CVE-2020-11207

all versions

Buffer overflow in LibFastCV library due to improper size checks with respect to buffer length' in Snapdragon Auto, Snapdragon Com

7.8HIGH

CVE-2020-11196

all versions

u'Integer overflow to buffer overflow occurs while playback of ASF clip having unexpected number of codec entries' in Snapdragon A

9.8CRITICAL

CVE-2020-11193

all versions

u'Buffer over read can happen while parsing mkv clip due to improper typecasting of data returned from atomsize' in Snapdragon Aut

9.8CRITICAL

CVE-2020-11123

all versions

u'information disclosure in gatekeeper trustzone implementation as the throttling mechanism to prevent brute force attempts at get

5.5MEDIUM

CVE-2019-14101

all versions

Out of bounds read can happen in diag event set mask command handler when user provided length in the command request is less than

7.1HIGH

CVE-2020-3614

all versions

Possible buffer overflow while copying the frame to local buffer due to lack of check of length before copying in Snapdragon Auto,

9.8CRITICAL

CVE-2019-14073

all versions

Copying RTCP messages into the output buffer without checking the destination buffer size which could lead to a remote stack overf

9.8CRITICAL

CVE-2019-14062

all versions

Buffer overflows while decoding setup message from Network due to lack of check of IE message length received from network in Snap

9.8CRITICAL

CVE-2019-14067

all versions

Using non-time-constant functions like memcmp to compare sensitive data can lead to information leakage through timing side channe

5.5MEDIUM

CVE-2019-14113

all versions

Buffer overflow can occur in WLAN firmware while unwraping data using CCMP cipher suite during parsing of EAPOL handshake frame

9.8CRITICAL

CVE-2019-14110

all versions

Buffer overflow can occur in function wlan firmware while copying association frame content if frame length is more than the maxim

9.8CRITICAL

CVE-2019-14033

all versions

Multiple Read overflows issue due to improper length check while decoding tau reject/tau accept/detach request/attach reject/attac

9.1CRITICAL

CVE-2019-14020

all versions

Multiple Read overflows issue due to improper length check while decoding dedicated_eps_bearer_req/ act_def_context_req/ cs_serv_n

9.1CRITICAL

CVE-2019-14019

all versions

Multiple Read overflows issue due to improper length check while decoding RAU accept/PDN disconnect Rej/Modify EPS ctxt req/bearer

9.1CRITICAL

CVE-2019-14018

all versions

Possible out of bound array access as there is no check on carrier index passed in Snapdragon Auto, Snapdragon Compute, Snapdragon

7.8HIGH

CVE-2019-14011

all versions

Multiple Read overflows issue due to improper length check while decoding 3G attach accept/ SMS/ pdn connection reject/ esm data t

9.1CRITICAL

CVE-2019-14007

all versions

Due to the use of non-time-constant comparison functions there is issue in timing side channels which can be used as a potential s

5.5MEDIUM

CVE-2019-10610

all versions

Possible buffer over read when trying to process SDP message Video media line with frame-size attribute in video Media line in Sna

9.1CRITICAL

CVE-2019-10609

all versions

Out of bound write can happen due to lack of check of array index value while calculating it. in Snapdragon Auto, Snapdragon Compu

9.8CRITICAL

CVE-2019-10588

all versions

Copying RTCP messages into the output buffer without checking the destination buffer size which could lead to a remote stack overf

9.8CRITICAL

CVE-2019-10574

all versions

Lack of boundary checks for data offsets received from HLOS can lead to out-of-bound read in Snapdragon Auto, Snapdragon Compute,

7.1HIGH

CVE-2019-10551

all versions

String error while processing non standard SIP messages received can lead to buffer overread and then denial of service in Snapdra

9.1CRITICAL

CVE-2019-10483

all versions

Side channel issue in QTEE due to usage of non-time-constant comparison function such as memcmp or strcmp in Snapdragon Auto, Snap

5.5MEDIUM

CVE-2019-2311

all versions

Possible buffer overflow in WLAN handler due to lack of validation of destination buffer size before copying it in Snapdragon Auto

9.8CRITICAL

CVE-2019-2300

all versions

Possible buffer overflow in WLAN handler due to lack of validation of destination buffer size before copying into it in Snapdragon

9.8CRITICAL

CVE-2019-14098

all versions

Possible buffer overflow in data offload handler due to lack of check of keydata length when copying data in Snapdragon Auto, Snap

9.8CRITICAL

CVE-2019-14097

all versions

Possible buffer overflow in WLAN Parser due to lack of length check when copying data in Snapdragon Auto, Snapdragon Compute, Snap

9.8CRITICAL

CVE-2019-14095

all versions

Buffer overflow occurs while processing LMP packet in which name length parameter exceeds value specified in BT-specification in S

9.8CRITICAL

CVE-2019-14083

all versions

While parsing Service Descriptor Extended Attribute received as part of SDF frame, there is a possibility that incorrect length is

