Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Sd_617_firmware
(Qualcomm)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 177 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-04-18 | CVE-2015-9197 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 808, and SD 810, when enabling XPUs for SMEM partitions, if configuration values are out of range, memory access outside the SMEM may occur and set incorrect XPU configurations. | Mdm9206_firmware, Mdm9607_firmware, Mdm9635m_firmware, Mdm9640_firmware, Mdm9645_firmware, Msm8909w_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_400_firmware, Sd_410_firmware, Sd_412_firmware, Sd_415_firmware, Sd_615_firmware, Sd_616_firmware, Sd_617_firmware, Sd_650_firmware, Sd_652_firmware, Sd_808_firmware, Sd_810_firmware | 9.8 | ||
| 2018-04-18 | CVE-2015-9195 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, MDM9635M, MDM9650, MDM9655, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 808, SD 810, and SDX20, in a QTEE syscall handler, HLOS can cause a buffer overflow to occur. | Mdm9625_firmware, Mdm9635m_firmware, Mdm9650_firmware, Mdm9655_firmware, Sd_400_firmware, Sd_410_firmware, Sd_412_firmware, Sd_415_firmware, Sd_615_firmware, Sd_616_firmware, Sd_617_firmware, Sd_650_firmware, Sd_652_firmware, Sd_808_firmware, Sd_810_firmware, Sdx20_firmware | 9.8 | ||
| 2018-04-18 | CVE-2015-9194 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 800, SD 845, and Snapdragon_High_Med_2016, during module load at TZ Startup, memory statically allocated by modules was not being properly set to zero first. Allowing the module to execute without reset gives it access to information from previous app thus leading to information exposure. | Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_400_firmware, Sd_425_firmware, Sd_427_firmware, Sd_430_firmware, Sd_435_firmware, Sd_450_firmware, Sd_617_firmware, Sd_625_firmware, Sd_650_firmware, Sd_652_firmware, Sd_800_firmware, Sd_845_firmware | 7.5 | ||
| 2018-04-18 | CVE-2015-9193 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, improper input validation could cause a memory overread and cause the app to crash. | Mdm9206_firmware, Mdm9650_firmware, Msm8909w_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_400_firmware, Sd_410_firmware, Sd_412_firmware, Sd_415_firmware, Sd_425_firmware, Sd_430_firmware, Sd_450_firmware, Sd_615_firmware, Sd_616_firmware, Sd_617_firmware, Sd_625_firmware, Sd_650_firmware, Sd_652_firmware, Sd_800_firmware, Sd_808_firmware, Sd_810_firmware, Sd_820_firmware, Sd_820a_firmware, Sd_835_firmware, Sd_845_firmware, Sd_850_firmware | 7.5 | ||
| 2018-04-18 | CVE-2015-9192 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, out of bounds memory access vulnerability may occur in the content protection manager due to improper validation of incoming messages. | Mdm9206_firmware, Mdm9650_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_400_firmware, Sd_410_firmware, Sd_412_firmware, Sd_415_firmware, Sd_425_firmware, Sd_430_firmware, Sd_450_firmware, Sd_615_firmware, Sd_616_firmware, Sd_617_firmware, Sd_625_firmware, Sd_650_firmware, Sd_652_firmware, Sd_800_firmware, Sd_808_firmware, Sd_810_firmware, Sd_820_firmware, Sd_820a_firmware, Sd_835_firmware, Sd_845_firmware, Sd_850_firmware | 9.8 | ||
| 2018-04-18 | CVE-2015-9191 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 617, SD 650/52, SD 808, SD 810, and SDX20, in a QTEE syscall handler, an untrusted pointer dereference can occur. | Mdm9206_firmware, Mdm9607_firmware, Mdm9635m_firmware, Mdm9640_firmware, Mdm9645_firmware, Mdm9650_firmware, Mdm9655_firmware, Msm8909w_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_400_firmware, Sd_410_firmware, Sd_412_firmware, Sd_617_firmware, Sd_650_firmware, Sd_652_firmware, Sd_808_firmware, Sd_810_firmware, Sdx20_firmware | 9.8 | ||
| 2018-04-18 | CVE-2015-9188 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, in Secure DEMUX command handler, when parameter validation fails, an error code is written into a response buffer without checking that response buffer length,... | Mdm9206_firmware, Mdm9650_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_410_firmware, Sd_412_firmware, Sd_415_firmware, Sd_425_firmware, Sd_430_firmware, Sd_450_firmware, Sd_600_firmware, Sd_615_firmware, Sd_616_firmware, Sd_617_firmware, Sd_625_firmware, Sd_650_firmware, Sd_652_firmware, Sd_800_firmware, Sd_808_firmware, Sd_810_firmware, Sd_820_firmware, Sd_820a_firmware, Sd_835_firmware, Sd_845_firmware, Sd_850_firmware | 9.8 | ||
| 2018-04-18 | CVE-2015-9187 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, lack of buffer length validation in pvr_cmd_handler leads to unauthorized access to secure memory. | Mdm9206_firmware, Mdm9650_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_410_firmware, Sd_412_firmware, Sd_415_firmware, Sd_425_firmware, Sd_430_firmware, Sd_450_firmware, Sd_615_firmware, Sd_616_firmware, Sd_617_firmware, Sd_625_firmware, Sd_650_firmware, Sd_652_firmware, Sd_800_firmware, Sd_808_firmware, Sd_810_firmware, Sd_820_firmware, Sd_820a_firmware, Sd_835_firmware, Sd_845_firmware, Sd_850_firmware | 9.8 | ||
| 2018-04-18 | CVE-2015-9186 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, in a PlayReady API function, a buffer over-read can occur. | Mdm9206_firmware, Mdm9650_firmware, Msm8909w_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_400_firmware, Sd_410_firmware, Sd_412_firmware, Sd_415_firmware, Sd_425_firmware, Sd_430_firmware, Sd_450_firmware, Sd_615_firmware, Sd_616_firmware, Sd_617_firmware, Sd_625_firmware, Sd_650_firmware, Sd_652_firmware, Sd_800_firmware, Sd_808_firmware, Sd_810_firmware, Sd_820_firmware, Sd_820a_firmware, Sd_835_firmware, Sd_845_firmware, Sd_850_firmware | 9.8 | ||
| 2018-04-18 | CVE-2015-9185 | In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, in multiple Secure DEMUX functions (e.g., SDMX_open_session, SDMX_close_session, SDMX_set_session_cfg), when parameter validation fails, an error code is written... | Mdm9206_firmware, Mdm9650_firmware, Sd_205_firmware, Sd_210_firmware, Sd_212_firmware, Sd_410_firmware, Sd_412_firmware, Sd_415_firmware, Sd_425_firmware, Sd_430_firmware, Sd_450_firmware, Sd_600_firmware, Sd_615_firmware, Sd_616_firmware, Sd_617_firmware, Sd_625_firmware, Sd_650_firmware, Sd_652_firmware, Sd_800_firmware, Sd_808_firmware, Sd_810_firmware, Sd_820_firmware, Sd_820a_firmware, Sd_835_firmware, Sd_845_firmware, Sd_850_firmware | 9.8 |