sc8180xp-ad firmware · threatengine.sh

Home/Product/qualcomm sc8180xp ad firmware

Product

qualcomm sc8180xp ad firmware

68 known vulnerabilities across versions

Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.

Sort Min CVSS Published since

Memory Corruption when multiple threads simultaneously access a memory free API.

Memory corruption during the image encoding process.

Memory corruption while processing event close when client process terminates abruptly.

Memory corruption while processing multiple simultaneous escape calls.

Memory corruption while processing a private escape command in an event trigger.

Transient DOS while processing received beacon frame.

Transient DOS may occur while processing malformed length field in SSID IEs.

Cryptographic issue while processing crypto API calls, missing checks may lead to corrupted key usage or IV reuses.

Memory corruption while operating the mailbox in Automotive.

Memory corruption while processing escape code, when DisplayId is passed with large unsigned value.

Memory corruption during memory mapping into protected VM address space due to incorrect API restrictions.

Memory corruption during memory assignment to headless peripheral VM due to incorrect error code handling.

Transient DOS during hypervisor virtual I/O operation in a virtual machine.

Memory corruption while configuring a Hypervisor based input virtual device.

Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver.

Memory corruption when IOCTL call is invoked from user-space to read board data.

Memory corruption when an invoke call and a TEE call are bound for the same trusted application.

Memory corruption while processing key blob passed by the user.

Transient DOS while loading the TA ELF file.

Memory corruption while performing finish HMAC operation when context is freed by keymaster.

Memory corruption while processing IOCTL handler in FastRPC.

Cryptographic issue while performing attach with a LTE network, a rogue base station can skip the authentication phase and immedia

Memory corruption while copying a keyblobs material when the key materials size is not accurately checked.

Memory corruption in TZ Secure OS while Tunnel Invoke Manager initialization.

Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM) frame.

Memory corruption when the channel ID passed by user is not validated and further used.

Memory corruption in HLOS while checking for the storage type.

Transient DOS while processing IKEv2 Informational request messages, when a malformed fragment packet is received.

Memory corruption while loading a VM from a signed VM image that is not coherent in the processor cache.

Memory corruption while allocating memory for graphics.

Memory corruption while processing buffer initialization, when trusted report for certain report types are generated.

Memory corruption while processing finish_sign command to pass a rsp buffer.

Memory corruption in SPS Application while requesting for public key in sorter TA.

Memory corruption while invoking the SubmitCommands call on Gfx engine during the graphics render.

Transient DOS while processing multiple IKEV2 Informational Request to device from IPSEC server with different identifiers.

Memory corruption in Audio while processing RT proxy port register driver.

Memory corruption in Core Services while executing the command for removing a single event listener.

Transient DOS while converting TWT (Target Wake Time) frame parameters in the OTA broadcast.

Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.

Memory corruption in HLOS while invoking IOCTL calls from user-space.

Memory corruption while using the UIM diag command to get the operators name.

Memory corruption in Boot while running a ListVars test in UEFI Menu during boot.

Transient DOS in WLAN Firmware while parsing rsn ies.

Information Disclosure in data Modem while parsing an FMTP line in an SDP message.

Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value.

Transient DOS in Modem while allocating DSM items.

Memory Corruption in Data Modem while making a MO call or MT VOLTE call.

Improper Access to the VM resource manager can lead to Memory Corruption.

Transient DOS in WLAN Firmware while interpreting MBSSID IE of a received beacon frame.

Memory corruption in WLAN HAL while parsing WMI command parameters.

Memory corruption in WLAN HAL while handling command through WMI interfaces.

Memory corruption in WLAN HAL while handling command streams through WMI interfaces.

Memory corruption in WLAN HAL while passing command parameters through WMI interfaces.

Memory corruption while handling payloads from remote ESL.

Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload.

Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range.

Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from netw

Memory Corruption in Modem due to double free while parsing the PKCS15 sim files.

Transient DOS in WLAN Firmware while processing frames with missing header fields.

Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.

Memory corruption due to improper access control in kernel while processing a mapping request from root process.

Information disclosure in Kernel due to indirect branch misprediction.

Transient DOS due to improper authorization in Modem

Memory corruption due to double free in Core while mapping HLOS address to the list.

Memory Corruption due to double free in automotive when a bad HLOS address for one of the lists to be mapped is passed.

Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message.

information disclosure due to cryptographic issue in Core during RPMB read request.

Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network.

Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities

Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs

Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures

Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1

About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service

threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin