Vulnerabilities > Qualcomm > Msm8976

DATE CVE VULNERABILITY TITLE RISK
2021-01-21 CVE-2020-11139 Out-of-bounds Write vulnerability in Qualcomm products
Out of bound memory access while processing frames due to lack of check of invalid frames received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
network
low complexity
qualcomm CWE-787
5.0
2021-01-21 CVE-2020-11138 Access of Uninitialized Pointer vulnerability in Qualcomm products
Uninitialized pointers accessed during music play back with incorrect bit stream due to an uninitialized heap memory result in instability in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
network
low complexity
qualcomm CWE-824
critical
10.0
2021-01-21 CVE-2020-11137 Integer Overflow or Wraparound vulnerability in Qualcomm products
Integer multiplication overflow resulting in lower buffer size allocation than expected causes memory access out of bounds resulting in possible device instability in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
network
low complexity
qualcomm CWE-190
critical
10.0
2021-01-21 CVE-2020-11136 Out-of-bounds Read vulnerability in Qualcomm products
Buffer Over-read in audio driver while using malloc management function due to not returning NULL for zero sized memory requirement in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
network
low complexity
qualcomm CWE-125
critical
10.0
2019-11-21 CVE-2018-13916 Classic Buffer Overflow vulnerability in Qualcomm products
Out-of-bounds memory access in Qurt kernel function when using the identifier to access Qurt kernel buffer to retrieve thread data.
local
low complexity
qualcomm CWE-120
7.2
2018-04-18 CVE-2016-10442 Improper Access Control vulnerability in Qualcomm products
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9640, SDM630, MSM8976, MSM8937, SDM845, MSM8976, and MSM8952, when running module or kernel code with improper access control allowing writing to arbitrary regions of memory, the user may utilize this vector to alter module executable code.
network
low complexity
qualcomm CWE-284
critical
10.0
2018-04-18 CVE-2014-10050 Improper Access Control vulnerability in Qualcomm products
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MSM8996, MSM8939, MSM8976, MSM8917, SDM845, and SDM660, access control collision vulnerability when accessing the replay protected memory block.
network
low complexity
qualcomm CWE-284
critical
10.0