Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Sd_210_firmware
(Qualcomm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 423 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-04-18 | CVE-2014-10053 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 450, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, data access is not properly validated in the Widevine secure application. | Mdm9206_firmware, Mdm9650_firmware, Msm8909w_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_400_firmware, Sd_410_firmware, Sd_412_firmware, Sd_415_firmware, Sd_425_firmware, Sd_430_firmware, Sd_450_firmware, Sd_615_firmware, Sd_616_firmware, Sd_617_firmware, Sd_625_firmware, Sd_650_firmware, Sd_652_firmware, Sd_800_firmware, Sd_808_firmware, Sd_810_firmware, Sd_820_firmware, Sd_820a_firmware, Sd_835_firmware, Sd_845_firmware, Sd_850_firmware | 9.8 | ||
| 2018-04-18 | CVE-2014-10052 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, SD 810, SD 835, and SDX20, the reserved memory of TZ subsystem (like TZ apps and some PIL image subsystem) is not cleared after being used. | Fsm9055_firmware, Ipq4019_firmware, Mdm9206_firmware, Mdm9607_firmware, Mdm9625_firmware, Mdm9635m_firmware, Mdm9640_firmware, Mdm9645_firmware, Mdm9650_firmware, Mdm9655_firmware, Msm8909w_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_400_firmware, Sd_410_firmware, Sd_412_firmware, Sd_415_firmware, Sd_615_firmware, Sd_616_firmware, Sd_617_firmware, Sd_650_firmware, Sd_652_firmware, Sd_800_firmware, Sd_808_firmware, Sd_810_firmware, Sd_835_firmware, Sdx20_firmware | 9.8 | ||
| 2018-04-18 | CVE-2014-10051 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, and SDX20, after loading a dynamically loaded code section, I-Cache is not invalidated, which could lead to executing code from stale cache lines. | Mdm9206_firmware, Mdm9607_firmware, Mdm9635m_firmware, Mdm9640_firmware, Mdm9645_firmware, Mdm9650_firmware, Mdm9655_firmware, Msm8909w_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_400_firmware, Sd_410_firmware, Sd_412_firmware, Sdx20_firmware | 9.8 | ||
| 2018-04-18 | CVE-2014-10048 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, while setting the offsets, time-services allows the user to set bases greater than valid base value which will lead to array index out-of-bound. | Mdm9206_firmware, Mdm9607_firmware, Mdm9650_firmware, Msm8909w_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_400_firmware, Sd_410_firmware, Sd_412_firmware, Sd_415_firmware, Sd_425_firmware, Sd_430_firmware, Sd_450_firmware, Sd_600_firmware, Sd_615_firmware, Sd_616_firmware, Sd_617_firmware, Sd_625_firmware, Sd_650_firmware, Sd_652_firmware, Sd_800_firmware, Sd_808_firmware, Sd_810_firmware, Sd_820_firmware, Sd_835_firmware, Sdx20_firmware | 9.8 | ||
| 2018-04-18 | CVE-2014-10046 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 808, and SD 810, use after free vulnerability when the PDN throttle info block is freed without clearing the corresponding active timer. | Mdm9615_firmware, Mdm9625_firmware, Mdm9635m_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_400_firmware, Sd_410_firmware, Sd_412_firmware, Sd_415_firmware, Sd_615_firmware, Sd_616_firmware, Sd_800_firmware, Sd_808_firmware, Sd_810_firmware | 9.8 | ||
| 2018-04-18 | CVE-2014-10045 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 820, and SDX20, buffer overflow vulnerability exist in Sahara boot when program header are parsing. | Ipq4019_firmware, Mdm9206_firmware, Mdm9607_firmware, Mdm9615_firmware, Mdm9625_firmware, Mdm9635m_firmware, Mdm9640_firmware, Mdm9650_firmware, Mdm9655_firmware, Msm8909w_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_400_firmware, Sd_410_firmware, Sd_412_firmware, Sd_415_firmware, Sd_615_firmware, Sd_616_firmware, Sd_820_firmware, Sdx20_firmware | 9.8 | ||
| 2018-04-18 | CVE-2014-10044 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, SD 210/SD 212/SD 205, SD 400, SD 617, SD 800, and SD 820, in the time daemon, unauthorized users can potentially modify system time and cause an array index to be out-of-bound. | Mdm9615_firmware, Mdm9625_firmware, Mdm9635m_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_400_firmware, Sd_617_firmware, Sd_800_firmware, Sd_820_firmware | 7.5 | ||
| 2018-04-18 | CVE-2014-10043 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, and SD 800, while reading PlayReady rights string information from command buffer (which is sent from non-secure side), if length of rights string is very large, a buffer over read occurs, exposing TZ App memory to non-secure side. | Msm8909w_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_400_firmware, Sd_410_firmware, Sd_412_firmware, Sd_800_firmware | 7.5 | ||
| 2018-10-26 | CVE-2018-11850 | Lack of check on remaining length parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9379, SD 210/SD 212/SD 205, SD 425, SD 625, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDX20 | Mdm9206_firmware, Mdm9607_firmware, Mdm9640_firmware, Mdm9650_firmware, Msm8996au_firmware, Qca6174a_firmware, Qca6574au_firmware, Qca6584_firmware, Qca6584au_firmware, Qca9377_firmware, Qca9379_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_425_firmware, Sd_625_firmware, Sd_810_firmware, Sd_820_firmware, Sd_820a_firmware, Sd_835_firmware, Sd_845_firmware, Sd_850_firmware, Sda660_firmware, Sdx20_firmware | 7.8 | ||
| 2018-10-26 | CVE-2018-11828 | When FW tries to get random mac address generated from new SW RNG and ADC values read are constant then DUT get struck in loop while trying to get random ADC samples in Snapdragon Mobile in version SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52 | Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_425_firmware, Sd_430_firmware, Sd_450_firmware, Sd_625_firmware, Sd_650_firmware, Sd_652_firmware | 7.5 |