Vulnerabilities > Qualcomm > SD 820A Firmware
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-07-25 | CVE-2018-13897 | Information Exposure vulnerability in Qualcomm products Clients hostname gets added to DNS record on device which is running dnsmasq resulting in an information exposure in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 855, SDA660, SDM630, SDM660 | 7.5 |
2019-07-22 | CVE-2019-2292 | Out-of-bounds Write vulnerability in Qualcomm products Out of bound access can occur due to buffer copy without checking size of input received from WLAN firmware in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9650, MSM8996AU, QCA6574AU, QCS405, QCS605, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 665, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24 | 7.8 |
2019-07-22 | CVE-2019-2287 | Out-of-bounds Write vulnerability in Qualcomm products Improper validation for inputs received from firmware can lead to an out of bound write issue in video driver. | 9.8 |
2019-07-22 | CVE-2019-2279 | Out-of-bounds Write vulnerability in Qualcomm products Shared memory gets updated with invalid data and may lead to access beyond the allocated memory. | 9.8 |
2019-07-22 | CVE-2019-2277 | Out-of-bounds Read vulnerability in Qualcomm products Out of bound read can happen due to lack of NULL termination on user controlled data in WLAN in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MSM8996AU, QCS405, QCS605, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX24 | 7.8 |
2019-07-22 | CVE-2019-2269 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products Possible buffer overflow while processing the high level lim process action frame due to improper buffer length validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9650, MSM8996AU, QCS405, QCS605, SD 625, SD 636, SD 665, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24, SXR1130 | 9.8 |
2019-07-22 | CVE-2019-2264 | Use After Free vulnerability in Qualcomm products Null pointer dereference occurs for channel context while opening glink channel in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9607, MDM9640, MSM8909W, QCS405, QCS605, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 712 / SD 710 / SD 670, SD 820A, SD 835, SD 845 / SD 850, SDM439, SDM630, SDM660, SDX24 | 7.8 |
2019-07-22 | CVE-2019-2261 | Unspecified vulnerability in Qualcomm products Unauthorized access from GPU subsystem to HLOS or other non secure subsystem memory can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9150, MDM9206, MDM9607, MDM9650, MSM8996AU, QCA8081, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130 | 5.5 |
2019-07-22 | CVE-2019-2260 | Use After Free vulnerability in Qualcomm products A race condition occurs while processing perf-event which can lead to a use after free condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDM439, SDM630, SDM660, SDX20, SDX24, Snapdragon_High_Med_2016, SXR1130 | 7.0 |
2019-07-22 | CVE-2019-2243 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products Possible buffer overflow at the end of iterating loop while getting the version info and lead to information disclosure. | 5.5 |