9.8CRITICAL

CVE-2019-14071

all versions

Compromised reset handler may bypass access control due to AC config is being reset if debug path is enabled to collect secure or

7.8HIGH

CVE-2019-14031

all versions

Buffer overflow can occur while parsing RSN IE containing list of PMK ID`s which are more than the buffer size in Snapdragon Auto,

9.8CRITICAL

CVE-2019-14028

all versions

Buffer overwrite during memcpy due to lack of check on SSID length validation in Snapdragon Auto, Snapdragon Compute, Snapdragon C

7.8HIGH

CVE-2019-14026

all versions

Possible buffer overflow in WLAN WMI handler due to lack of ssid length check when copying data in Snapdragon Auto, Snapdragon Com

7.8HIGH

CVE-2019-14015

all versions

A stack-based buffer overflow exists in the initialization of the identification stage due to lack of check on the number of templ

7.8HIGH

CVE-2019-14000

all versions

Lack of check that the RX FIFO write index that is read from shared RAM is less than the FIFO size results into memory corruption

7.8HIGH

CVE-2019-10594

all versions

Stack overflow can occur when SDP is received with multiple payload types in the FMTP attribute of a video M line in Snapdragon Au

9.8CRITICAL

CVE-2019-10593

all versions

Buffer overflow can occur when processing non standard SDP video Image attribute parameter in a VILTE\VOLTE call in Snapdragon Aut

9.8CRITICAL

CVE-2019-10587

all versions

Possible Stack overflow can occur when processing a large SDP body or non standard SDP body without right delimiters in Snapdragon

9.8CRITICAL

CVE-2019-10577

all versions

Improper input validation while processing SIP URI received from the network will lead to buffer over-read and then to denial of s

9.1CRITICAL

CVE-2019-10554

all versions

Multiple Read overflows issue due to improper length check while decoding Identity Request in CSdomain/Authentication Reject in CS

9.1CRITICAL

CVE-2019-10553

all versions

Multiple Read overflows due to improper length checks while decoding authentication in Cs domain/RAU Reject and TC cmd in Snapdrag

9.1CRITICAL

CVE-2019-10552

all versions

Multiple Buffer Over-read issue can happen due to improper length checks while decoding Service Reject/RAU Reject/PTMSI Realloc cm

9.1CRITICAL

CVE-2019-10546

all versions

Buffer overflow can occur in WLAN firmware while parsing beacon/probe_response frames during roaming in Snapdragon Auto, Snapdrago

9.8CRITICAL

CVE-2019-10561

all versions

Improper initialization of local variables which are parameters to sfs api may cause invalid pointer dereference and leads to deni

5.5MEDIUM

CVE-2019-2242

all versions

Device memory may get corrupted because of buffer overflow/underflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer

9.8CRITICAL

CVE-2019-10525

all versions

Buffer overflow during SIB read when network configures complete sib list along with first and last segment of other SIB in Snapdr

9.8CRITICAL

CVE-2019-10517

all versions

Memory is being freed up twice when two concurrent threads are executing in parallel in Snapdragon Auto, Snapdragon Compute, Snapd

7.8HIGH

CVE-2019-10516

all versions

Multiple read overflows in MM while decoding service accept,service reject,attach reject and MT detach in Snapdragon Auto, Snapdra

9.8CRITICAL

CVE-2019-10513

all versions

Possibility of Null pointer access if the SPDM commands are executed in the non-standard way in Trustzone in Snapdragon Auto, Snap

5.5MEDIUM

CVE-2019-10500

all versions

While processing MT Secondary PDP request, Buffer overflow will happen due to incorrect calculation of buffer size in Snapdragon A

9.8CRITICAL

CVE-2019-10487

all versions

Buffer over read can happen while parsing SMS OTA messages at transport layer if network sends un-intended values in Snapdragon Au

9.8CRITICAL

CVE-2019-10482

all versions

Due to the use of non-time-constant comparison functions there is issue in timing side channels which can be used as a potential s

5.9MEDIUM

CVE-2019-2321

all versions

Incorrect length used while validating the qsee log buffer sent from HLOS which could then lead to remap conflict in Snapdragon Au

7.8HIGH

CVE-2019-2288

all versions

Out of bound write in TZ while copying the secure dump structure on HLOS provided buffer as a part of memory dump in Snapdragon Au

7.8HIGH

CVE-2019-2318

all versions

Non Secure Kernel can cause Trustzone to do an arbitrary memory read which will result into DOS in Snapdragon Auto, Snapdragon Con

5.5MEDIUM

CVE-2019-2315

all versions

While invoking the API to copy from fd or local buffer to the secure buffer, Parameters being populated are from non secure enviro

7.8HIGH

CVE-2018-13916

all versions

Out-of-bounds memory access in Qurt kernel function when using the identifier to access Qurt kernel buffer to retrieve thread data

7.8HIGH