPL: 0CVE-2017-18323
https://notcve.org/view.php?id=CVE-2017-18323
03 Jan 2019 — Cryptographic key material leaked in TDSCDMA RRC debug messages in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDX20, SXR1130. Material de clave criptográfica filtrado en los mensajes de depuración de TDSCDMA RRC en sna... • http://www.securityfocus.com/bid/106128 • CWE-320: Key Management Errors •
CVSS: 6.5EPSS: 0%CPEs: 70EXPL: 0CVE-2018-5916
https://notcve.org/view.php?id=CVE-2018-5916
28 Nov 2018 — Buffer overread while decoding PDP modify request or network initiated secondary PDP activation in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX20, SXR1130. Sobrelectura de búfer al descifrar la petición de modificación... • http://www.securityfocus.com/bid/105838 • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 0%CPEs: 24EXPL: 0CVE-2017-18318
https://notcve.org/view.php?id=CVE-2017-18318
28 Nov 2018 — Missing validation check on CRL issuer name in Snapdragon Automobile, Snapdragon Mobile in versions MSM8996AU, SD 410/12, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 810, SD 820, SD 820A. Falta una comprobación de validación en el nombre del proveedor CRL en Snapdragon Automobile y Snapdragon Mobile en versiones MSM8996AU, SD 410/12, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 810, SD 820 y SD 820A. • http://www.securityfocus.com/bid/105838 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 58EXPL: 0CVE-2018-11921
https://notcve.org/view.php?id=CVE-2018-11921
28 Nov 2018 — Failure condition is not handled properly and the correct error code is not returned. It could cause unintended SUI behavior and create unintended SUI display in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24, SXR1130. La condición de error no se gestiona adecuadamente y no ... • http://www.securityfocus.com/bid/106845 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.8EPSS: 0%CPEs: 60EXPL: 0CVE-2018-5918
https://notcve.org/view.php?id=CVE-2018-5918
28 Nov 2018 — Possible buffer overflow in DRM Trusted application due to lack of check function return values in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24, SXR1130. Posible desbordamiento de búfer en la aplicación DRM Trusted debido a la falta de comprobación de los valores... • https://www.qualcomm.com/company/product-security/bulletins • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •