CVSS: 7.8EPSS: 0%CPEs: 348EXPL: 0CVE-2020-11253
https://notcve.org/view.php?id=CVE-2020-11253
22 Feb 2021 — Arbitrary memory write issue in video driver while setting the internal buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile Un problema de escritura de la memoria arbitraria en el controlador de video mientras se configura los búferes internos en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile • https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1076EXPL: 0CVE-2020-11269
https://notcve.org/view.php?id=CVE-2020-11269
22 Feb 2021 — Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Una posible corrupción de la memoria durante el procesamiento de tramas EAPOL debido a una falta de compro... • https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 406EXPL: 0CVE-2020-11223
https://notcve.org/view.php?id=CVE-2020-11223
22 Feb 2021 — Out of bound in camera driver due to lack of check of validation of array index before copying into array in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables Una salida de límites en el controlador de la cámara debido a una falta de comprobación de validación del índice de la matriz antes de copiar en la matriz en los productos Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mo... • https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 1042EXPL: 0CVE-2020-11204
https://notcve.org/view.php?id=CVE-2020-11204
22 Feb 2021 — Possible memory corruption and information leakage in sub-system due to lack of check for validity and boundary compliance for parameters that are read from shared MSG RAM in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking Una posible corrupción de la memoria y filtración de información en el subsistema debido a un... • https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVSS: 7.1EPSS: 0%CPEs: 288EXPL: 0CVE-2020-11203
https://notcve.org/view.php?id=CVE-2020-11203
22 Feb 2021 — Stack overflow may occur if GSM/WCDMA broadcast config size received from user is larger than variable length array in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables Un desbordamiento de la pila puede ocurrir si el tamaño de la configuración de la transmisión GSM/WCDMA recibida del usuario es mayor que la matriz de longitud variable en los productos Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdr... • https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 788EXPL: 0CVE-2020-11195
https://notcve.org/view.php?id=CVE-2020-11195
22 Feb 2021 — Out of bound write and read in TA while processing command from NS side due to improper length check on command and response buffers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music Una escritura y lectura fuera de límite en TA mientras se procesa un comando desde el lado NS debido a una comprobación de longitud inapropiada en los búferes de comando y respuesta en los productos Snapdragon Auto, Sn... • https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin • CWE-20: Improper Input Validation CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •
CVSS: 7.2EPSS: 0%CPEs: 604EXPL: 0CVE-2020-11198
https://notcve.org/view.php?id=CVE-2020-11198
22 Feb 2021 — Key material used for TZ diag buffer encryption and other data related to log buffer is not wiped securely due to improper usage of memset in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking El material clave usado para el cifrado del búfer de diagnóstico TZ y otros datos relacionados con el búfer de registro no es borrado de forma segura debido al uso ... • https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin • CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer •
CVSS: 7.8EPSS: 0%CPEs: 460EXPL: 0CVE-2020-11194
https://notcve.org/view.php?id=CVE-2020-11194
22 Feb 2021 — Possible out of bound access in TA while processing a command from NS side due to improper length check of response buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking Un Posible acceso fuera de límite en TA mientras se procesa un comando desde el lado NS debido a una comprobación de longitud inapropiada del búfer de respuesta en los productos Snapdragon Auto, Snapdragon ... • https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin • CWE-20: Improper Input Validation CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 818EXPL: 0CVE-2020-11177
https://notcve.org/view.php?id=CVE-2020-11177
22 Feb 2021 — User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device lock in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables Un usuario puede sobrescribir el elemento Security Code NV sin conocer el SPC actual debido a una comprobación inapropiada de la configuración del código SPC y el bloqueo del dispos... • https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin •
CVSS: 7.8EPSS: 0%CPEs: 196EXPL: 0CVE-2020-11187
https://notcve.org/view.php?id=CVE-2020-11187
22 Feb 2021 — Possible memory corruption in BSI module due to improper validation of parameter count in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Mobile Una Posible corrupción de la memoria en el módulo BSI debido a una comprobación inapropiada del conteo de parámetros en los productos Snapdragon Auto, Snapdragon Connectivity, Snapdragon Mobile • https://www.qualcomm.com/company/product-security/bulletins/february-2021-bulletin • CWE-129: Improper Validation of Array Index •