VYPR

Vendor CVEs

Qualcomm

All CVEs

2,042 total · sorted by risk
  • CVE-2014-9883HigAug 6, 2016
    risk 0.51cvss 7.8epss 0.00

    Integer overflow in drivers/char/diag/diag_dci.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges or obtain sensitive information via a crafted application, aka Android internal bug 28769912 and Qualcomm…

  • CVE-2014-9882HigAug 6, 2016
    risk 0.51cvss 7.8epss 0.01

    Buffer overflow in drivers/media/radio/radio-iris.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28769546 and Qualcomm internal bug CR552329.

  • CVE-2014-9881HigAug 6, 2016
    risk 0.51cvss 7.8epss 0.00

    drivers/media/radio/radio-iris.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices uses an incorrect integer data type, which allows attackers to gain privileges or cause a denial of service (buffer overflow) via a crafted application, aka Android…

  • CVE-2014-9880HigAug 6, 2016
    risk 0.51cvss 7.8epss 0.00

    drivers/video/msm/vidc/common/enc/venc.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices does not validate VEN_IOCTL_GET_SEQUENCE_HDR ioctl calls, which allows attackers to gain privileges via a crafted application, aka Android internal bug…

  • CVE-2014-9879HigAug 6, 2016
    risk 0.51cvss 7.8epss 0.00

    The mdss mdp3 driver in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not validate user-space data, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28769221 and Qualcomm internal bug CR524490.

  • CVE-2014-9878HigAug 6, 2016
    risk 0.51cvss 7.8epss 0.00

    drivers/mmc/card/mmc_block_test.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not reject kernel-space buffer addresses, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28769208 and Qualcomm…

  • CVE-2014-9877HigAug 6, 2016
    risk 0.51cvss 7.8epss 0.00

    drivers/media/platform/msm/camera_v2/sensor/actuator/msm_actuator.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices mishandles a user-space pointer, which allows attackers to gain privileges via a crafted application, aka Android internal…

  • CVE-2014-9875HigAug 6, 2016
    risk 0.51cvss 7.8epss 0.00

    drivers/char/diag/diag_dci.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application that sends short DCI request packets, aka Android internal bug 28767589 and Qualcomm internal bug CR483310.

  • CVE-2014-9872HigAug 6, 2016
    risk 0.51cvss 7.8epss 0.00

    The diag driver in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not ensure unique identifiers in a DCI client table, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28750155 and Qualcomm internal bug…

  • CVE-2014-9868HigAug 6, 2016
    risk 0.51cvss 7.8epss 0.00

    drivers/media/platform/msm/camera_v2/sensor/csiphy/msm_csiphy.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges via an application that provides a crafted mask value, aka Android internal bug 28749721…

  • CVE-2014-9867HigAug 6, 2016
    risk 0.51cvss 7.8epss 0.01

    drivers/media/platform/msm/camera_v2/isp/msm_isp_axi_util.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate the number of streams, which allows attackers to gain privileges via a crafted application, aka Android internal…

  • CVE-2014-9866HigAug 6, 2016
    risk 0.51cvss 7.8epss 0.01

    drivers/media/platform/msm/camera_v2/sensor/csid/msm_csid.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate a certain parameter, which allows attackers to gain privileges via a crafted application, aka Android internal…

  • CVE-2014-9863HigAug 6, 2016
    risk 0.51cvss 7.8epss 0.01

    Integer underflow in the diag driver in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges or obtain sensitive information via a crafted application, aka Android internal bug 28768146 and Qualcomm internal bug…

  • CVE-2016-3797HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.01

    The Qualcomm Wi-Fi driver in Android before 2016-07-05 on Nexus 5X devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28085680 and Qualcomm internal bug CR1001450.

  • CVE-2016-3793HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.00

    The NVIDIA camera driver in Android before 2016-07-05 on Nexus 9 devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28026625.

  • CVE-2016-2503HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.00

    The Qualcomm GPU driver in Android before 2016-07-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28084795 and Qualcomm internal bug CR1006067.

  • CVE-2016-2502HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.00

    drivers/usb/gadget/f_serial.c in the Qualcomm USB driver in Android before 2016-07-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a large size in a GSER_IOCTL ioctl call, aka Android internal bug 27657963 and Qualcomm internal bug CR997044.

  • CVE-2016-2068HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.01

    The MSM QDSP6 audio driver (aka sound driver) for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service (integer overflow, and buffer overflow…

  • CVE-2015-8890HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.01

    platform/msm_shared/partition_parser.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate certain GUID Partition Table (GPT) data, which allows attackers to bypass intended access restrictions via a crafted MultiMediaCard…

  • CVE-2015-8889HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.01

    The aboot implementation in the Qualcomm components in Android before 2016-07-05 on Nexus 6P devices omits the recovery PIN feature, which has unspecified impact and attack vectors, aka Android internal bug 28822677 and Qualcomm internal bug CR804067.

  • CVE-2014-9802HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.01

    Multiple integer overflows in lib/libfdt/fdt.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices allow attackers to gain privileges via a crafted application, aka Android internal bug 28821965 and Qualcomm internal bug CR705108.

  • CVE-2014-9800HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.01

    Integer overflow in lib/heap/heap.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28822150 and Qualcomm internal bug CR692478.

