CVSS: 7.8EPSS: 0%CPEs: 124EXPL: 1CVE-2020-11207
https://notcve.org/view.php?id=CVE-2020-11207
12 Nov 2020 — Buffer overflow in LibFastCV library due to improper size checks with respect to buffer length' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8052, APQ8056, APQ8076, APQ8096, APQ8096SG, APQ8098, MDM9655, MSM8952, MSM8956, MSM8976, MSM8976SG, MSM8996, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS410, QCS4290, QCS610, QCS6125, QSM8250, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SDA640, SDA660, SDA845, SDA855, ... • https://blog.checkpoint.com/2020/08/06/achilles-small-chip-big-peril • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 10.0EPSS: 0%CPEs: 184EXPL: 0CVE-2020-11193
https://notcve.org/view.php?id=CVE-2020-11193
12 Nov 2020 — u'Buffer over read can happen while parsing mkv clip due to improper typecasting of data returned from atomsize' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM9206, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, Q... • https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 0%CPEs: 184EXPL: 0CVE-2020-11196
https://notcve.org/view.php?id=CVE-2020-11196
12 Nov 2020 — u'Integer overflow to buffer overflow occurs while playback of ASF clip having unexpected number of codec entries' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM9206, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290,... • https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 230EXPL: 0CVE-2020-11123
https://notcve.org/view.php?id=CVE-2020-11123
12 Nov 2020 — u'information disclosure in gatekeeper trustzone implementation as the throttling mechanism to prevent brute force attempts at getting user`s lock-screen password can be bypassed by performing the standard gatekeeper operations.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8009W, APQ8017, APQ8... • https://www.qualcomm.com/company/product-security/bulletins/november-2020-bulletin •
CVSS: 7.1EPSS: 0%CPEs: 114EXPL: 0CVE-2019-14101
https://notcve.org/view.php?id=CVE-2019-14101
30 Jul 2020 — Out of bounds read can happen in diag event set mask command handler when user provided length in the command request is less than expected length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8096, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9205, MDM9... • https://www.qualcomm.com/company/product-security/bulletins/july-2020-bulletin • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 110EXPL: 0CVE-2020-3614
https://notcve.org/view.php?id=CVE-2020-3614
22 Jun 2020 — Possible buffer overflow while copying the frame to local buffer due to lack of check of length before copying in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8076, APQ8096, APQ8096AU, APQ8098, IPQ6018, IPQ8074, MDM9206, MDM9207C, MDM... • https://www.qualcomm.com/company/product-security/bulletins/june-2020-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.8EPSS: 0%CPEs: 112EXPL: 0CVE-2019-14073
https://notcve.org/view.php?id=CVE-2019-14073
22 Jun 2020 — Copying RTCP messages into the output buffer without checking the destination buffer size which could lead to a remote stack overflow when processing large data or non-standard feedback messages in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8076, APQ8096, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9615, MDM9635M, MDM9640, M... • https://www.qualcomm.com/company/product-security/bulletins/june-2020-bulletin • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 114EXPL: 0CVE-2019-14062
https://notcve.org/view.php?id=CVE-2019-14062
22 Jun 2020 — Buffer overflows while decoding setup message from Network due to lack of check of IE message length received from network in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8076, APQ8096, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, MDM9207C, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, ... • https://www.qualcomm.com/company/product-security/bulletins/june-2020-bulletin • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 5.5EPSS: 0%CPEs: 108EXPL: 0CVE-2019-14067
https://notcve.org/view.php?id=CVE-2019-14067
02 Jun 2020 — Using non-time-constant functions like memcmp to compare sensitive data can lead to information leakage through timing side channel issue. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8909, MSM8... • https://www.qualcomm.com/company/product-security/bulletins/may-2020-bulletin • CWE-203: Observable Discrepancy •
CVSS: 10.0EPSS: 0%CPEs: 104EXPL: 0CVE-2019-14113
https://notcve.org/view.php?id=CVE-2019-14113
16 Apr 2020 — Buffer overflow can occur in In WLAN firmware while unwraping data using CCMP cipher suite during parsing of EAPOL handshake frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096, APQ8096AU, APQ8098, IPQ6018, IPQ8074, MDM9206, MDM9207C, MDM96... • https://www.qualcomm.com/company/product-security/bulletins/april-2020-bulletin • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-190: Integer Overflow or Wraparound •