Vulnerabilities in Qualcomm, Inc.

2,934 results
Vexday analysis

Com 2.934 CVEs catalogadas, a Qualcomm apresenta um volume expressivo de vulnerabilidades, reflexo da amplitude de seu portfólio de chipsets e firmware embarcado. A taxa de exploração ativa — 12 entradas no catálogo KEV da CISA, ou 0,41% do total — está em linha com a média geral do catálogo, indicando que o risco de exploração confirmada não foge do padrão da indústria, embora 94 falhas de severidade crítica representem uma superfície de ataque relevante para equipes de segurança que dependem de componentes Qualcomm em ambientes móveis, automotivos ou de IoT. A CVE mais perigosa atualmente em exploração ativa, CVE-2020-11261, apresenta EPSS de 0,0177, sugerindo probabilidade de exploração adicional relativamente baixa no curto prazo, mas sua presença no KEV exige atenção imediata em qualquer inventário de ativos afetados. O surgimento de 49 novas CVEs nos últimos 90 dias e a disponibilidade de PoCs públicas para 3 vulnerabilidades reforçam a necessidade de ciclos contínuos de atualização de firmware e monitoramento ativo de patches liberados pelo fabricante.

CVE-2020-3625When making query to DSP capabilities, Stack out of bounds occurs due to wrong buffer length configured for DSP attributes in Snapdragon AutEPSS 0.2%CVE-2019-14105Kernel was reading the CSL defined reserved field as uint16 instead of uint32 which could lead to memory overflow in Snapdragon Industrial IEPSS 0.2%CVE-2020-3687Local privilege escalation in admin services in Windows environment can occur due to an arbitrary read issue.EPSS 0.2%CVE-2019-14066Integer overflow in calculating estimated output buffer size when getting a list of installed Feature IDs, Serial Numbers or checking FeaturEPSS 0.2%CVE-2019-13998u'Lack of check that the TX FIFO write and read indices that are read from shared RAM are less than the FIFO size results into memory corrupEPSS 0.2%CVE-2019-13995u'Lack of integer overflow check for addition of fragment size and remaining size that are read from shared memory can lead to memory corrupEPSS 0.2%CVE-2019-14117u'Whenever the page list is updated via privileged user, the previous list elements are freed but are not deleted from the list which resultEPSS 0.2%CVE-2019-14056u'Possible integer overflow in API due to lack of check on large oid range count in cert extension field' in Snapdragon Auto, Snapdragon ComEPSS 0.2%CVE-2019-13999u'Lack of check for integer overflow for round up and addition operations result into memory corruption and potential information leakage' iEPSS 0.2%CVE-2020-11128u'Possible out of bound access while copying the mask file content into the buffer without checking the buffer size' in Snapdragon Auto, SnaEPSS 0.2%CVE-2019-10597kernel writes to user passed address without any checks can lead to arbitrary memory write in Snapdragon Auto, Snapdragon Compute, SnapdragoEPSS 0.2%CVE-2019-10527u'SMEM partition can be manipulated in case of any compromise on HLOS, thus resulting in access to memory outside of SMEM address range whicEPSS 0.2%CVE-2019-14009Out of bound memory access while processing TZ command handler due to improper input validation on response length received from user in SnaEPSS 0.2%CVE-2019-13992u'Out of bound memory access if stack push and pop operation are performed without doing a bound check on stack top' in Snapdragon Auto, SnaEPSS 0.2%CVE-2019-14122Memory failure in SKB if it fails to to add the requested padding to the skb in low memory targets or targets with major memory fragmentatioEPSS 0.2%CVE-2019-14054Improper permissions in XBL_SEC region enable user to update XBL_SEC code and data and divert the RAM dump path to normal cold boot path in EPSS 0.2%CVE-2019-14021Possible buffer overrun when processing EFS filename and payload sent over diag interface due to lack of check for filename length and payloEPSS 0.2%CVE-2019-10585Possible integer overflow happens when mmap find function will increment refcount every time when it invokes and can lead to use after free EPSS 0.2%CVE-2019-2329Use after free issue in cleanup routine due to missing pointer sanitization for a failed start of a trusted application. in Snapdragon CompuEPSS 0.2%CVE-2019-14074u'Heap overflow in diag command handler due to lack of check of packet length received from user' in Snapdragon Auto, Snapdragon Compute, SnEPSS 0.2%