U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:o:qualcomm:mdm9615m_firmware:-:*:*:*:*:*:*:*
  • CPE Name Search: true
There are 27 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2023-33018

Memory corruption while using the UIM diag command to get the operators name.

Published: December 04, 2023; 10:15:10 PM -0500
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-24849

Information Disclosure in data Modem while parsing an FMTP line in an SDP message.

Published: October 03, 2023; 2:15:23 AM -0400
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2023-24848

Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value.

Published: October 03, 2023; 2:15:22 AM -0400
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2022-40521

Transient DOS due to improper authorization in Modem

Published: June 06, 2023; 4:15:11 AM -0400
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2022-33264

Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message.

Published: June 06, 2023; 4:15:10 AM -0400
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2022-33302

Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command length.

Published: April 13, 2023; 3:15:19 AM -0400
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2022-33289

Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from card.

Published: April 13, 2023; 3:15:17 AM -0400
V3.1: 6.8 MEDIUM
V2.0:(not available)
CVE-2022-33213

Memory corruption in modem due to buffer overflow while processing a PPP packet

Published: March 10, 2023; 4:15:11 PM -0500
V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2022-25694

Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM

Published: March 10, 2023; 4:15:11 PM -0500
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2022-25682

Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Published: December 13, 2022; 11:15:18 AM -0500
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2022-25720

Memory corruption in WLAN due to out of bound array access during connect/roaming in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Published: October 19, 2022; 7:15:10 AM -0400
V3.1: 9.8 CRITICAL
V2.0:(not available)
CVE-2021-35115

Improper handling of multiple session supported by PVM backend can lead to use after free in Snapdragon Auto, Snapdragon Mobile

Published: April 01, 2022; 1:15:07 AM -0400
V3.1: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2021-30270

Possible null pointer dereference in thread profile trap handler due to lack of thread ID validation before dereferencing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published: January 03, 2022; 3:15:07 AM -0500
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2021-30268

Possible heap Memory Corruption Issue due to lack of input validation when sending HWTC IQ Capture command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Published: January 03, 2022; 3:15:07 AM -0500
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2021-30284

Possible information exposure and denial of service due to NAS not dropping messages when integrity check fails in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Published: November 12, 2021; 2:15:07 AM -0500
V3.1: 9.1 CRITICAL
V2.0: 6.4 MEDIUM
CVE-2021-1975

Possible heap overflow due to improper length check of domain while parsing the DNS response in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

Published: November 12, 2021; 2:15:07 AM -0500
V3.1: 9.8 CRITICAL
V2.0: 10.0 HIGH
CVE-2021-1973

A FTM Diag command can allow an arbitrary write into modem OS space in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Published: November 12, 2021; 2:15:07 AM -0500
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2021-30261

Possible integer and heap overflow due to lack of input command size validation while handling beacon template update command from HLOS in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Published: September 17, 2021; 3:15:09 AM -0400
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2021-1972

Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Published: September 08, 2021; 8:15:08 AM -0400
V3.1: 9.8 CRITICAL
V2.0: 10.0 HIGH
CVE-2021-1920

Integer underflow can occur due to improper handling of incoming RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

Published: September 08, 2021; 8:15:07 AM -0400
V3.1: 9.8 CRITICAL
V2.0: 10.0 HIGH