VYPR

Vendor CVEs

Qualcomm

All CVEs

2,042 total · sorted by risk
  • CVE-2016-6748MedNov 25, 2016
    risk 0.36cvss 5.5epss 0.00

    An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. This issue…

  • CVE-2016-6698MedNov 25, 2016
    risk 0.36cvss 5.5epss 0.00

    An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. This issue…

  • CVE-2016-3907MedNov 25, 2016
    risk 0.36cvss 5.5epss 0.00

    An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. This issue…

  • CVE-2016-3906MedNov 25, 2016
    risk 0.36cvss 5.5epss 0.00

    An information disclosure vulnerability in Qualcomm components including the GPU driver, power driver, SMSM Point-to-Point driver, and sound driver in Android before 2016-11-05 could enable a local malicious application to access data outside of its permission levels. This issue…

  • CVE-2016-6682MedOct 10, 2016
    risk 0.36cvss 5.5epss 0.01

    drivers/misc/qcom/qdsp6v2/audio_utils.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices does not initialize certain data structures, which allows attackers to obtain sensitive information via a crafted application, aka…

  • CVE-2016-6681MedOct 10, 2016
    risk 0.36cvss 5.5epss 0.01

    drivers/misc/qcom/qdsp6v2/audio_utils.c in a Qualcomm QDSP6v2 driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices does not initialize certain data structures, which allows attackers to obtain sensitive information via a crafted application, aka…

  • CVE-2016-6679MedOct 10, 2016
    risk 0.36cvss 5.5epss 0.01

    CORE/HDD/src/wlan_hdd_hostapd.c in the Qualcomm Wi-Fi driver in Android before 2016-10-05 on Nexus 5X and Android One devices allows attackers to obtain sensitive information via a crafted application that makes a setwpaie ioctl call, aka Android internal bug 29915601 and…

  • CVE-2016-3902MedOct 10, 2016
    risk 0.36cvss 5.5epss 0.01

    drivers/platform/msm/ipa/ipa_qmi_service.c in the Qualcomm IPA driver in Android before 2016-10-05 on Nexus 5X and 6P devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29953313 and Qualcomm internal bug CR 1044072.

  • CVE-2016-3860MedOct 10, 2016
    risk 0.36cvss 5.5epss 0.00

    sound/soc/msm/qdsp6v2/audio_calibration.c in the Qualcomm sound driver in Android before 2016-10-05 on Nexus 5X, Nexus 6P, and Android One devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29323142 and Qualcomm internal…

  • CVE-2016-3894MedSep 11, 2016
    risk 0.36cvss 5.5epss 0.00

    The Qualcomm DMA component in Android before 2016-09-05 on Nexus 6 devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 29618014 and Qualcomm internal bug CR1042033.

  • CVE-2016-3893MedSep 11, 2016
    risk 0.36cvss 5.5epss 0.01

    The wcdcal_hwdep_ioctl_shared function in sound/soc/codecs/wcdcal-hwdep.c in the Qualcomm sound codec in Android before 2016-09-05 on Nexus 6P devices does not properly copy firmware data, which allows attackers to obtain sensitive information via a crafted application, aka…

  • CVE-2016-3892MedSep 11, 2016
    risk 0.36cvss 5.5epss 0.00

    The Qualcomm SPMI driver in Android before 2016-09-05 on Nexus 5, 5X, 6, and 6P devices allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28760543 and Qualcomm internal bug CR1024197.

  • CVE-2014-9899MedAug 6, 2016
    risk 0.36cvss 5.5epss 0.00

    drivers/usb/host/ehci-msm2.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices omits certain minimum calculations before copying data, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28803909 and…

  • CVE-2014-9898MedAug 6, 2016
    risk 0.36cvss 5.5epss 0.00

    arch/arm/mach-msm/qdsp6v2/ultrasound/usf.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not properly validate input parameters, which allows attackers to obtain sensitive information via a crafted application, aka Android internal…

  • CVE-2014-9897MedAug 6, 2016
    risk 0.36cvss 5.5epss 0.00

    sound/soc/msm/qdsp6v2/msm-lsm-client.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not validate certain user-space data, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28769856 and…

  • CVE-2014-9894MedAug 6, 2016
    risk 0.36cvss 5.5epss 0.00

    drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 (2013) devices does not ensure that certain name strings end in a '\0' character, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug…

  • CVE-2014-9893MedAug 6, 2016
    risk 0.36cvss 5.5epss 0.00

    drivers/video/msm/mdss/mdss_mdp_pp.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not properly determine the size of Gamut LUT data, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug…

  • CVE-2015-8893MedJul 11, 2016
    risk 0.36cvss 5.5epss 0.00

    app/aboot/aboot.c in the Qualcomm bootloader in Android before 2016-07-05 on Nexus 5 and 7 (2013) devices allows attackers to cause a denial of service (OS outage or buffer over-read) via a crafted application, aka Android internal bug 28822690 and Qualcomm internal bug CR822275.

  • CVE-2017-0751MedApr 5, 2018
    risk 0.34cvss 5.3epss 0.00

    An elevation of privilege vulnerability in the Qualcomm QCE driver. Product: Android. Versions: Android kernel. Android ID: A-36591162. References: QC-CR#2045061.

  • CVE-2017-0748MedApr 5, 2018
    risk 0.34cvss 5.3epss 0.00

    An information disclosure vulnerability in the Qualcomm audio driver. Product: Android. Versions: Android Kernel. Android ID: A-35764875. References: QC-CR#2029798.

