Qualcomm Inc Snapdragon Mobile vulnerabilities
114 known vulnerabilities affecting qualcomm_inc/snapdragon_mobile.
Total CVEs
114
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL58HIGH52MEDIUM4
Vulnerabilities
Page 2 of 6
CVE-2018-11859HIGHCVSS 7.8vSD 845, SD 8502018-10-29
CVE-2018-11859 [HIGH] CWE-119 CVE-2018-11859: Buffer overwrite can happen in WLAN due to lack of validation of the input length in Snapdragon Mobi
Buffer overwrite can happen in WLAN due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850.
nvd
CVE-2018-11874HIGHCVSS 7.8vSD 835, SD 845, SD 850, SDA6602018-10-29
CVE-2018-11874 [HIGH] CWE-119 CVE-2018-11874: Buffer overflow if the length of passphrase is more than 32 when setting up secure NDP connection in
Buffer overflow if the length of passphrase is more than 32 when setting up secure NDP connection in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660.
nvd
CVE-2018-11872HIGHCVSS 7.8vSD 845, SD 850, SDA6602018-10-29
CVE-2018-11872 [HIGH] CWE-20 CVE-2018-11872: Improper input validation leads to buffer overwrite in the WLAN function that handles WMI commands i
Improper input validation leads to buffer overwrite in the WLAN function that handles WMI commands in Snapdragon Mobile in version SD 845, SD 850, SDA660
nvd
CVE-2018-11856HIGHCVSS 7.8vSD 835, SD 845, SD 8502018-10-29
CVE-2018-11856 [HIGH] CWE-119 CVE-2018-11856: Improper input validation leads to buffer overwrite in the WLAN function that handles WMI commands i
Improper input validation leads to buffer overwrite in the WLAN function that handles WMI commands in Snapdragon Mobile in version SD 835, SD 845, SD 850.
nvd
CVE-2018-11877HIGHCVSS 7.8vSD 835, SD 845, SD 850, SDA6602018-10-29
CVE-2018-11877 [HIGH] CWE-119 CVE-2018-11877: When the buffer length passed is very large in WLAN, bounds check could be bypassed leading to poten
When the buffer length passed is very large in WLAN, bounds check could be bypassed leading to potential buffer overwrite in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660.
nvd
CVE-2018-11858HIGHCVSS 7.8vSD 835, SD 845, SD 8502018-10-29
CVE-2018-11858 [HIGH] CWE-119 CVE-2018-11858: When processing IE set command, buffer overwrite may occur due to lack of input validation of the IE
When processing IE set command, buffer overwrite may occur due to lack of input validation of the IE length in Snapdragon Mobile in version SD 835, SD 845, SD 850.
nvd
CVE-2018-11867HIGHCVSS 7.8vSD 8452018-10-29
CVE-2018-11867 [HIGH] CWE-119 CVE-2018-11867: Lack of buffer length check before copying in WLAN function while processing FIPS event, can lead to
Lack of buffer length check before copying in WLAN function while processing FIPS event, can lead to a buffer overflow in Snapdragon Mobile in version SD 845.
nvd
CVE-2018-11884HIGHCVSS 7.8vSD 835, SD 845, SD 850, SDA6602018-10-29
CVE-2018-11884 [HIGH] CWE-119 CVE-2018-11884: Improper input validation leads to buffer overflow while processing network list offload command in
Improper input validation leads to buffer overflow while processing network list offload command in WLAN function in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660
nvd
CVE-2018-11862HIGHCVSS 7.8vSD 845, SD 850, SDA6602018-10-29
CVE-2018-11862 [HIGH] CWE-119 CVE-2018-11862: Buffer overflow can happen in WLAN module due to lack of validation of the input length in Snapdrago
Buffer overflow can happen in WLAN module due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850, SDA660.
nvd
CVE-2018-11880HIGHCVSS 7.8vSD 835, SD 845, SD 850, SDA6602018-10-29
CVE-2018-11880 [HIGH] CWE-119 CVE-2018-11880: Incorrect bound check can lead to potential buffer overwrite in WLAN function in Snapdragon Mobile i
Incorrect bound check can lead to potential buffer overwrite in WLAN function in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660.
