CVSS: 7.5EPSS: 0%CPEs: 24EXPL: 0CVE-2015-9132
https://notcve.org/view.php?id=CVE-2015-9132
18 Apr 2018 — In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Small Cell SoC FSM9055, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, and SD 810, possible arbitrary memory read due to untrusted pointer dereference when handling HLOS controlled values passed to the QSEE syscall helper. En Android, antes del nivel de parche de seguridad del 2018-04-05 o antes en Qualcomm Snapdragon Mobile y Snapdragon Wear Small Cell SoC FSM9055, SD 210/SD 212/SD 205, SD 400... • http://www.securityfocus.com/bid/103671 • CWE-476: NULL Pointer Dereference •
CVSS: 10.0EPSS: 0%CPEs: 16EXPL: 0CVE-2015-9133
https://notcve.org/view.php?id=CVE-2015-9133
18 Apr 2018 — In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400, SD 410/12, SD 617, SD 650/52, SD 800, and SD 810, if Widevine App TZ_WV_CMD_DECRYPT_VIDEO is called with a size too large, an integer overflow may occur. En Android, antes del nivel de parche de seguridad del 2018-04-05 o antes en Qualcomm Snapdragon Mobile SD 400, SD 410/12, SD 617, SD 650/52, SD 800 y SD 810, si se llama a TZ_WV_CMD_DECRYPT_VIDEO en Widevine App con un tamaño demasiado grande, podría ocurrir... • http://www.securityfocus.com/bid/103671 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0CVE-2015-9134
https://notcve.org/view.php?id=CVE-2015-9134
18 Apr 2018 — In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410/12, SD 615/16/SD 415, and SD 810, while processing QSEE Syscall 'qsee_macc_gen_ecc_privkey', untrusted pointer dereference occurs, which could result in arbitrary write. En Android, antes del nivel de parche de seguridad del 2018-04-05 o antes en Qualcomm Snapdragon Mobile SD 410/12, SD 615/16/SD 415 y SD 810, al procesar una Syscall QSEE 'qsee_macc_gen_ecc_privkey', ocurre una desreferencia de puntero no fiabl... • http://www.securityfocus.com/bid/103671 • CWE-476: NULL Pointer Dereference •
CVSS: 10.0EPSS: 0%CPEs: 40EXPL: 0CVE-2015-9135
https://notcve.org/view.php?id=CVE-2015-9135
18 Apr 2018 — In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9625, MDM9635M, MDM9640, MDM9645, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, and SD 810, in a QTEE syscall handler, an untrusted pointer dereference can occur. En Android antes del nivel de parcheo de seguridad del 2018-04-05 o antes en Qualcomm Snapdragon Mobile y Snapdragon Wear MDM9625, MDM9635M, MDM9640, MDM9645, MSM8909W, SD 210/S... • http://www.securityfocus.com/bid/103671 • CWE-476: NULL Pointer Dereference •
CVSS: 10.0EPSS: 0%CPEs: 38EXPL: 0CVE-2015-9136
https://notcve.org/view.php?id=CVE-2015-9136
18 Apr 2018 — In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9640, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 600, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, and SDX20, in pre-auth request, Host driver uses FT IEs sent by the supplicant. A buffer overflow may occur if FT IEs sent by the supplicant are larger than the expected value. En Android antes del nivel de parcheo de seguridad del 2018-04-05 o antes en Qualco... • http://www.securityfocus.com/bid/103671 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 70EXPL: 0CVE-2015-9137
https://notcve.org/view.php?id=CVE-2015-9137
18 Apr 2018 — In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, several EFS2 DIAG command handlers are not calling fs_diag_access_check(). En Android, antes del nivel de parche de segurida... • http://www.securityfocus.com/bid/103671 • CWE-19: Data Processing Errors •
CVSS: 10.0EPSS: 0%CPEs: 74EXPL: 0CVE-2015-9138
https://notcve.org/view.php?id=CVE-2015-9138
18 Apr 2018 — In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, when an RSA encryption operation is called, the ce_util_to_unsigne... • http://www.securityfocus.com/bid/103671 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 54EXPL: 0CVE-2015-9139
https://notcve.org/view.php?id=CVE-2015-9139
18 Apr 2018 — In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, SD 810, and SD 820, improper input validation can occur while negotiating an SSL handshake. En Android, antes del nivel de parche de seguridad del 2018-04-05 o antes en Qualcomm Snapdragon Mobile y Snapdragon... • http://www.securityfocus.com/bid/103671 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 0%CPEs: 54EXPL: 0CVE-2015-9140
https://notcve.org/view.php?id=CVE-2015-9140
18 Apr 2018 — In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, SD 810, and SDX20, unauthorized memory access possible in online memory dump feature. En Android antes del nivel de parcheo de seguridad del 2018-04-05 o antes en Qualcomm Snapdragon Mobile,... • http://www.securityfocus.com/bid/103671 • CWE-284: Improper Access Control •
CVSS: 10.0EPSS: 0%CPEs: 38EXPL: 0CVE-2015-9141
https://notcve.org/view.php?id=CVE-2015-9141
18 Apr 2018 — In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 617, SD 800, SD 808, and SD 810, in HHO scenarios, during the ACQ procedure, there are possible instances where the search database is incorrectly updated resulting in memory corruption due to buffer overflow. En Android antes del nivel de parcheo de seguridad del 2018-04-05 o antes e... • http://www.securityfocus.com/bid/103671 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •