Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Mdm9640_firmware
(Qualcomm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 486 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-01-03 | CVE-2017-18322 | Cryptographic key material leaked in WCDMA debug messages in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016. | Mdm9206_firmware, Mdm9607_firmware, Mdm9615_firmware, Mdm9625_firmware, Mdm9635m_firmware, Mdm9640_firmware, Mdm9645_firmware, Mdm9650_firmware, Mdm9655_firmware, Msm8909w_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_410_firmware, Sd_412_firmware, Sd_415_firmware, Sd_425_firmware, Sd_427_firmware, Sd_430_firmware, Sd_435_firmware, Sd_450_firmware, Sd_615_firmware, Sd_616_firmware, Sd_625_firmware, Sd_650_firmware, Sd_652_firmware, Sd_800_firmware, Sd_810_firmware, Sd_820_firmware, Sd_835_firmware, Snapdragon_high_med_2016_firmware | 5.5 | ||
| 2018-09-20 | CVE-2017-18314 | In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_High_Med_2016, on TZ cold boot the CNOC_QDSS RG0 locked by xBL_SEC is cleared by TZ. | Mdm9206_firmware, Mdm9607_firmware, Mdm9635m_firmware, Mdm9640_firmware, Mdm9645_firmware, Mdm9650_firmware, Mdm9655_firmware, Msm8909w_firmware, Msm8996au_firmware, Sd205_firmware, Sd210_firmware, Sd212_firmware, Sd410_firmware, Sd412_firmware, Sd415_firmware, Sd425_firmware, Sd427_firmware, Sd430_firmware, Sd435_firmware, Sd450_firmware, Sd615_firmware, Sd616_firmware, Sd617_firmware, Sd625_firmware, Sd650_firmware, Sd652_firmware, Sd810_firmware, Sd820_firmware, Sd820a_firmware, Sd835_firmware, Sda660_firmware, Sdm429_firmware, Sdm439_firmware, Sdm630_firmware, Sdm632_firmware, Sdm636_firmware, Sdm660_firmware | 9.8 | ||
| 2018-10-26 | CVE-2017-18311 | XPU Master privilege escalation is possible due to improper access control of unused configuration xPU ports where unused configuration ports are open in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636,... | Mdm9607_firmware, Mdm9635m_firmware, Mdm9640_firmware, Mdm9645_firmware, Mdm9650_firmware, Mdm9655_firmware, Msm8909w_firmware, Msm8996au_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_410_firmware, Sd_412_firmware, Sd_415_firmware, Sd_425_firmware, Sd_427_firmware, Sd_430_firmware, Sd_435_firmware, Sd_450_firmware, Sd_615_firmware, Sd_616_firmware, Sd_625_firmware, Sd_650_firmware, Sd_652_firmware, Sd_810_firmware, Sd_820_firmware, Sd_820a_firmware, Sd_835_firmware, Sda660_firmware, Sdm429_firmware, Sdm439_firmware, Sdm630_firmware, Sdm632_firmware, Sdm636_firmware, Sdm660_firmware | 7.8 | ||
| 2018-10-23 | CVE-2017-18277 | When dynamic memory allocation fails, currently the process sleeps for one second and continues with infinite loop without retrying for memory allocation in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, QCN5502, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835. | Mdm9206_firmware, Mdm9607_firmware, Mdm9640_firmware, Mdm9650_firmware, Msm8909w_firmware, Qcn5502_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_415_firmware, Sd_425_firmware, Sd_430_firmware, Sd_450_firmware, Sd_600_firmware, Sd_615_firmware, Sd_616_firmware, Sd_625_firmware, Sd_650_firmware, Sd_652_firmware, Sd_810_firmware, Sd_820_firmware, Sd_820a_firmware, Sd_835_firmware | 5.5 | ||
| 2018-04-11 | CVE-2017-18126 | In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9640, MDM9650, QCA6174A, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9379, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, SD 845, SDM630, SDM636, SDM660, Snapdragon_High_Med_2016, the original mac spoofing feature does not use the following in probe request frames: (a)... | Mdm9206_firmware, Mdm9607_firmware, Mdm9640_firmware, Mdm9650_firmware, Qca6174a_firmware, Qca6574_firmware, Qca6574au_firmware, Qca6584_firmware, Qca6584au_firmware, Qca9377_firmware, Qca9379_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_410_firmware, Sd_412_firmware, Sd_415_firmware, Sd_425_firmware, Sd_427_firmware, Sd_430_firmware, Sd_435_firmware, Sd_450_firmware, Sd_615_firmware, Sd_616_firmware, Sd_625_firmware, Sd_650_firmware, Sd_652_firmware, Sd_808_firmware, Sd_810_firmware, Sd_820_firmware, Sd_835_firmware, Sd_845_firmware, Sdm630_firmware, Sdm636_firmware, Sdm660_firmware | 7.5 | ||