nvd
CVE-2018-11861HIGHCVSS 7.8vSD 845, SD 850, SDA6602018-10-29
CVE-2018-11861 [HIGH] CWE-119 CVE-2018-11861: Buffer overflow can happen in WLAN function due to lack of validation of the input length in Snapdra
Buffer overflow can happen in WLAN function due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850, SDA660.
nvd
CVE-2018-11828HIGHCVSS 7.5vSD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/522018-10-26
CVE-2018-11828 [HIGH] CWE-400 CVE-2018-11828: When FW tries to get random mac address generated from new SW RNG and ADC values read are constant t
When FW tries to get random mac address generated from new SW RNG and ADC values read are constant then DUT get struck in loop while trying to get random ADC samples in Snapdragon Mobile in version SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52
nvd
CVE-2018-11822HIGHCVSS 7.8vSD 835, SD 845, SD 850, SDA6602018-10-26
CVE-2018-11822 [HIGH] CWE-190 CVE-2018-11822: A possible integer overflow may happen in WLAN during memory allocation in Snapdragon Mobile in vers
A possible integer overflow may happen in WLAN during memory allocation in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660
nvd
CVE-2017-18309HIGHCVSS 7.1vSD 845, SD 8502018-10-26
CVE-2017-18309 [HIGH] CWE-129 CVE-2017-18309: A micro-core of QMP transportation may cause a macro-core to read from or write to arbitrary memory
A micro-core of QMP transportation may cause a macro-core to read from or write to arbitrary memory in Snapdragon Mobile in version SD 845, SD 850.
nvd
CVE-2018-11854HIGHCVSS 7.8vSD 835, SD 845, SD 850, SDA6602018-10-26
CVE-2018-11854 [HIGH] CWE-119 CVE-2018-11854: Lack of check of valid length of input parameter may cause buffer overwrite in WLAN in Snapdragon Mo
Lack of check of valid length of input parameter may cause buffer overwrite in WLAN in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660
nvd
CVE-2018-11950HIGHCVSS 7.8vSD 845, SD 8502018-10-26
CVE-2018-11950 [HIGH] CWE-20 CVE-2018-11950: Unapproved TrustZone applications can be loaded and executed in Snapdragon Mobile in version SD 845,
Unapproved TrustZone applications can be loaded and executed in Snapdragon Mobile in version SD 845, SD 850
nvd
CVE-2018-11846MEDIUMCVSS 4.7vSD 210/SD 212/SD 205, SD 845, SD 8502018-10-26
CVE-2018-11846 [MEDIUM] CWE-200 CVE-2018-11846: The use of a non-time-constant memory comparison operation can lead to timing/side channel attacks i
The use of a non-time-constant memory comparison operation can lead to timing/side channel attacks in Snapdragon Mobile in version SD 210/SD 212/SD 205, SD 845, SD 850
nvd
CVE-2018-11951MEDIUMCVSS 5.5vSD 845, SD 8502018-10-26
CVE-2018-11951 [MEDIUM] CWE-732 CVE-2018-11951: Improper access control in core module lead XBL_LOADER performs the ZI region clear for QTEE instead
Improper access control in core module lead XBL_LOADER performs the ZI region clear for QTEE instead of XBL_SEC in Snapdragon Mobile in version SD 845, SD 850.
nvd
CVE-2017-18170HIGHCVSS 8.8vQCA9379, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, SD 850, SDM630, SDM636, SDM660, SDM710, Snapdragon_High_Med_20162018-10-23
CVE-2017-18170 [HIGH] CWE-191 CVE-2017-18170: Improper input validation in Bluetooth Controller function can lead to possible memory corruption in
Improper input validation in Bluetooth Controller function can lead to possible memory corruption in Snapdragon Mobile in version QCA9379, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, SD 850, SDM630, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016.
nvd
CVE-2017-18297HIGHCVSS 7.8vSD 425, SD 430, SD 450, SD 625, SD 650/52, SD 8202018-10-23
CVE-2017-18297 [HIGH] CWE-415 CVE-2017-18297: Double memory free while closing TEE SE API Session management in Snapdragon Mobile in version SD 42
Double memory free while closing TEE SE API Session management in Snapdragon Mobile in version SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820.
nvd