CVSS: 7.8EPSS: 0%CPEs: 518EXPL: 0CVE-2023-33059 – Buffer Copy Without Checking Size of Input in Audio
https://notcve.org/view.php?id=CVE-2023-33059
07 Nov 2023 — Memory corruption in Audio while processing the VOC packet data from ADSP. Corrupción de la memoria en Audio mientras se procesan los datos del paquete VOC desde ADSP. • https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin • CWE-191: Integer Underflow (Wrap or Wraparound) CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 42EXPL: 0CVE-2017-18275
https://notcve.org/view.php?id=CVE-2017-18275
06 May 2019 — A new account can be inserted into simContacts service using Android command line tool in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845. Se puede insertar una nueva cuenta en el servicio simContacts utilizando la herramienta de línea de comandos Android en Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear en MDM9206, MDM9607, M... • https://www.qualcomm.com/company/product-security/bulletins •
CVSS: 7.8EPSS: 0%CPEs: 32EXPL: 0CVE-2017-18274
https://notcve.org/view.php?id=CVE-2017-18274
06 May 2019 — While iterating through the models contained in a fixed-size array in the actData structure, which also stores an incorrect number of models that is greater than the size of the array, a buffer overflow occurs in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835 Al iterar a través de los modelos contenidos en un array de tamaño fijo en la estructura actData, que también alma... • https://www.qualcomm.com/company/product-security/bulletins • CWE-129: Improper Validation of Array Index •
CVSS: 7.8EPSS: 0%CPEs: 72EXPL: 0CVE-2017-18124
https://notcve.org/view.php?id=CVE-2017-18124
26 Oct 2018 — During secure boot, addition is performed on uint8 ptrs which led to overflow issue in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDX20 Durante el arranque seguro, se realiza una suma en uint... • https://www.qualcomm.com/company/product-security/bulletins • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 62EXPL: 0CVE-2017-18310
https://notcve.org/view.php?id=CVE-2017-18310
26 Oct 2018 — ClientEnv exposes services 0-32 to HLOS in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_High_Med_2016 ClientEnv expone los servicios 0-32 al HLOS en Snapdragon Automobile, Snapdragon Mobile y Snapdragon Wear en versiones MSM8909W, MSM8996AU,... • http://www.securitytracker.com/id/1041432 •
CVSS: 7.8EPSS: 0%CPEs: 50EXPL: 0CVE-2018-11305
https://notcve.org/view.php?id=CVE-2018-11305
26 Oct 2018 — When a series of FDAL messages are sent to the modem, a Use After Free condition can occur in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDA660, SDX20. Cuando se envía una serie de mensajes FDAL al módem, puede ocurrir una condición de Uso de memoria previamente liberada en Snapdragon Automobile, Snapdra... • http://www.securitytracker.com/id/1041432 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 48EXPL: 0CVE-2017-18172
https://notcve.org/view.php?id=CVE-2017-18172
23 Oct 2018 — In a device, with screen size 1440x2560, the check of contiguous buffer will overflow on certain buffer size resulting in an Integer Overflow or Wraparound in System UI in Snapdragon Automobile, Snapdragon Mobile in version MDM9635M, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SDM630, SDM636, SDM660, Snapdragon_High_Med_2016. En un dispositivo, con un tamaño de pantalla de 1440x2560, la comprobación de un bú... • https://source.android.com/security/bulletin/2018-07-01#qualcomm-closed-source-components • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 42EXPL: 0CVE-2017-18292
https://notcve.org/view.php?id=CVE-2017-18292
23 Oct 2018 — Secure app running in non secure space can restart TZ by calling Widevine app API repeatedly in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A. Una aplicación segura ejecutándose en un espacio no seguro puede reiniciar TZ llamando a la API de la app Widevine repetidamente en Snapdragon Automobile, Snapdragon Mobile y Snapdragon W... • http://www.securitytracker.com/id/1041432 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 48EXPL: 0CVE-2017-18296
https://notcve.org/view.php?id=CVE-2017-18296
23 Oct 2018 — Access control on applications is not applied while accessing SafeSwitch services can lead to improper access in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDA660, SDX20. No se aplica el control de acceso en las aplicaciones al acceder a los servicios SafeSwitch, lo que puede conducir a un acceso incorrecto en Sn... • http://www.securitytracker.com/id/1041432 •
CVSS: 7.8EPSS: 0%CPEs: 52EXPL: 0CVE-2017-18298
https://notcve.org/view.php?id=CVE-2017-18298
23 Oct 2018 — Lack of Input Validation in SDMX API can lead to NULL pointer access in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660 . La falta de validación de entradas en la API SDMX puede conducir a un acceso de puntero NULL en Snapdragon Automobile, Snapdragon Mobile y Snapdragon Wear en versiones M... • http://www.securitytracker.com/id/1041432 • CWE-476: NULL Pointer Dereference •