Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Sd820a_firmware
(Qualcomm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 15 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-09-20 | CVE-2018-11292 | In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA6574AU, QCA6584, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820A, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_High_Med_2016, lack of input validation in WLANWMI command handlers can lead to integer & heap overflows. | Mdm9206_firmware, Mdm9607_firmware, Mdm9640_firmware, Mdm9650_firmware, Msm8909w_firmware, Msm8996au_firmware, Qca6574au_firmware, Qca6584_firmware, Sd205_firmware, Sd210_firmware, Sd212_firmware, Sd410_firmware, Sd412_firmware, Sd415_firmware, Sd425_firmware, Sd427_firmware, Sd430_firmware, Sd450_firmware, Sd615_firmware, Sd616_firmware, Sd625_firmware, Sd650_firmware, Sd652_firmware, Sd820a_firmware, Sdm429_firmware, Sdm439_firmware, Sdm630_firmware, Sdm632_firmware, Sdm636_firmware, Sdm660_firmware | 7.8 | ||
| 2018-09-20 | CVE-2017-18314 | In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_High_Med_2016, on TZ cold boot the CNOC_QDSS RG0 locked by xBL_SEC is cleared by TZ. | Mdm9206_firmware, Mdm9607_firmware, Mdm9635m_firmware, Mdm9640_firmware, Mdm9645_firmware, Mdm9650_firmware, Mdm9655_firmware, Msm8909w_firmware, Msm8996au_firmware, Sd205_firmware, Sd210_firmware, Sd212_firmware, Sd410_firmware, Sd412_firmware, Sd415_firmware, Sd425_firmware, Sd427_firmware, Sd430_firmware, Sd435_firmware, Sd450_firmware, Sd615_firmware, Sd616_firmware, Sd617_firmware, Sd625_firmware, Sd650_firmware, Sd652_firmware, Sd810_firmware, Sd820_firmware, Sd820a_firmware, Sd835_firmware, Sda660_firmware, Sdm429_firmware, Sdm439_firmware, Sdm630_firmware, Sdm632_firmware, Sdm636_firmware, Sdm660_firmware | 9.8 | ||
| 2018-09-20 | CVE-2017-18280 | In Snapdragon (Automobile, Mobile, Wear) in version MDM9607, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SDM429, SDM439, SDM632, Snapdragon_High_Med_2016, when a Trusted Application has opened the SPI/I2C interface to a particular device, it is possible for another Trusted Application to read the data on this open interface by calling the SPI/I2C read function. | Mdm9607_firmware, Msm8909w_firmware, Msm8996au_firmware, Sd205_firmware, Sd210_firmware, Sd212_firmware, Sd425_firmware, Sd427_firmware, Sd430_firmware, Sd435_firmware, Sd450_firmware, Sd617_firmware, Sd625_firmware, Sd650_firmware, Sd652_firmware, Sd820_firmware, Sd820a_firmware, Sd835_firmware, Sdm429_firmware, Sdm439_firmware, Sdm632_firmware | 7.8 | ||
| 2018-09-20 | CVE-2018-5871 | In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016, MAC address randomization performed during probe requests (for privacy reasons) is not done properly due to a flawed RNG which produces repeating output much... | Mdm9206_firmware, Mdm9607_firmware, Mdm9640_firmware, Mdm9650_firmware, Msm8996au_firmware, Qca6574au_firmware, Sd205_firmware, Sd210_firmware, Sd212_firmware, Sd415_firmware, Sd425_firmware, Sd427_firmware, Sd430_firmware, Sd435_firmware, Sd450_firmware, Sd615_firmware, Sd616_firmware, Sd650_firmware, Sd652_firmware, Sd820a_firmware, Sd835_firmware, Sd845_firmware, Sd850_firmware, Sda660_firmware, Sdm429_firmware, Sdm439_firmware, Sdm630_firmware, Sdm632_firmware, Sdm636_firmware, Sdm660_firmware, Sdm710_firmware | 6.5 | ||
| 2018-09-20 | CVE-2018-5837 | In Snapdragon (Automobile, Mobile, Wear) in version IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016, MAC address randomization performed during probe requests is not done properly due to a flawed RNG which produced repeating output much earlier than expected. | Ipq8074_firmware, Mdm9206_firmware, Mdm9607_firmware, Mdm9640_firmware, Mdm9650_firmware, Msm8996au_firmware, Qca6574au_firmware, Sd205_firmware, Sd210_firmware, Sd212_firmware, Sd425_firmware, Sd427_firmware, Sd430_firmware, Sd435_firmware, Sd450_firmware, Sd625_firmware, Sd820a_firmware, Sd835_firmware, Sd845_firmware, Sd850_firmware, Sda660_firmware, Sdm429_firmware, Sdm439_firmware, Sdm630_firmware, Sdm632_firmware, Sdm636_firmware, Sdm660_firmware, Sdm710_firmware | 7.5 | ||
