Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:qualcomm:sd_410_firmware:-:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2015-9139 |
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, SD 810, and SD 820, improper input validation can occur while negotiating an SSL handshake. Published: April 18, 2018; 10:29:04 AM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 10.0 HIGH |
CVE-2015-9138 |
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, when an RSA encryption operation is called, the ce_util_to_unsigned_bin is invoked to convert the input buffer to unsigned binary. The ce_util_to_unsigned_bin function, instead of operating on the size of the unsigned character buffer that is passed, operates on the address - i.e. operates on "c" instead of "*c". Decrementing the address to check if it is less than zero means that the operation will always pass, since a pointer will never be less than zero, and may result in a buffer overflow. Published: April 18, 2018; 10:29:04 AM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 10.0 HIGH |
CVE-2015-9137 |
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, several EFS2 DIAG command handlers are not calling fs_diag_access_check(). Published: April 18, 2018; 10:29:04 AM -0400 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2015-9135 |
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9625, MDM9635M, MDM9640, MDM9645, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, and SD 810, in a QTEE syscall handler, an untrusted pointer dereference can occur. Published: April 18, 2018; 10:29:04 AM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 10.0 HIGH |
CVE-2015-9134 |
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410/12, SD 615/16/SD 415, and SD 810, while processing QSEE Syscall 'qsee_macc_gen_ecc_privkey', untrusted pointer dereference occurs, which could result in arbitrary write. Published: April 18, 2018; 10:29:04 AM -0400 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2015-9133 |
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400, SD 410/12, SD 617, SD 650/52, SD 800, and SD 810, if Widevine App TZ_WV_CMD_DECRYPT_VIDEO is called with a size too large, an integer overflow may occur. Published: April 18, 2018; 10:29:04 AM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 10.0 HIGH |
CVE-2015-9132 |
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Small Cell SoC FSM9055, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, and SD 810, possible arbitrary memory read due to untrusted pointer dereference when handling HLOS controlled values passed to the QSEE syscall helper. Published: April 18, 2018; 10:29:04 AM -0400 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2015-9131 |
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 808, and SD 810, lack of input validation in qsee can lead to unauthorized memory access. Published: April 18, 2018; 10:29:04 AM -0400 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2015-9130 |
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 808, and SD 810, in a PlayReady function, a NULL pointer dereference can occur. Published: April 18, 2018; 10:29:04 AM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 10.0 HIGH |
CVE-2015-9129 |
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, if the size parameter passed to TZ_PR_CMD_CONTENT_SET_PROP is small, an integer underflow occurs. Published: April 18, 2018; 10:29:03 AM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 10.0 HIGH |
CVE-2015-9128 |
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, and SD 835, lack of validation of the buffer size could lead to a buffer overread. Published: April 18, 2018; 10:29:03 AM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 10.0 HIGH |
CVE-2015-9127 |
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, and SD 810, possible null pointer dereference occurs due to failure of memory allocation when a large value is passed for buffer allocation in the Playready App. Published: April 18, 2018; 10:29:03 AM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 10.0 HIGH |
CVE-2015-9124 |
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, MDM9635M, MDM9640, MDM9645, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 808, and SD 810, the device may crash while accessing an invalid pointer or expose otherwise inaccessible memory contents. Published: April 18, 2018; 10:29:03 AM -0400 |
V4.0:(not available) V3.0: 9.1 CRITICAL V2.0: 8.5 HIGH |
CVE-2015-9123 |
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, IPQ4019, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, code to zeroize AES key could be compiled out by compiler which could potentially result in information disclosure. Published: April 18, 2018; 10:29:03 AM -0400 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2015-9122 |
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, and SD 835, possible buffer overflow if SIM card sends a response greater than 64KB of data for stream APDU command. Published: April 18, 2018; 10:29:03 AM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 10.0 HIGH |
CVE-2015-9120 |
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, and SD 835, detection of Error Condition Without Action in Core. Published: April 18, 2018; 10:29:03 AM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 10.0 HIGH |
CVE-2015-9119 |
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, sensitive information may be returned to the QMI client as a response. Published: April 18, 2018; 10:29:03 AM -0400 |
V4.0:(not available) V3.0: 7.5 HIGH V2.0: 5.0 MEDIUM |
CVE-2015-9118 |
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 808, and SD 810, in ADSP's QDI Root-PD driver, untrusted arguments from User PD may cause integer overflow resulting in buffer overflow. Published: April 18, 2018; 10:29:03 AM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 10.0 HIGH |
CVE-2015-9115 |
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 820, and SD 820A, no address argument validation is performed on calls to the qsee_prng_getdata syscall. Published: April 18, 2018; 10:29:03 AM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 10.0 HIGH |
CVE-2014-9997 |
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9625, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 450, SD 625, SD 650/52, SD 808, and SD 810, lack of input validation in PRDiagMaintenanceHandler can leads to buffer over read. Published: April 18, 2018; 10:29:02 AM -0400 |
V4.0:(not available) V3.0: 9.8 CRITICAL V2.0: 10.0 HIGH |