| 2019-09-30 | CVE-2019-2341 | Buffer overflow when the audio buffer size provided by user is larger than the maximum allowable audio buffer size. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD... | Mdm9150_firmware, Mdm9206_firmware, Mdm9607_firmware, Mdm9640_firmware, Mdm9650_firmware, Msm8909w_firmware, Msm8996au_firmware, Qcs405_firmware, Qcs605_firmware, Qualcomm_215_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_415_firmware, Sd_425_firmware, Sd_427_firmware, Sd_429_firmware, Sd_430_firmware, Sd_435_firmware, Sd_439_firmware, Sd_450_firmware, Sd_615_firmware, Sd_616_firmware, Sd_625_firmware, Sd_632_firmware, Sd_636_firmware, Sd_665_firmware, Sd_670_firmware, Sd_675_firmware, Sd_710_firmware, Sd_712_firmware, Sd_730_firmware, Sd_820_firmware, Sd_820a_firmware, Sd_835_firmware, Sd_845_firmware, Sd_850_firmware, Sd_855_firmware, Sda660_firmware, Sdm439_firmware, Sdm630_firmware, Sdm660_firmware, Sdx20_firmware, Sdx24_firmware | N/A | ||
| 2019-09-30 | CVE-2019-10539 | Possible buffer overflow issue due to lack of length check when parsing the extended cap IE header length in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574, QCA6574AU, QCA6584, QCA8081, QCA9379, QCS404, QCS405, QCS605, Qualcomm 215, SD... | Ipq8074_firmware, Mdm9206_firmware, Mdm9607_firmware, Mdm9640_firmware, Mdm9650_firmware, Msm8996au_firmware, Qca6174a_firmware, Qca6574_firmware, Qca6574au_firmware, Qca6584_firmware, Qca8081_firmware, Qca9379_firmware, Qcs404_firmware, Qcs405_firmware, Qcs605_firmware, Qualcomm_215_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_425_firmware, Sd_427_firmware, Sd_429_firmware, Sd_430_firmware, Sd_435_firmware, Sd_439_firmware, Sd_450_firmware, Sd_625_firmware, Sd_632_firmware, Sd_636_firmware, Sd_665_firmware, Sd_670_firmware, Sd_675_firmware, Sd_710_firmware, Sd_712_firmware, Sd_730_firmware, Sd_820_firmware, Sd_820a_firmware, Sd_835_firmware, Sd_845_firmware, Sd_850_firmware, Sd_855_firmware, Sd_8cx_firmware, Sda660_firmware, Sdm439_firmware, Sdm630_firmware, Sdm660_firmware, Sdx20_firmware, Sdx24_firmware, Sxr1130_firmware | N/A | ||
| 2019-09-30 | CVE-2019-10508 | Lack of input validation for data received from user space can lead to OOB access in WLAN in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, SD 210/SD 212/SD 205, SD 425, SD 430, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 650/52, SD 820A, SDX20 | Mdm9150_firmware, Mdm9206_firmware, Mdm9607_firmware, Mdm9640_firmware, Mdm9650_firmware, Msm8909w_firmware, Msm8996au_firmware, Qca6174a_firmware, Qca6574au_firmware, Qca9377_firmware, Qca9379_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_415_firmware, Sd_425_firmware, Sd_430_firmware, Sd_600_firmware, Sd_615_firmware, Sd_616_firmware, Sd_625_firmware, Sd_632_firmware, Sd_650_firmware, Sd_652_firmware, Sd_820a_firmware, Sdx20_firmware | N/A | ||
| 2019-09-30 | CVE-2019-10498 | Buffer overflow scenario if the client sends more than 5 io_vec requests to the server in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675,... | Mdm9150_firmware, Mdm9206_firmware, Mdm9607_firmware, Mdm9640_firmware, Mdm9650_firmware, Msm8909w_firmware, Msm8996au_firmware, Qcs405_firmware, Qcs605_firmware, Qualcomm_215_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_415_firmware, Sd_425_firmware, Sd_427_firmware, Sd_429_firmware, Sd_430_firmware, Sd_435_firmware, Sd_439_firmware, Sd_450_firmware, Sd_615_firmware, Sd_616_firmware, Sd_625_firmware, Sd_632_firmware, Sd_636_firmware, Sd_665_firmware, Sd_670_firmware, Sd_675_firmware, Sd_710_firmware, Sd_712_firmware, Sd_730_firmware, Sd_820_firmware, Sd_820a_firmware, Sd_835_firmware, Sd_845_firmware, Sd_850_firmware, Sd_855_firmware, Sda660_firmware, Sdm439_firmware, Sdm630_firmware, Sdm660_firmware, Sdx20_firmware, Sdx24_firmware | N/A | ||
| 2019-09-30 | CVE-2019-10497 | Use after free issue occurs If another instance of open for voice_svc node has been called from application without closing the previous one. in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD... | Mdm9150_firmware, Mdm9206_firmware, Mdm9607_firmware, Mdm9640_firmware, Mdm9650_firmware, Msm8909w_firmware, Msm8996au_firmware, Qcs605_firmware, Qualcomm_215_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_415_firmware, Sd_425_firmware, Sd_427_firmware, Sd_429_firmware, Sd_430_firmware, Sd_435_firmware, Sd_439_firmware, Sd_450_firmware, Sd_615_firmware, Sd_616_firmware, Sd_625_firmware, Sd_632_firmware, Sd_636_firmware, Sd_665_firmware, Sd_670_firmware, Sd_675_firmware, Sd_710_firmware, Sd_712_firmware, Sd_730_firmware, Sd_820_firmware, Sd_820a_firmware, Sd_835_firmware, Sd_845_firmware, Sd_850_firmware, Sd_855_firmware, Sda660_firmware, Sdm439_firmware, Sdm630_firmware, Sdm660_firmware, Sdx20_firmware, Sdx24_firmware | N/A |