VYPR

Snapdragon Mobile

by Qualcomm

CVEs (529)

  • CVE-2018-13895HigMay 24, 2019
    risk 0.51cvss 7.8epss 0.00

    Due to the missing permissions on several content providers of the RCS app in its android manifest file will lead to an unprivileged access to phone in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon…

  • CVE-2018-11928HigMay 24, 2019
    risk 0.51cvss 7.8epss 0.00

    Lack of check on length parameter may cause buffer overflow while processing WMI commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,…

  • CVE-2018-11925HigMay 24, 2019
    risk 0.51cvss 7.8epss 0.00

    Data length received from firmware is not validated against the max allowed size which can result in buffer overflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in…

  • CVE-2017-18279HigMay 6, 2019
    risk 0.51cvss 7.8epss 0.00

    Lack of check of buffer length before copying can lead to buffer overflow in camera module in Small Cell SoC, Snapdragon Mobile, Snapdragon Wear in FSM9055, FSM9955, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA9531, QCA9558, QCA9563, QCA9880,…

  • CVE-2017-18278HigMay 6, 2019
    risk 0.51cvss 7.8epss 0.00

    An integer underflow may occur due to lack of check when received data length from font_mgr_qsee_request_service is bigger than the minimal value of the segment header, which may result in a buffer overflow, in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in…

  • CVE-2017-18276HigMay 6, 2019
    risk 0.51cvss 7.8epss 0.00

    Secure camera logic allows display/secure camera controllers to access HLOS memory during secure display or camera session in Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SD 845, SD 850

  • CVE-2017-18274HigMay 6, 2019
    risk 0.51cvss 7.8epss 0.00

    While iterating through the models contained in a fixed-size array in the actData structure, which also stores an incorrect number of models that is greater than the size of the array, a buffer overflow occurs in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in…

  • CVE-2017-18173HigMay 6, 2019
    risk 0.51cvss 7.8epss 0.00

    In case of using an invalid android verified boot signature with very large length, an integer underflow occurs in Snapdragon Mobile in SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 810, SD 820, SD 835, SDM630, SDM636, SDM660, Snapdragon_High_Med_2016.

  • CVE-2017-18157HigMay 6, 2019
    risk 0.51cvss 7.8epss 0.00

    A Use After Free Condition can occur in Thermal Engine in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845,…

  • CVE-2017-18156HigMay 6, 2019
    risk 0.51cvss 7.8epss 0.00

    While processing camera buffers in camera driver, a use after free condition can occur in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 625, SD 820, SD 820A, SD 835, SDX20.

  • CVE-2018-11970HigApr 4, 2019
    risk 0.51cvss 7.8epss 0.00

    TZ App dynamic allocations not protected from XBL loader in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9206, MDM9607, MDM9650, MDM9655, QCS605, SD 410/12, SD 636,…

  • CVE-2018-11830HigApr 4, 2019
    risk 0.51cvss 7.8epss 0.00

    Improper input validation in QCPE create function may lead to integer overflow in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, SD 410/12, SD 820A

  • CVE-2018-13914HigFeb 25, 2019
    risk 0.51cvss 7.8epss 0.00

    Lack of input validation for data received from user space can lead to an out of bound array issue in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in version MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU,…

  • CVE-2018-11888HigFeb 11, 2019
    risk 0.51cvss 7.8epss 0.00

    Unauthorized access may be allowed by the SCP11 Crypto Services TA will processing commands from other TA in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon…

  • CVE-2018-5880HigJan 18, 2019
    risk 0.51cvss 7.8epss 0.00

    Improper data length check while processing an event report indication can lead to a buffer overflow in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 835, SDA660, SDM630, SDM660

  • CVE-2018-5869HigJan 18, 2019
    risk 0.51cvss 7.8epss 0.00

    Improper input validation in the QTEE keymaster app can lead to invalid memory access in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 800, SD 810

  • CVE-2018-5868HigJan 18, 2019
    risk 0.51cvss 7.8epss 0.00

    Lack of checking input size can lead to buffer overflow In WideVine in snapdragon automobile and snapdragon mobile in versions MSM8996AU, SD 425, SD 430, SD 450, SD 625, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDX24, SXR1130

  • CVE-2018-11288HigJan 18, 2019
    risk 0.51cvss 7.8epss 0.00

    Possible undefined behavior due to lack of size check in function for parameter segment_idx can lead to a read outside of the intended region in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, SD 210/SD…

  • CVE-2017-8276HigJan 18, 2019
    risk 0.51cvss 7.8epss 0.00

    Improper authorization involving a fuse in TrustZone in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD…

  • CVE-2017-18320HigJan 3, 2019
    risk 0.51cvss 7.8epss 0.00

    QSEE unload attempt on a 3rd party TEE without previously loading results in a data abort in snapdragon automobile and snapdragon mobile in versions MSM8996AU, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD…

Page 17 of 27