| Max CVSS | 10.0 | Min CVSS | 2.1 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-9444 | 7.1 |
In ih264d_video_decode of ih264d_api.c there is a possible resource exhaustion due to an infinite loop. This could lead to remote temporary device denial of service (remote hang or reboot) with no additional execution privileges needed. User interact
|
03-10-2019 - 00:03 | 06-11-2018 - 17:29 | |
| CVE-2018-5383 | 4.3 |
Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generat
|
03-10-2019 - 00:03 | 07-08-2018 - 21:29 | |
| CVE-2018-9438 | 4.7 |
When a device connects only over WiFi VPN, the device may not receive security updates due to some incorrect checks. This could lead to a local denial of service of security updates with no additional execution privileges needed. User interaction is
|
03-10-2019 - 00:03 | 06-11-2018 - 17:29 | |
| CVE-2018-9458 | 6.8 |
In computeFocusedWindow of RootWindowContainer.java, and related functions, there is possible interception of keypresses due to focus being on the wrong window. This could lead to local escalation of privilege revealing the user's keypresses while th
|
03-10-2019 - 00:03 | 06-11-2018 - 17:29 | |
| CVE-2017-18305 | 6.9 |
XBL sec mem dump system call allows complete control of EL3 by unlocking all XPUs if enable fuse is not blown in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835.
|
03-10-2019 - 00:03 | 23-10-2018 - 13:29 | |
| CVE-2017-18296 | 7.2 |
Access control on applications is not applied while accessing SafeSwitch services can lead to improper access in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205
|
03-10-2019 - 00:03 | 23-10-2018 - 13:29 | |
| CVE-2017-18294 | 7.2 |
While reading file class type from ELF header, a buffer overread may happen if the ELF file size is less than the size of ELF64 header size in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version FSM9055, MDM9206, MDM9
|
03-10-2019 - 00:03 | 23-10-2018 - 13:29 | |
| CVE-2017-18280 | 7.2 |
In Snapdragon (Automobile, Mobile, Wear) in version MDM9607, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SDM429, SDM439, SDM632, Snapdragon_High_Med_2016, when
|
03-10-2019 - 00:03 | 20-09-2018 - 13:29 | |
| CVE-2017-18293 | 7.2 |
When a particular GPIO is protected by blocking access to the corresponding GPIO resource registers, the protection can be bypassed using the corresponding banked GPIO registers instead in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM960
|
03-10-2019 - 00:03 | 23-10-2018 - 13:29 | |
| CVE-2017-18310 | 7.2 |
ClientEnv exposes services 0-32 to HLOS in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52,
|
03-10-2019 - 00:03 | 26-10-2018 - 13:29 | |
| CVE-2017-18299 | 4.9 |
Improper translation table consolidation logic leads to resource exhaustion and QSEE error in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in version MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450,
|
03-10-2019 - 00:03 | 23-10-2018 - 13:29 | |
| CVE-2017-18282 | 7.2 |
Non-secure SW can cause SDCC to generate secure bus accesses, which may expose RPM access in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SDA660.
|
03-10-2019 - 00:03 | 23-10-2018 - 13:29 | |
| CVE-2017-18308 | 7.2 |
Modem segments are unlocked after authentication, leaving modem segments open to all in Snapdragon Mobile, Snapdragon Wear in version MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430
|
03-10-2019 - 00:03 | 26-10-2018 - 13:29 | |
| CVE-2017-18283 | 6.1 |
Possible memory corruption when Read Val Blob Req is received with invalid parameters in Snapdragon Mobile in version QCA9379, SD 210/SD 212/SD 205, SD 625, SD 835, SD 845, SD 850, SDA660.
|
03-10-2019 - 00:03 | 23-10-2018 - 13:29 | |
| CVE-2017-13077 | 5.4 |
Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.
