VYPR

Vendor CVEs

Qualcomm

All CVEs

2,042 total · sorted by risk
  • CVE-2020-3646Sep 8, 2020
    risk 0.00cvss epss 0.00

    u'Buffer overflow seen as the destination buffer size is lesser than the source buffer size in video application' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Bitra, MSM8909W,…

  • CVE-2020-3643Sep 8, 2020
    risk 0.00cvss epss 0.00

    u'Information disclosure issue can occur due to partial secure display-touch session tear-down' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables,…

  • CVE-2020-3640Sep 8, 2020
    risk 0.00cvss epss 0.00

    u'Resizing the usage table header before passing all the checks leads to the function exiting with a usage table in invalid state when a HLOS adversary calls the function with wrong input' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wired…

  • CVE-2020-3636Sep 8, 2020
    risk 0.00cvss epss 0.00

    u'Out of bound writes happen when accessing usage_table header entry beyond the memory allocated for the header' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, QCS610,…

  • CVE-2020-3629Sep 8, 2020
    risk 0.00cvss epss 0.00

    u'Stack out of bound issue occurs when making query to DSP capabilities due to wrong assumption was made on determining the buffer size for the DSP attributes' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,…

  • CVE-2020-3624Sep 8, 2020
    risk 0.00cvss epss 0.00

    u'A potential buffer overflow exists due to integer overflow when parsing handler options due to wrong data type usage in operation' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon…

  • CVE-2020-3622Sep 8, 2020
    risk 0.00cvss epss 0.00

    u'Channel name string which has been read from shared memory is potentially subjected to string manipulations but not validated for NULL termination can results into memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer…

  • CVE-2020-3620Sep 8, 2020
    risk 0.00cvss epss 0.00

    u'Lack of check of integer overflow while doing a round up operation for data read from shared memory for G-link SMEM transport can lead to corruption and potential information leak' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics…

  • CVE-2020-3619Sep 8, 2020
    risk 0.00cvss epss 0.00

    u'Non-secure memory is touched multiple times during TrustZone\u2019s execution and can lead to privilege escalation or memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,…

  • CVE-2020-3621Sep 8, 2020
    risk 0.00cvss epss 0.00

    u'Lack of check to ensure that the TX read index & RX write index that are read from shared memory are less than the FIFO size results into memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer…

  • CVE-2020-11158Sep 8, 2020
    risk 0.00cvss epss 0.01

    u'Null pointer dereference in HP OfficeJet Pro 8210 jbig2 filter due to lack of check of PDF font array leads to denial of service' in IPS PDF releases prior to IPS System 2020.2

  • CVE-2020-11133Sep 8, 2020
    risk 0.00cvss epss 0.00

    u'Possible out of bound array write in rxdco cal utility due to lack of array bound check' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MSM8998, QCS605, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SXR1130

  • CVE-2020-11120Sep 8, 2020
    risk 0.00cvss epss 0.00

    u'Calling thread may free the data buffer pointer that was passed to the callback and later when event loop executes the callback, data buffer may not be valid and will lead to use after free scenario' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon…

  • CVE-2020-11122Sep 8, 2020
    risk 0.00cvss epss 0.00

    u'Null Pointer exception while playing crafted mkv file as data stream get deleted on secondary invalid configuration' in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile in APQ8098, Bitra, Kamorta, SA6155P, Saipan, SM6150, SM7150, SM8150, SM8250, SXR2130

  • CVE-2020-11118Sep 8, 2020
    risk 0.00cvss epss 0.01

    u'Information exposure issues while processing IE header due to improper check of beacon IE frame' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &…

  • CVE-2020-11117Sep 8, 2020
    risk 0.00cvss epss 0.20

    u'In the lbd service, an external user can issue a specially crafted debug command to overwrite arbitrary files with arbitrary content resulting in remote code execution.' in Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Wired Infrastructure and Networking in…

  • CVE-2020-11116Sep 8, 2020
    risk 0.00cvss epss 0.01

    u'Possible out of bound write while processing association response received from host due to lack of check of IE length' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,…

  • CVE-2019-14119Sep 8, 2020
    risk 0.00cvss epss 0.00

    u'While processing SMCInvoke asynchronous message header, message count is modified leading to a TOCTOU race condition and lead to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon…

  • CVE-2020-11115Sep 8, 2020
    risk 0.00cvss epss 0.01

    u'Buffer over read occurs while processing information element from beacon due to lack of check of data received from beacon' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon…

  • CVE-2019-14115Sep 8, 2020
    risk 0.00cvss epss 0.00

    u'Information disclosure issue occurs as in current logic as secure touch is released without clearing the display session which can result in user reading the secure input while touch is in non-secure domain as secure display is active' in Snapdragon Auto, Snapdragon Compute,…

  • CVE-2019-14117Sep 8, 2020
    risk 0.00cvss epss 0.00

    u'Whenever the page list is updated via privileged user, the previous list elements are freed but are not deleted from the list which results in a use after free causing an unhandled page fault exception in rmnet driver' in Snapdragon Auto, Snapdragon Compute, Snapdragon…

  • CVE-2019-14089Sep 8, 2020
    risk 0.00cvss epss 0.00

    u'Keymaster attestation key and device IDs provisioning which is a one time process is incorrectly allowed to be re-provisioned after a user data erase or a factory reset' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon…

  • CVE-2019-14056Sep 8, 2020
    risk 0.00cvss epss 0.00

    u'Possible integer overflow in API due to lack of check on large oid range count in cert extension field' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and…

  • CVE-2019-14065Sep 8, 2020
    risk 0.00cvss epss 0.00

    u'Pointer double free in HavenSvc due to not setting the pointer to NULL after freeing it' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in…

