Vulnerabilities > Qualcomm > Qcs405 Firmware

DATE CVE VULNERABILITY TITLE RISK
2019-07-25 CVE-2019-2305 Out-of-bounds Read vulnerability in Qualcomm products
Out of bound access when reason code is extracted from frame data without validating the frame length in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS405, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24
network
low complexity
qualcomm CWE-125
critical
9.8
2019-07-25 CVE-2019-2298 Use After Free vulnerability in Qualcomm products
Protection is missing while accessing md sessions info via macro which can lead to use-after-free in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, QCS405, QCS605, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 845 / SD 850, SD 855, SDM660, SDX20, SDX24
local
low complexity
qualcomm CWE-416
7.8
2019-07-25 CVE-2019-2293 Use After Free vulnerability in Qualcomm products
Pointer dereference while freeing IFE resources due to lack of length check of in port resource.
local
low complexity
qualcomm CWE-416
7.8
2019-07-25 CVE-2019-2281 Unspecified vulnerability in Qualcomm products
An unauthenticated bitmap image can be loaded in to memory and subsequently cause execution of unverified code.
local
low complexity
qualcomm
7.8
2019-07-25 CVE-2019-2276 Out-of-bounds Read vulnerability in Qualcomm products
Possible out of bound read occurs while processing beaconing request due to lack of check on action frames received from user controlled space in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCS405, QCS605, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 845 / SD 850, SD 855, SDM630, SDM660, SDX24
network
low complexity
qualcomm CWE-125
critical
9.8
2019-07-25 CVE-2019-2253 Out-of-bounds Read vulnerability in Qualcomm products
Buffer over-read can occur while parsing an ogg file with a corrupted comment block.
network
low complexity
qualcomm CWE-125
critical
9.8
2019-07-22 CVE-2019-2292 Out-of-bounds Write vulnerability in Qualcomm products
Out of bound access can occur due to buffer copy without checking size of input received from WLAN firmware in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9650, MSM8996AU, QCA6574AU, QCS405, QCS605, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 665, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24
local
low complexity
qualcomm CWE-787
7.8
2019-07-22 CVE-2019-2287 Out-of-bounds Write vulnerability in Qualcomm products
Improper validation for inputs received from firmware can lead to an out of bound write issue in video driver.
network
low complexity
qualcomm CWE-787
critical
9.8
2019-07-22 CVE-2019-2279 Out-of-bounds Write vulnerability in Qualcomm products
Shared memory gets updated with invalid data and may lead to access beyond the allocated memory.
network
low complexity
qualcomm CWE-787
critical
9.8
2019-07-22 CVE-2019-2277 Out-of-bounds Read vulnerability in Qualcomm products
Out of bound read can happen due to lack of NULL termination on user controlled data in WLAN in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MSM8996AU, QCS405, QCS605, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX24
local
low complexity
qualcomm CWE-125
7.8