Qualcomm Mdm9207c_firmware
118 CVEs affecting Qualcomm Mdm9207c_firmware. Latest disclosed: 2020-11-02. Critical: 50, High: 63.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-3703 | Critical | 9.8 | 2020-11-02 | u'Buffer over-read issue in Bluetooth peripheral firmware due to lack of check for invalid opcode and length of opcode received from central device(This CVE is… |
CVE-2020-3657 | Critical | 9.8 | 2020-11-02 | u'Remote code execution can happen by sending a carefully crafted POST query when Device configuration is accessed from a tethered client through webserver due… |
CVE-2020-11116 | Critical | 9.8 | 2020-09-08 | u'Possible out of bound write while processing association response received from host due to lack of check of IE length' in Snapdragon Auto, Snapdragon Comput… |
CVE-2020-3699 | Critical | 9.8 | 2020-07-30 | Possible out of bound access while processing assoc response from host due to improper length check before copying into buffer in Snapdragon Auto, Snapdragon C… |
CVE-2020-3698 | Critical | 9.8 | 2020-07-30 | Out of bound write while QoS DSCP mapping due to improper input validation for data received from association response frame in Snapdragon Auto, Snapdragon Com… |
CVE-2020-3688 | Critical | 9.8 | 2020-07-30 | Possible buffer overflow while parsing mp4 clip with corrupted sample atoms due to improper validation of index in Snapdragon Auto, Snapdragon Compute, Snapdra… |
CVE-2020-3663 | Critical | 9.8 | 2020-06-22 | Buffer over-write may occur during fetching track decoder specific information if cb size exceeds buffer size in Snapdragon Auto, Snapdragon Compute, Snapdrago… |
CVE-2020-3661 | Critical | 9.8 | 2020-06-22 | Buffer overflow will happen while parsing mp4 clip with corrupted sample atoms values which exceeds MAX_UINT32 range due to lack of validation checks in Snapdr… |
CVE-2020-3660 | Critical | 9.8 | 2020-06-22 | Possible null-pointer dereference can occur while parsing mp4 clip with corrupted sample table atoms in Snapdragon Auto, Snapdragon Compute, Snapdragon Connect… |
CVE-2020-3614 | Critical | 9.8 | 2020-06-22 | Possible buffer overflow while copying the frame to local buffer due to lack of check of length before copying in Snapdragon Auto, Snapdragon Compute, Snapdrag… |
CVE-2019-14073 | Critical | 9.8 | 2020-06-22 | Copying RTCP messages into the output buffer without checking the destination buffer size which could lead to a remote stack overflow when processing large dat… |
CVE-2019-14062 | Critical | 9.8 | 2020-06-22 | Buffer overflows while decoding setup message from Network due to lack of check of IE message length received from network in Snapdragon Auto, Snapdragon Compu… |
CVE-2020-3641 | Critical | 9.8 | 2020-06-02 | Integer overflow may occur if atom size is less than atom offset as there is improper validation of atom size in Snapdragon Auto, Snapdragon Compute, Snapdrago… |
CVE-2020-3633 | Critical | 9.8 | 2020-06-02 | Array out of bound may occur while playing mp3 file as no check is there on offset if it is greater than the buffer allocated or not in Snapdragon Auto, Snapdr… |
CVE-2020-3615 | Critical | 9.8 | 2020-06-02 | Valid deauth/disassoc frames is dropped in case if RMF is enabled and some rouge peer keep on sending rogue deauth/disassoc frames due to improper enum values… |
CVE-2019-14127 | Critical | 9.8 | 2020-04-16 | Possible buffer overflow while playing mkv clip due to lack of validation of atom size buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT… |
CVE-2019-14114 | Critical | 9.8 | 2020-04-16 | Buffer overflow in WLAN firmware while parsing GTK IE containing GTK key having length more than the buffer size in Snapdragon Auto, Snapdragon Compute, Snapdr… |
CVE-2019-14113 | Critical | 9.8 | 2020-04-16 | Buffer overflow can occur in In WLAN firmware while unwraping data using CCMP cipher suite during parsing of EAPOL handshake frame in Snapdragon Auto, Snapdrag… |
CVE-2019-14110 | Critical | 9.8 | 2020-04-16 | Buffer overflow can occur in function wlan firmware while copying association frame content if frame length is more than the maximum buffer size in case of SAP… |
CVE-2019-2311 | Critical | 9.8 | 2020-03-05 | Possible buffer overflow in WLAN handler due to lack of validation of destination buffer size before copying it in Snapdragon Auto, Snapdragon Compute, Snapdra… |