CVE-2020-11269

all versions

Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Aut

8.8HIGH

CVE-2019-14095

all versions

Buffer overflow occurs while processing LMP packet in which name length parameter exceeds value specified in BT-specification in S

9.8CRITICAL

CVE-2019-14072

all versions

Unhandled paging request is observed due to dereferencing an already freed object because of race condition between sparse free an

7.0HIGH

CVE-2019-14061

all versions

Null-pointer dereference can occur while accessing the segment element info when it is not allocated and assigned in Snapdragon Au

7.5HIGH

CVE-2019-10591

all versions

Null pointer dereference can happen when parsing udta atom which is non-standard and having invalid depth in Snapdragon Auto, Snap

7.5HIGH

CVE-2019-10554

all versions

Multiple Read overflows issue due to improper length check while decoding Identity Request in CSdomain/Authentication Reject in CS

9.1CRITICAL

CVE-2019-10552

all versions

Multiple Buffer Over-read issue can happen due to improper length checks while decoding Service Reject/RAU Reject/PTMSI Realloc cm

9.1CRITICAL

CVE-2019-14057

all versions

Buffer Over read of codec private data while parsing an mkv file due to lack of check of buffer size before read in Snapdragon Aut

9.1CRITICAL

CVE-2019-14055

all versions

Possibility of use-after-free and double free because of not marking buffer as NULL after freeing can lead to dangling pointer acc

7.8HIGH

CVE-2019-10590

all versions

Out of bound access while parsing dts atom, which is non-standard as it does not have valid number of tracks in Snapdragon Auto, S

9.8CRITICAL

CVE-2019-14017

all versions

Heap buffer overflow can occur while parsing invalid MKV clip which is not standard and have invalid vorbis codec data in Snapdrag

9.8CRITICAL

CVE-2019-14016

all versions

Integer overflow occurs while playing the clip which is nonstandard in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivit

9.8CRITICAL

CVE-2019-14013

all versions

While parsing invalid super index table, elements within super index table may exceed total chunk size and invalid data is read in

9.8CRITICAL

CVE-2019-14006

all versions

Buffer overflow occur while playing the clip which is nonstandard due to lack of offset length check in Snapdragon Auto, Snapdrago

9.8CRITICAL

CVE-2019-14005

all versions

Buffer overflow occur while playing the clip which is nonstandard due to lack of check of size duration in Snapdragon Auto, Snapdr

9.8CRITICAL

CVE-2019-14004

all versions

Buffer overflow occurs while processing invalid MKV clip, which has invalid EBML size in Snapdragon Auto, Snapdragon Compute, Snap

9.8CRITICAL

CVE-2019-14003

all versions

Null pointer exception can happen while parsing invalid MKV clip where cue information is parsed before segment information in Sna

7.5HIGH

CVE-2019-10611

all versions

Buffer overflow can occur while processing clip due to lack of check of object size before parsing in Snapdragon Auto, Snapdragon

9.8CRITICAL

CVE-2019-10579

all versions

Buffer over-read can occur while playing the video clip which is not standard in Snapdragon Auto, Snapdragon Compute, Snapdragon C

9.1CRITICAL

CVE-2019-10578

all versions

Null pointer dereference can occur while parsing the clip which is nonstandard in Snapdragon Auto, Snapdragon Compute, Snapdragon

7.5HIGH

CVE-2019-10548

all versions

While trying to obtain datad ipc handle during DPL initialization, Heap use-after-free issue can occur if modem SSR occurs at same

7.8HIGH

CVE-2019-10532

all versions

Null-pointer dereference issue can occur while calculating string length when source string length is zero in Snapdragon Auto, Sna

9.8CRITICAL

CVE-2019-2242

all versions

Device memory may get corrupted because of buffer overflow/underflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer

9.8CRITICAL

CVE-2019-10607

all versions

Out of bounds memcpy can occur by providing the embedded NULL character string and length greater than the actual string length in

