Vulnerabilities > Qualcomm > Msm8996Au Firmware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-07-12 | CVE-2017-18155 | Improper Input Validation vulnerability in Qualcomm products While playing HEVC content using HD DMB in Snapdragon Automobile and Snapdragon Mobile in version MSM8996AU, SD 450, SD 625, SD 820, SD 820A, SD 835, an uninitialized variable can be used leading to a kernel fault. | 4.6 |
| 2018-07-06 | CVE-2018-5894 | Out-of-bounds Read vulnerability in Qualcomm products Improper Validation of Array Index in Multimedia While parsing an mp4 file in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear, an out-of-bounds access can occur. | 4.3 |
| 2018-07-06 | CVE-2018-5892 | Information Exposure vulnerability in Qualcomm products The Touch Pal application can collect user behavior data without awareness by the user in Snapdragon Mobile and Snapdragon Wear. | 5.0 |
| 2018-07-06 | CVE-2018-5891 | Use After Free vulnerability in Qualcomm products While processing modem SSR after IMS is registered, the IMS data daemon is restarted but the ipc_dataHandle is no longer available. | 4.6 |
| 2018-07-06 | CVE-2018-5876 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products While parsing an mp4 file, a buffer overflow can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear. | 6.8 |
| 2018-07-06 | CVE-2018-5875 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products While parsing an mp4 file, an integer overflow leading to a buffer overflow can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear. | 6.8 |
| 2018-07-06 | CVE-2018-5874 | Out-of-bounds Write vulnerability in Qualcomm products While parsing an mp4 file, a stack-based buffer overflow can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear. | 6.8 |
| 2018-07-06 | CVE-2018-5838 | Improper Validation of Array Index vulnerability in Qualcomm products Improper Validation of Array Index In the adreno OpenGL driver in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear, an out-of-bounds access can occur in SurfaceFlinger. | 4.6 |
| 2018-07-06 | CVE-2018-11258 | Use After Free vulnerability in Qualcomm products In ADSP RPC in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear, a Use After Free condition can occur in versions MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDX20. | 4.6 |