Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Qualcomm Subscribe
Filtered by product Sd 820
Total 377 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-18155 1 Qualcomm 12 Msm8996au, Msm8996au Firmware, Sd 450 and 9 more 2018-09-10 4.6 MEDIUM 7.8 HIGH
While playing HEVC content using HD DMB in Snapdragon Automobile and Snapdragon Mobile in version MSM8996AU, SD 450, SD 625, SD 820, SD 820A, SD 835, an uninitialized variable can be used leading to a kernel fault.
CVE-2018-11258 1 Qualcomm 42 Mdm9206, Mdm9206 Firmware, Mdm9607 and 39 more 2018-09-06 4.6 MEDIUM 7.8 HIGH
In ADSP RPC in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear, a Use After Free condition can occur in versions MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDX20.
CVE-2018-5876 1 Qualcomm 48 Mdm9206, Mdm9206 Firmware, Mdm9607 and 45 more 2018-09-05 6.8 MEDIUM 8.8 HIGH
While parsing an mp4 file, a buffer overflow can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear.
CVE-2018-5875 1 Qualcomm 48 Mdm9206, Mdm9206 Firmware, Mdm9607 and 45 more 2018-09-05 6.8 MEDIUM 8.8 HIGH
While parsing an mp4 file, an integer overflow leading to a buffer overflow can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear.
CVE-2018-5894 1 Qualcomm 48 Mdm9206, Mdm9206 Firmware, Mdm9607 and 45 more 2018-09-05 4.3 MEDIUM 6.5 MEDIUM
Improper Validation of Array Index in Multimedia While parsing an mp4 file in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear, an out-of-bounds access can occur.
CVE-2018-5838 1 Qualcomm 52 Mdm9206, Mdm9206 Firmware, Mdm9607 and 49 more 2018-09-04 4.6 MEDIUM 7.8 HIGH
Improper Validation of Array Index In the adreno OpenGL driver in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear, an out-of-bounds access can occur in SurfaceFlinger.
CVE-2018-5891 1 Qualcomm 30 Msm8909w, Msm8909w Firmware, Msm8996au and 27 more 2018-09-04 4.6 MEDIUM 8.4 HIGH
While processing modem SSR after IMS is registered, the IMS data daemon is restarted but the ipc_dataHandle is no longer available. Consequently, the DPL thread frees the internal memory for dataDHandle but the local variable pointer is not updated which can lead to a Use After Free condition in Snapdragon Mobile and Snapdragon Wear.
CVE-2017-11088 1 Qualcomm 28 Msm8909w, Msm8909w Firmware, Msm8996au and 25 more 2018-09-04 7.5 HIGH 9.8 CRITICAL
Improper Input Validation in Linux io-prefetch in Snapdragon Mobile and Snapdragon Wear, A SQL injection vulnerability exists in versions MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 835, SD 845.
CVE-2017-11011 1 Qualcomm 22 Mdm9206, Mdm9206 Firmware, Mdm9607 and 19 more 2018-05-16 10.0 HIGH 9.8 CRITICAL
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 820, SD 835, a Use After Free condition can occur in a communication API.
CVE-2018-3593 1 Qualcomm 50 Mdm9206, Mdm9206 Firmware, Mdm9607 and 47 more 2018-05-15 10.0 HIGH 9.8 CRITICAL
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, repeated enable/disable eMBMS requests may result in a double free condition.
CVE-2018-3590 1 Qualcomm 28 Msm8909w, Msm8909w Firmware, Sd 205 and 25 more 2018-05-15 10.0 HIGH 9.8 CRITICAL
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, a Use After Free condition can occur in RIL while handling requests from Android.
CVE-2017-18072 1 Qualcomm 76 Mdm9206, Mdm9206 Firmware, Mdm9607 and 73 more 2018-05-14 5.0 MEDIUM 7.5 HIGH
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9640, MDM9650, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, SD 845, SDM630, SDM636, SDM660, Snapdragon_High_Med_2016, the probe requests originated from user's phone contains the information elements which specifies the supported wifi features. This shall impact the user's privacy if someone sniffs the probe requests originated by this DUT. Hence, control the presence of which information elements is supported.
CVE-2017-18074 1 Qualcomm 46 Mdm9607, Mdm9607 Firmware, Mdm9625 and 43 more 2018-05-14 10.0 HIGH 9.8 CRITICAL
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 800, SD 808, SD 810, SD 820, SD 835, while playing a .wma file with modified media header with non-standard bytes per second parameter value, a reachable assert occurs.
CVE-2017-18144 1 Qualcomm 28 Msm8909w, Msm8909w Firmware, Sd 205 and 25 more 2018-05-14 10.0 HIGH 9.8 CRITICAL
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, while processing the retransmission of WPA supplicant command send failures, there is a make after break of the connection to WPA supplicant where the local pointer is not properly updated. If the WPA supplicant command transmission fails, a Use After Free condition will occur.
CVE-2017-18146 1 Qualcomm 56 Mdm9206, Mdm9206 Firmware, Mdm9607 and 53 more 2018-05-14 10.0 HIGH 9.8 CRITICAL
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, in some corner cases, ECDSA signature verification can fail.
CVE-2017-18127 1 Qualcomm 24 Msm8909w, Msm8909w Firmware, Sd 205 and 21 more 2018-05-14 10.0 HIGH 9.8 CRITICAL
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 835, SD 845, while processing a SetParam command packet in the VR service, the extracted name_len and value_len values are not checked and could potentially cause a buffer overflow in subsequent calls to memcpy().
CVE-2017-18139 1 Qualcomm 60 Mdm9206, Mdm9206 Firmware, Mdm9607 and 57 more 2018-05-11 10.0 HIGH 9.8 CRITICAL
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, a buffer overflow vulnerability may potentially exist while making an IMS call.
CVE-2017-18145 1 Qualcomm 28 Msm8909w, Msm8909w Firmware, Sd 205 and 25 more 2018-05-11 10.0 HIGH 9.8 CRITICAL
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, while the DPM native process is processing framework events, the iterator pointer is deleted after processing an event. When processing subsequent events, a Use After Condition will occur.
CVE-2017-8275 1 Qualcomm 28 Sd 205, Sd 205 Firmware, Sd 210 and 25 more 2018-05-11 10.0 HIGH 9.8 CRITICAL
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 820, SD 835, an integer overflow vulnerability exists in a video library.
CVE-2017-18140 1 Qualcomm 48 Mdm9206, Mdm9206 Firmware, Mdm9607 and 45 more 2018-05-11 10.0 HIGH 9.8 CRITICAL
In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, when processing a call disconnection, there is an attempt to print the RIL token-id to the debug log. If eMBMS service is enabled while processing the call disconnect, a Use After Free condition may potentially occur.