Vulnerabilities > Qualcomm > Sda660 Firmware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-23 | CVE-2017-18293 | Unspecified vulnerability in Qualcomm products When a particular GPIO is protected by blocking access to the corresponding GPIO resource registers, the protection can be bypassed using the corresponding banked GPIO registers instead in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SDA660. | 7.2 |
| 2018-10-23 | CVE-2017-18282 | Unspecified vulnerability in Qualcomm products Non-secure SW can cause SDCC to generate secure bus accesses, which may expose RPM access in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SDA660. | 7.2 |
| 2018-09-20 | CVE-2018-11269 | Improper Validation of Array Index vulnerability in Qualcomm products In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016, a potential buffer overflow exists when parsing TFTP options. | 7.2 |
| 2018-09-20 | CVE-2018-11268 | Improper Validation of Array Index vulnerability in Qualcomm products In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016, a potential buffer overflow exists when parsing TFTP options. | 7.2 |
| 2018-09-20 | CVE-2018-11267 | Improper Validation of Array Index vulnerability in Qualcomm products In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9615, MDM9640, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016, when sending an malformed XML data to deviceprogrammer/firehose it may do an out of bounds buffer write allowing a region of memory to be filled with 0x20. | 7.2 |