| 2018-09-20 | CVE-2018-11291 | In Snapdragon (Automobile, Mobile, Wear) in version IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDM630, SDM632, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016, cryptographic issues due to the random number generator was not a strong one in NAN. | Ipq8074_firmware, Mdm9206_firmware, Mdm9607_firmware, Mdm9640_firmware, Mdm9650_firmware, Msm8996au_firmware, Qca4531_firmware, Qca6174a_firmware, Qca6564_firmware, Qca6574_firmware, Qca6574au_firmware, Qca6584_firmware, Qca6584au_firmware, Qca9377_firmware, Qca9378_firmware, Qca9379_firmware, Sd425_firmware, Sd427_firmware, Sd430_firmware, Sd435_firmware, Sd450_firmware, Sd600_firmware, Sd625_firmware, Sd650_firmware, Sd652_firmware, Sd810_firmware, Sd820_firmware, Sd820a_firmware, Sd835_firmware, Sd845_firmware, Sd850_firmware, Sdm630_firmware, Sdm632_firmware, Sdm636_firmware, Sdm660_firmware, Sdx20_firmware | 7.5 | ||
| 2018-09-20 | CVE-2018-11290 | In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, QCA6584, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 820A, SD 845, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016, MAC address randomization performed during probe requests is not done properly due to a flawed RNG in use. | Mdm9206_firmware, Mdm9607_firmware, Mdm9640_firmware, Mdm9650_firmware, Msm8996au_firmware, Qca6574au_firmware, Qca6584_firmware, Sd205_firmware, Sd210_firmware, Sd212_firmware, Sd425_firmware, Sd427_firmware, Sd430_firmware, Sd435_firmware, Sd450_firmware, Sd625_firmware, Sd650_firmware, Sd652_firmware, Sd820a_firmware, Sd845_firmware, Sdm429_firmware, Sdm439_firmware, Sdm630_firmware, Sdm632_firmware, Sdm636_firmware, Sdm660_firmware, Sdx20_firmware | 7.5 | ||
| 2018-09-20 | CVE-2018-11287 | In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016, incorrect control flow implementation in Video while checking buffer sufficiency. | Mdm9206_firmware, Mdm9607_firmware, Mdm9650_firmware, Msm8909w_firmware, Msm8996au_firmware, Sd205_firmware, Sd210_firmware, Sd212_firmware, Sd425_firmware, Sd427_firmware, Sd430_firmware, Sd435_firmware, Sd450_firmware, Sd625_firmware, Sd650_firmware, Sd652_firmware, Sd820_firmware, Sd820a_firmware, Sd835_firmware, Sd845_firmware, Sd850_firmware, Sda660_firmware, Sdm429_firmware, Sdm439_firmware, Sdm630_firmware, Sdm632_firmware, Sdm636_firmware, Sdm660_firmware, Sdm710_firmware | 9.8 | ||
| 2018-09-20 | CVE-2018-11285 | In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016, while parsing FLAC file with corrupted picture block, a buffer over-read can occur. | Mdm9206_firmware, Mdm9607_firmware, Mdm9650_firmware, Msm8909w_firmware, Msm8996au_firmware, Sd205_firmware, Sd210_firmware, Sd212_firmware, Sd415_firmware, Sd425_firmware, Sd427_firmware, Sd430_firmware, Sd435_firmware, Sd450_firmware, Sd615_firmware, Sd616_firmware, Sd625_firmware, Sd650_firmware, Sd810_firmware, Sd820_firmware, Sd820a_firmware, Sd835_firmware, Sd845_firmware, Sda660_firmware, Sdm429_firmware, Sdm439_firmware, Sdm630_firmware, Sdm632_firmware, Sdm636_firmware, Sdm660_firmware, Sdm710_firmware, Sdx20_firmware | 7.8 | ||
| 2018-09-20 | CVE-2018-11277 | In Snapdragon (Automobile, Mobile, Wear) in version MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SDA660, the com.qualcomm.embms is a vendor package deployed in the system image which has an inadequate permission level and allows any application installed from Play Store to request this permission at install-time. The system application interfaces with the Radio Interface Layer leading to... | Msm8909w_firmware, Msm8996au_firmware, Sd205_firmware, Sd210_firmware, Sd212_firmware, Sd415_firmware, Sd430_firmware, Sd450_firmware, Sd615_firmware, Sd616_firmware, Sd617_firmware, Sd625_firmware, Sd650_firmware, Sd652_firmware, Sd810_firmware, Sd820_firmware, Sd820a_firmware, Sd835_firmware, Sd845_firmware, Sda660_firmware | 7.8 |