  • CVE-2017-15853MedApr 3, 2018
    risk 0.34cvss 5.3epss 0.00

    In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, while processing PTT commands, ptt_sock_send_msg_to_app() is invoked without validating the packet length. If the…

  • CVE-2017-15837MedApr 3, 2018
    risk 0.34cvss 5.3epss 0.00

    In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, a policy for the packet pattern attribute NL80211_PKTPAT_OFFSET is not defined which can lead to a buffer over-read…

  • CVE-2017-18302MedSep 20, 2018
    risk 0.31cvss 4.7epss 0.00

    In Snapdragon (Automobile ,Mobile) in version MSM8996AU, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_High_Med_2016, a crafted HLOS client can modify the structure in memory…

  • CVE-2017-9691MedMar 30, 2018
    risk 0.31cvss 4.7epss 0.00

    There is a race condition in Android for MSM, Firefox OS for MSM, and QRD Android that allows to access to already free'd memory in the debug message output functionality contained within the mobicore driver.

  • CVE-2017-13218MedJan 12, 2018
    risk 0.31cvss 4.7epss 0.00

    Access to CNTVCT_EL0 in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear could be used for side channel attacks and this could lead to local information disclosure with no additional execution privileges needed in FSM9055, IPQ4019, IPQ8064, MDM9206,…

  • CVE-2017-9682MedAug 18, 2017
    risk 0.31cvss 4.7epss 0.00

    In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition in two KGSL driver functions can lead to a Use After Free condition.

  • CVE-2016-5858MedAug 16, 2017
    risk 0.31cvss 4.7epss 0.01

    In an ioctl handler in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a user supplies a value too large, then an out-of-bounds read occurs.

  • CVE-2016-5855MedAug 16, 2017
    risk 0.31cvss 4.7epss 0.00

    In a driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a user-supplied buffer is casted to a structure without checking if the source buffer is large enough.

  • CVE-2016-5854MedAug 16, 2017
    risk 0.31cvss 4.7epss 0.00

    In a driver in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, kernel heap memory can be exposed to userspace.

  • CVE-2016-5347MedAug 16, 2017
    risk 0.31cvss 4.7epss 0.01

    In all Qualcomm products with Android releases from CAF using the Linux kernel, kernel stack data can be leaked to userspace by an audio driver.

  • CVE-2017-0632MedMay 12, 2017
    risk 0.31cvss 4.7epss 0.01

    An information disclosure vulnerability in the Qualcomm sound codec driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.…

  • CVE-2017-0631MedMay 12, 2017
    risk 0.31cvss 4.7epss 0.01

    An information disclosure vulnerability in the Qualcomm camera driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.…

  • CVE-2017-0629MedMay 12, 2017
    risk 0.31cvss 4.7epss 0.01

    An information disclosure vulnerability in the Qualcomm camera driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.…

  • CVE-2017-0628MedMay 12, 2017
    risk 0.31cvss 4.7epss 0.01

    An information disclosure vulnerability in the Qualcomm camera driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.…

  • CVE-2016-10296MedMay 12, 2017
    risk 0.31cvss 4.7epss 0.01

    An information disclosure vulnerability in the Qualcomm shared memory driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.…

  • CVE-2016-10295MedMay 12, 2017
    risk 0.31cvss 4.7epss 0.01

    An information disclosure vulnerability in the Qualcomm LED driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions:…

  • CVE-2016-10294MedMay 12, 2017
    risk 0.31cvss 4.7epss 0.01

    An information disclosure vulnerability in the Qualcomm power driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.…

  • CVE-2016-10293MedMay 12, 2017
    risk 0.31cvss 4.7epss 0.01

    An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.…

  • CVE-2017-0586MedApr 7, 2017
    risk 0.31cvss 4.7epss 0.01

    An information disclosure vulnerability in the Qualcomm sound driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.…

  • CVE-2017-0584MedApr 7, 2017
    risk 0.31cvss 4.7epss 0.01

    An information disclosure vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.…

  • CVE-2017-0534MedMar 8, 2017
    risk 0.31cvss 4.7epss 0.01

    An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.…

  • CVE-2017-0533MedMar 8, 2017
    risk 0.31cvss 4.7epss 0.01

    An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.…

  • CVE-2017-0531MedMar 8, 2017
    risk 0.31cvss 4.7epss 0.01

    An information disclosure vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.…

  • CVE-2017-0461MedMar 8, 2017
    risk 0.31cvss 4.7epss 0.01

    An information disclosure vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.…

  • CVE-2017-0459MedMar 8, 2017
    risk 0.31cvss 4.7epss 0.01

    An information disclosure vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.…

  • CVE-2017-0452MedMar 8, 2017
    risk 0.31cvss 4.7epss 0.01

    An information disclosure vulnerability in the Qualcomm camera driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Low because it first requires compromising a privileged process. Product: Android. Versions:…

  • CVE-2016-8478MedMar 8, 2017
    risk 0.31cvss 4.7epss 0.01

    An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.…

  • CVE-2016-8477MedMar 8, 2017
    risk 0.31cvss 4.7epss 0.01

    An information disclosure vulnerability in the Qualcomm camera driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.…

  • CVE-2016-8416MedMar 8, 2017
    risk 0.31cvss 4.7epss 0.01

    An information disclosure vulnerability in the Qualcomm video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.…

  • CVE-2016-8413MedMar 8, 2017
    risk 0.31cvss 4.7epss 0.01

    An information disclosure vulnerability in the Qualcomm camera driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android.…

Page 16 of 41