CVSS: 5.5EPSS: 0%CPEs: 110EXPL: 0CVE-2017-8252
https://notcve.org/view.php?id=CVE-2017-8252
14 Jun 2019 — Kernel can inject faults in computations during the execution of TrustZone leading to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8074, MDM9150, MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM899... • https://www.qualcomm.com/company/product-security/bulletins • CWE-285: Improper Authorization •
CVSS: 7.8EPSS: 0%CPEs: 94EXPL: 0CVE-2018-13908
https://notcve.org/view.php?id=CVE-2018-13908
14 Jun 2019 — Truncated access authentication token leads to weakened access control for stored secure application data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9150, MDM9206, MDM9607, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCA8081, QCS405, QCS605, Qualcomm 2... • https://www.qualcomm.com/company/product-security/bulletins • CWE-285: Improper Authorization •
CVSS: 9.8EPSS: 0%CPEs: 80EXPL: 0CVE-2018-13898
https://notcve.org/view.php?id=CVE-2018-13898
14 Jun 2019 — Out-of-Bounds write due to incorrect array index check in PMIC in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9650, MDM9655, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 835, SD 845 / SD 850, SD 855, ... • https://www.qualcomm.com/company/product-security/bulletins • CWE-787: Out-of-bounds Write •
CVSS: 9.1EPSS: 0%CPEs: 104EXPL: 0CVE-2018-13906
https://notcve.org/view.php?id=CVE-2018-13906
14 Jun 2019 — The HMAC authenticating the message from QSEE is vulnerable to timing side channel analysis leading to potentially forged application message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8074, MDM9150, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, M... • https://www.qualcomm.com/company/product-security/bulletins • CWE-20: Improper Input Validation CWE-417: Communication Channel Errors •
CVSS: 10.0EPSS: 0%CPEs: 92EXPL: 0CVE-2018-13911
https://notcve.org/view.php?id=CVE-2018-13911
14 Jun 2019 — Out of bounds memory read and access may lead to unexpected behavior in GNSS XTRA Parser in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 /... • https://www.qualcomm.com/company/product-security/bulletins • CWE-125: Out-of-bounds Read •
CVSS: 7.0EPSS: 0%CPEs: 60EXPL: 0CVE-2018-13909
https://notcve.org/view.php?id=CVE-2018-13909
14 Jun 2019 — Metadata verification and partial hash system calls by bootloader may corrupt parallel hashing state in progress resulting in unexpected behavior in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9206, MDM9607, MDM9650, MDM9655, QCS605, Qualcomm 215, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 712 / SD 710 / SD 670, SD 84... • https://www.qualcomm.com/company/product-security/bulletins • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 10.0EPSS: 0%CPEs: 82EXPL: 0CVE-2019-2245
https://notcve.org/view.php?id=CVE-2019-2245
24 May 2019 — Possible integer underflow can happen when calculating length of elementary stream map from invalid packet length which is later used to read from input buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, S... • https://www.qualcomm.com/company/product-security/bulletins#_CVE-2019-2245 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 10.0EPSS: 0%CPEs: 82EXPL: 0CVE-2019-2244
https://notcve.org/view.php?id=CVE-2019-2244
24 May 2019 — Possible integer underflow can happen when calculating length of elementary stream info from invalid section length which is later used to read from input buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearable in MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, ... • https://www.qualcomm.com/company/product-security/bulletins#_CVE-2019-2244 • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 10.0EPSS: 0%CPEs: 84EXPL: 0CVE-2018-13925
https://notcve.org/view.php?id=CVE-2018-13925
24 May 2019 — Error in parsing PMT table frees the memory allocated for the map section but does not reset the context map section reference causing heap use after free issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, ... • https://www.qualcomm.com/company/product-security/bulletins#_CVE-2018-13925 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 112EXPL: 0CVE-2018-11968
https://notcve.org/view.php?id=CVE-2018-11968
24 May 2019 — Improper check before assigning value can lead to integer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064, IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA4020, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA8081, QCA9377, QCA9379, QC... • https://www.qualcomm.com/company/product-security/bulletins#_CVE-2018-11968 • CWE-190: Integer Overflow or Wraparound •