Vulnerabilities > Qualcomm
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-04-18 | CVE-2015-9112 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 400, SD 800, SD 820, and SD 820A, lack of input validation in QSEE can cause potential buffer overflow. | 10.0 |
| 2018-04-18 | CVE-2015-9111 | NULL Pointer Dereference vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, in a QTEE syscall handler, an untrusted pointer dereference can occur. | 10.0 |
| 2018-04-18 | CVE-2015-9110 | Improper Input Validation vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, no address argument validation is performed on calls to the qsee_get_secure_state syscall. | 10.0 |
| 2018-04-18 | CVE-2015-9109 | NULL Pointer Dereference vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, lack of address argument validation inqsee_fuse_write could lead to untrusted pointer dereference. | 10.0 |
| 2018-04-18 | CVE-2015-9108 | Improper Input Validation vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, no address argument validation performed on calls to a QSEE syscall may lead to arbitrary read/write or NULL Pointer exception when calling a downstream function. | 10.0 |
| 2018-04-18 | CVE-2014-9998 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, QCA4531, QCA6174A, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, QCA9558, QCA9880, QCA9886, QCA9980, SD 210/SD 212/SD 205, SD 425, SD 625, SD 808, SD 810, SD 820, and SDX20, while processing firmware image signature, the internal buffer may overflow if the firmware signature size is large. | 10.0 |
| 2018-04-18 | CVE-2014-9997 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9625, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 450, SD 625, SD 650/52, SD 808, and SD 810, lack of input validation in PRDiagMaintenanceHandler can leads to buffer over read. | 10.0 |
| 2018-04-18 | CVE-2014-9996 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm SD 400 Firmware and SD 800 Firmware In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, while verifying provisioning, a buffer overflow can occur. | 10.0 |
| 2018-04-18 | CVE-2014-9995 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm SD 400 Firmware and SD 800 Firmware In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, in drmprov_cmd_verify_key(), the variable feature_name_length is not validated. | 10.0 |
| 2018-04-18 | CVE-2014-9994 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm SD 400 Firmware and SD 800 Firmware In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, lack of validation of input could cause a integer overflow that could subsequently lead to a buffer overflow. | 10.0 |