Vulnerabilidades em Qualcomm, Inc.

2.934 resultados

Análise Vexday

Com 2.934 CVEs catalogadas, a Qualcomm apresenta um volume expressivo de vulnerabilidades, reflexo da amplitude de seu portfólio de chipsets e firmware embarcado. A taxa de exploração ativa — 12 entradas no catálogo KEV da CISA, ou 0,41% do total — está em linha com a média geral do catálogo, indicando que o risco de exploração confirmada não foge do padrão da indústria, embora 94 falhas de severidade crítica representem uma superfície de ataque relevante para equipes de segurança que dependem de componentes Qualcomm em ambientes móveis, automotivos ou de IoT. A CVE mais perigosa atualmente em exploração ativa, CVE-2020-11261, apresenta EPSS de 0,0177, sugerindo probabilidade de exploração adicional relativamente baixa no curto prazo, mas sua presença no KEV exige atenção imediata em qualquer inventário de ativos afetados. O surgimento de 49 novas CVEs nos últimos 90 dias e a disponibilidade de PoCs públicas para 3 vulnerabilidades reforçam a necessidade de ciclos contínuos de atualização de firmware e monitoramento ativo de patches liberados pelo fabricante.

CVE-2020-3699—Possible out of bound access while processing assoc response from host due to improper length check before copying into buffer in SnapdragonEPSS 0.9%CVE-2020-3685—Pointer variable which is freed is not cleared can result in memory corruption and leads to denial of service in Snapdragon Auto, SnapdragonEPSS 0.9%CVE-2016-10411—In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 430, EPSS 0.9%CVE-2016-10497—In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDEPSS 0.9%CVE-2016-10459—In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9615, MDM9625, MDEPSS 0.9%CVE-2016-10416—In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDEPSS 0.9%CVE-2020-11166—Potential out of bound read exception when UE receives unusually large number of padding octets in the beginning of ROHC header in SnapdragoEPSS 0.9%CVE-2016-10499—In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDEPSS 0.9%CVE-2020-11222—Buffer over read while processing MT SMS with maximum length due to improper length check in Snapdragon Auto, Snapdragon Compute, SnapdragonEPSS 0.9%CVE-2022-40516HIGHStack-based buffer overflow in CoreEPSS 0.9%CVE-2019-10509—Device record of the pairing device used after free during ACL disconnection in Snapdragon Auto, Snapdragon Compute, Snapdragon ConnectivityEPSS 0.9%CVE-2020-3652—Possible buffer over-read issue in windows x86 wlan driver function while processing beacon or request frame due to lack of check of length EPSS 0.9%CVE-2020-3653—Possible buffer over-read in windows wlan driver function due to lack of check of length of variable received from userspace in Snapdragon CEPSS 0.9%CVE-2020-11285HIGHBuffer over-read while unpacking the RTCP packet we may read extra byte if wrong length is provided in RTCP packets in Snapdragon Auto, SnapEPSS 0.9%CVE-2020-11227—Out of bound write while parsing RTT/TTY packet parsing due to lack of check of buffer size before copying into buffer in Snapdragon Auto, SEPSS 0.9%CVE-2020-11197—Possible integer overflow can occur when stream info update is called when total number of streams detected are zero while parsing TS clip wEPSS 0.9%CVE-2020-11216—Buffer over read can happen in video driver when playing clip with atomsize having value UINT32_MAX in Snapdragon Auto, Snapdragon Compute, EPSS 0.9%CVE-2020-3671—Use-after-free issue could occur due to dangling pointer when generating a frame buffer in OpenGL ES in Snapdragon Compute, Snapdragon ConsuEPSS 0.9%CVE-2019-14013—While parsing invalid super index table, elements within super index table may exceed total chunk size and invalid data is read into the tabEPSS 0.9%CVE-2019-10533—Out of bound access due to improper validation of array index cause the index table entry to get corrupt in Snapdragon Auto, Snapdragon CompEPSS 0.9%

← anteriorpágina 18 / 147próxima →