7.8HIGH

CVE-2019-10605

all versions

Buffer overwrite can occur in IEEE80211 header filling function due to lack of range check of array index received from firmware i

7.8HIGH

CVE-2019-10600

all versions

Use of local variable as argument to netlink CB callback goes out of it scope when callback triggered lead to invalid stack memory

7.8HIGH

CVE-2019-10595

all versions

Possible buffer overwrite in message handler due to lack of validation of tid value calculated from packets received from firmware

7.8HIGH

CVE-2019-10544

all versions

Improper length check on source buffer to handle userspace data received can lead to out-of-bound access in diag handlers in Snapd

7.8HIGH

CVE-2019-10525

all versions

Buffer overflow during SIB read when network configures complete sib list along with first and last segment of other SIB in Snapdr

9.8CRITICAL

CVE-2019-10518

all versions

Use after free of a pointer in iWLAN scenario during netmgr state transition to CONNECT in Snapdragon Auto, Snapdragon Compute, Sn

7.8HIGH

CVE-2019-10517

all versions

Memory is being freed up twice when two concurrent threads are executing in parallel in Snapdragon Auto, Snapdragon Compute, Snapd

7.8HIGH

CVE-2019-10516

all versions

Multiple read overflows in MM while decoding service accept,service reject,attach reject and MT detach in Snapdragon Auto, Snapdra

9.8CRITICAL

CVE-2019-10500

all versions

While processing MT Secondary PDP request, Buffer overflow will happen due to incorrect calculation of buffer size in Snapdragon A

9.8CRITICAL

CVE-2019-10487

all versions

Buffer over read can happen while parsing SMS OTA messages at transport layer if network sends un-intended values in Snapdragon Au

9.8CRITICAL

CVE-2019-10480

all versions

Out of bound write can happen in WMI firmware event handler due to lack of validation of data received from WLAN firmware in Snapd

7.8HIGH

CVE-2019-2321

all versions

Incorrect length used while validating the qsee log buffer sent from HLOS which could then lead to remap conflict in Snapdragon Au

7.8HIGH

CVE-2019-2320

all versions

Possible out of bounds write in a MT SMS/SS scenario due to improper validation of array index in Snapdragon Auto, Snapdragon Comp

9.8CRITICAL

CVE-2019-10559

all versions

Accessing data buffer beyond the available data while parsing ogg clip can lead to null-pointer dereference and then memory corrup

9.8CRITICAL

CVE-2019-10511

all versions

Possibility of memory overflow while decoding GSNDCP compressed mode PDU in Snapdragon Auto, Snapdragon Compute, Snapdragon Consum

9.8CRITICAL

CVE-2019-10493

all versions

Position determination accuracy may be degraded due to wrongly decoded information in Snapdragon Auto, Snapdragon Compute, Snapdra

9.8CRITICAL

CVE-2019-10485

all versions

Infinite loop while decoding compressed data can lead to overrun condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Cons

7.5HIGH

CVE-2019-2303

all versions

SNDCP module may access array out side its boundary when it receives malformed XID message. in Snapdragon Auto, Snapdragon Compute

9.8CRITICAL

CVE-2019-2289

all versions

Lack of integrity check allows MODEM to accept any NAS messages which can result into authentication bypass of NAS in Snapdragon A

9.8CRITICAL

CVE-2019-2271

all versions

Buffer over read can happen while parsing downlink session management OTA messages if network sends un-intended values in Snapdrag

9.8CRITICAL

CVE-2019-10490

all versions

Use after free issue in Xtra daemon shutdown due to static object instance getting freed from a multiple places in Snapdragon Auto

5.5MEDIUM

CVE-2019-10486

all versions

Race condition due to the lack of resource lock which will be concurrently modified in the memcpy statement leads to out of bound

7.0HIGH

CVE-2014-10050

all versions

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MSM8996, MSM8939, MSM8976, MSM8917, SDM

9.8CRITICAL