CVE-2020-11235

all versions

Buffer overflow might occur while parsing unified command due to lack of check of input data received in Snapdragon Auto, Snapdrag

7.8HIGH

CVE-2020-11159

all versions

Buffer over-read can happen while processing WPA,RSN IE of beacon and response frames if IE length is less than length of frame po

9.1CRITICAL

CVE-2020-11293

all versions

Out of bound read can happen in Widevine TA while copying data to buffer from user data due to lack of check of buffer length rece

5.1MEDIUM

CVE-2020-11289

all versions

Out of bound write can occur in TZ command handler due to lack of validation of command ID in Snapdragon Auto, Snapdragon Compute,

7.8HIGH

CVE-2020-11285

all versions

Buffer over-read while unpacking the RTCP packet we may read extra byte if wrong length is provided in RTCP packets in Snapdragon

8.2HIGH

CVE-2020-11279

all versions

Memory corruption while processing crafted SDES packets due to improper length check in sdes packets recieved in Snapdragon Auto,

7.5HIGH

CVE-2020-11166

all versions

Potential out of bound read exception when UE receives unusually large number of padding octets in the beginning of ROHC header in

9.1CRITICAL

CVE-2020-11296

all versions

Arithmetic overflow can happen while processing NOA IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snap

7.5HIGH

CVE-2020-11276

all versions

Possible buffer over read while processing P2P IE and NOA attribute of beacon and probe response frames due to improper validation

9.1CRITICAL

CVE-2020-11275

all versions

Possible buffer over-read while parsing quiet IE in Rx beacon frame due to improper check of IE length in received beacon in Snapd

9.1CRITICAL

CVE-2020-11269

all versions

Possible memory corruption while processing EAPOL frames due to lack of validation of key length before using it in Snapdragon Aut

8.8HIGH

CVE-2020-11204

all versions

Possible memory corruption and information leakage in sub-system due to lack of check for validity and boundary compliance for par

7.8HIGH

CVE-2020-11195

all versions

Out of bound write and read in TA while processing command from NS side due to improper length check on command and response buffe

7.8HIGH

CVE-2020-11177

all versions

User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device loc

8.8HIGH

CVE-2020-11170

all versions

Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction i

9.8CRITICAL

CVE-2020-11119

all versions

Buffer over-read can happen when the buffer length received from response handlers is more than the size of the payload in Snapdra

7.5HIGH