threat
engine
.sh
Back
·
··:··
Home
/
Product
/
qualcomm msm8976 firmware
Product
qualcomm msm8976 firmware
80 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2022-40531
all versions
Memory corruption in WLAN due to incorrect type cast while sending WMI_SCAN_SCH_PRIO_TBL_CMDID message.
8.4
HIGH
CVE-2022-40515
all versions
Memory corruption in Video due to double free while playing 3gp clip with invalid metadata atoms.
7.3
HIGH
CVE-2022-33213
all versions
Memory corruption in modem due to buffer overflow while processing a PPP packet
7.5
HIGH
CVE-2022-25705
all versions
Memory corruption in modem due to integer overflow to buffer overflow while handling APDU response
7.8
HIGH
CVE-2022-25694
all versions
Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM
8.4
HIGH
CVE-2022-25655
all versions
Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload.
8.4
HIGH
CVE-2022-22075
all versions
Information Disclosure in Graphics during GPU context switch.
6.2
MEDIUM
CVE-2022-40512
all versions
Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.
7.5
HIGH
CVE-2022-33233
all versions
Memory corruption due to configuration weakness in modem wile sending command to write protected files.
7.8
HIGH
CVE-2022-33286
all versions
Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames.
7.5
HIGH
CVE-2022-33285
all versions
Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames.
7.5
HIGH
CVE-2022-22088
all versions
Memory corruption in Bluetooth HOST due to buffer overflow while parsing the command response received from remote
9.8
CRITICAL
CVE-2022-33238
all versions
Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. in Snapdragon Auto, Sna
7.5
HIGH
CVE-2022-25695
all versions
Memory corruption in MODEM due to Improper Validation of Array Index while processing GSTK Proactive commands in Snapdragon Auto,
8.4
HIGH
CVE-2022-25682
all versions
Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Sn
8.4
HIGH
CVE-2022-25743
all versions
Memory corruption in graphics due to use-after-free while importing graphics buffer in Snapdragon Auto, Snapdragon Compute, Snapdr
8.4
HIGH
CVE-2022-25724
all versions
Memory corruption in graphics due to buffer overflow while validating the user address in Snapdragon Auto, Snapdragon Compute, Sna
8.4
HIGH
CVE-2022-25749
all versions
Transient Denial-of-Service in WLAN due to buffer over-read while parsing MDNS frames. in Snapdragon Auto, Snapdragon Compute, Sna
7.5
HIGH
CVE-2022-25748
all versions
Memory corruption in WLAN due to integer overflow to buffer overflow while parsing GTK frames. in Snapdragon Auto, Snapdragon Comp
9.8
CRITICAL
CVE-2022-25720
all versions
Memory corruption in WLAN due to out of bound array access during connect/roaming in Snapdragon Auto, Snapdragon Compute, Snapdrag
9.8
CRITICAL
CVE-2022-25719
all versions
Information disclosure in WLAN due to improper length check while processing authentication handshake in Snapdragon Auto, Snapdrag
8.2
HIGH
CVE-2022-25718
all versions
Cryptographic issue in WLAN due to improper check on return value while authentication handshake in Snapdragon Auto, Snapdragon Co
9.1
CRITICAL
CVE-2022-25687
all versions
memory corruption in video due to buffer overflow while parsing asf clips in Snapdragon Auto, Snapdragon Compute, Snapdragon Conne
7.3
HIGH
CVE-2022-25664
all versions
Information disclosure due to exposure of information while GPU reads the data in Snapdragon Auto, Snapdragon Compute, Snapdragon
6.2
MEDIUM
CVE-2021-30284
all versions
Possible information exposure and denial of service due to NAS not dropping messages when integrity check fails in Snapdragon Auto
7.5
HIGH
CVE-2021-30255
all versions
Possible buffer overflow due to improper input validation in PDM DIAG command in FTM in Snapdragon Auto, Snapdragon Compute, Snapd
7.8
HIGH
CVE-2021-30254
all versions
Possible buffer overflow due to improper input validation in factory calibration and test DIAG command in Snapdragon Auto, Snapdra
7.8
HIGH
CVE-2021-1975
all versions
Possible heap overflow due to improper length check of domain while parsing the DNS response in Snapdragon Auto, Snapdragon Comput
9.8
CRITICAL
CVE-2021-1973
