Vulnerabilities > Qualcomm > SD 415 Firmware > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-10-23 | CVE-2017-18294 | Out-of-bounds Read vulnerability in Qualcomm products While reading file class type from ELF header, a buffer overread may happen if the ELF file size is less than the size of ELF64 header size in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version FSM9055, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDA660, SDX20. | 7.8 |
2018-10-23 | CVE-2017-18172 | Integer Overflow or Wraparound vulnerability in Qualcomm products In a device, with screen size 1440x2560, the check of contiguous buffer will overflow on certain buffer size resulting in an Integer Overflow or Wraparound in System UI in Snapdragon Automobile, Snapdragon Mobile in version MDM9635M, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SDM630, SDM636, SDM660, Snapdragon_High_Med_2016. | 7.8 |
2018-10-23 | CVE-2017-18171 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products Improper input validation for GATT data packet received in Bluetooth Controller function can lead to possible memory corruption in Snapdragon Mobile in version QCA9379, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, SD 850, SDM630, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016. | 8.8 |
2018-10-23 | CVE-2017-18170 | Integer Underflow (Wrap or Wraparound) vulnerability in Qualcomm products Improper input validation in Bluetooth Controller function can lead to possible memory corruption in Snapdragon Mobile in version QCA9379, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, SD 850, SDM630, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016. | 8.8 |
2018-07-06 | CVE-2018-5892 | Information Exposure vulnerability in Qualcomm products The Touch Pal application can collect user behavior data without awareness by the user in Snapdragon Mobile and Snapdragon Wear. | 7.5 |
2018-07-06 | CVE-2018-5891 | Use After Free vulnerability in Qualcomm products While processing modem SSR after IMS is registered, the IMS data daemon is restarted but the ipc_dataHandle is no longer available. | 8.4 |
2018-07-06 | CVE-2018-5884 | Improper Privilege Management vulnerability in Qualcomm products Improper Access Control in Multimedia in Snapdragon Mobile and Snapdragon Wear, Non-standard applications without permission may acquire permission of Qualcomm-specific proprietary intents. | 8.4 |
2018-07-06 | CVE-2018-5876 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products While parsing an mp4 file, a buffer overflow can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear. | 8.8 |
2018-07-06 | CVE-2018-5875 | Integer Overflow or Wraparound vulnerability in Qualcomm products While parsing an mp4 file, an integer overflow leading to a buffer overflow can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear. | 8.8 |
2018-07-06 | CVE-2018-5874 | Out-of-bounds Write vulnerability in Qualcomm products While parsing an mp4 file, a stack-based buffer overflow can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear. | 8.8 |