|
03-10-2019 - 00:03 | 17-10-2017 - 02:29 | |
| CVE-2017-18249 | 4.4 |
The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent thre
|
03-04-2019 - 01:29 | 26-03-2018 - 20:29 | |
| CVE-2018-9459 | 6.8 |
In Attachment of Attachment.java and getFilePath of EmlAttachmentProvider.java, there is a possible Elevation of Privilege due to a path traversal error. This could lead to a remote escalation of privilege with no additional execution privileges need
|
30-01-2019 - 20:03 | 06-11-2018 - 17:29 | |
| CVE-2018-11260 | 4.6 |
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing a fast Initial link setup (FILS) connection request, integer overflow may lead to a buffer overflow when the key length is zer
|
21-12-2018 - 14:19 | 27-11-2018 - 16:29 | |
| CVE-2018-9427 | 9.3 |
In CopyToOMX of OMXNodeInstance.cpp there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to remote arbitrary code execution with no additional execution privileges needed. User interaction is needed for exploitati
|
18-12-2018 - 17:33 | 06-11-2018 - 17:29 | |
| CVE-2018-9455 | 7.8 |
In sdpu_extract_attr_seq of sdp_utils.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploita
|
13-12-2018 - 17:00 | 06-11-2018 - 17:29 | |
| CVE-2018-9453 | 4.9 |
In avdt_msg_prs_cfg of avdt_msg.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
|
13-12-2018 - 12:46 | 06-11-2018 - 17:29 | |
| CVE-2018-9436 | 7.8 |
In bnep_data_ind of bnep_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
|
12-12-2018 - 21:25 | 06-11-2018 - 17:29 | |
| CVE-2018-9437 | 7.1 |
In getstring of ID3.cpp there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Ve
|
12-12-2018 - 21:23 | 06-11-2018 - 17:29 | |
| CVE-2018-9445 | 7.2 |
In readMetadata of Utils.cpp, there is a possible path traversal bug due to a confused deputy. This could lead to local escalation of privilege when mounting a USB device with no additional execution privileges needed. User interaction is not needed
|
12-12-2018 - 21:11 | 06-11-2018 - 17:29 | |
| CVE-2018-9446 | 10.0 |
In smp_br_state_machine_event of smp_br_main.cc, there is a possible out of bounds write due to memory corruption. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitatio
|
12-12-2018 - 21:04 | 06-11-2018 - 17:29 | |
| CVE-2018-9448 | 7.8 |
In avct_bcb_msg_ind of avct_bcb_act.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploita
|
12-12-2018 - 21:02 | 06-11-2018 - 17:29 | |
| CVE-2018-9450 | 9.0 |
In avrc_proc_vendor_command of avrc_api.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitatio
|
12-12-2018 - 20:55 | 06-11-2018 - 17:29 | |
| CVE-2018-9451 | 4.9 |
In DynamicRefTable::load of ResourceTypes.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for ex
|
12-12-2018 - 20:48 | 06-11-2018 - 17:29 | |
| CVE-2018-9454 | 4.9 |
In bnep_data_ind of bnep_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. P
|
12-12-2018 - 20:46 | 06-11-2018 - 17:29 | |
| CVE-2018-9465 | 4.6 |
In task_get_unused_fd_flags of binder.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
|
12-12-2018 - 14:31 | 06-11-2018 - 17:29 | |
| CVE-2017-18309 | 6.6 |
A micro-core of QMP transportation may cause a macro-core to read from or write to arbitrary memory in Snapdragon Mobile in version SD 845, SD 850.
|
11-12-2018 - 21:09 | 26-10-2018 - 13:29 | |
| CVE-2018-11305 | 7.2 |
When a series of FDAL messages are sent to the modem, a Use After Free condition can occur in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425,
|
11-12-2018 - 20:49 | 26-10-2018 - 13:29 | |
| CVE-2017-18281 | 2.1 |
A bool variable in Video function, which gets typecasted to int before being read could result in an out of bound read access in all Android releases from CAF using the linux kernel
|
11-12-2018 - 15:39 | 29-10-2018 - 18:29 | |
| CVE-2017-18292 | 4.9 |
Secure app running in non secure space can restart TZ by calling Widevine app API repeatedly in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD
|
10-12-2018 - 16:45 | 23-10-2018 - 13:29 | |
| CVE-2017-18298 | 7.2 |
Lack of Input Validation in SDMX API can lead to NULL pointer access in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/
|
10-12-2018 - 16:27 | 23-10-2018 - 13:29 | |
| CVE-2017-18300 | 4.9 |
Secure display content could be accessed by third party trusted application after creating a fault in other trusted applications in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SDA660.
|
10-12-2018 - 15:09 | 23-10-2018 - 13:29 | |
| CVE-2017-18303 | 7.2 |
While processing the sensors registry configuration file, if inputs are not validated a buffer overflow will occur in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MMDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/
|
10-12-2018 - 14:53 | 23-10-2018 - 13:29 | |
| CVE-2017-18304 | 7.2 |
Insufficient memory allocation in boot due to incorrect size being passed could result in out of bounds access in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in version FSM9055, MDM9206, MDM9607, MDM9640, MDM9650, MSM
|
10-12-2018 - 14:52 | 23-10-2018 - 13:29 | |
| CVE-2017-18297 | 7.2 |
Double memory free while closing TEE SE API Session management in Snapdragon Mobile in version SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820.
|
07-12-2018 - 21:11 | 23-10-2018 - 13:29 | |
| CVE-2017-18295 | 7.2 |
Possible buffer overflow if input is not null terminated in DSP Service module in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 450, SD 615/16/SD 415, SD
|
06-12-2018 - 17:20 | 23-10-2018 - 13:29 | |
| CVE-2017-18302 | 4.7 |
In Snapdragon (Automobile ,Mobile) in version MSM8996AU, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_High_Med_2016, a crafted HLOS client can m
|
23-11-2018 - 15:51 | 20-09-2018 - 13:29 | |
| CVE-2017-18301 | 4.9 |
In Small Cell SoC and Snapdragon (Automobile, Mobile, Wear) in version FSM9055, FSM9955, MDM9607, MDM9640, MDM9650, MSM8909W, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDM630, SDM636, SDM660,
|
23-11-2018 - 15:49 | 20-09-2018 - 13:29 | |
| CVE-2018-11258 | 4.6 |
In ADSP RPC in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear, a Use After Free condition can occur in versions MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, S
|
06-09-2018 - 15:34 | 06-07-2018 - 17:29 |