all versions
A FTM Diag command can allow an arbitrary write into modem OS space in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivit
7.8
HIGH
CVE-2021-1924
all versions
Information disclosure through timing and power side-channels during mod exponentiation for RSA-CRT in Snapdragon Auto, Snapdragon
9.0
CRITICAL
CVE-2021-1959
all versions
Possible memory corruption due to lack of bound check of input index in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivi
7.8
HIGH
CVE-2020-11303
all versions
Accepting AMSDU frames with mismatched destination and source address can lead to information disclosure in Snapdragon Auto, Snapd
8.6
HIGH
CVE-2021-30261
all versions
Possible integer and heap overflow due to lack of input command size validation while handling beacon template update command from
8.4
HIGH
CVE-2021-30260
all versions
Possible Integer overflow to buffer overflow issue can occur due to improper validation of input parameters when extscan hostlist
8.4
HIGH
CVE-2021-1909
all versions
Buffer overflow occurs in trusted applications due to lack of length check of parameters in Snapdragon Auto, Snapdragon Compute, S
7.3
HIGH
CVE-2021-1920
all versions
Integer underflow can occur due to improper handling of incoming RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon C
9.8
CRITICAL
CVE-2021-1919
all versions
Integer underflow can occur when the RTCP length is lesser than the actual blocks present in Snapdragon Auto, Snapdragon Comp
9.8
CRITICAL
CVE-2021-1916
all versions
Possible buffer underflow due to lack of check for negative indices values when processing user provided input in Snapdragon Auto,
9.8
CRITICAL
CVE-2021-1914
all versions
Loop with unreachable exit condition may occur due to improper handling of unsupported input in Snapdragon Auto, Snapdragon Comput
7.5
HIGH
CVE-2020-11292
all versions
Possible buffer overflow in voice service due to lack of input validation of parameters in QMI Voice API in Snapdragon Auto, Snapd
7.8
HIGH
CVE-2020-11291
all versions
Possible buffer overflow while updating ikev2 parameters for delete payloads received during informational exchange due to lack of
9.8
CRITICAL
CVE-2020-11176
all versions
While processing server certificate from IPSec server, certificate validation for subject alternative name API can cause heap over
9.8
CRITICAL
CVE-2020-11235
all versions
Buffer overflow might occur while parsing unified command due to lack of check of input data received in Snapdragon Auto, Snapdrag
7.8
HIGH
CVE-2020-11159
all versions
Buffer over-read can happen while processing WPA,RSN IE of beacon and response frames if IE length is less than length of frame po
9.1
CRITICAL
CVE-2020-11285
all versions
Buffer over-read while unpacking the RTCP packet we may read extra byte if wrong length is provided in RTCP packets in Snapdragon
8.2
HIGH
CVE-2020-11279
all versions
Memory corruption while processing crafted SDES packets due to improper length check in sdes packets recieved in Snapdragon Auto,
7.5
HIGH
CVE-2020-11255
all versions
Denial of service while processing RTCP packets containing multiple SDES reports due to memory for last SDES packet is freed and r
7.5
HIGH
CVE-2020-11251
all versions
Out-of-bounds read vulnerability while accessing DTMF payload due to lack of check of buffer length before copying in Snapdragon A
8.2
HIGH
CVE-2020-11191
all versions
Out of bound read occurs while processing crafted SDP due to lack of check of null string in Snapdragon Auto, Snapdragon Compute,
8.2
HIGH
CVE-2020-11227
all versions
Out of bound write while parsing RTT/TTY packet parsing due to lack of check of buffer size before copying into buffer in Snapdrag
9.8
CRITICAL
CVE-2020-11226
all versions
Out of bound memory read in Data modem while unpacking data due to lack of offset length check in Snapdragon Auto, Snapdragon Comp
7.5
HIGH
CVE-2020-11221
all versions
Usage of syscall by non-secure entity can allow extraction of secure QTEE diagnostic information in clear text form due to insuffi
5.5
MEDIUM
CVE-2020-11199
all versions
HLOS to access EL3 stack canary by just mapping imem region due to Improper access control and can lead to information exposure in