  • CVE-2019-14025Sep 8, 2020
    risk 0.00cvss epss 0.00

    u'When a new session is created, Object is returned that contains TZ addresses and it get passed to HLOS as an handle to refer to a particular session and can cause TZ to jump to a invalid address' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon…

  • CVE-2019-14052Sep 8, 2020
    risk 0.00cvss epss 0.01

    u'Accessing an uninitialized data structure could result in partially copying of contents and thus incorrect processing' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables…

  • CVE-2019-13998Sep 8, 2020
    risk 0.00cvss epss 0.00

    u'Lack of check that the TX FIFO write and read indices that are read from shared RAM are less than the FIFO size results into memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics…

  • CVE-2019-13999Sep 8, 2020
    risk 0.00cvss epss 0.00

    u'Lack of check for integer overflow for round up and addition operations result into memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT,…

  • CVE-2019-13995Sep 8, 2020
    risk 0.00cvss epss 0.00

    u'Lack of integer overflow check for addition of fragment size and remaining size that are read from shared memory can lead to memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics…

  • CVE-2019-13992Sep 8, 2020
    risk 0.00cvss epss 0.00

    u'Out of bound memory access if stack push and pop operation are performed without doing a bound check on stack top' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT,…

  • CVE-2019-13994Sep 8, 2020
    risk 0.00cvss epss 0.00

    u'Lack of check that the current received data fragment size of a particular packet that are read from shared memory are less than the actual packet size can lead to memory corruption and potential information leakage' in Snapdragon Auto, Snapdragon Compute, Snapdragon…

  • CVE-2019-10628Sep 8, 2020
    risk 0.00cvss epss 0.00

    u'Memory can be potentially corrupted if random index is allowed to manipulate TLB entries in Kernel from user library' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial…

  • CVE-2019-10629Sep 8, 2020
    risk 0.00cvss epss 0.00

    u'User Process can potentially corrupt kernel virtual page by passing a crafted page in API' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,…

  • CVE-2019-10615Sep 8, 2020
    risk 0.00cvss epss 0.00

    u'Possibility of integer overflow in keymaster 4 while allocating memory due to multiplication of large numcerts value and size of keymaster bob which can lead to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT,…

  • CVE-2019-10596Sep 8, 2020
    risk 0.00cvss epss 0.00

    u'Improper access control can lead signed process to guess pid of other processes and access their address space' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired…

  • CVE-2019-10562Sep 8, 2020
    risk 0.00cvss epss 0.00

    u'Improper authentication and signature verification of debug polices in secure boot loader will allow unverified debug policies to be loaded into secure memory and leads to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer…

  • CVE-2019-10527Sep 8, 2020
    risk 0.00cvss epss 0.00

    u'SMEM partition can be manipulated in case of any compromise on HLOS, thus resulting in access to memory outside of SMEM address range which could lead to memory corruption' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics…

  • CVE-2018-13903Sep 8, 2020
    risk 0.00cvss epss 0.01

    u'Error in UE due to race condition in EPCO handling' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, MDM9205, MDM9206, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, SDM450,…

  • CVE-2020-15687Aug 31, 2020
    risk 0.00cvss epss 0.02

    Missing access control restrictions in the Hypervisor component of the ACRN Project (v2.0 and v1.6.1) allow a malicious entity, with root access in the Service VM userspace, to abuse the PCIe assign/de-assign Hypercalls via crafted ioctls and payloads. This attack results in a…

  • CVE-2020-3681Jul 31, 2020
    risk 0.00cvss epss 0.01

    Authenticated and encrypted payload MMEs can be forged and remotely sent to any HPAV2 system using a jailbreak key recoverable from code.

  • CVE-2020-3701Jul 30, 2020
    risk 0.00cvss epss 0.00

    Use after free issue while processing error notification from camx driver due to not properly releasing the sequence data in Snapdragon Mobile in Saipan, SM8250, SXR2130

  • CVE-2020-3699Jul 30, 2020
    risk 0.00cvss epss 0.01

    Possible out of bound access while processing assoc response from host due to improper length check before copying into buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon…

  • CVE-2020-3700Jul 30, 2020
    risk 0.00cvss epss 0.01

    Possible out of bounds read due to a missing bounds check and could lead to local information disclosure in the wifi driver with no additional execution privileges needed in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Mobile,…

  • CVE-2020-3698Jul 30, 2020
    risk 0.00cvss epss 0.01

    Out of bound write while QoS DSCP mapping due to improper input validation for data received from association response frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon…

  • CVE-2020-3688Jul 30, 2020
    risk 0.00cvss epss 0.01

    Possible buffer overflow while parsing mp4 clip with corrupted sample atoms due to improper validation of index in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music,…

  • CVE-2020-3671Jul 30, 2020
    risk 0.00cvss epss 0.01

    Use-after-free issue could occur due to dangling pointer when generating a frame buffer in OpenGL ES in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8009, Nicobar, QCM2150, QCS405, Saipan, SDM845,…

  • CVE-2019-14124Jul 30, 2020
    risk 0.00cvss epss 0.00

    Memory failure in content protection module due to not having pointer within the scope in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130

  • CVE-2019-14130Jul 30, 2020
    risk 0.00cvss epss 0.00

    Memory corruption can occurs in trusted application if offset size from HLOS is more than actual mapped buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, Rennell, SC7180, SDX55, SM6150,…

  • CVE-2019-14101Jul 30, 2020
    risk 0.00cvss epss 0.00

    Out of bounds read can happen in diag event set mask command handler when user provided length in the command request is less than expected length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer…

  • CVE-2019-14123Jul 30, 2020
    risk 0.00cvss epss 0.00

    Possible buffer overflow and over read possible due to missing bounds checks for fixed limits if we consider widevine HLOS client as non-trustable in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404,…

Page 30 of 41