CVSS: 7.8EPSS: 0%CPEs: 38EXPL: 0CVE-2018-11264
https://notcve.org/view.php?id=CVE-2018-11264
28 Nov 2018 — Possible buffer overflow in Ontario fingerprint code due to lack of input validation for the parameters coming into TZ from HLOS in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SDA660. Posible desbordamiento de búfer en el código de huella digital Ontario debido a la falta de validación de entradas de los parámetros que entran en TZ desde HLOS... • http://www.securityfocus.com/bid/105838 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 98EXPL: 0CVE-2018-11871
https://notcve.org/view.php?id=CVE-2018-11871
29 Oct 2018 — Buffer overwrite can happen in WLAN function while processing set pdev parameter command due to lack of input validation in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, QCA9531, QCA9558, QCA9563, QCA9880, QCA9886, QCA9980, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 625, SD 650/52, SD 820... • http://www.securityfocus.com/bid/107681 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 60EXPL: 0CVE-2018-11870
https://notcve.org/view.php?id=CVE-2018-11870
29 Oct 2018 — Buffer overwrite can occur when the legacy rates count received from the host is not checked against the maximum number of legacy rates in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8996AU, QCA4531, QCA6174A, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, SD 210/SD 212/SD 205, SD 425, SD 600, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDX20. Puede ocurrir una sobrescritura de búfer cuando e... • http://www.securityfocus.com/bid/107681 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 42EXPL: 0CVE-2018-11821
https://notcve.org/view.php?id=CVE-2018-11821
26 Oct 2018 — Possible integer overflow may happen in WLAN during memory allocation in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9650, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850, SDA660, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016 Podría ocurrir un desbordamiento de enteros en WLAN durante la asignación de memoria en Snapdragon Mobile y Snapdragon Wear en versiones IPQ8074, MDM9206, MDM9607, MDM9650, SD 425, SD 427, SD 430, SD 4... • http://www.securityfocus.com/bid/107681 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 32EXPL: 0CVE-2018-5866
https://notcve.org/view.php?id=CVE-2018-5866
26 Oct 2018 — While processing logs, data is copied into a buffer pointed to by an untrusted pointer in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850, SDA660. Al procesar logs, los datos se copian en un búfer al que señala un puntero no fiable en Snapdragon Mobile y Snapdragon Wear en versiones MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850 ... • https://www.qualcomm.com/company/product-security/bulletins • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 50EXPL: 0CVE-2018-11305
https://notcve.org/view.php?id=CVE-2018-11305
26 Oct 2018 — When a series of FDAL messages are sent to the modem, a Use After Free condition can occur in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDA660, SDX20. Cuando se envía una serie de mensajes FDAL al módem, puede ocurrir una condición de Uso de memoria previamente liberada en Snapdragon Automobile, Snapdra... • http://www.securitytracker.com/id/1041432 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 18EXPL: 0CVE-2018-11828
https://notcve.org/view.php?id=CVE-2018-11828
26 Oct 2018 — When FW tries to get random mac address generated from new SW RNG and ADC values read are constant then DUT get struck in loop while trying to get random ADC samples in Snapdragon Mobile in version SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52 Cuando el firmware intenta obtener direcciones mac aleatorias generadas desde nuevo software, las lecturas de valores RNG y ADC son constantes, pero DUT se queda atrapado en un bucle al intentar obtener muestras ADC aleatorias en Snapdragon Mobile en... • http://www.securityfocus.com/bid/107681 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 72EXPL: 0CVE-2017-18124
https://notcve.org/view.php?id=CVE-2017-18124
26 Oct 2018 — During secure boot, addition is performed on uint8 ptrs which led to overflow issue in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDX20 Durante el arranque seguro, se realiza una suma en uint... • https://www.qualcomm.com/company/product-security/bulletins • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 46EXPL: 0CVE-2018-11853
https://notcve.org/view.php?id=CVE-2018-11853
26 Oct 2018 — Lack of check on out of range for channels When processing channel list set command will lead to buffer flow in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9650, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016 La falta de comprobaciones fuera de límites para canales al procesar el comando channel list set conducirá a un flujo del búfer en Snapdragon Mobi... • http://www.securityfocus.com/bid/107681 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 62EXPL: 0CVE-2017-18310
https://notcve.org/view.php?id=CVE-2017-18310
26 Oct 2018 — ClientEnv exposes services 0-32 to HLOS in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_High_Med_2016 ClientEnv expone los servicios 0-32 al HLOS en Snapdragon Automobile, Snapdragon Mobile y Snapdragon Wear en versiones MSM8909W, MSM8996AU,... • http://www.securitytracker.com/id/1041432 •