  • CVE-2014-9799HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.01

    The makefile in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices omits the -fno-strict-overflow option to gcc, which might allow attackers to gain privileges via a crafted application that leverages incorrect compiler optimization of an…

  • CVE-2014-9796HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.01

    app/aboot/aboot.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate the page size in the kernel header, which allows attackers to bypass intended access restrictions via a crafted boot image, aka Android internal bug…

  • CVE-2014-9795HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.01

    app/aboot/aboot.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices does not properly check for an integer overflow, which allows attackers to bypass intended access restrictions via crafted start and size values, aka Android internal bug 28820720 and…

  • CVE-2014-9793HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.01

    platform/msm_shared/mmc.c in the Qualcomm components in Android before 2016-07-05 on Nexus 7 (2013) devices mishandles the power-on write-protect feature, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28821253 and Qualcomm internal…

  • CVE-2014-9790HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.00

    drivers/mmc/core/debugfs.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate pointers used in read and write operations, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28769136…

  • CVE-2014-9788HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.01

    Multiple buffer overflows in the voice drivers in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices allow attackers to gain privileges via a crafted application, aka Android internal bug 28573112 and Qualcomm internal bug CR548872.

  • CVE-2014-9787HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.01

    Integer overflow in drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-07-05 on Nexus 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28571496 and Qualcomm internal bug CR545764.

  • CVE-2014-9786HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.01

    Heap-based buffer overflow in drivers/media/platform/msm/camera_v2/sensor/actuator/msm_actuator.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices allows attackers to gain privileges via a crafted application, aka Android internal bug…

  • CVE-2014-9783HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.01

    drivers/media/platform/msm/camera_v2/sensor/cci/msm_cci.c in the Qualcomm components in Android before 2016-07-05 on Nexus 7 (2013) devices does not validate certain values, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28441831…

  • CVE-2014-9782HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.01

    drivers/media/platform/msm/camera_v2/sensor/actuator/msm_actuator.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices does not validate direction and step parameters, which allows attackers to gain privileges via a crafted application, aka…

  • CVE-2014-9780HigJul 11, 2016
    risk 0.51cvss 7.8epss 0.01

    drivers/video/msm/mdss/mdp3_ctrl.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5, 5X, and 6P devices does not validate start and length values, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28602014 and…

  • CVE-2016-2474HigJun 13, 2016
    risk 0.51cvss 7.8epss 0.01

    The Qualcomm Wi-Fi driver in Android before 2016-06-01 on Nexus 5X devices allows attackers to gain privileges via a crafted application, aka internal bug 27424603.

  • CVE-2016-2066HigJun 13, 2016
    risk 0.51cvss 7.8epss 0.01

    Integer signedness error in the MSM QDSP6 audio driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service (memory corruption) via a…

  • CVE-2016-2061HigJun 13, 2016
    risk 0.51cvss 7.8epss 0.01

    Integer signedness error in the MSM V4L2 video driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service (array overflow and memory…

  • CVE-2016-2432HigMay 9, 2016
    risk 0.51cvss 7.8epss 0.00

    The Qualcomm TrustZone component in Android before 2016-05-01 on Nexus 6 and Android One devices allows attackers to gain privileges via a crafted application, aka internal bug 25913059.

  • CVE-2016-2060HigMay 9, 2016
    risk 0.51cvss 7.8epss 0.00

    server/TetherController.cpp in the tethering controller in netd, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly validate upstream interface names, which allows attackers to bypass intended access…

  • CVE-2015-0571HigMay 9, 2016
    risk 0.51cvss 7.8epss 0.01

    The WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not verify authorization for private SET IOCTL calls, which allows attackers to gain privileges via a crafted…

  • CVE-2015-0570HigMay 9, 2016
    risk 0.51cvss 7.8epss 0.02

    Stack-based buffer overflow in the SET_WPS_IE IOCTL implementation in wlan_hdd_hostapd.c in the WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to…

  • CVE-2016-2062HigMay 5, 2016
    risk 0.51cvss 7.8epss 0.00

    The adreno_perfcounter_query_group function in drivers/gpu/msm/adreno_perfcounter.c in the Adreno GPU driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, uses an incorrect integer data type,…

  • CVE-2018-11259HigJul 6, 2018
    risk 0.50cvss 7.7epss 0.00

    Due to Improper Access Control of NAND-based EFS in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear, From fastboot on a NAND-based device, the EFS partition can be erased. Apps processor then has non-secure world full read/write access to the partition until the…

  • CVE-2026-21381HigApr 6, 2026
    risk 0.49cvss 7.6epss 0.00

    Transient DOS when receiving a service data frame with excessive length during device matching over a neighborhood awareness network protocol connection.

  • CVE-2026-21367HigApr 6, 2026
    risk 0.49cvss 7.6epss 0.00

    Transient DOS when processing nonstandard FILS Discovery Frames with out-of-range action sizes during initial scans.

  • CVE-2018-5837HigSep 20, 2018
    risk 0.49cvss 7.5epss 0.01

    In Snapdragon (Automobile, Mobile, Wear) in version IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660,…

  • CVE-2018-11291HigSep 20, 2018
    risk 0.49cvss 7.5epss 0.01

    In Snapdragon (Automobile, Mobile, Wear) in version IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 625, SD 650/52, SD 810,…

  • CVE-2018-11290HigSep 20, 2018
    risk 0.49cvss 7.5epss 0.01

    In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, QCA6584, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 820A, SD 845, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDX20,…

  • CVE-2018-5892HigJul 6, 2018
    risk 0.49cvss 7.5epss 0.01

    The Touch Pal application can collect user behavior data without awareness by the user in Snapdragon Mobile and Snapdragon Wear.

  • CVE-2016-10499HigApr 18, 2018
    risk 0.49cvss 7.5epss 0.01

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD…

  • CVE-2016-10497HigApr 18, 2018
    risk 0.49cvss 7.5epss 0.01

    In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD…

Page 11 of 41