5.5
MEDIUM
CVE-2020-11192
all versions
Out of bound write while parsing SDP string due to missing check on null termination in Snapdragon Auto, Snapdragon Compute, Snapd
9.8
CRITICAL
CVE-2020-11190
all versions
Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Sna
9.1
CRITICAL
CVE-2020-11189
all versions
Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Sna
9.1
CRITICAL
CVE-2020-11188
all versions
Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Sna
9.1
CRITICAL
CVE-2020-11171
all versions
Buffer over-read can happen while parsing received SDP values due to lack of NULL termination check on SDP in Snapdragon Auto, Sna
9.1
CRITICAL
CVE-2020-11166
all versions
Potential out of bound read exception when UE receives unusually large number of padding octets in the beginning of ROHC header in
9.1
CRITICAL
CVE-2020-11296
all versions
Arithmetic overflow can happen while processing NOA IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snap
7.5
HIGH
CVE-2020-11276
all versions
Possible buffer over read while processing P2P IE and NOA attribute of beacon and probe response frames due to improper validation
9.1
CRITICAL
CVE-2020-11269
all versions
Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Aut
8.8
HIGH
CVE-2020-11177
all versions
User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device loc
8.8
HIGH
CVE-2020-11170
all versions
Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction i
9.8
CRITICAL
CVE-2020-11119
all versions
Buffer over-read can happen when the buffer length received from response handlers is more than the size of the payload in Snapdra
7.5
HIGH
CVE-2020-11207
all versions
Buffer overflow in LibFastCV library due to improper size checks with respect to buffer length' in Snapdragon Auto, Snapdragon Com
7.8
HIGH
CVE-2019-2337
all versions
While Skipping unknown IES, EMM is reading the buffer even if the no of bytes to read are more than message length which may cause
7.5
HIGH
CVE-2019-2320
all versions
Possible out of bounds write in a MT SMS/SS scenario due to improper validation of array index in Snapdragon Auto, Snapdragon Comp
9.8
CRITICAL
CVE-2019-2288
all versions
Out of bound write in TZ while copying the secure dump structure on HLOS provided buffer as a part of memory dump in Snapdragon Au
7.8
HIGH
CVE-2019-10511
all versions
Possibility of memory overflow while decoding GSNDCP compressed mode PDU in Snapdragon Auto, Snapdragon Compute, Snapdragon Consum
9.8
CRITICAL
CVE-2019-10493
all versions
Position determination accuracy may be degraded due to wrongly decoded information in Snapdragon Auto, Snapdragon Compute, Snapdra
9.8
CRITICAL
CVE-2019-10485
all versions
Infinite loop while decoding compressed data can lead to overrun condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Cons
7.5
HIGH
CVE-2019-2335
all versions
While processing Attach Reject message, Valid exit condition is not met resulting into an infinite loop in Snapdragon Auto, Snapdr
7.5
HIGH
CVE-2019-2303
all versions
SNDCP module may access array out side its boundary when it receives malformed XID message. in Snapdragon Auto, Snapdragon Compute
9.8
CRITICAL
CVE-2019-2289
all versions
Lack of integrity check allows MODEM to accept any NAS messages which can result into authentication bypass of NAS in Snapdragon A
9.8
CRITICAL
CVE-2019-2271
all versions
Buffer over read can happen while parsing downlink session management OTA messages if network sends un-intended values in Snapdrag
9.8
CRITICAL
CVE-2018-13916
all versions
Out-of-bounds memory access in Qurt kernel function when using the identifier to access Qurt kernel buffer to retrieve thread data
7.8
HIGH
CVE-2019-2302
all versions
While processing vendor command which contains corrupted channel count, an integer overflow occurs and finally will lead to heap o
9.8
CRITICAL
CVE-2016-10442
all versions
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9640, SDM630, MSM8976, MSM8937, SDM8
9.8
CRITICAL
CVE-2014-10050
all versions
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MSM8996, MSM8939, MSM8976, MSM8917, SDM
9.8
CRITICAL
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin